Topic: Is a hidden derivation path enough to keep Bitcoin secure after compromised ? - page 2. (Read 254 times)

In summary of what you meant to say, using a unique derivation path and address index, will add extra security to your wallet? but then, your mnemonic and seedphrase already gotten by a hacker = lost funds.. there's may not be any explanation after that. It won't take couple of minutes for him to empty the wallet.. its just better to store your keys securely to avoid loss of funds..

Also, if you are also smart and fast, at the time the hacker had sent the funds and still awaiting confirmation, if the transaction was RBF enabled, you can decide to make a new transaction with higher fee and send it to another wallet which key is secured... But like I said, that's if you are aware during the time it happened..

When a hacker has your wallet mnemonic seed, he can import it and steal your bitcoin. He does need to check all addresses in that wallet, if he import it and see bitcoin there, he will send your bitcoin to his wallet without need to know what addresses of yours have bitcoin. I meant he does not need to choose UTXOs for his sending.

If you are fearful that your wallet is hacked, and balance is still there, you must sweep your fund to a new wallet. Do it as fastest as possible because a hacker can do his job faster than you.

(Subtitle: How to protect my coin even if the mnemonic/passphrases are robbed)

If a hacker has acquired my mnemonic and passphrase, how does He look up the balance?

Of course He is going to run the program,

Maybe there are all the balance in the first 2 to 30 addresses of the first account of each wallet type, right?

That is, if many people put it all in m/84'/0'/0/0~m/84'/0'/0'/0/20 (for example) as cold wallet default setting

Spotted my coin in an instant!

By the way, if I put the coin in a specific index of a specific account, will the hacker be able to find my coin???

In order to put two elements (a mnemonic and a passphrase) and find all the accounts and all the corresponding indexes, you need to browse all the addresses that the private key can have.

However, the number of addresses that a single private key can have is

Starting with the address varying depending on the wallet for what purpose (which may also be p2tr, p2wpkh, p2pkh, or Multisig1/1), there are number factors in the following cases.

In other words, in terms of the derived path of the HD wallet (based on bip44)

> m / purpose' / coin_type' / account' / change / address_index

Purpose: 44, 48, 49, 84, 86 (number 5) depending on wallet purpose
coin_type : Bitcoin 0
account : account (number 2^32)
change : ex/in : received address 0/ change address 1 (number 2)
address_index: address serial number (number 2^32)


To check the balance of all addresses that one private key has

5 x 2^32 x 2^32 = 1.8 x 10^20 addresses exist.

It takes 1.8x10^15 seconds to search for every address (even if it is a supercomputer) =58,454,204 years

What if my coin is at m/86'/0'/1096823754'/1/1189356152 address?

It takes 10 million years to discover, even if He is lucky.