Show Posts
The main question is if you have just the private key for one or more addresses in a deterministic wallet, are the other addresses at risk or are they secure.
A full Armory wallet is just
1x Root Private Key
1x Root Public Key
1x Chaincode
A watching-only Armory wallet is just
1x Root Public Key
1x Chaincode
So basically watching-only wallets don't have any private key data at all, and the chain code is just a constant that is carried through all the calculations. With the priv key + chaincode, you can compute all private keys. With public key + chain, you can compute all public keys that match the private keys produced on the full/offline wallet.
The chaincode and public key are not security-sensitive. Someone getting them is a breach of privacy, not security. All internet security is based on the fact that the public key is widely distributed (i.e. "public") and that the scheme maintains full security as long as no one else has the private key.
1x Root Private Key
1x Root Public Key
1x Chaincode
A watching-only Armory wallet is just
1x Root Public Key
1x Chaincode
So basically watching-only wallets don't have any private key data at all, and the chain code is just a constant that is carried through all the calculations. With the priv key + chaincode, you can compute all private keys. With public key + chain, you can compute all public keys that match the private keys produced on the full/offline wallet.
The chaincode and public key are not security-sensitive. Someone getting them is a breach of privacy, not security. All internet security is based on the fact that the public key is widely distributed (i.e. "public") and that the scheme maintains full security as long as no one else has the private key.
How about any derived private key, which is not the root key? How serious a leak would that make? Does it compromise all the other private keys as well, if the attacker knows the chain code? (which I assumed is the same for both, private and public chains).
You should always assume that revealing a private key from a deterministic wallet will reveal all siblings. In Armory wallets, if private key x is revealed with the chaincode, all private keys >= X+1 are revealed.
But I don't spend much time worrying about this. We do not support or claim to support any use cases where private keys are intentionally revealed. And if your wallet is unintentionally compromised, they will all be revealed anyway.
