-
@ c03rad0r
2025-03-14 17:15:34
## BIP-85 vs xpub based derivation path
### Question
Please summarize the above BIP-85 for me. Whats the difference between this and the xpub based account derivation paths? How is address reuse with xpub based paths related to BIP-85 key derivation?
-----------
### Answer
BIP-85 enables deterministic generation of **new seeds/entropy** from a single BIP32 master root key, allowing users to manage multiple wallets/standards (e.g., BIP39, WIF, XPRV, RSA keys) without storing separate backups. It transforms derived keys via HMAC-SHA512 to produce application-specific entropy.
### Key Differences from xpub-Based Derivation
1. **Purpose**:
- **BIP-85**: Generates *entropy* (e.g., new BIP39 mnemonics) for entirely independent wallets.
- **xpub paths** (e.g., BIP44/49/84): Derive child *public keys* for hierarchical accounts under the same seed.
2. **Security Scope**:
- BIP-85 ensures derived seeds are cryptographically isolated—a breach in one application doesn’t compromise others.
- xpub-based accounts share the same root seed; exposure of the xprv compromises all subkeys.
3. **Output**:
- BIP-85 outputs entropy for wallets (e.g., `6250b6...` → *12-word mnemonic*).
- xpub paths output addresses/keys directly (e.g., `m/44'/0'/0'/0/5` for a Bitcoin address).
### Address Reuse Implications
- **BIP-85**: Address reuse is tied to *how the derived entropy is used*. For example:
- If a BIP39 seed from BIP-85 is mishandled (e.g., static index in a wallet), reuse could occur *within that wallet*.
- Each application (e.g., separate BIP85-derived seed for Lightning vs. cold storage) has isolated address spaces.
- **xpub Paths**: Reuse arises from repeated use of the same derivation path index (e.g., always using `m/44'/0'/0'/0/0`).
### Example Workflows
1. **BIP-85**:
```python
# Derive 12-word BIP39 mnemonic from master key
path = "m/83696968'/39'/0'/12'/0'"
entropy = hmac_sha512("bip-entropy-from-k", derived_key)[:16]
mnemonic = bip39_encode(entropy)
```
2. **xpub Path**:
```python
# Derive a Bitcoin address via BIP44
xpub = derive_xpub(master_key, "m/44'/0'/0'")
address = xpub.derive("0/0").address()
```