bitcoin-dev
Combined summary - Idea for BIP : Deterministic Wallets with Token support
The exploration of enhancing privacy and security in cryptocurrency transactions, especially within the context of Bitcoin and Ethereum-like coins, uncovers several technical challenges and proposed solutions.
One critical issue is the impracticality of adding an additional node to the derivation path in hierarchical deterministic (HD) wallets to manage the burgeoning number of tokens. This approach is deemed nearly impossible due to the constantly evolving landscape of tokens across various blockchains, which would render any list of available tokens quickly outdated.
A more viable solution involves using the token's address or a hash of it as an additional input in the HMAC function, which generates child private and public keys. This method, recommended to be applied at the "Change" node level, allows for the creation of unique addresses for each token, thereby significantly enhancing user privacy by preventing the linking of transactions to the same identity through address reuse. It also ensures backward compatibility with BIP 44 and maintains that hardware wallets, which only export extended public keys to front-end applications, do not compromise private keys. Consequently, this system supports the dynamic generation of public keys for new tokens without requiring further exports.
Another aspect discussed is the handling of extended public keys with caution due to their sensitive nature. Extended public keys must be treated more carefully than regular public keys because obtaining an extended public key plus any non-hardened private key descending from it could compromise the entire account. The adoption of hardened keys at the account level is suggested as a measure to mitigate this risk.
In addition, there's a mention of BIP-85, which proposes a solution for using a single secret to populate multiple wallets for various purposes through different application codes for each token. This idea aligns with the broader goal of maintaining privacy and security while accommodating the increasing complexity brought about by the multitude of new tokens.
Overall, the discussion encapsulates the ongoing efforts to refine cryptographic practices to secure digital assets better. It highlights the necessity for innovative solutions to adapt to the rapid development of cryptocurrency technologies while ensuring users' privacy and assets are protected.