Does NBitcoin use hardened private derivation?

////////////////1st offline SERVER////////////////// //Create Master Private Key with a seed ExtKey privateKey = new ExtKey("16236c2028fd2018eb7049825e6b4f0191de4dbff003579918de7b7348ff06ac"); //create master public key from this privateKey ExtPubKey pubKey = privateKey.Neuter(); //save it's wifStr as key to the next server to use and generate all child keys string wifStr = pubKey.ToString(Network.Main); ////////////////END////////////////// ////////////////2nd online SERVER////////////////// ExtPubKey key = ExtPubKey.Parse(wifStr); //The payment server receive an order, note the server does not need the private key to generate the address uint orderID = 1001; //address created with only extendet publik key BitcoinAddress address = key.Derive(orderID).PubKey.GetAddress(Network.Main); Console.WriteLine(address); ////////////////END//////////////////

Answers

Am I using hardened private derivation function?

No. You're using nonhardened derivation. That's the only kind of derivation that you can use when you only have the public key.

Hardened derivation looks like this:

BitcoinAddress address = privateKey.Derive(orderID, true).Key.PubKey.GetAddress(Network.Main);

It requires the private key. It also doesn't matter if the parent is hardened or not.

I would recommend using nonhardened keys for most applications.

Nick ODell

Posted 2015-04-22T12:19:06.363

Reputation: 26 536

Why so ? in the book "Mastering bitcoin" the recommendation to use hardened keys, for using nonhardened keys and leak of a private Key can expose the all brunch from the extended Publik Key. I don't understand the issue in using hardened keys where you have to give the top private key so how can it create a "firewall" ? – Haddar Macdasi – 2015-04-23T18:35:25.507

@HaddarMacdasi If you're using hardened keys, then the private key needs to be present whenever you want to generate addresses. That is, in practice, less secure. – Nick ODell – 2015-04-23T18:36:47.183