Author: Erik Aronesty 2016-08-12 12:36:31
Published on: 2016-08-12T12:36:31+00:00
The discussion on Bitcoin-dev mailing list started with the idea of creating a "publishable seed" that can allow someone to derive random Bitcoin addresses and receive funds. The possible derived address space should be large enough to make generating all possible addresses a barrier for anyone interested in doing so, except for the receiver who would know the private key and could easily scan the blockchain to determine which addresses he has the keys to. However, another party should not be able to do so easily. The question was whether homomorphic encryption may need to be involved. Gregory Maxwell responded to Erik Aronesty's inquiry about how one can take a BIP32 public seed and figure out if an address was derived from it. He suggested that computing all 2^31 possible public child addresses would take a quad-core laptop about 8 hours with competent software. The assumption is that the receiver would not use the whole 2^31 space, otherwise, the receiver would also have to do that computation.
Updated on: 2023-06-11T19:29:52.599402+00:00