Bitcoin Forum
November 14, 2024, 08:25:14 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Electrum deterministic address questions  (Read 572 times)
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
January 27, 2016, 07:30:43 PM
 #1

▣If one third party person knows a BTC address that is part of an electrum wallet, can he generate the other bitcoin addresses in that wallet based on that one address?

▣What if he knows multiple addresses, can he derive all addresses from that info?


▣Or only the master public key can generate the addresses?


▣How to keep the master public key hidden, so that nobody can know the addresses in that wallet? (because it's not protected like the private key)

shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1498
Merit: 1540


No I dont escrow anymore.


View Profile
January 27, 2016, 08:53:11 PM
 #2

If one third party person knows a BTC address that is part of an electrum wallet, can he generate the other bitcoin addresses in that wallet based on that one address?

No.

What if he knows multiple addresses, can he derive all addresses from that info?

No.

Or only the master public key can generate the addresses?

Yes.

How to keep the master public key hidden, so that nobody can know the addresses in that wallet? (because it's not protected like the private key)

Dont let anyone get your wallet file, which you should do anyway to avoid brute force attacks on your private keys.

Im not really here, its just your imagination.
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
January 28, 2016, 05:00:05 AM
 #3

If one third party person knows a BTC address that is part of an electrum wallet, can he generate the other bitcoin addresses in that wallet based on that one address?

No.

What if he knows multiple addresses, can he derive all addresses from that info?

No.

Or only the master public key can generate the addresses?

Yes.

How to keep the master public key hidden, so that nobody can know the addresses in that wallet? (because it's not protected like the private key)

Dont let anyone get your wallet file, which you should do anyway to avoid brute force attacks on your private keys.


Thanks, another quick question:


If a third party knows several addresses from the same electrum wallet, can he associate them with eachother, meaning that can he prove it that those addresses belong to the same wallet , without knowing the master pub key of course?

So if they know   A , B ,C addresses that are in the same wallet, can he prove that A B C are derived from the same master public key without knowing the master pub key?


Dont let anyone get your wallet file, which you should do anyway to avoid brute force attacks on your private keys.

Interesting but what if it's an electrum watch-only address.

The watch only is derived from the pub key, however it doesnt contain the private key.

So they can still obtain the pub key if you watch your money from a watch only wallet, and that can hurt your privacy.

shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1498
Merit: 1540


No I dont escrow anymore.


View Profile
January 28, 2016, 05:51:10 AM
 #4

-snip-
If a third party knows several addresses from the same electrum wallet, can he associate them with eachother, meaning that can he prove it that those addresses belong to the same wallet , without knowing the master pub key of course?

So if they know   A , B ,C addresses that are in the same wallet, can he prove that A B C are derived from the same master public key without knowing the master pub key?


Maybe, if the addresses are spend linked, yes. If not, not. Spend linked means that you use coins you received on A, B and C to create a single transaction. E.g. this TX -> https://blockchain.info/tx/dfb7be5a382e2575e52c7c09289c5eb04f9acecb117c54ae0921ce014977cb90
links 1ASFyXYMd7ffy5AFyoGnvQpc9dmxcN4438 to 1EQA6THR6wCgV8ZeuoZiVqEAMGb9S5sKJT

This method is not perfect as we two could create a TX together to fool people (usually called "CoinJoin" or "SharedCoin"), but its commonly accepted as "proof" when finding connections between addresses, at least here in the forum.


Dont let anyone get your wallet file, which you should do anyway to avoid brute force attacks on your private keys.

Interesting but what if it's an electrum watch-only address.

The watch only is derived from the pub key, however it doesnt contain the private key.

So they can still obtain the pub key if you watch your money from a watch only wallet, and that can hurt your privacy.

AFAIK a watch only wallet isnt protected by the password, so yes. A watch only wallet getting stolen would compromise your privacy, but not your coins.

Im not really here, its just your imagination.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!