Bitcoin Forum
May 25, 2022, 05:11:33 PM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Can a HD XPubkey be obtained back from a derived public address?  (Read 157 times)
kobik
Jr. Member
*
Offline Offline

Activity: 39
Merit: 3


View Profile
May 02, 2018, 06:50:01 AM
Last edit: May 02, 2018, 07:00:41 AM by kobik
 #1

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...
I thought it is impossible, but someone I know claims it is possible.
And if it is possible isn't the privacy compromised in this situation?

Not sure if this is directly related but also take a look at
Deterministic Wallets, Their Advantages and their Understated Flaws ("An Understated Problem" section):
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/
1653498693
Hero Member
*
Offline Offline

Posts: 1653498693

View Profile Personal Message (Offline)

Ignore
1653498693
Reply with quote  #2

1653498693
Report to moderator
1653498693
Hero Member
*
Offline Offline

Posts: 1653498693

View Profile Personal Message (Offline)

Ignore
1653498693
Reply with quote  #2

1653498693
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1653498693
Hero Member
*
Offline Offline

Posts: 1653498693

View Profile Personal Message (Offline)

Ignore
1653498693
Reply with quote  #2

1653498693
Report to moderator
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2456



View Profile WWW
May 03, 2018, 10:08:45 AM
Merited by HeRetiK (1)
 #2

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...

You don't derive addresses from a xpubkey. You derive (child-)public keys from an xpubkey.
The derivation can not be calculated 'reversed'. It behaves like a hash function.

An address is the hash of your public key which logically also can't be reversed.

So, no. This is not possible.
It is not possible to calculate the public key of the corresponding address (public key is 'exposed' after broadcasting a transaction).
It is not possible to calculate the xpubkey from an public key.



I thought it is impossible, but someone I know claims it is possible.

The person you know probably doesn't have a clue.



And if it is possible isn't the privacy compromised in this situation?

If it would be possible, then yes. But since this is not possible, everything is fine.

HeRetiK
Legendary
*
Offline Offline

Activity: 2212
Merit: 1749


the forkings will continue until morale improves


View Profile
May 03, 2018, 11:16:22 AM
 #3

What you should be aware of is that anyone who has access to your xpub key will be able to track any transaction that will move through its derived addresses. So while not as critical as private keys, you should also keep your xpub key safe from prying eyes, otherwise your privacy may be compromised.

Other than that, just like bob123 said: No, you can't derive the xpub key from one of its child public keys.

JohnGalt
Full Member
***
Offline Offline

Activity: 247
Merit: 114


Who is John Galt?


View Profile
May 03, 2018, 05:41:50 PM
Merited by Xynerise (1)
 #4

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...
I thought it is impossible, but someone I know claims it is possible.
And if it is possible isn't the privacy compromised in this situation?

Not sure if this is directly related but also take a look at
Deterministic Wallets, Their Advantages and their Understated Flaws ("An Understated Problem" section):
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/

You cannot derive a key (public or private) from an address because an address is a hash (plus version byte and checksum).

Perhaps you are confusing that with a different issue: you can derive the master private key from the master public key and a child private key.

Trade physical bitcoins: Economy > Marketplace > Goods > Collectibles
My signing address: 19mzFU4zFrZHkAkHSUta6LapJ6fTFJyhiH
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!