HIP-0009: Standard Recoverable Script Addresses
Abstract
We propose a method for generating application-specific scripts and scripthash addresses by deriving key pairs from specific BIP44 branches.
Motivation
Secondary market protocols, like Shakedex (see HIP-1), currently generate a new private key for each script address, which makes recovery possible only as long as the user has backed up each individual key they generate. By deterministically deriving script addresses using a standard BIP44 wallet seed, we can recover the user’s auction listing and pending fills by importing the seed, re-generating the script addresses and re-scanning the blockchain.
BIP32 path generation
Recall from BIP32
that keys are derived from a series of 4-byte indexes. Indexes lower than 0x7fffffff
are derived using non-hardened derivation, which is required if an algorithm
only has access to the public key.
BIP44 address recovery
Recall from BIP44 that wallets using standard BIP32 paths can regenerate all of a user’s private keys and addresses and then, by re-scanning the blockchain, restore the entire previous state of the wallet. The standard is common enough for interoperability between wallet implementations.
BIP44 specifies the following derivation path using BIP32:
m' / purpose' / coin_type' / account' / branch / address_index
(note that '
denotes hardened derivation)
BIP44 also specifies the use of purpose: 44'
and defines two branch indexes:
0x00000000
: receive addresses (“external”)0x00000001
: change addresses (“internal”)
Note that bcoin uniquely uses branch 0x00000002
for
generating nested segwit addresses.
This is only used for Bitcoin of course but exists as “prior art” reference.
New branch
definitions
This HIP document should be maintained as a directory for new script address protocols. Proposals should follow the existing examples and these guidelines:
- “branch” is always expressed as four bytes in hexadecimal.
- “name” can be a casual identifier or application title.
- “script” should list the redeem script for the address using opcode symbols,
and indicate in
{{double-curly-braces}}
where the BIP44-derived public key belongs in the script. Some protocols may require additional public keys from other accounts, etc and we invite those developers to extend the notation here as they see fit. Portions of this field may be left ambiguous as long as it is well-documented in attached links. - “notes / links” should direct developers to additional documentation or existing implementations for further detail.
- Chi Kei Chan <chikeichan@gmail.com>
- Matthew Zipkin <pinheadmz@gmail.com>
Edit on GitHub