On Tue, Feb 9, 2021 at 2:19 AM Christopher Allen < ChristopherA@lifewithalacrity.com> wrote: > > > On Tue, Feb 9, 2021 at 2:06 AM Hugo Nguyen wrote: > >> >> I don't think reusing XPUBs inside different multisig wallets is a good >> idea... For starters, loss of privacy in one wallet will immediately affect >> privacy of other wallets. I think multisig wallets should be completely >> firewalled from each other. That means one unique XPUB per wallet. This is >> what we have been doing with the Nunchuk wallet. >> > > To be clear, I have stated repeatedly that xpub reuse into multisig is a > poor practice. However, finding a trustless solution when a wallet is > airgapped with no network, or is stateless like Trezor, is quite hard. > > The challenge also includes how does an airgapped or stateless wallet know > that it is talking to the same process on the other side that that it gave > the xpub to in the first place. Without state to allow for a commitment, or > at least a TOFU, a cosigner who thought he was part of a 3 of 5 could > discover that he instead is in a 2 of 3, or in a script with an OR, as some > form of scam. > The shared secret approach that I mentioned in the proposal actually can help you here. The TOKEN doubles as a session ID - thereby establishing a common state on both sides. Best, Hugo > > — Christopher Allen > >>