[Bitcoin-development] BIP32 Index Randomisation

Matias Alejo Garcia matias at bitpay.com
Fri Mar 13 20:26:32 UTC 2015

> It sounds like the main issue is this is a web wallet server of some kind.
> If the clients were SPV then they'd be checking their own balances and
> downloading their own tx history, which would mean the coordination tasks
> could be done by storing encrypted blobs on the server rather than the
> server itself having insight into what's going on (see: Subspace).

You are killing us Mike! :) We really don't like to think that BWS is
a webwallet. Note
that private keys are not stored (not even encrypted) at the server. Addresses
can be generated offline, funds received and transferred by the peers
without accessing

Currently Copay uses the encrypted blob idea (checks balances and tx
history thought Insight), but after working with Copay for ~6 months
we think having some visibility of the wallet by the multisig
facilitator will make the user experience much better (e.g: mobile

Thanks for the Subspace reference, we will definitely check it.

> So whilst you might be able to use some scheme to avoid the server knowing
> the xpubkey, if the server still knows all addresses and all transactions
> because the clients are web wallets ..... is there any point? It seems like
> maybe going from server knows everything to server knows 95% of everything:
> maybe not worth the engineering cost.

Interesting point. IMO, if we can prevent the server from having the xpubs keys
it would be valuable: It will give us more flexibility for future
features, and if the server is compromised future addresses will not
be known by the attacker, but of course we need to evaluate the cost.


> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development


More information about the bitcoin-dev mailing list