<div dir="ltr">Hello Bob,<div><br></div><div>&gt; And compromise of that longer key still compromises the entire wallet. <br></div><div><br></div><div>No, in fact I could give you any node (derived extended private key) or key (derived normal bitcoin address private key) AND any node&#39;s extended public key above them, and as long as the keys are generated within my specifications, you can not derive the associated extended private key to the ancestor extended public key.</div><div><br></div><div>If you think it still compromises the entire wallet, please show me in pseudo code / explanation.</div><div><br></div><div>&gt; Under what circumstances would anyone ever be passing around private keys without your a,b?<br></div><div><br></div><div>I just added a Motivation section showing one example called Reality Keys. They send bitcoins to Yes/No bet addresses and the result of the bet&#39;s private key is revealed to award the winners via special P2SH scripts.</div><div>So they would need to give out &quot;smaller&quot; keys (aka normal private keys) and it would be better to manage them hierarchically instead of just generating millions of keys ahead of time and storing them on USBs or something.</div><div><br></div><div>Thanks,</div><div>Jona</div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-02-21 22:57 GMT+09:00 Bob Mcelrath <span dir="ltr">&lt;<a href="mailto:bob@mcelrath.org" target="_blank">bob@mcelrath.org</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>But this just makes the private HD key longer, effectively. And compromise of that longer key still compromises the entire wallet. <br>
<br>
Under what circumstances would anyone ever be passing around private keys without your a,b? The longer privkey is a wallet backup and has a reason to be copied. I can&#39;t think of a scenario where anyone would use or compromise the shorter privkey.<br><br><div class="gmail_quote"><span class="">On February 21, 2015 8:32:30 AM EST, &quot;木ノ下じょな&quot; &lt;<a href="mailto:kinoshitajona@gmail.com" target="_blank">kinoshitajona@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr"><span class="">Yes.<div><br></div><div>That is similar to an idea at FC15 (<a href="http://fc15.ifca.ai/preproceedings/paper_15.pdf" target="_blank">http://fc15.ifca.ai/preproceedings/paper_15.pdf</a>) but instead of increasing the number of keys needed up to m, and protecting against m-1 leaks. (so if you have to give keys out to 10 departments you must store 11 keys, or 363 bytes, I have decided to leave it at 2 keys protecting 1 leak, and then using convention to prevent calculating the master private key by requiring all private keys AND all extended private keys (aka &quot;nodes&quot; in my proposal) to be derived alone under their respective parents.</div><div><br></div><div>In theory this will prevent leakage of private keys from destroying the entire HD wallet entirely.</div><div><br></div></span><div>Services like &quot;Reality Keys&quot; could be a perfect use case (he must release private keys relating to the outcome, so he has decided against using BIP32 to generate addresses for!
  the
bets.</div><div><div class="h5"><div><br></div><div>Any Cryptographers that would like to take a look at the math and see if it&#39;s sound, I think I am properly breaking any linear relationships between keys... but I would like a second opinion.</div><div><br></div><div>Thank you for your reply,</div><div>Jona</div></div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">2015-02-21 22:23 GMT+09:00 Adam Back <span dir="ltr">&lt;<a href="mailto:adam@cypherspace.org" target="_blank">adam@cypherspace.org</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Whats the objective?  Is it to require accidental disclosure of two<br>
private keys to compute the master private key?<br>
<br>
Adam<br>
<div><div><br>
On 21 February 2015 at 13:20, 木ノ下じょな &lt;<a href="mailto:kinoshitajona@gmail.com" target="_blank">kinoshitajona@gmail.com</a>&gt; wrote:<br>
&gt; Hello All,<br>
&gt;<br>
&gt; I have put together a proposal for a new generation methodology of HD<br>
&gt; wallets.<br>
&gt;<br>
&gt; The method is a modification of BIP32, so if something is unclear or not<br>
&gt; explicit, please assume it follows BIP32.<br>
&gt;<br>
&gt; I am looking forward to any and all criticism and help with writing / making<br>
&gt; the BIP more secure.<br>
&gt;<br>
&gt; If some of my pseudo code / English is off I apologize, I am not good with<br>
&gt; words.<br>
&gt;<br>
