Is it possible to check if an Address was generated from an HD Public Key.

2

Suppose I know a specific address and I know a full HD Public Key. Is it possible to determine if the address is a hash of one public keys generated from the HD public key in constant time, or in other words without checking every possibility?

Loourr

Posted 2017-10-11T01:25:12.777

Reputation: 3 022

Answers

2

No, it is impossible to know. You would have to check every possibility.

Andrew Chow

Posted 2017-10-11T01:25:12.777

Reputation: 40 910

Thanks, that makes sense to me intuitively, but do you know of any way to prove it?Loourr 2017-10-11T12:42:54.117

A strong hash function should have output that is indistinguishable from random data. Both SHA256 and Ripemd160 (tthe two hash functions involved here) are not known to be broken. There is no known way to find a relationship between the hash and the preimage. This means that you can't even figure out what the pubkey for an address is. Furthermore, deriving additional keys uses SHA512 (related to SHA256) which means that there is no way to find a relationship between the derived key and its parent except through brute force.Andrew Chow 2017-10-11T14:22:42.117

That makes sense. Would it be possible in Etherium given (at least as far as I understand it) that the address is just the truncated private key?Loourr 2017-10-11T17:47:24.203

I don't use Ethereum or study it, so I don't know.Andrew Chow 2017-10-11T18:00:50.907