Author: Lloyd Fournier 2022-05-04 00:26:46
Published on: 2022-05-04T00:26:46+00:00
The email exchange between LL and vjudeu discusses the possibility of using Taproot to protect individual public keys with passwords. The proposed method involves creating a normal, Taproot-based public key in a secure and random way, then creating another public key by taking a password from the user and executing a proper password hash on it to use as a private key. The two keys are combined in a Schnorr signature to form a 2-of-2 multisig, where the first key is totally random and the second key is a brainwallet that takes a password chosen by the user. The default option is to protect each key with the same password used for the whole wallet, although different passwords could be chosen for different addresses if needed. LL suggests that instead of using a hardware device that protects a secret key via pin, a pinless device could be used with a strong password and proper password hash. It is important not to use sha256 to hash the password, as there are proper password hash options available. While bip39 passwords do something similar, they involve entering them into a potentially malicious hardware device. Descriptors can handle this nicely, in the same way as any other 2-of-2 multisig.
Updated on: 2023-06-15T20:14:16.277587+00:00