bitcoin core – HD Wallets, XPUB and child private key leaks

1 Mins read

Children created by these wallets are not hardened

They are m/44'|49'|84'/0'/0' for trezor one/T and m/49'|84'/0'/0' for ledger X/S. All subsequent children aren’t hardened.

If an xpub is leaked for a mnemonic phrase + passphrase, if you have
any of the children’s private keys, you can compromise the entire
wallet linked to the xpub and all other children, hardened or
non-hardened BUT the attacker will not be able to compromise any other
meomonic phrase + paassphrase you have as it has a different xpub, and
ultimately different children

This is the explanation from bip32: “knowledge of a parent extended public key plus any non-hardened private key descending from it is equivalent to knowing the parent extended private key (and thus every private and public key descending from it). This means that extended public keys must be treated more carefully than regular public keys.”

I want to know how it’s even possible to leak a childs private key on
a trezor or a ledger as none of the outputs are able to leak these

Private keys should never leave hardware wallets without any extraordinary cause. Usually, only the master seed is transferable as a possibility from a hardware wallet device. And there are not many reasons to do so. If an attacker is able to backdoor your device and steal keys, the fact of sharing xpubs would be irrelevant.

Source link

Related posts

6 Questions for Mati Greenspan of Quantum Economics – Cointelegraph Magazine

2 Mins read
We ask the buidlers in the blockchain and cryptocurrency sector for their thoughts on the industry… and we throw in a few…

Crypto Conference DeFiCon 2021 to Be Hosted on December 18-19 in Brooklyn, NYC – Press release Bitcoin News

1 Mins read
press release PRESS RELEASE. The next crypto conference lighting up the season is DeFiCon 2021, hosted on December 18-19 in Brooklyn, NYC….

China’s Hainan Province Ramps Up Crackdown on Crypto Mining Operations – Mining Bitcoin News

2 Mins read
The province of Hainan in South China has taken steps aimed at curbing crypto mining activities. Besides blacklisting the industry, local authorities…

Leave a Reply

Your email address will not be published. Required fields are marked *