Author

Topic: TrustedCoin's xpub (Read 104 times)

legendary
Activity: 2268
Merit: 18771
March 05, 2022, 07:43:49 AM
#12
Electrum 2FA wallets do not store master private keys, remember.
They do store one. You can test this yourself - go and create a new 2FA wallet, and then open the 2FA wallet file in a text editor. Scroll to the bottom and you'll see the one master private key the wallet holds under "xprv". The other two are missing obviously, since it's a 2-of-3 multi-sig wallet. the second can be recovered from your seed phrase and the third is known only to TrustedCoin.



When you create a TrustedCoin wallet, Electrum uses the seed phrase to derive two master private keys, one at m/0' and another at m/1'. It then generates two master public keys from these master private keys, uses these two master public keys to deterministically produce the third master public key as pooya87 has described, and then saves the first xprv and the other two xpubs in the wallet file. This is how your wallet contains one xprv, but a single seed phrase can recover two xprvs allowing you to spend the coins and bypass TrustedCoins's third xprv if desired.
 
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 06:16:24 AM
#11
Great! Thank you so much!
legendary
Activity: 3472
Merit: 10611
March 04, 2022, 04:53:15 AM
#10
Is it hard-coded in Electrum and the same for all users?
Yes and no.
When you create your 2FA wallet, both your wallet and the server derive the third key using your master public key using a characteristics of elliptic curves.
If I understand the code correctly; essentially when your wallet is being created, under the hood it is using a hard-coded master public key that belongs to TrustedCoin then it derives a master key using this key and your master public key deterministically which means the server can reproduce the same master key but since TrustedCoin also has the master private key to that hardcoded key above, it can drive the private keys needed for signing too.

Pseudocode where xpub1 and xpub2 are yours and xpub3 is hard-coded:
Code:
long_user_id = SHA256(xpub1 | xpub2)
BIP32.Derive(xpub3, chaincode, long_user_id) -> HMACSHA512(chaincode, xpub3 | long_user_id)

The last line is here:
https://github.com/spesmilo/electrum/blob/b828627dc6ace2b77debc3bc811e3be2b928ea48/electrum/bip32.py#L89
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 04:03:56 AM
#9
There is no connection to TrustedCoin, my computer has no internet, I only have a seed phrase, I restore my wallet and it already has three public keys in it.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
March 04, 2022, 03:55:40 AM
#8
Right, but in this case I need three public keys to generate the address, and I can get only two keys from my seed phrase. Where does the third one come from if my computer is offline?
It is with TrustedCoin. Electrum 2FA is a 2-of-3 multisig, if you are making transaction, your wallet will provide one private key and TrustedCoin will provide the other private key for signing the transaction as long as you want TrustedCoin to be doing the signing for you. As long as you do not have your 2FA app on the same device you have your Electrum wallet, you will be safe, but also still making sure to avoid online attacks.
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 03:54:00 AM
#7
Unfortunately, you did not understand my question.

The public keys are just necessary for addresses generation which you need.
Right, but in this case I need three public keys to generate the address, and I can get only two keys from my seed phrase. Where does the third one come from if my computer is offline?
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
March 04, 2022, 03:49:42 AM
#6
Are you saying that my seed phrase can generate three public keys, but cannot generate three corresponding private keys? Imho it is impossible.
Do not get me wrong. Electrum 2FA wallets do not store master private keys, remember. Even if you lose your seed phrase and still have your wallet, your can not get the seed phrase from your wallet, you need the backup, unlike Electrum standard wallet. The public keys are necessary for addresses generation which you need. Seed phrase generates private keys, but not stored on your 2FA wallet.

But be it 2FA, standard wallet or any other, appropriate offline seed phrase backup is necessary, 2 or 3 seed phrase backups are recommended and stored in different locations and make it safe from offline attacks.
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 03:33:53 AM
#5
Are you saying that my seed phrase can generate three public keys, but cannot generate three corresponding private keys? Imho it is impossible.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
March 04, 2022, 03:26:35 AM
#4
You have 2 keys, Trustedcoin has 1 key. If you restore you 2FA wallet, you still have the 2 keys and in every transaction you make, Trustedcoin still have the 3rd key to sign your transaction, that is what is most important.

But you question should be how your seed phrase generates the appropriate addresses when you only have 2 keys, it is because your 2fa seed phrase can generate the 3 master public keys which lead to the generation of the appropriate addresses you need for deposit.

You can read this to know more about 2Fa wallet setup on Electrum.

https://electrum.readthedocs.io/en/latest/2fa.html

In addition, the third master public key can be derived from your seed, ensuring that your wallet addresses can be restored. In order to restore your wallet from seed, select “wallet with two factor authentication”, as this tells Electrum to use this special variety of seed for restoring your wallet.
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 03:13:28 AM
#3
Since they are the one who'll co-sign the transaction for you, they should have a "master private key" in their server that's a pair of the "master public key" in your 2fa wallet.
Thank you, but I know that, that's not what I was asking.
I'll ask the question another way. When I restore a 2FA-wallet offline, the wallet is created from three xpub-keys, two of which are mine (derived from the seed) and the third is the TrustedCoin's. Where did it come from, because there is no connection to the server?
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
March 04, 2022, 02:47:23 AM
#2
Since they are the one who'll co-sign the transaction for you, they should have a "master private key" in their server that's a pair of the "master public key" in your 2fa wallet.
It's unique to each TrustedCoin account (you register as you create the 2fa wallet).

trustedcoin.py: https://github.com/spesmilo/electrum/blob/master/electrum/plugins/trustedcoin/trustedcoin.py#L72-L77
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
March 04, 2022, 02:10:12 AM
#1
Hi, I would like to know where does the Trustedcoin's xpub in the 2FA-wallet come from? Is it hard-coded in Electrum and the same for all users?
Jump to: