pull down to refresh
Thanks for taking the time to read and comment, I appreciate it.
I had to do a bit of studying to fully grasp the nuance you pointed out.
I edited the sentence to make sure it's technically correct:
Losing one private key means losing access to the funds at that one address, assuming hardened derivation is used.
I tried to keep it brief without getting too deep into the technicals, as this article targets general users.
reply
There are some nuances with BIP-32 key derivation (especially of the xpub non-hardened derivation kind) that could invalidate something you wrote:
Note that if you shared your xpub with someone and the same person learns a single leaf private key, they can derive all the non-hardened keys in the set, while hardened keys prevent address derivation without knowledge of the private key.
So you should always be aware that by using xpubs, you weaken your security through the key derivation algorithm itself. Doesn't have to be a huge problem as long as you're really careful with your xpub, though.