Author: Hugo Nguyen 2021-02-09 10:58:06
Published on: 2021-02-09T10:58:06+00:00
In an email exchange between Christopher Allen and Hugo Nguyen, the topic of reusing XPUBs inside different multisig wallets was discussed. Hugo Nguyen expressed his opinion that reusing XPUBs is not a good idea as it leads to loss of privacy across different wallets. He suggested that each multisig wallet should have one unique XPUB to firewall them from each other. Christopher Allen agreed that reusing XPUBs into multisig is a poor practice but found it challenging to find a trustless solution for airgapped or stateless wallets. The challenge lies in how an airgapped or stateless wallet can know that it is communicating with the same process on the other side that it gave the XPUB to in the first place without any state to allow for a commitment or at least a TOFU. This could potentially lead to a cosigner being part of a different configuration than they thought, which could be a form of scam. Hugo Nguyen proposed a shared secret approach that could help establish a common state on both sides using a TOKEN that doubles as a session ID.
Updated on: 2023-06-14T17:36:11.818635+00:00