Subnostr

Yeah, agreed in all those points. The alternative I proposed in the other note doesn't require the subsequent pubkeys being children of the same master pubkey, just that the next-in-line pubkey is disclosed upfront, which would make it work for existing, non-HD, pubkeys.

optout 2y ago

I think the details of key relation doesn't really matter, be it HD-derived from a master key, be it derived in a chain from each other, or just a set of predefined keys, they all have in common:

- you have to create some state upfront, with secret and public part

- you have to safeguard the secret part separately from your 'day-to'day' nsec

These two points make pregenerated/HD schemes weaker.

Reply to this note

Please Login to reply.

Discussion

PABLOF7z 2y ago

weaker than what? what alternative are you contemplating?