Author

Topic: What's the worst that can happen if someone aquires your watch wallet? (Read 141 times)

legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
I have been told on four different emails to pay btc or photos of me pleasuring myself will be released.

I'm more surprised you count such email received on your email.

They never cease to amuse me as my pcs have no cameras so there are no videos.

True, but could be frightening for paranoid people who have notebook or PC with camera.

If it's a watching-only wallet from an HD wallet... and they have access to the master public key in it... and they somehow gain access to just one of your private keys, then, technically, they could derive ALL the private keys from your wallet.

But how many wallet which use non-hardened keys these days?

I meant four different email accounts.

outlook accounts and yahoo accounts.

Those four accounts have received countless emails asking for coin.

legendary
Activity: 2268
Merit: 18711
But how many wallet which use non-hardened keys these days?
Well, most times people create a watch only wallet, they don't actually use their master public key, but they are instead using their account extended public key. So instead of using the public key at m, they are using the public key at m/44'/0'/0', for example. The combination of this key plus a single private key from an address in this wallet, such as at m/44'/0'/0'/0/0, would allow an attacker to dervie all the other keys in this wallet, but would not allow them to go above the account level, to something like m/84'/0'/0', for example.
HCP
legendary
Activity: 2086
Merit: 4361
If it's a watching-only wallet from an HD wallet... and they have access to the master public key in it... and they somehow gain access to just one of your private keys, then, technically, they could derive ALL the private keys from your wallet.

otherwise... someone getting your watching-only wallet is more of a privacy issue than a security issue.
legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
Then apart from your privacy being lost, nothing else. They gain access to anything that is inside that wallet (address(es), public key(s), bookmarks, labels) and your transaction history from blockchain.

With those information, someone could
1. Analyze your habit (e.g. when do you spend your Bitcoin)
2. Link your IRL identity with online account (e.g. linking you with your bitcointalk.org account if you ever posted your Bitcoin address)
3. Know how do you spend your Bitcoin (e.g. deposit to exchange and buy gift card)

I think the worst case is someone could threat you and demand Bitcoin with reason such as
1. Will report to police because Bitcoin isn't legal.
2. Share your personal stuff (most common are masturbation video and personal chat history), even though they actually don't have those stuff.

I have been told on four different emails to pay btc or photos of me pleasuring myself will be released.

They never cease to amuse me as my pcs have no cameras so there are no videos.

The reason this happens is years ago I posted a btc addy in my profile.
I also had my email revealed for people to use.
legendary
Activity: 2702
Merit: 4002
The worst that can happen has two aspects, privacy and security.

 - The more information a person knows about you, the less your privacy is. watch wallet or master public key gives the person a lot of information about you and thus the lowest possible level of privacy.
 - With regard to security, as long as you keep the seeds, master private key, and all your private keys safe, you are safe, losing any part of this triangle will greatly compromise the security of your coins.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Then apart from your privacy being lost, nothing else. They gain access to anything that is inside that wallet (address(es), public key(s), bookmarks, labels) and your transaction history from blockchain.

With those information, someone could
1. Analyze your habit (e.g. when do you spend your Bitcoin)
2. Link your IRL identity with online account (e.g. linking you with your bitcointalk.org account if you ever posted your Bitcoin address)
3. Know how do you spend your Bitcoin (e.g. deposit to exchange and buy gift card)

I think the worst case is someone could threat you and demand Bitcoin with reason such as
1. Will report to police because Bitcoin isn't legal.
2. Share your personal stuff (most common are masturbation video and personal chat history), even though they actually don't have those stuff.
legendary
Activity: 3472
Merit: 10611
You mean your "watch only" wallet that only contains your address or public key or master public key?
Then apart from your privacy being lost, nothing else. They gain access to anything that is inside that wallet (address(es), public key(s), bookmarks, labels) and your transaction history from blockchain.

If you also continue leaking other things then you may be in trouble, for example leaking your master private key or mnemonic, or in certain cases with master public key in non-hardened derivation paths if you reveal both master public key and a single child private key then all your keys will be revealed.
staff
Activity: 3500
Merit: 6152
They can see your transactions. If you've imported an address, they will only be able to see the transactions of that single address.. however, if you've imported a deterministic wallet (using an xPub) then they'll be able to see all the wallet's transactions.
member
Activity: 240
Merit: 54
Jump to: