BIP32 child derivation from another child

2

I have a bit of conceptual problem here, Let's say I have a BIP32 implementation. If I derive two subkeys (1/2/1/2) and (1/2). is it possible to derive (1/2/1/2) from (1/2) with a subkey of (1/2)? I tried with chain_code and some other attributes but couldn't do so. by theory it should be possible to do so.

{
   "BTC_address_uncompressed": "1Pgi2HfASCtdVRNvX9HAtExenob1P5XtND", 
   "address_uncompressed": "1Pgi2HfASCtdVRNvX9HAtExenob1P5XtND", 
   "chain_code": "2b8efcd0870f61cac59eada4a1134a4f85d6817dc9a3dd7bf05f36e6c441a86c", 
   "child_index": "2", 
   "hash160": "392c59e21bc90f9c64ecc231db10cb04536277d6", 
   "hash160_uncompressed": "f8d53bbd2c19a6ba9e8f35acecea7c37e31f80b1", 
   "key_pair_as_sec": "02f9f02c77c6941f6352a2dd0a49964855ca239f008cd3be82532dacda0a3c79cd", 
   "key_pair_as_sec_uncompressed": "04f9f02c77c6941f6352a2dd0a49964855ca239f008cd3be82532dacda0a3c79cd3872f468b85780e4bdcf377d8edf489598db1c2599cda0b850485fca2dbfb2cc", 
   "netcode": "BTC", 
   "parent_fingerprint": "1d6a6638", 
   "private_key": "yes", 
   "public_pair_x": "113050249498765822977324374771814145675507826911953945709948991807419582282189", 
   "public_pair_x_hex": "f9f02c77c6941f6352a2dd0a49964855ca239f008cd3be82532dacda0a3c79cd", 
   "public_pair_y": "25532626935404182358748554952372223106065623765752497625888032090220560102092", 
   "public_pair_y_hex": "3872f468b85780e4bdcf377d8edf489598db1c2599cda0b850485fca2dbfb2cc", 
   "public_version": "xpub6DkSjhJroC5HcnATQeZbdVZ2jFvWFvRqtayUJrc3H7GQeZJkKnn1BzdjDXyfYybctt38hyhz6zCdwWUAV6RnZqPone2ogmbTURBWsEFijgB", 
   "secret_exponent": "21957517685205718377964087536472375993731742179518736675030422350744044394236", 
   "secret_exponent_hex": "308b83bc8496fba96b299ca060f8c4cd15201aef14319891118facee42fb56fc", 
   "subkey_path": "1/2/1/2", 
   "tree_depth": "4", 
   "wallet_key": "xprv9zm6LBmxxpWzQJ5zJd2bGMcJBE61rThzXN3sWUCRimjRmkybnFTkeCKFNFRCnqUsSAPB6AP38ENJNqzwmi51KxsUpNU5Rns3UwNCNw93VWi", 
   "wif": "Kxr5MqcX6p1kCHLYhAtDA8dsuihHC3YJRfQfzrPUi9DZAbv1co8g", 
   "wif_uncompressed": "5JBfbdPYk1EJwfbLR49RxYBd1ASthZkLopfttAq96F6ZfSXB2uK", 
   "y_parity": "even"
}
{
   "BTC_address_uncompressed": "1CpmMHVTTn49351P4miiJZ6Wmw7rDJbg3z", 
   "address_uncompressed": "1CpmMHVTTn49351P4miiJZ6Wmw7rDJbg3z", 
   "chain_code": "566d6d36816b37d1bc9f0f926c1bcf48b9bf6c63154f65be05092a7ce0bac35d", 
   "child_index": "2", 
   "hash160": "387e7a981a85ded4ad332ac22400d542de38a978", 
   "hash160_uncompressed": "81b1f48274c505147b5bf587db589062b1b69f5b", 
   "key_pair_as_sec": "02c2f7da1cdc57f27e145a9fda472bfdc16cfc5b4ee32ee222413b0d88edc965f1", 
   "key_pair_as_sec_uncompressed": "04c2f7da1cdc57f27e145a9fda472bfdc16cfc5b4ee32ee222413b0d88edc965f1a42ae022c788b0979dd88be456fd1c978ff3b0106799bc17de4cd46d17832970", 
   "netcode": "BTC", 
   "parent_fingerprint": "35a566ae", 
   "private_key": "yes", 
   "public_pair_x": "88186609208940930858580461894832276236539662740019279303523484605501248464369", 
   "public_pair_x_hex": "c2f7da1cdc57f27e145a9fda472bfdc16cfc5b4ee32ee222413b0d88edc965f1", 
   "public_pair_y": "74255061673209624574278121782459859935947830070827127273487212667373296494960", 
   "public_pair_y_hex": "a42ae022c788b0979dd88be456fd1c978ff3b0106799bc17de4cd46d17832970", 
   "public_version": "xpub6AAW9FwEvZaNLKtYTx1vFA1R1dVQv5GwTXwqgCg6GXq7E3fKVz7aaNGLFVcHH9LpWgqUpJ7FRFcibtRWzJ1WegqzZyynr66KxDLUPcpjRNK", 
   "secret_exponent": "88370307846732603980165533658065807515286167433444038693954586861070917075377", 
   "secret_exponent_hex": "c35fd25e084c54afae5c7a9942f1374780bd2b8a55e4148c5615ea2ed84c81b1", 
   "subkey_path": "1/2", 
   "tree_depth": "2", 
   "wallet_key": "xprv9wB9jkQM6C257qp5MvUut24gTbevWcZ66K2EspGUiCJ8MFLAxSoL2ZwrQEahDCk2EugHxu5w6p5z6cHLdk9yE9bC5axxbaT49Ccs4UUPTzb", 
   "wif": "L3mVYhLfDx23vrSRdWYQgk1Myqga4cFXVepcFJ4EQ774e5GRFHXB", 
   "wif_uncompressed": "5KJL9zdB282beaQS4jwhFttHY19xyZ17uiCEspN87bTkRJEHtZH", 
   "y_parity": "even"
}

Shayan

Posted 2015-02-27T19:25:24.247

Reputation: 281

Answers

2

I was able to derive the first part from the second using the btcutil package from btcsuite:

package main

import (
    "fmt"

    "github.com/btcsuite/btcutil/hdkeychain"
)

func main() {
    xkey, _ := hdkeychain.NewKeyFromString("xprv9wB9jkQM6C257qp5MvUut24gTbevWcZ66K2EspGUiCJ8MFLAxSoL2ZwrQEahDCk2EugHxu5w6p5z6cHLdk9yE9bC5axxbaT49Ccs4UUPTzb")
    // go to child "1"
    child1, _ := xkey.Child(1)
    // go to child "2"
    child2, _ := child1.Child(2)

    pub, _ := child2.ECPubKey()

    serialized := fmt.Sprintf("%x", pub.SerializeUncompressed())
    fmt.Printf("Is Equal: %v\n", serialized == "04f9f02c77c6941f6352a2dd0a49964855ca239f008cd3be82532dacda0a3c79cd3872f468b85780e4bdcf377d8edf489598db1c2599cda0b850485fca2dbfb2cc")

}

Note the serialized uncompressed format is from the 1/2/1/2 node and the xprv is from the 1/2 node.

When you run this program, you should get "Is Equal: true".

Jimmy Song

Posted 2015-02-27T19:25:24.247

Reputation: 7 067

Do you know what exactly is passed to xkey.Child() function? is it the chaincode or the xprv suffice?Shayan 2015-03-02T15:52:48.173

The xkey creation function just needs the extended private key. The Child() function gives the nth child. So in your case, the "1" in "1/2" means 1st (non-hardened) child of the xkey and the "2" means the 2nd (non-hardened) child of the child you just derived. Make sense?Jimmy Song 2015-03-02T17:34:39.080

I guess the problem is with the library that I use. it does not work the way by theory it shouldShayan 2015-03-03T23:29:29.860

Asked: 2015-02-27T19:25:24.247

Viewed: 136 times

Active: 2015-04-22T18:16:27.580