Bitcoin Forum
May 27, 2024, 09:53:01 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > BIP-32 hardened children
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: BIP-32 hardened children  (Read 712 times)
justusranvier (OP)
Legendary
*
Offline Offline

Activity: 1400
Merit: 1009



View Profile
June 30, 2015, 10:05:38 PM
 #1
Can an observer prove that a given public key is the nth hardened child of a given xpub without access to any of the associated private keys if they know n?

Alternately, can the owner of the private keys create such a proof?
johoe
Full Member
***
Offline Offline

Activity: 217
Merit: 241


View Profile
July 01, 2015, 06:06:34 AM
 #2
To prove that a key is the nth hardened child, you need to provide I_L and prove that it is the result of a HMAC_SHA512 operation.  I don't see how you can prove the latter without giving the second operand of this operation.  However, for a hardened step this contains the private key.
Donations to 1CF62UFWXiKqFUmgQMUby9DpEW5LXjypU3
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > BIP-32 hardened children
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!