Bitcoin Stack Exchange
Bitcoin Stack Exchange

Questions tagged [deterministic-wallets]

Collects questions about deterministic wallets i.e. wallets that derive all private keys in a predictable way from a seed. Deterministic wallets have better backup properties than unrelated random private keys.

63 questions
21
votes
1 answer

Derivation of parent private key from non-hardened child

Quote from BIP 32: One weakness that may not be immediately obvious, is that knowledge of a parent extended public key plus any non-hardened private key descending from it is equivalent to knowing the parent extended private key (and thus every…
meshcollider
  • 11,695
  • 4
  • 24
  • 52
11
votes
1 answer

Is the Electrum seed compatible with other wallets?

Apologies if this is a simple question - a newbie here! I'm trying to understand backups. If I use Electrum to make a back up (including the 12 word seed password), will I then need to use Electrum to restore my BTC/ or can I use a different piece…
Nag
  • 113
  • 1
  • 4
10
votes
1 answer

How do deterministic wallets know how many keys to generate?

Say I backup the "seed/key" for a deterministic wallet. I then create 10,000 transactions, resulting in 10,000 new addresses being generated. Say I then lose the wallet file and I restore from the "seed/key". How does the deterministic wallet know…
bitboy99921232323
  • 101
  • 3
9
votes
2 answers

BIP32 recommends a 256 bit seed. Why do most Bitcoin wallets only use a 128 bit seed?

According to BIP32's "Master key generation" section, "256 bits is advised". See https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Master_key_generation Why did BIP32 consider 256 bits to be the recommended seed size, and why did the…
knaccc
  • 143
  • 1
  • 6
8
votes
2 answers

Electrum: "restoring" a wallet from a seed

Suppose I set up a wallet with a deterministic seed passphrase. I then use it, moving bitcoins around, sending some change to change addresses. Electrum will apparently create more addresses when required; suppose it does so. I later on 'restore'…
occulus
  • 214
  • 3
  • 9
8
votes
3 answers

At what point is a new wallet known by the Bitcoin network?

I was just showing a deterministic wallet to a friend who asked "At what point is the wallet known to the network?" and I could only guess by saying that it is known only when a transaction is broadcast and confirmed... But I don't think that is the…
T9b
  • 1,334
  • 1
  • 11
  • 16
7
votes
1 answer

Determining xprv from xpub and child private key

I'm confused by the wording in BIP0032: One weakness that may not be immediately obvious, is that knowledge of a parent extended public key plus any non-hardened private key descending from it is equivalent to knowing the parent extended …
maletor
  • 173
  • 5
7
votes
1 answer

How does the client know the number of keys and coins when recovering from a seed?

When I have a seed and use it to recover my keys, how does a client find out which keys I had and their respective amounts? To clarify, I understand how a deterministic key works and that we can generate more keys from it. What I'm not sure is how…
Daniel
  • 267
  • 1
  • 9
7
votes
2 answers

HD / Deterministic Wallets and public key

I understand the basic concept of generating an unlimited number of public key addresses from a master public key. What I won't understand is how to get the wallet balance. Do I have to query unspent outputs for every public key in the wallet that I…
Matt
  • 520
  • 3
  • 10
6
votes
3 answers

Is it possible to check if a bitcoin address "belongs to" a master public key from a deterministic wallet?

Let's say I have a Master Public Key (MPK) and have a derived some addresses from it. How can I check later if a given address was derived from my MPK?
Robert-Reinder Nederhoed
  • 186
  • 4
6
votes
1 answer

How secure are current deterministic wallets?

Can someone explain how secure the deterministic wallet implementations of Electrum and Armory are? As far as I know, Electrum uses a 128-bit seed to generate all the addresses. I don't get this because since even a single bitcoin address consists…
Kent748484
  • 61
  • 1
5
votes
1 answer

How do hierarchical deterministic wallets work transaction-wise?

As far as I know (and as explained here) hierarchical deterministic wallets keep a master key pair (private and public). When using them the public key is newly generated in every transaction. I understood that child keys are generated by elliptic…
Pisuke Soramame
  • 51
  • 2
5
votes
1 answer

Derive new public keys from a public key?

This article says you can generate new public keys from an already generated public key. How is this possible? https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276 I thought you could only generate new public keys…
Magritte
  • 51
  • 1
5
votes
2 answers

How to recover a deterministic wallet offline?

I know that in the case of electrum there is a gap limit and it will keep generating addresses until it finds a number of consecutive empty addresses equal to the gap limit. What about if I want to recover my wallet using my seed offline, suppose…
ka lin
  • 123
  • 5
4
votes
1 answer

Is mainline Bitcoin planning on switching to deterministic wallets?

Deterministic wallets enable reliable backups but the mainline client doesn't use them. I was told that bitcoind and Bitcoin-QT are planning on switching to deterministic wallets by default, is this correct? Any idea of when?
Indolering
  • 337
  • 2
  • 15
1
2 3 4 5