Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: HD wallet question (Read 201 times)

achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
HD wallet question
March 16, 2018, 03:21:30 PM
#4
Quote from: btcstudmuffin on March 16, 2018, 01:59:47 PM
Would it be risky to have account be un-hardened considering that this wallet will never be used for payments? (except for consolidating and moving to other cold storage wallets)
Unhardened derivation is only risky if someone is able to learn the xpub and any of the child private keys. In that case, the xpriv corresponding to the xpub can be derived. So if you think your security if the private keys is good enough, then unhardened is fine.

Quote from: btcstudmuffin on March 16, 2018, 01:59:47 PM
Do you know how various exchanges/etc. deal with this issue?
I don't think exchanges generally have separate accounts like that dedicated to each user.
btcstudmuffin
newbie
Activity: 2
Merit: 0
Re: HD wallet question
March 16, 2018, 01:59:47 PM
#3
Awesome, thanks for that. I had been contemplating just generating a bunch of xpubs manually since I only need one per account... seems like that's not a totally crazy idea.

Would it be risky to have account be un-hardened considering that this wallet will never be used for payments? (except for consolidating and moving to other cold storage wallets)

Do you know how various exchanges/etc. deal with this issue?
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: HD wallet question
March 16, 2018, 12:50:07 PM
#2
Since account' is a hardened derivation path, you cannot generate it server side without having the master private key also be server side. So you can either make it unhardened (thus only storing the pubic key for m/44'/0') or just generate a lot of xpubs for each account and regularly refresh the available xpubs manually.
btcstudmuffin
newbie
Activity: 2
Merit: 0
Re: HD wallet question
March 16, 2018, 10:16:13 AM
#1
Hey folks!

I'm working on the backend for a service that will require users to be able to deposit BTC. We're using cold storage for most of the coin, so these are just for deposits that should realistically then be moved elsewhere.

My current plan is to go with an HD wallet so we can easily generate new per-transaction addresses server-side.

Because you won't be able to spend from these addresses, the tree will look something like M/44'/0'/account'/change/index/

I guess my question is... for the sake of security, should I just be pre-generating a bunch of account' xpubkeys offline and storing them in a table to assign to users as they join? Or is there a way to safely generate the account/change/index/ part of the tree server-side.

I want to obviously assign each user with a unique branch to avoid jumping the gap when generating addresses that won't necessarily receive deposits right away.
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: