From: Robert Spigler <RobertSpigler@protonmail.ch>
To: Craig Raw <craigraw@gmail.com>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Cc: SomberNight <somber.night@protonmail.com>
Subject: Re: [bitcoin-dev] Signature and Script Independent Hierarchy for Deterministic Wallets.
Date: Fri, 19 Mar 2021 08:59:05 +0000 [thread overview]
Message-ID: <BLersNjcPnTNIXYooKCVHXsXQQfsqZzJVX1A45GOkjjbxxQSke1SIVFGBe0FRFPcLocpNqVopGMnGZxCwxziQ4YEnD8sd3MIz7b8d-1H-0s=@protonmail.ch> (raw)
In-Reply-To: <CAPR5oBMiV-U6Ngi06yZmGo7av-t5RDS4uTgB826_mymORZq42Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1936 bytes --]
Hi Craig,
For multisignature wallets, you need to back up the descriptor anyway, especially for secure multisignature schemes (https://github.com/nunchuk-io/bips/pull/1).
To restore, the user needs M private key data, and all public keys. The descriptor provides the required public key data, with the benefit of key origin information and error detection, and tells the wallet which script to watch.
So I see this proposal as a clear gain for multisignature wallets, as it (1) gets rid of redundant data in the key record, (2) separates keys/scripts, (3) makes full use of descriptors, and (4) prevents key reuse.
>>If one has the threshold and all the cosigner seeds, the funds in a multisig wallet can very likely be discovered by checking one of a handful of standard derivation paths/script types
Old scenario: You have BIP39 words (I assume). You try BIP 45 - search 20 addresses on the first 5 accounts. Then try BIP 48 - search 20 addresses on the first 5 accounts with script type 1 (P2SH-P2WSH); then search 20 addresses on the first 5 accounts with script type 2 (P2WSH).
New scenario: Should have a descriptor, and you just do what it says.
If you don't, you have to search the `address_index` for each script. The moment funds are found, you know that script type is the only script type used for that `account'` level. Increment `account'`, and repeat.
Robert
Personal Fingerprint: BF0D 3C08 A439 5AC6 11C1 5395 B70B 4A77 F850 548F
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, March 19, 2021 3:54 AM, Craig Raw <craigraw@gmail.com> wrote:
> Hi Robert,
>
> I believe many of the same concerns apply in multisig. If one has the threshold and all the cosigner seeds, the funds in a multisig wallet can very likely be discovered by checking one of a handful of standard derivation paths/script types. Is the motivation of this BIP proposal strong enough to lose this capability?
>
> Craig
[-- Attachment #2: Type: text/html, Size: 2715 bytes --]
next prev parent reply other threads:[~2021-03-19 8:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-14 15:13 [bitcoin-dev] Signature and Script Independent Hierarchy for Deterministic Wallets SomberNight
2021-03-14 20:46 ` Robert Spigler
2021-03-17 7:26 ` Craig Raw
2021-03-18 15:29 ` Jochen Hoenicke
2021-03-18 20:44 ` Robert Spigler
2021-03-18 21:42 ` Robert Spigler
2021-03-19 7:54 ` Craig Raw
2021-03-19 8:59 ` Robert Spigler [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-03-14 1:51 Robert Spigler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='BLersNjcPnTNIXYooKCVHXsXQQfsqZzJVX1A45GOkjjbxxQSke1SIVFGBe0FRFPcLocpNqVopGMnGZxCwxziQ4YEnD8sd3MIz7b8d-1H-0s=@protonmail.ch' \
--to=robertspigler@protonmail.ch \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=craigraw@gmail.com \
--cc=somber.night@protonmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox