|
|
|
|
|
|
by smeej
732 days ago
|
|
|
I'm way out of my depth from a cryptography perspective, but if it's saying you could derive the extended public key, I can see why that would matter. With a protocol like Bitcoin, for example, that would allow you to tie each address to the others from the same wallet's xpub, even if they've never moved the coins they received. You'd basically be able to create a watch-only wallet and monitor all of someone's transactions. It doesn't give you access to the funds or anything, and there are already companies that can effectively de-anonymize the vaaaast majority of Bitcoin transactions anyway, but this would make surveillance of the network even easier. |
|
|
These days I regret coming up with the scheme, I'd intended it to be a privacy boost by making it easier and safer to use multiple addresses -- but in practice it's used in places where individual keys would have been fine, and it hurts privacy more often than not. :(