Avoiding xpub+derivation reuse across wallets, in a UX-friendly manner

Posted by sjors

May 19, 2025/16:02 UTC

The discussion revolves around a proposed backup scheme for wallet accounts, which integrates a unique method of using a descriptor that includes the UNIX time to facilitate easy user identification of the wallet creation date. This method is highlighted on a platform dedicated to Bitcoin technology insights, with a specific reference made to an article titled "A Simple Backup Scheme for Wallet Accounts," available at delvingbitcoin.org. The scheme's advantage lies in its user-friendly approach to wallet recovery and backup, making it simpler for users to recall when they created their wallet based on a significant date.

However, the scheme also presents a privacy concern as it allows co-signers to know the user's extended public key (xpub). This could potentially expose the user to risks if co-signers attempt to locate single signature wallets through brute force attacks by deriving multiple public keys from random dates and checking for their appearance in a OP_CHECKSIGADD operation. Despite this vulnerability, the scheme offers protection for multisig wallets utilizing MuSig2, as these wallets would not have a recovery path, making them virtually impossible to find without also knowing the xpub of a cosigner involved in another multisig arrangement.

To mitigate the risk of exposure and enhance security, it is suggested that users manually select a unique account number for their wallet. This recommendation ensures that as long as the chosen number remains below a certain threshold—suggested to be around one million—the integrity and functionality of the backup scheme remain intact. During the recovery process, the system can iterate through numerous account numbers, thereby maintaining the balance between user convenience and security. This approach underscores the importance of careful consideration in the selection of account numbers, emphasizing the role of user action in safeguarding digital assets.

Link to Raw Post
Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback