Avoiding xpub+derivation reuse across wallets, in a UX-friendly manner

The discussion highlights the significance of retaining the coin_type' in key hierarchies despite the advancements in descriptor languages that mostly supersede traditional derivation standards. The use of coin_type' is emphasized as beneficial for partitioning keys across different networks or coins, a practice employed by hardware wallets like Ledger to restrict acceptable derivation paths. This approach suggests a potential for incorporating coin_type' into future Bitcoin Improvement Proposals (BIPs), advocating for its inclusion in the initial steps of derivation paths to enhance security and organization.

Concerns are raised regarding the user experience (UX) implications of increasing the entropy in descriptors, especially for hardware signing devices. The necessity for users to verify information displayed on these devices introduces a risk of ransom attacks, wherein malware could deceive users into accepting incorrect backup descriptors. Such scenarios underline a trade-off between enhancing privacy and potentially complicating the UX during critical security procedures. The complexity of minimizing entropy without compromising privacy is acknowledged, alongside the impracticality of maintaining state on signing devices.

A novel solution proposed involves the use of small storage providers for backing up additional, dynamically updateable information. This concept extends beyond merely storing descriptors and wallet policies, encompassing any "monotonic" information—a term used to describe data that only accumulates over time, such as used extended public keys (xpubs). The idea here is to facilitate multiple digital copies of such information to ensure redundancy and ease of reconciliation. The envisioned backup system would rely on various platforms for storage, including personal devices, cloud services, and semi-trusted contacts, aiming to mitigate the risks associated with losing this information. Despite its potential benefits, the realization of such a system requires significant development in terms of tooling, standards, and management practices, extending well beyond the scope of the initial discussion. This proposal implicitly references BIP-329 as an example of information that could benefit from monotonic backup solutions.