BIP: ??? (tbr after sending to mailing list) Layer: Applications Title: BIP32 key-path-scheme for hot wallets Author: Jonas Schnelli <dev@jonasschnelli.ch> Comments-Summary: No comments yet. Comments-URI: Status: Draft Type: Standards Track Created: 2018-06-28 License: BSD-2-Clause
Define a BIP32 derivation scheme for wallets not intending to use offline signing or auto-watch-only.
This BIP is licensed under the 2-clause BSD license.
Wallets not intending to use cold-storage/offline-signing and not intending to have the option of auto-watch-only script derivation are usually taking a security risk by either adopting native BIP32[1] or BIP44[2] based wallet schemes.
Using non hardened key derivation in conjunction with private key export operations is a security risk [3].
Watch-only wallets are still possible with this proposal by manually exporting scripts.
This document proposes a BIP32 derivation standard for wallets where private keys are always available.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119[4].
Wallets following this standard MUST derive keys with the BIP32 chain path m/<i>'/0'/<k>'
for external keys and m/<i>'/1'/<k>'
for internal (change) keys.
<i>
stands for account<k>
stands for the child key