Publicly available/known xpubx (public keys), for review/research? \ stacker news ~bitcoin

pull down to refresh

Publicly available/known xpubx (public keys), for review/research?

137 sats \ 10 comments \ @Signal312 26 Mar bitcoin

Are there any of these around? Not bitcoin addresses, but bitcoin xpubs - public keys, from which you could create a watch-only wallet.

I'm thinking maybe from entities that want to prove that they truly own the bitcoin that they say they own?

Or from anywhere, really. I just want to experiment.

view all related items

68 sats \ 1 reply \ @office 26 Mar

Mnemonic:

abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about

For m/84'/0'/0'/0:

zpub6rFR7y4Q2AijBEqTUquhVz398htDFrtymD9xYYfG1m4wAcvPhXNfE3EfH1r1ADqtfSdVCToUG868RvUUkgDKf31mGDtKsAYz2oz2AGutZYs

1 sat \ 0 replies \ @Signal312 OP 26 Mar

Ah, that worked great! 219 transactions on that one.

34 sats \ 1 reply \ @supratic 27 Mar

🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓 🥓

0 sats \ 0 replies \ @Signal312 OP 27 Mar

Bacon yummy?

34 sats \ 5 replies \ @optimism 26 Mar

You generally don't want to publish these because if someone manages to get one secret key and the xpub, they can derive all the secret keys within the non-hardened keyspace.

I've always translated this to a requirement that says: xpubs still need secure and encrypted storage - but it's possible that I'm too paranoid.

100 sats \ 4 replies \ @Signal312 OP 26 Mar

Thanks for the reply.

When you say "secret key" - do you mean - if someone has the private key to the wallet? Then they'd be able to just transfer all the bitcoin to a wallet they control, right?

Or does secret key mean the key to one address, and then people could reverse engineer the private key from that one?

I'm probably just not understanding. I'm just looking for an xpub - a public key, with which you could set up a watch only wallet, and see the transactions.

68 sats \ 3 replies \ @optimism 26 Mar

When you say xpub, I am assuming you mean "eXtended public key`, per BIP-0032.

if someone has the private key to the wallet? Then they'd be able to just transfer all the bitcoin to a wallet they control, right?

Or does secret key mean the key to one address, and then people could reverse engineer the private key from that one?

Private key == Secret key - it's the same thing. I'll stick to private to reduce confusion now.

If someone has the private key to a single address derived from the xpub, and the xpub itself, then they can calculate all the private keys underneath that xpub - i.e. essentially the xprv. And yes, "your key, your coin" is also valid, so if you know the private key for any funds on chain, they are "yours".

See the BIP:

One weakness that may not be immediately obvious, is that knowledge of a parent extended public key plus any non-hardened private key descending from it is equivalent to knowing the parent extended private key (and thus every private and public key descending from it). This means that extended public keys must be treated more carefully than regular public keys. It is also the reason for the existence of hardened keys, and why they are used for the account level in the tree. This way, a leak of account-specific (or below) private keys never risks compromising the master or other accounts.

100 sats \ 2 replies \ @Signal312 OP 26 Mar

Thanks for your reply. I think I should have said "Master public key" or "extended public key", right?

So, if they had this - "private key to a single address derived from the xpub" -- AND they had the extended public key, then they could figure out the extended PRIVATE key, and basically steal your bitcoin, is that right?

But wouldn't it be really hard to get the "private key to a single address derived from the xpub"? How would you do that without actually having access to the full extended private key?

68 sats \ 1 reply \ @optimism 26 Mar

So, if they had this - "private key to a single address derived from the xpub" -- AND they had the extended public key, then they could figure out the extended PRIVATE key, and basically steal your bitcoin, is that right?

Yes.

But wouldn't it be really hard to get the "private key to a single address derived from the xpub"?

Yes, but "hard" does not equate impossible. And if you publish your extpub to prove that yes, you really have 2000 BTC, you're a target, congrats.

How would you do that without actually having access to the full extended private key?

How it was done with bybit (#898258): trick you into signing something for 1 of the addresses, something low risk, and then just sweep the whole address range under the xpub

100 sats \ 0 replies \ @Signal312 OP 26 Mar

Got it. Thanks!