Avoiding xpub+derivation reuse across wallets, in a UX-friendly manner

A significant concern raised is the potential compromise of privacy due to the reuse of xpubs across different software wallets, which could inadvertently lead to key reuse. To mitigate this issue, the discussion suggests the adoption of output descriptors that explicitly record derivation paths, thereby making the reliance on standard BIP-based derivation paths less crucial. This approach is particularly relevant for complex wallet configurations such as multisig setups and is seen as a means to prevent xpub reuse without negatively impacting the user experience.

Furthermore, the conversation covers the intricacies of single signature (sig) and multi-signature (multisig) setups, emphasizing the need to maintain or slightly adjust the current standard to focus on elements like purpose, account, and coin type derivation. For single sig configurations, it's suggested that keeping the purpose and account elements unhardened could simplify the process, aligning with existing practices within the cryptocurrency domain. On the other hand, in multisig arrangements, the incorporation of Unix time in an unhardened state is recommended to facilitate the backup process and reduce complexities associated with hardware wallets, improving the overall user experience and security.

Privacy concerns are further addressed through the exploration of air-gapped wallet solutions, notably the proposal of implementing a "xpub request" QR code mechanism. This innovative solution aims to streamline the process of interfacing with hardware wallets by allowing users to securely transmit xpub information through QR codes, thus avoiding manual entry errors and enhancing convenience without sacrificing security.

Additionally, the discussions touch upon the BIP43 standard's limitations in adequately addressing privacy and user experience (UX), highlighting the cumbersome nature of managing multiple xpubs and the challenges presented by hardened derivation. The use of coin_type in key hierarchies is debated, with suggestions pointing towards its potential inclusion in future Bitcoin Improvement Proposals to enhance security and organization, despite its implications for increasing entropy in descriptors and possibly complicating UX during critical security operations.

A novel proposition involves leveraging small storage providers for backing up dynamic information like used xpubs, aiming to ensure redundancy and ease of reconciliation. This idea extends beyond storing descriptors and wallet policies, suggesting a system that uses various platforms for storage, including personal devices, cloud services, and semi-trusted contacts, to mitigate risks associated with data loss.

In conclusion, addressing key reuse in cryptocurrency wallets necessitates a comprehensive strategy that balances user experience, privacy, and technological feasibility. The exploration of new standards and practices, such as output descriptors and innovative backup solutions, plays a crucial role in developing a robust framework that ensures security and privacy without imposing undue burdens on the user.