Ethkey - extended keys #4377
Ethkey - extended keys #4377
Conversation
NikVolf
added
A0-pleasereview 🤓
| let mut data = [0u8; 37]; | ||
|
|
||
| let sec_private = SecretKey::from_slice(&SECP256K1, &*private_key) | ||
| .expect("Caller should provide valid private key"); |
There was a problem hiding this comment.
not a valid expectation -> either prove or provide an error return path
There was a problem hiding this comment.
it's internal function, the upper code never passes random hashes in it
There was a problem hiding this comment.
added comment that it can panic just in case
| // curve point (compressed public key) -- index | ||
| // 0.33 -- 33..37 | ||
| data[0..33].copy_from_slice(&public_serialized); | ||
| BigEndian::write_u32(&mut data[33..37], index); |
There was a problem hiding this comment.
only u32? we might want to provide an extended version of this which can handle 256-bit indexs
There was a problem hiding this comment.
why do you need so much?
using u32 allows to derive 2^31 soft and 2^31 hard keys
There was a problem hiding this comment.
yup, but that number is theoretically searchable. my understanding is that the maths allows for 2**256 soft keys, which then means that you can have cryptographically secure receive addresses. basically, you want to make a secret payment to address X: you generate address Y = soft(X, H) where H is some cryptographically secure invoice identifier (e.g. the sha3 of the invoice PDF). if you don't have H then you cannot associate X with Y, but once you do have H then you can prove that the owner of X can access the funds at Y.
basically it lets you send funds to someone's public address without the payment itself being made public. but still with the ability for either party to make the payment public at a later date.
There was a problem hiding this comment.
Nice explanation, and It's easy to implement, actually
|
i presume those tests are the official test vectors? |
|
@gavofyork |
|
@gavofyork |
gavofyork
added
A8-looksgood 🦄
|
@NikVolf let me know if you can't see an easy way to extend index length to 256 bit. |
|
will merge as-is; 256-bit indexes can be added in a second PR. |
Deterministic derivation of private & public keys using secp256k1 elliptic curve
based on bitcoin hd wallet spec (BIP0032): https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki