BIP 32: Add simpler explanations where I got confused originally reading this. #785

pull ddustin wants to merge 1 commits into bitcoin:master from ddustin:master changing 1 files +7 −2
  1. ddustin commented at 9:38 pm on June 5, 2019: contributor

    Essentially I added the simple explanation for some things next to the more complex ones originally used. If I had these in there when I first came upon this document, I would have had a much easier time digesting it.

    Hopefully these changes help the next peson who reads it.

  2. ddustin renamed this:
    Add simpler explanations where I got confused originally reading this.
    [BIP32] Add simpler explanations where I got confused originally reading this.
    on Jun 5, 2019
  3. ddustin renamed this:
    [BIP32] Add simpler explanations where I got confused originally reading this.
    BIP32: Add simpler explanations where I got confused originally reading this.
    on Jun 5, 2019
  4. ddustin renamed this:
    BIP32: Add simpler explanations where I got confused originally reading this.
    BIP 32: Add simpler explanations where I got confused originally reading this.
    on Jun 5, 2019
  5. luke-jr added the label Proposed BIP modification on Sep 19, 2019
  6. luke-jr commented at 10:28 pm on September 19, 2019: member
  7. in bip-0032.mediawiki:68 in 5cd93556b6 outdated
    64@@ -64,6 +65,8 @@ In what follows, we will define a function that derives a number of child keys f
    65 
    66 We represent an extended private key as (k, c), with k the normal private key, and c the chain code. An extended public key is represented as (K, c), with K = point(k) and c the chain code.
    67 
    68+When deriving child keys, a 'hardened' child key can only be generated using a private key. This provides security advantages but reduces the usefulness of HD key derivation. It is typically used to seperate 'accounts' from each other.
    


    jonatack commented at 9:54 pm on April 26, 2024:
    0When deriving child keys, a 'hardened' child key can only be generated using a private key. This provides security advantages but reduces the usefulness of HD key derivation. It is typically used to separate 'accounts' from each other.
    
  8. jonatack commented at 9:55 pm on April 26, 2024: member
    Pinging BIP author @sipa for feedback (thanks!)
  9. murchandamus assigned sipa on Apr 29, 2024
  10. in bip-0032.mediawiki:54 in 595c030923 outdated
    50@@ -51,10 +51,11 @@ Addition (+) of two coordinate pair is defined as application of the EC group op
    51 Concatenation (||) is the operation of appending one byte sequence onto another.
    52 
    53 As standard conversion functions, we assume:
    54-* point(p): returns the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p.
    55+* point(p): returns the public key for p. This is the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p.
    


    sipa commented at 3:27 pm on April 29, 2024:
    I find this to be somewhat cyclic. We define public/private keys in function of this operation (i.e., the corresponding public key to private key p is point(p)). The change here is adding the reverse that (i.e., defining point(p) as the public key to p).

    ProofOfKeags commented at 8:10 pm on April 30, 2024:
    Yeah I’m in agreement with @sipa here. Points are used as public keys but aren’t equivalent to them in certain use contexts.

    ddustin commented at 8:51 pm on July 11, 2024:

    How about this rewording:

    “point(p): returns the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p (similar to making public key).”

  11. in bip-0032.mediawiki:68 in 595c030923 outdated
    64@@ -64,6 +65,8 @@ In what follows, we will define a function that derives a number of child keys f
    65 
    66 We represent an extended private key as (k, c), with k the normal private key, and c the chain code. An extended public key is represented as (K, c), with K = point(k) and c the chain code.
    67 
    68+When deriving child keys, a 'hardened' child key can only be generated using a private key. This provides security advantages but reduces the usefulness of HD key derivation. It is typically used to separate 'accounts' from each other.
    


    ProofOfKeags commented at 8:09 pm on April 30, 2024:
    ACK this change.

    apoelstra commented at 10:42 am on May 1, 2024:
    I’d prefer the last sentence be dropped. Given the weird security properties of “normal” derivation, I think we should word things as though hardened derivation were the ordinary case, and non-hardened derivation is the one that has a sentence explaining why somebody would want to use it.

    ddustin commented at 8:51 pm on July 11, 2024:

    How about this wording to make it sound more ordinary:

    “When deriving child keys, a ‘hardened’ child key can only be generated using a private key. This provides security advantages and prevents adversarial public key tracing. It is typically used to separate ‘accounts’ from each other.”

    And another sentence added for non-hardened keys:

    This non-hardened result is typically used by a server to continually generate receive addresses without the ability to spend funds.

  12. jonatack commented at 9:36 pm on May 1, 2024: member
    @ddustin mind updating per the new feedback?
  13. murchandamus added the label PR Author action required on May 8, 2024
  14. ddustin commented at 1:17 am on May 9, 2024: contributor

    @ddustin mind updating per the new feedback?

    Absolutely, will do. Traveling at the moment 👍

  15. 5twelve approved
  16. Add simpler explanations where I got confused originally reading this.
    Essentially I added the simple explanation for some things next to the more complex ones originally used. If I had these in there when I first came upon this document, I would have had a much easier time digesting it.
    
    Hopefully these changes help the next peson who reads it.
    b39b409c26
  17. ddustin force-pushed on Jul 11, 2024
  18. jonatack removed the label PR Author action required on Jul 11, 2024
  19. in bip-0032.mediawiki:54 in b39b409c26
    50@@ -51,10 +51,11 @@ Addition (+) of two coordinate pair is defined as application of the EC group op
    51 Concatenation (||) is the operation of appending one byte sequence onto another.
    52 
    53 As standard conversion functions, we assume:
    54-* point(p): returns the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p.
    55+* point(p): returns the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p (similar to making public key).
    


    murchandamus commented at 3:30 pm on July 16, 2024:

    There seems to be a word missing here:

    0* point(p): returns the coordinate pair resulting from EC point multiplication (repeated application of the EC group operation) of the secp256k1 base point with the integer p (similar to making a public key).
    
  20. murchandamus requested review from sipa on Jul 16, 2024
  21. murchandamus added the label Pending acceptance on Aug 21, 2024

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-22 02:10 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me