Is there any reason I shouldn’t use an XPUB for auto withdrawals from my swan account to my cold wallet?
#asknostr #bitcoin Swan says they use it responsibly. Not sure what that’s worth.
Discussion
The reason is that swan will know all of your Bitcoin addresses and it will be tied to your name, address, full kyc info. This means that not only are your future transactions not private, but if/when they get hacked or leak customer data, your utxos and wallet balance are publicly tied to your home address etc.
So I created a new wallet as suggested by Swan with a fresh xpub, so would they only be able to see any addresses and transactions on that wallet or the entire cold wallet?
Swan would only see the new xpub’s addresses. Do you mean you generated a new seed phrase on an existing hardware wallet? My understanding is they wouldn’t know your ownership of any addresses linked to a different seed phrase. But your Swan purchases would be sent to your new wallet and those would be visible to Swan (and any future bad actor).
I created a new wallet within my hardware wallet. No new seed phrase but its UTXOs are separate from the rest I think. Well when I generate an address to receive it’s for that individual wallet.
Hmm. I always assumed you could either have a single xpub per seed phrase, or have multiple “wallets” by adding a passphrase to a seed - which I believe generates a new xpub. But this may be a bit beyond my technical know-how, at this point.
To your original question, the reasons not to give your xpub to swan include the privacy concerns I mentioned. If you move those utxos out of cold storage later (or just move to a different wallet), you can gain forward-looking privacy via coinjoin but Swan/onlookers would know you moved those coins.
I understand. Thanks for the info I appreciate it.
