/
sipaPosted by sipa
Jun 8, 2026/11:59 UTC
In the discussion regarding the use of EC keys within Pay-to-Merkle-Root (P2MR) constructions, it is advised that these keys should be hardened to prevent derivation from an extended public key (xpub). This precaution is essential because exposure of the public key to a quantum-capable attacker could undermine the security benefits expected from using P2MR technology. Hardening the keys ensures that they cannot be derived from known xpubs, adding an extra layer of security against quantum decryption methods.
Moreover, the general consensus is that while using xpubs to derive keys can be considered safe, this assumes the xpubs remain confidential. In scenarios where quantum attackers have potential access, the chaincode associated with the xpub must also be protected with the same rigor as the public key. This approach implies that even though the keys are derived from xpubs, the process effectively mirrors the security measures used in hardened derivation, since both the chaincode and the public keys require similar levels of safeguarding. It is also emphasized that key reuse should be avoided in these settings to maintain optimal security.
Thread Summary (22 replies)
Jun 6 - Jul 3, 2026
23 messages
TLDR
We’ll email you summaries of the latest discussions from high signal bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.
We'd love to hear your feedback on this project.
Give Feedback