Skip to content

Instantly share code, notes, and snippets.

@jonasschnelli
Last active June 28, 2018 12:32
Show Gist options
  • Save jonasschnelli/0d383888ac51d5120540571173e35451 to your computer and use it in GitHub Desktop.
Save jonasschnelli/0d383888ac51d5120540571173e35451 to your computer and use it in GitHub Desktop.

  BIP: ??? (tbr after sending to mailing list)
  Layer: Applications
  Title: BIP32 key-path-scheme for hot wallets
  Author: Jonas Schnelli <dev@jonasschnelli.ch>
  Comments-Summary: No comments yet.
  Comments-URI: 
  Status: Draft
  Type: Standards Track
  Created: 2018-06-28
  License: BSD-2-Clause

Table of Contents

Introduction

Abstract

Define a BIP32 derivation scheme for wallets not intending to use offline signing or auto-watch-only.

Copyright

This BIP is licensed under the 2-clause BSD license.

Motivation

Wallets not intending to use cold-storage/offline-signing and not intending to have the option of auto-watch-only script derivation are usually taking a security risk by either adopting native BIP32[1] or BIP44[2] based wallet schemes.

Using non hardened key derivation in conjunction with private key export operations is a security risk [3].

Watch-only wallets are still possible with this proposal by manually exporting scripts.

This document proposes a BIP32 derivation standard for wallets where private keys are always available.

Specification

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119[4].

Wallets following this standard MUST derive keys with the BIP32 chain path m/<i>'/0'/<k>' for external keys and m/<i>'/1'/<k>' for internal (change) keys.

  • <i> stands for account
  • <k> stands for the child key

Reference implementation

https://github.com/bitcoin/bitcoin

References

  1. ^ BIP0032
  2. ^ BIP0044
  3. ^ BIP0032 implications
  4. ^ RFC 2119

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment