By publishing Kp, a customer should be able to combine Kp and n, in such a way he gains a public key Kp(1013853254).
If a customer sends Money to the associated adress of this public key Kp(1013853254), then the funds
should be spendable by combining Ks with n in such a way I gain Ks(1013853254).
How is this possible with lets say EC primitives?
If a customer sends Money to the associated adress of this public key Kp(1013853254), then the funds
should be spendable by combining Ks with n in such a way I gain Ks(1013853254).
How is this possible with lets say EC primitives?
The associative law and the distributive law hold for EC and can be used. Kp = Ks * G, hence
(1013+Ks) * G = 1013*G + Ks*G = 1013*G + Kp
and
(1013*Ks) * G = 1013 * (Ks * G) = 1013 * Kp
Note that + and * have two different meanings above. Operator + is point addition or number addition modulo group order. Operator * is point multiplication or number multiplication modulo group order.
So 1013+Ks is the private key for 1013*G + Kp and 1013*Ks is the private key for 1013 * Kp.
I think it doesn't really matter which method you use. See also BIP32, which uses a variant of the first method for non-hardened derivation (hardened derivation is not what you want, because then you cannot compute the public key without the private key). A problem is that if one private key is leaked the others can easily be computed, but there is no general way to avoid it.
