Latest posts of: gunrs17

Show Posts
Pages: [1]

Bitcoin / Development & Technical Discussion / Re: Zpub safety

on: September 13, 2021, 10:20:31 PM

Quote from: ranochigo on September 13, 2021, 05:07:03 PM Quote from: gunrs17 on September 13, 2021, 03:08:13 PM I'd like to understand this completely in reference to a multisig setup. Let's use a 2 of 3 multisig as an example. If someone were to have all 3 of the Zpubs and then you accidentally leaked one of your private keys. Is it possible to derive the 2nd private key? And if so then the attacker can sign a transaction from this wallet. No. The private key only allows you to derive the master private key for that specific Zpub in question, it does not compromise the other Zpubs. However, since the attacker has one of your Zpriv (master private key), the attacker can use that master private key to sign for transactions, assuming another person is willing to sign it too. A single compromised Zpub and private key doesn't affect the other signers. Ok yes that was always my understanding. I just misunderstood The previous commenter's point. Thanks!

Bitcoin / Development & Technical Discussion / Re: Zpub safety

on: September 13, 2021, 03:08:13 PM

Quote from: o_e_l_e_o on September 12, 2021, 02:27:16 PM Quote from: gunrs17 on September 12, 2021, 01:58:34 PM I'm a little confused about how we have gotten to the leaking of a private key? Because the combination of a Zpub plus any one individual private key is enough to derive the Zprv and all the associated individual private keys. I'd like to understand this completely in reference to a multisig setup. Let's use a 2 of 3 multisig as an example. If someone were to have all 3 of the Zpubs and then you accidentally leaked one of your private keys. Is it possible to derive the 2nd private key? And if so then the attacker can sign a transaction from this wallet.

Bitcoin / Development & Technical Discussion / Re: Zpub safety

on: September 12, 2021, 01:58:34 PM

Quote from: o_e_l_e_o on September 11, 2021, 07:42:57 PM Quote from: NotATether on September 10, 2021, 05:41:14 AM Publishing (or leaking) a derived address/privkey pair allows anybody to use the master-zpubs to generate the master-zprivs and with that, any private key that can be derived by the master private keys. Leaking a single private key would only allow an attacker to use that private key and the corresponding master public key to derive a single master private key. In the case of a multi-sig wallet, funds would still be safe since the attacker would only have one master private key, and not the threshold number of master private keys. For the coins to be at risk, OP would have to leak multiple private keys derived from different master private keys, which is very unlikely if his multi-sig wallets are all stored separately (as they should be) and he takes reasonable security precautions. Throughout this thread, people are using Zpub and zpub interchangeably. They are not the same thing. zpubs are for P2WPKH addresses, Zpubs are for P2WSH addresses. See here for more info: https://github.com/satoshilabs/slips/blob/master/slip-0132.md I'm only talking about Zpubs. I'm a little confused about how we have gotten to the leaking of a private key? It 100% impossible to obtain A private key from a Zpub(or any derivation of a master public key). And to my original question...In the case of a multisig wallet if someone stores all of their Zpubs in an unsecure place, the only risk is privacy, correct? You are just giving someone the ability to create a watching-only wallet, correct?

Bitcoin / Development & Technical Discussion / Re: Zpub safety

on: September 09, 2021, 12:53:58 PM

Quote from: MagicByt3 on September 08, 2021, 10:41:45 PM Probably not the best idea even if your need more than one of them to spend. If your going to the trouble of using Multi-Sig then why keep the keys online? Seems pretty stupid. Im only talking about keeping the Zpubs online, you can't spend with just Zpubs. you also need the private keys which of course would not be stored online. Im curious if there are risk involved with storing public keys(Zpubs in this example) online.

Bitcoin / Development & Technical Discussion / Zpub safety

on: September 08, 2021, 06:24:59 PM

For multisig you have to have all Zpubs in order to spend. What are the risk associated with savings your list of Zpubs on google drive or the likes so that you can access them from anywhere.

Bitcoin / Bitcoin Discussion / Re: Why do you want NON KYC coin

on: September 08, 2021, 03:44:04 PM

Quote from: Yogee on September 08, 2021, 02:30:03 PM Quote from: gunrs17 on September 08, 2021, 01:52:57 PM Just interested to hear people's reasoning for wanting NON-KYC bitcoin. There are obvious reasons why people choose to transact with BTC. Two of them are privacy and the no intermediary that would potentially hold your funds. Quote Im guessing its so that one can deny ownership from "the man" Are you talking about the tax man or authorities with "the man"? I don't know everyone's stand on taxation and regulation but there could be some people trying to evade taxes or avoid getting flagged by using bitcoin. "The man" = government. Remember when they tried to take everyone's gold?

Bitcoin / Bitcoin Discussion / Why do you want NON KYC coin

on: September 08, 2021, 01:52:57 PM

Just interested to hear people's reasoning for wanting NON-KYC bitcoin. Im guessing its so that one can deny ownership from "the man"

Pages: [1]