Author

Topic: How does HD wallet recovery from seed recovers all used addresses? (Read 183 times)

member
Activity: 210
Merit: 26
High fees = low BTC price
my guess in simple terms of how this works is that the six or twelve words are used to generate a number so lets just say the
total of all the words equal to 1024

Private keys (Not in hex)

BTC=1234567.... + 1024
ETH=9999999.... + 1024
XPR=7654321.... + 1024

Trouble comes later in Exodus wallet who makes out that you can import a key but this then
stops the above example from working so what happens is they sweep the account using the new private key
into the account "BTC=1234567 + 1024" or else the pass phrase would no longer work and can cost
you $40 on BTC account in transaction fees. Jaxx wallet does the same thing too.

If i want to sweep then sweep but they should make it plain if Import does not just import the key.

Toast used with Ripple I believe lets you add more private keys to the wallet but i think they will
get lost if restoring from a pass phrase and not some file.

When you spend BTC coins then you get a new public key instead of being asked if you would like
one so I am lost as to how this all ties back together again since only the private key ends up in the
block-chain

backing up BCH from Exodus generates a CSV file with about sixty private keys in it but only
one in my case had an amount next to it so I don't know what that is all about but when you
want to view private keys then Exodus should just allow you to copy it to the clip-board but instead
it creates a file with a name like "BTC-MY_FUCKING-PRVATE-KEY" and puts the file on into windows desktop

Microsoft windows today is 20% UI and 80% spyware as it is and what Exodus wallet does is just
plain stupid if you ask me and i like to cut-en-paste my keys in two parts for security reasons if
not just moving to them to a paper wallet.







 

  
newbie
Activity: 4
Merit: 1
Quote
It doesn't know, it just guesses

Ok, I got the point now. Thank you for other explanations as well.
staff
Activity: 3458
Merit: 6793
Just writing some code
On high level, I understand that all wallet addresses private/public keys are define from single private key,
No, they are not. Each address has exactly one corresponding public key, and each public key has exactly one private key. The seed is used to derive the private keys.

What I do not get, how the wallet app that I would use for potential recovery process "knows" how many addresses I actually generated/used and have unspent outputs (meaning BTC).
As Ledger generates new derived address for each tx and presumably new address for each tx change, there can be arbitrary number of addresses that had been used - and this is uknown to the recovery seed / wallet.
It doesn't know, it just guesses. Private keys and their addresses are derived in the same order and thus are given out and used in the same order. So when you restore a seed, the wallet will scan the blockchain for transactions and generate some number of addresses ahead of the last address known to have a transaction currently in the scan. This number of addresses is called the gap limit, and is typically 20. Every time a transaction is found corresponding to an address in the gap limit, it will refill the gap limit by generating more addresses.

How does then the recovery wallet app rebuilds from seed the wallet with all relevant addresses?
Read BIPs 39 and 32. BIP 39 specifies how the mnemonic is generated and then interpreted as a seed value. BIP 32 specifies how that seed value is used to generate the master private key and then how all other private keys are derived from that master private key.
newbie
Activity: 4
Merit: 1
Hi, I have just migrated my paper wallet to new Ledger wallet. Ledger uses one 24 words seed, that is able to recover the wallet(s) in case something bad happens...

On high level, I understand that all wallet addresses private/public keys are define from single private key, that is recoverable using the seed.
What I do not get, how the wallet app that I would use for potential recovery process "knows" how many addresses I actually generated/used and have unspent outputs (meaning BTC).
As Ledger generates new derived address for each tx and presumably new address for each tx change, there can be arbitrary number of addresses that had been used - and this is uknown to the recovery seed / wallet.

How does then the recovery wallet app rebuilds from seed the wallet with all relevant addresses?
Thx and sorry if it turns out to be stupid question...
mvan
Jump to: