ok so this make it not so good for IPO's like madesafe as thier wallet I think requires you to use the private key to prove owneship.
I for one would not trust giving my private key to some other system like that...
Does that seem reasonable?
AFAIK, there isn't any risk of exposing your private key only. There is a risk however, when you expose both the master public key and a child private key, it is possible to calculate the master private key and get your Bitcoins stolen.[1]
I wouldn't recommend giving private keys out without a need. You can prove your ownership by signing a message and that is far less risky.
[1]
https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#SecurityBut isnt it hardened?
This means that extended public keys must be treated more carefully than regular public keys. It is also the reason for the existence of hardened keys, and why they are used for the account level in the tree. This way, a leak of account-specific (or below) private key never risks compromising the master or other accounts.
I think this is the code that stretches is
def mpk_from_seed(klass, seed):
secexp = klass.stretch_key(seed)
master_private_key = ecdsa.SigningKey.from_secret_exponent( secexp, curve = SECP256k1 )
master_public_key = master_private_key.get_verifying_key().to_string().encode('hex')
return master_public_key
@classmethod
def stretch_key(self,seed):
oldseed = seed
for i in range(100000):
seed = hashlib.sha256(seed + oldseed).digest()
return string_to_number( seed )
So doest this protect the
master private key from being guessed from
child private key + master public key
?