&gt; If this is deemed worthy enough to be drafted into a BIP, I would appreciate<br>
&gt; if someone could tell me what the overall step by step flow would be.<br>
&gt;<br>
&gt; Thank you, I will paste the link to the proposal below.<br>
&gt; Jona<br>
&gt;<br>
&gt; <a href="https://gist.github.com/dabura667/875bb2c159b219c18885" target="_blank">https://gist.github.com/dabura667/875bb2c159b219c18885</a><br>
&gt;<br>
&gt; --<br>
&gt; -----BEGIN PGP PUBLIC KEY BLOCK-----<br>
&gt; Comment: <a href="http://openpgpjs.org" target="_blank">http://openpgpjs.org</a><br>
&gt;<br>
&gt; xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3<br>
&gt; x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv<br>
&gt; iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM<br>
&gt; bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC<br>
&gt; EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U<br>
&gt; 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB<br>
&gt; AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB<br>
&gt; CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z<br>
&gt; B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO<br>
&gt; Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou<br>
&gt; WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa<br>
&gt; 02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr<br>
&gt; hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e<br>
&gt; qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ9EBCACu<br>
&gt; Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE<br>
&gt; W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n<br>
&gt; vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY<br>
&gt; vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE<br>
&gt; flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP<br>
&gt; LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF<br>
&gt; AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf/Ulu5JAk4fXgH0DtkMmdkFiKEFdkW<br>
&gt; 0Wkw7Vhd5eZ4NzeP9kOkD01OGweT9hqzwhfT2CNXCGxh4UnvEM1ZMFypIKdq<br>
&gt; 0XpLLJMrDOQO021UjAa56vHZPAVmAM01z5VzHJ7ekjgwrgMLmVkm0jWKEKaO<br>
&gt; n/MW7CyphG7QcZ6cJX2f6uJcekBlZRw9TNYRnojMjkutlOVhYJ3J78nc/k0p<br>
&gt; kcgV63GB6D7wHRF4TVe4xIBqKpbBhhN+ISwFN1z+gx3lfyRMSmiTSrGdKEQe<br>
&gt; XSIQKG8XZQZUDhLNkqPS+7EMV1g7+lOfT4GhLL68dUXDa1e9YxGH6zkpVECw<br>
&gt; Spe3vsHZr6CqFg==<br>
&gt; =/vUJ<br>
&gt; -----END PGP PUBLIC KEY BLOCK-----<br>
&gt;<br>
</div></div>&gt; ------------------------------------------------------------------------------<br>
&gt; Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server<br>
&gt; from Actuate! Instantly Supercharge Your Business Reports and Dashboards<br>
&gt; with Interactivity, Sharing, Native Excel Exports, App Integration &amp; more<br>
&gt; Get technology previously reserved for billion-dollar corporations, FREE<br>
&gt; <a href="http://pubads.g.doubleclick.net/gampad/clk?id=190641631&amp;iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=190641631&amp;iu=/4140/ostg.clktrk</a><br>
&gt; _______________________________________________<br>
&gt; Bitcoin-development mailing list<br>
&gt; <a href="mailto:Bitcoin-development@lists.sourceforge.net" target="_blank">Bitcoin-development@lists.sourceforge.net</a><br>
&gt; <a href="https://lists.sourceforge.net/lists/listinfo/bitcoin-development" target="_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a><br>
&gt;<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br></div></div><div><div dir="ltr"><div><div class="h5"><div>-----BEGIN PGP PUBLIC KEY BLOCK-----</div><div>Comment: <a href="http://openpgpjs.org" target="_blank">http://openpgpjs.org</a></div><div><br></div><div>xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3</div><div>x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv</div><div>iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM</div><div>bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC</div><div>EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U</div><div>3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB</div><div>AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB</div><div>CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z</div><div>B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO</div><div>Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou</div><div>WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa</div><div>02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr</div><div>hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e</div></div></div><div>qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ!
 9EBCACu<span class=""><u></u><div>Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE</div><div>W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n</div><div>vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY</div><div>vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE</div><div>flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP</div><div>LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF</div><div>AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf/Ulu5JAk4fXgH0DtkMmdkFiKEFdkW</div><div>0Wkw7Vhd5eZ4NzeP9kOkD01OGweT9hqzwhfT2CNXCGxh4UnvEM1ZMFypIKdq</div><div>0XpLLJMrDOQO021UjAa56vHZPAVmAM01z5VzHJ7ekjgwrgMLmVkm0jWKEKaO</div><div>n/MW7CyphG7QcZ6cJX2f6uJcekBlZRw9TNYRnojMjkutlOVhYJ3J78nc/k0p</div><div>kcgV63GB6D7wHRF4TVe4xIBqKpbBhhN+ISwFN1z+gx3lfyRMSmiTSrGdKEQe</div><div>XSIQKG8XZQZUDhLNkqPS+7EMV1g7+lOfT4GhLL68dUXDa1e9YxGH6zkpVECw</div><div>Spe3vsHZr6CqFg==</div><div>=/vUJ</div><div>-----END PGP PUBLIC KEY BLOCK-----</div></span></div></div>
</div></div>


!DSPAM:54e88938261511932039196!
<p style="margin-top:2.5em;margin-bottom:1em;border-bottom:1px solid #000"></p><pre><hr><span class=""><br>Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server<br>from Actuate! Instantly Supercharge Your Business Reports and Dashboards<br>with Interactivity, Sharing, Native Excel Exports, App Integration &amp; more<br>Get technology previously reserved for billion-dollar corporations, FREE<br><a href="http://pubads.g.doubleclick.net/gampad/clk?id=190641631&amp;iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=190641631&amp;iu=/4140/ostg.clktrk</a><br><br></span>!DSPAM:54e88938261511932039196!<br></pre><p style="margin-top:2.5em;margin-bottom:1em;border-bottom:1px solid #000"></p><pre><span class=""><hr><br>Bitcoin-development mailing list<br><a href="mailto:Bitcoin-development@lists.sourceforge.net" target="_blank">Bitcoin-development@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/bitcoin-development" target="_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a><br><br><br></span>!DSPAM:54e88938261511932039196!<span class="HOEnZb"><font color="#888888"><br></font></span></pre></div></blockquote></div><span class="HOEnZb"><font color="#888888"><br>
-- <br>
Sent from my Android device with K-9 Mail. Please excuse my brevity.</font></span></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div>-----BEGIN PGP PUBLIC KEY BLOCK-----</div><div>Comment: <a href="http://openpgpjs.org" target="_blank">http://openpgpjs.org</a></div><div><br></div><div>xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3</div><div>x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv</div><div>iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM</div><div>bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC</div><div>EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U</div><div>3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB</div><div>AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB</div><div>CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z</div><div>B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO</div><div>Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou</div><div>WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa</div><div>02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr</div><div>hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e</div><div>qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ9EBCACu</div><div>Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE</div><div>W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n</div><div>vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY</div><div>vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE</div><div>flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP</div><div>LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF</div><div>AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf/Ulu5JAk4fXgH0DtkMmdkFiKEFdkW</div><div>0Wkw7Vhd5eZ4NzeP9kOkD01OGweT9hqzwhfT2CNXCGxh4UnvEM1ZMFypIKdq</div><div>0XpLLJMrDOQO021UjAa56vHZPAVmAM01z5VzHJ7ekjgwrgMLmVkm0jWKEKaO</div><div>n/MW7CyphG7QcZ6cJX2f6uJcekBlZRw9TNYRnojMjkutlOVhYJ3J78nc/k0p</div><div>kcgV63GB6D7wHRF4TVe4xIBqKpbBhhN+ISwFN1z+gx3lfyRMSmiTSrGdKEQe</div><div>XSIQKG8XZQZUDhLNkqPS+7EMV1g7+lOfT4GhLL68dUXDa1e9YxGH6zkpVECw</div><div>Spe3vsHZr6CqFg==</div><div>=/vUJ</div><div>-----END PGP PUBLIC KEY BLOCK-----</div></div></div>
</div>