Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Author

Topic: If I sign and Address are the other addresses more exposed? (Read 456 times)

Abdussamad
legendary
Activity: 3710
Merit: 1586
If I sign and Address are the other addresses more exposed?
April 12, 2017, 03:02:54 AM
#6
Quote from: Coin-Keeper on April 11, 2017, 03:25:11 PM
Adding for clarification.  Of course there is no danger if the MPK is known because you can't spend any coins with only the MPK to a wallet.  I still protect mine because you can produce ALL the addresses for the entire wallet as well as all transaction activity just by having the MPK.  The private key issue is one of concern and accounts for much of the reason I use a hardware wallet along with Electrum.  I just don't like any private keys online anywhere, anytime, anyhow for my stuff.  Two computer cold approach is OK but its not convenient, which is why I went hardware wallet.

A multisig wallet is another option. Both electrum and bitpay/copay make that easy now.
Coin-Keeper
hero member
Activity: 761
Merit: 606
Re: If I sign and Address are the other addresses more exposed?
April 11, 2017, 03:25:11 PM
#5
Adding for clarification.  Of course there is no danger if the MPK is known because you can't spend any coins with only the MPK to a wallet.  I still protect mine because you can produce ALL the addresses for the entire wallet as well as all transaction activity just by having the MPK.  The private key issue is one of concern and accounts for much of the reason I use a hardware wallet along with Electrum.  I just don't like any private keys online anywhere, anytime, anyhow for my stuff.  Two computer cold approach is OK but its not convenient, which is why I went hardware wallet.
kolloh
legendary
Activity: 1736
Merit: 1023
Re: If I sign and Address are the other addresses more exposed?
April 11, 2017, 09:02:50 AM
#4
Quote from: Abdussamad on April 11, 2017, 07:41:42 AM
Quote from: jubalix on April 10, 2017, 09:57:55 PM
If I sign a message and so lose the SHA256, and RIPEMD160 protections for that address, now only having  ECDSA,

are all the other addresses so weakened as it is a deterministic wallet or otherwise?

no they are not.

the only scenario where this is a problem is below:

- attacker has your master public key aka extended public key.
- attacker has the private key for any one of your addresses (private key not public key).

In the above scenario the attacker can enumerate all the private keys in your electrum wallet. They can get all the money.

For other deterministic wallets it is different because they use hardening at some levels. Hardened chains can't be derived if the attacker has the above information. There are downsides to this as well such as the fact that you can generate addresses from just the xpub which is a useful feature of deterministic wallets.

With the master public key and a single private key, you can derive all other private keys? That is pretty scary, but I guess you usually don't give out either of those pieces of information. Good to be aware that is possible though.
Abdussamad
legendary
Activity: 3710
Merit: 1586
Re: If I sign and Address are the other addresses more exposed?
April 11, 2017, 07:41:42 AM
#3
Quote from: jubalix on April 10, 2017, 09:57:55 PM
If I sign a message and so lose the SHA256, and RIPEMD160 protections for that address, now only having  ECDSA,

are all the other addresses so weakened as it is a deterministic wallet or otherwise?

no they are not.

the only scenario where this is a problem is below:

- attacker has your master public key aka extended public key.
- attacker has the private key for any one of your addresses (private key not public key).

In the above scenario the attacker can enumerate all the private keys in your electrum wallet. They can get all the money.

For other deterministic wallets it is different because they use hardening at some levels. Hardened chains can't be derived if the attacker has the above information. There are downsides to this as well such as the fact that you can generate addresses from just the xpub which is a useful feature of deterministic wallets.
U2
hero member
Activity: 676
Merit: 503
I used to be indecisive, but now I'm not sure...
Re: If I sign and Address are the other addresses more exposed?
April 10, 2017, 10:06:38 PM
#2
... I would think no because well, bitcoins on a technical level don't have anything to do with bitcoin addresses or wallets. Assuming you didn't include the wallet seed somehow I think this is still SHA256. Maybe we'll get a more educated answer though. I just don't see how exposing one could expose the rest.
jubalix
legendary
Activity: 2632
Merit: 1023
Re: If I sign and Address are the other addresses more exposed?
April 10, 2017, 09:57:55 PM
#1
If I sign a message and so lose the SHA256, and RIPEMD160 protections for that address, now only having  ECDSA,

are all the other addresses so weakened as it is a deterministic wallet or otherwise?
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Jump to: