Related : yesterday Square open-sourced their HSM-based cold storage wallet ( https://github.com/square/subzero ). Doesn't seem to be based on BitcoinJ though.
Le mar. 23 oct. 2018 à 10:28, Andreas Schildbach <[email protected]> a écrit : > I'm not sure if anyone has ever done it. Are there any HSMs that can do > the BIP32 derivation of private keys? Trezor and its cousins are > probably the best bets, as they're designed for Bitcoin. > > On master there is already the ability to derive from other paths if > needed. That should solve your first problem. > > > On 23/10/2018 05.39, Mike Lawrence wrote: > > Can someone tell me if I am correct in thinking that it's not possible > > (without a lot of work) to use an HSM > > to sign transactions from a BitcoinJ Wallet? I'm getting a "can't use > > private derivation with public only keys" exception > > when I try to generate an Account key using the extended public key from > > an HSM. > > > > > > DETAILS > > > > I'd like to generate an extended public watching key from an HSM's > > private key. > > Then add the watching key to the BitcoinJ wallet. > > > > However this method only allows you to watch "Account" keys: > > > > public DeterministicKeyChain(DeterministicKey watchingKey) { > > checkArgument(watchingKey.getPath().size() == > > getAccountPath().size(), "You can only watch an account key currently"); > > > > > > and "Account" key is hard-coded as a HARDENED key in this method: > > > > protected ImmutableList<ChildNumber> getAccountPath() { > > return ImmutableList.of(ChildNumber.ZERO_HARDENED); > > } > > > > > > I believe normally you obtain an extended PUBLIC key from and HSM and > > create: > > DeterministicHierarchy dh = new > > DeterministicHierarchy(extendedPublicKeyFromHSM); > > > > Then you can generate your own public keys using dh.deriveChild(). > > So, I'd like to obtain a watching key to pass to BitcoinJ like so: > > DeterministicKey accountWatchingKey = > > dh.get(ImmutableList.of(ChildNumber.ZERO_HARDENED), true, true); > > > > However this throws the exception "can't use private derivation with > > public only keys" > > > > > > -- > > You received this message because you are subscribed to the Google > > Groups "bitcoinj" group. > > To unsubscribe from this group and stop receiving emails from it, send > > an email to [email protected] > > <mailto:[email protected]>. > > For more options, visit https://groups.google.com/d/optout. > > > -- > You received this message because you are subscribed to the Google Groups > "bitcoinj" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "bitcoinj" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
