I restored my entire hard drive image from a week-old backup to a new hard drive including wallet.dat (no activity during the week on wallet.dat).
If I now generate a new receiving address from the wallet and receive funds on that address, would the private key for that new address (and therefore funds) be available to an opportunistic computer repair guy if he were to dump all addresses and private keys from the un-encrypted wallet.dat? i.e., if he generated all addresses in the pool in the un-encrypted wallet.dat, would my new receiving address and private key eventually show up for him?
Does keypoolrefill replace all old addresses with new addresses in the pool or only just replenish back to the maximum? If replaces, then that one command would insure that I'd get an address that's not in the old wallet.dat.
In this scenario, the wallet.dat is still unencrypted right?
If so, then the repair guy can theoretically steal your recent funds because wallet.dat already has a keypool filled with pre-generated keys based from your HDSeed.
For descriptor wallet, each descriptor that your wallet has can re-create the keys that the other copy of the wallet.dat used.
keypoolrefill will just change your default keypool size of 1000keys per descriptor/, but it wont replace the previous keys.
newkeypool on the other hand will seemingly create "
new" keys but all the repair guy has to do is to run the same command to get your new keys.
The right command is
encryptwallet which will set a new HDSeed and refill a new keypool based from it.
But you can only do that once since changing the passphrase with
walletpassphrasechange will not set a new HDSeed.
Alternatively, you can use
sethdseed true "WIF prvkey" (
the WIF prvKey will be used as the new HDSeed) to create a new keypool.
But as obvious, if that happened; just do yourself a favor and create a new wallet to receive your funds.