Bitcoin Forum
January 27, 2022, 10:35:35 AM *
News: Vote on the 2021 community awards
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Can a HD XPubkey be obtained back from a derived public address?  (Read 156 times)
kobik
Jr. Member
*
Offline Offline

Activity: 39
Merit: 3


View Profile
May 02, 2018, 06:50:01 AM
Last edit: May 02, 2018, 07:00:41 AM by kobik
 #1

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...
I thought it is impossible, but someone I know claims it is possible.
And if it is possible isn't the privacy compromised in this situation?

Not sure if this is directly related but also take a look at
Deterministic Wallets, Their Advantages and their Understated Flaws ("An Understated Problem" section):
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/
1643279735
Hero Member
*
Offline Offline

Posts: 1643279735

View Profile Personal Message (Offline)

Ignore
1643279735
Reply with quote  #2

1643279735
Report to moderator
1643279735
Hero Member
*
Offline Offline

Posts: 1643279735

View Profile Personal Message (Offline)

Ignore
1643279735
Reply with quote  #2

1643279735
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1643279735
Hero Member
*
Offline Offline

Posts: 1643279735

View Profile Personal Message (Offline)

Ignore
1643279735
Reply with quote  #2

1643279735
Report to moderator
1643279735
Hero Member
*
Offline Offline

Posts: 1643279735

View Profile Personal Message (Offline)

Ignore
1643279735
Reply with quote  #2

1643279735
Report to moderator
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2430



View Profile WWW
May 03, 2018, 10:08:45 AM
Merited by HeRetiK (1)
 #2

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...

You don't derive addresses from a xpubkey. You derive (child-)public keys from an xpubkey.
The derivation can not be calculated 'reversed'. It behaves like a hash function.

An address is the hash of your public key which logically also can't be reversed.

So, no. This is not possible.
It is not possible to calculate the public key of the corresponding address (public key is 'exposed' after broadcasting a transaction).
It is not possible to calculate the xpubkey from an public key.



I thought it is impossible, but someone I know claims it is possible.

The person you know probably doesn't have a clue.



And if it is possible isn't the privacy compromised in this situation?

If it would be possible, then yes. But since this is not possible, everything is fine.

HeRetiK
Legendary
*
Online Online

Activity: 2100
Merit: 1673


the forkings will continue until morale improves


View Profile
May 03, 2018, 11:16:22 AM
 #3

What you should be aware of is that anyone who has access to your xpub key will be able to track any transaction that will move through its derived addresses. So while not as critical as private keys, you should also keep your xpub key safe from prying eyes, otherwise your privacy may be compromised.

Other than that, just like bob123 said: No, you can't derive the xpub key from one of its child public keys.

JohnGalt
Full Member
***
Offline Offline

Activity: 247
Merit: 114


Who is John Galt?


View Profile
May 03, 2018, 05:41:50 PM
Merited by Xynerise (1)
 #4

Suppose I have an HD public xpubkey and I derive bitcoin public address(es) from it.
Given one of the public bitcoin address derived from it e.g. 1F1tAaz5x1....
Can you get the xpubkey e.g. xpub6DKUi1BvKEgn...
I thought it is impossible, but someone I know claims it is possible.
And if it is possible isn't the privacy compromised in this situation?

Not sure if this is directly related but also take a look at
Deterministic Wallets, Their Advantages and their Understated Flaws ("An Understated Problem" section):
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/

You cannot derive a key (public or private) from an address because an address is a hash (plus version byte and checksum).

Perhaps you are confusing that with a different issue: you can derive the master private key from the master public key and a child private key.

Trade physical bitcoins: Economy > Marketplace > Goods > Collectibles
My signing address: 19mzFU4zFrZHkAkHSUta6LapJ6fTFJyhiH
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!