I recently found some interesting and simple HD wallet design here:
https://bitcointalk.org/index.php?topic=5321992.0
Could anyone see any flaws in such design or is it safe enough to implement it
and use in practice?
If I understand it correctly, it is just pure ECDSA and SHA-256, nothing else:
masterPublicKey = masterPrivateKey * G
masterChildPublicKey = masterPublicKey + ( SHA-256( masterPublicKey || nonce )
mod n ) * G
masterChildPrivateKey = masterPrivateKey + ( SHA-256( masterPublicKey || nonce
) mod n )
Also, it has some nice properties, like all keys starting with 02 prefix and
allows potentially unlimited custom derivation path by using 256-bit nonce.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
