I've been working on ways to prevent privacy leaks in multisig quorums, and
have come up with a creative use of BIP32 paths.
Working code with broadcasted transactions can be found here:
https://github.com/mflaxman/blind-xpub
This scheme allows for some powerful new features:
- If an unauthorized party gains access to a BIP39 seed phrase, that party
learns nothing about transactions in any multisig quorum that seed participates
in
- It allows trusted-minimized third parties (e.g. a lawyer, accountant, heir,
close friend, "uncle Jim" bitcoiner, collaborative custody service, etc) to
hold an emergency recovery key in a multisig quorum with zero knowledge of what
that key protects
This scheme has been live on mainnet for some time and has multi-vendor support
from several Coordinators and Signers. I am anecdotally aware of large sums of
bitcoin that are currently being HODLed with it.
My hope in publishing this is to encourage more interoperable hardware wallet /
coordinator software support for enhanced privacy, along with improved UX at
each step. Feedback is welcome.
Best,
Michael
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
