I've been working on ways to prevent privacy leaks in multisig quorums, and have come up with a creative use of BIP32 paths.

Working code with broadcasted transactions can be found here:
https://github.com/mflaxman/blind-xpub

This scheme allows for some powerful new features:

- If an unauthorized party gains access to a BIP39 seed phrase, that party learns nothing about transactions in any multisig quorum that seed participates in
- It allows trusted-minimized third parties (e.g. a lawyer, accountant, heir, close friend, "uncle Jim" bitcoiner, collaborative custody service, etc) to hold an emergency recovery key in a multisig quorum with zero knowledge of what that key protects

This scheme has been live on mainnet for some time and has multi-vendor support from several Coordinators and Signers. I am anecdotally aware of large sums of bitcoin that are currently being HODLed with it.

My hope in publishing this is to encourage more interoperable hardware wallet / coordinator software support for enhanced privacy, along with improved UX at each step. Feedback is welcome.

Best,

Michael