On Mon, Oct 5, 2015 at 9:18 AM, Jean-Pierre Rupp wrote: > > Perhaps Pedro wants to also participate in a 2-of-2 cosigning > arrangement with a merchant that will deliver a laptop to him, so Pedro > provides this merchant with the same extended public key derived from > path m/45', and the merchant provides Pedro with his own: > > Pedro: xpub456... > ElCheapoPC: xpub987... > Thanks for the explanation. OK, maybe that should be stated on BIP45, but it was never the idea that you reuse your xpub for different wallet, as I mention on the original reply. The only implementation of BIP45 I am aware of (Copay), use completely different xprivs for each wallet. > > On 05/10/15 07:57, Matias Alejo Garcia wrote: > > > > Hi, > > > > Sorry the late response. Going back to the original message: > > > > > > > On 03/10/15 13:42, Jean-Pierre Rupp via bitcoin-dev wrote: > > >> I have been reviewing BIP-45 today. There is a privacy problem > > with it > > >> that should at least be mentioned in the document. > > >> > > >> When using the same extended public key for all multisig > > activity, and > > >> dealing with different cosigners in separate multisig accounts, > > reuse of > > >> the same set of public keys means that all cosigners from all > > accounts > > >> will be able to monitor multisig activity from every other > > cosigner, in > > >> every other account. > > > > > > I am not completely sure what you mean by 'account' and 'mutisig > > activity'. You seem to imply > > that the same set of extended public keys will be used in more that one > > wallet, which it is > > not required (and certainly not recommended) by BIP45. > > > > According to BIP45, a singing party, in order to generate a wallet > > address, needs the extended public keys of all the other parties, so > > each party will be able to see the transaction history of the wallet > > they are sharing, but if the party has other wallets with other copayers > > the xpub should be completely different. > > > > matías > > > > > > > > -- > > BitPay.com > -- BitPay.com