Bitcoin Forum
October 13, 2019, 09:21:58 PM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Questions about BIP32 path design  (Read 233 times)
weex
Legendary
*
Offline Offline

Activity: 1104
Merit: 1000



View Profile
November 25, 2016, 07:48:38 PM
 #1

Hey all,

We're looking at adding address generation and BIP32 support to Rein, a decentralized freelance project. The way identities work in Rein is that each user signs a kind of root document called their enrollment with an ECDSA (Bitcoin-style) key which we call their master address.

As part of the enrollment, they sign that another key will be used to sign their day to day documents. The private key for this "delegate" address is stored in the client, whereas the master private key should be kept offline. The setup process for this is not terribly difficult but we're looking to simplify it.

First, we want to generate the master key in the software from a BIP39 mnemonic, have the user type it back into the software to confirm that they've written it down, then store only a key for a BIP32 branch in the software.

Goals:
  • Ensure that compromise of a delegate key will not endanger security for the master key or any other branches made from it.
  • Be able to sign a new branch of the master key to be used as a new delegate branch.
  • Be able to generate delegate keys with a way to independently verify without the private key that they are from the same branch as the original delegate key. Ideally this can be done without exposing every delegate key using from the branch as some might want to be kept private.

I'm sure I'm missing something in this description so looking forward to any questions.

Thanks,

weex
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!