I have just asked the same question a few hours ago, what a coincidence, check here:
https://bitcointalksearch.org/topic/master-public-key-is-quantum-proof-1652854
Topic: Questions Regarding BIP32 Security (Read 1613 times)
Check out this article written by Vitalik Buterin, it will answer your question... basically, do not give *any* private keys to people that should not be able to spend....ever 
and do not give out *any* private keys when anyone in a company has a "master public key" (or extended public key...)
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276
and do not give out *any* private keys when anyone in a company has a "master public key" (or extended public key...)https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276
I'm trying to wrap my head around the security implications of HD wallets. The vulnerability I'm a bit unclear on is where a private key and a master public key together can leak a master private key.
As far as I understand HD-wallets, they consist of a pair of master keys, derived "account master keys", and then a pair of keys for every single address in every account. Say my xpub master key is known, what would someone with a single private key be able to do with this? My guess is that he could get the private account key, thus getting access to all the coins in that account, but not any other accounts. Correct? Any other things I should be aware of?
Secondly, apparently there is this thing called hardened keys as well that makes this leaking impossible, which is why it is isolated to single accounts. I assume there is some sort of drawback of this, since otherwise all keys should be derived in this manner. What's the deal here?
If there is any other non-intuitive possibility of leakage of private keys that I'm unaware of, please tell me.
Thanks.
As far as I understand HD-wallets, they consist of a pair of master keys, derived "account master keys", and then a pair of keys for every single address in every account. Say my xpub master key is known, what would someone with a single private key be able to do with this? My guess is that he could get the private account key, thus getting access to all the coins in that account, but not any other accounts. Correct? Any other things I should be aware of?
Secondly, apparently there is this thing called hardened keys as well that makes this leaking impossible, which is why it is isolated to single accounts. I assume there is some sort of drawback of this, since otherwise all keys should be derived in this manner. What's the deal here?
If there is any other non-intuitive possibility of leakage of private keys that I'm unaware of, please tell me.
Thanks.
Jump to: