[Bitcoin-development] Multisign payment protocol?
Thomas Voegtlin
thomasv1 at gmx.de
Tue Mar 11 15:37:42 UTC 2014
> Trezor and Electrum may be earlier than this.
Sorry for not joining the discussion earlier.
I have postponed the release of bip32 features in Electrum due to
ongoing discussions with Trezor and bitcoinj developers.
I planned to post a summary in a separate thread, but this info is also
relevant for this thread, so I'm posting here.
(sorry if this is a bit offtopic, though)
I plan to create a 2-factor authentication service that uses p2sh
addresses in Electrum.
All addresses are derived from the wallet root seed, and should be
recoverable from it.
(of course this departs from scenarios where master keys are generated
independently;
my opinion is that both should be possible)
So, when the user activates 2fa protection, the root private key is
deleted from their hard drive, as well as the
master private key of one of the branches used to create p2sh addresses
(which is sent to a remote server).
See this (fairly old) description here for more details:
https://bitcointalk.org/index.php?topic=274182.0
Since I still want to be able to generate 1of1 accounts after the 2fa
protection is activated,
1of 1 accounts should not be generated directly from the root of the tree.
Thus, an extra level must be inserted in the tree.
For example, 1of1 addresses can be derived as follows:
m/reserved'/n'
where n is the account index, and "reserved" is an index that indicates
the type of address.
(0 would be reserved for 1of1 addresses)
slush suggested that another layer of derivation would be useful, in
order to use wallets
with altcoins on the same seed. This lead to this type of derivation:
m/coin'/reserved'/n'
where "coin" would be 0 for Bitcoin, and "reserved" would be 0 for 1of1
addresses
Thomas
More information about the bitcoin-dev
mailing list