Author: Leonardo Comandini 2020-09-29 17:34:28
Published on: 2020-09-29T17:34:28+00:00
The author of the post argues that the chain code in BIP32 is not necessary. The post provides a schematic of BIP32 operations which are to be compared with an alternative proposal, discussing the differences. The post presents private and public child derivation formulae for the secp256k1 generator, the parent and the ith child keypairs, and the corresponding chain codes. The formula for unhardened public derivation resembles a pay-to-contract scheme. The post then introduces an alternative proposal for derivation without the chaincode using adequately strong hash function 'h' that converts its output to integer. The post claims that this has the same properties as BIP32 and allows having mnemonics for subaccount keys. The post also provides references [1]-[3] for more information.
Updated on: 2023-06-14T15:47:31.189763+00:00