Edited ch05.asciidoc with Atlas code editor

2024-11-23 00:28:14 +00:00 · 2017-07-18 09:32:03 -07:00 · 2017-07-18 09:32:03 -07:00 · 8fb232ff11
commit 8fb232ff11
parent e3f86f1f88
1 changed files with 1 additions and 0 deletions
--- a/ch05.asciidoc
+++ b/ch05.asciidoc
@ -430,6 +430,7 @@ To counter this risk, HD wallets use an alternative derivation function called _
 .Hardened derivation of a child key; omits the parent public key
 image::images/mbc2_0513.png["ChildHardPrivateDerivation"]

+[role="pagebreak-before"]
 When the hardened private derivation function is used, the resulting child private key and chain code are completely different from what would result from the normal derivation function. The resulting "branch" of keys can be used to produce extended public keys that are not vulnerable, because the chain code they contain cannot be exploited to reveal any private keys. Hardened derivation is therefore used to create a "gap" in the tree above the level where extended public keys are used.

 In simple terms, if you want to use the convenience of an xpub to derive branches of public keys, without exposing yourself to the risk of a leaked chain code, you should derive it from a hardened parent, rather than a normal parent. As a best practice, the level-1 children of the master keys are always derived through the hardened derivation, to prevent compromise of the master keys.