Ali Sherief [ARCHIVE] on Nostr: š Original date posted:2023-05-30 šļø Summary of this message: Proposal to ...
š
Original date posted:2023-05-30
šļø Summary of this message: Proposal to encrypt extended private keys using reversible encryption, allowing for easier manufacturing of physical coins with lot and sequence numbers.
š Original message:Just like we have BIPP38 encrypted keys for singular private keys, I was wondering if it would be possible to come up with a way to encrypt an extended private key using reversible encryption.
BIP38 was designed with physical coins in mind, and in particular covers the cases for lot and sequence numbers in detail.
There is a case to be made that in an encrypted extended private key, the lot and sequence numbers can be placed in the HD derivation path. In particular they can be derived like this: m/lot'/sequence' and both of them use hardened derivation.
The advantage would be that coinmakers would only have to generate one master private key during manufacturing instead of a ton of private keys.
But this is not a very convincing advantage so I'd like to hear what is other people's take on this.
-Ali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230530/59054c47/attachment.html>
šļø Summary of this message: Proposal to encrypt extended private keys using reversible encryption, allowing for easier manufacturing of physical coins with lot and sequence numbers.
š Original message:Just like we have BIPP38 encrypted keys for singular private keys, I was wondering if it would be possible to come up with a way to encrypt an extended private key using reversible encryption.
BIP38 was designed with physical coins in mind, and in particular covers the cases for lot and sequence numbers in detail.
There is a case to be made that in an encrypted extended private key, the lot and sequence numbers can be placed in the HD derivation path. In particular they can be derived like this: m/lot'/sequence' and both of them use hardened derivation.
The advantage would be that coinmakers would only have to generate one master private key during manufacturing instead of a ton of private keys.
But this is not a very convincing advantage so I'd like to hear what is other people's take on this.
-Ali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230530/59054c47/attachment.html>