bitcoin-dev
Proposal to update BIP-32
Original Postby Marek Palatinus
Posted on: April 21, 2016 12:08 UTC
Jochen Hoenicke has proposed an update to BIP-32, which specifies that if the computed hash I_L is larger or equal to the prime or 0, then the node is invalid and should be skipped in the BIP-32 tree.
This proposal suggests a modification such that the difficulty can be encapsulated in the library. The first point alone is reason enough for change, as all callers of CKDpriv or CKDpub have to check for errors and handle them appropriately. Additionally, it is not clear what to do if an intermediate node is missing. Jochen suggests avoiding the problem by repeating the hashing with slightly different input data until a valid private key is found.