How does new addresses generated on an watch-only wallet

[Diamais]

Hi everybody.
As far as I understand the idea, the seed is used to generate your private keys. And from private keys you generate public addresses (public keys). So you cannot generate any public key without having private key, yes ?

On the other hand, master public key is the key for creating watch-only wallet on your online computer, that can contain viruses, keyloggers and other stuff, but it is save in perspective that nowbody can spend you bitcoins, because this type of wallet does not contains any seed, private keys or password.

My question is! How does this watch-only wallet generate new addresses, while you use some of them for incoming bitcoins ?
That means, that master public key somehow generate private key, otherwise, it will be impossible to create new addresses.

[TheQuin]

A watch only wallet doesn't generate addresses, you simply enter the address you want to monitor. Generally, the idea is that you create a cold wallet off-line and then enter the addresses it generated in a watch only wallet to monitor the balance and transactions.

[Diamais]

Yes, it is clear that cold wallet created offline, I personally do so. But still, after I transfer this MPK to my online comp, and use some of those 20 addresses for incoming bitcoins, I notice that new addresses appeared.

[TheQuin]

That's because it is an HD (Hierarchical Deterministic) wallet

The addresses and private keys are all created from the seed phrase plus a sequence number. The Master Public Key allows it to work out what addresses will be used next. Without the seed phrase, it is not possible to work out the private keys.

https://en.bitcoin.it/wiki/Deterministic_wallet

Certain types of deterministic wallet (BIP0032, Armory, Coinkite and Coinb.in ) additionally allow for the complete separation of private and public key creation for greater security and convenience. In this model a server can be set up to only know the Master Public Key of a particular deterministic wallet. This allows the server to create as many public keys as is necessary for receiving funds, but a compromise of the MPK will not allow an attacker to spend from the wallet. They can alternatively be used in Electrum and Armory to enable completely offline storage and spending, where an offline computer knows the private key and an online one knows only the MPK. Transactions spending coins are ferried between the two computers via USB storage which avoids exposing the offline computer to a network-based attack.

[Diamais]

Now it is clear, thank you very much.

[Abdussamad]

A watch only wallet doesn't generate addresses, you simply enter the address you want to monitor. Generally, the idea is that you create a cold wallet off-line and then enter the addresses it generated in a watch only wallet to monitor the balance and transactions.

This is not correct. A deterministic watch-only wallet i.e. a wallet created using a master public key or extended public key can generate unlimited addresses.

Hi everybody.
As far as I understand the idea, the seed is used to generate your private keys. And from private keys you generate public addresses (public keys). So you cannot generate any public key without having private key, yes ?

There is no such thing as a public address. It is just address. From the private key you derive the public key. Hasing the public key gives you the address. Address and public key are not the same either.

It is possible in deterministic wallets to generate address specific public keys using the extended public key. I'm not a crypto ninja so I don't understand the mechanics of this but if you are interested you can read about it here: https://bitcointalk.org/index.php?topic=19137.0 .

A watch-only wallet can't generate private keys though so it is safe to use it on a computer that may be infected with malware. The only risk is that your privacy will be gone because all your addresses, transactions and balances will be visible to the attacker.

[TheQuin]

This is not correct. A deterministic watch-only wallet i.e. a wallet created using a master public key or extended public key can generate unlimited addresses.

Yes, I misunderstood his question the first time and didn't realise he was referring to a deterministic watch-only wallet.