Interface AuthenticationTemplateHdKey

The offset by which to increment the addressIndex provided in the compilation data when deriving this HdKey. (Default: 0)

This is useful for deriving the "next" (1) or "previous" (-1) address to be used in the current compiler configuration.

A single-line, human readable description for this HD key.

The path to derive the entity's HD public key from the entity's master HD private key. By default, m (i.e. the entity's HD public key represents the same node in the HD tree as its HD private key).

This can be used to specify another derivation path from which the publicDerivationPath begins, e.g. m/0'/1'/2'. See publicDerivationPath for details.

This path must begin with an m (private derivation) and be fixed – it cannot contain an i character to represent the address index, as a dynamic hardened path would require a new HD public key for each address.

A single-line, Title Case, human-readable name for this HD key.

The derivation path used to derive this HdKey from the owning entity's HD private key. By default, m/i.

This path uses the notation specified in BIP32 and the i character to represent the location of the addressIndex:

The first character must be m (private derivation), followed by sets of / and a number representing the child index used in the derivation at that depth. Hardened derivation is represented by a trailing ', and hardened child indexes are represented with the hardened index offset (2147483648) subtracted. The i character is replaced with the value of addressIndex plus this HdKey's addressOffset. If the i character is followed by ', the hardened index offset is added (2147483648) and hardened derivation is used.

For example, m/0/1'/i' uses 3 levels of derivation, with child indexes in the following order:

derive(derive(derive(node, 0), 2147483648 + 1), 2147483648 + addressIndex + addressOffset)

Because hardened derivation requires knowledge of the private key, HdKey variables with derivationPaths that include hardened derivation cannot use HD public derivation (the hdPublicKeys property in CompilationData). Instead, compilation requires the respective HD private key (CompilationData.hdKeys.hdPrivateKeys) or the fully-derived public key (CompilationData.hdKeys.derivedPublicKeys).

The derivation path used to derive this HdKey's public key from the owning entity's HD public key. If not set, the public equivalent of privateDerivationPath is used. For the privateDerivationPath default of m/i, this is M/i.

If privateDerivationPath uses hardened derivation for some levels, but later derivation levels use non-hardened derivation, publicDerivationPath can be used to specify a public derivation path beginning from hdPublicKeyDerivationPath (i.e. publicDerivationPath should always be a non-hardened segment of privateDerivationPath that follows hdPublicKeyDerivationPath).

The first character must be M (public derivation), followed by sets of / and a number representing the child index used in the non-hardened derivation at that depth.

For example, if privateDerivationPath is m/0'/i, it is not possible to derive the equivalent public key with only the HD public key M. (The path "M/0'/i" is impossible.) However, given the HD public key for m/0', it is possible to derive the public key of m/0'/i for any i. In this case, hdPublicKeyDerivationPath would be m/0' and publicDerivationPath would be the remaining M/i.

Remarks

Non-hardened derivation paths are more useful for some templates, e.g. to allow for new locking scripts to be generated without communicating new public keys between entities for each. However, using a non-hardened key has critical security implications. If an attacker gains possession of both a parent HD public key and any child private key, the attacker can easily derive the parent HD private key, and with it, all hardened and non-hardened child keys. See BIP32 or crackHdPrivateNodeFromHdPublicNodeAndChildPrivateNode for details.

The HdKey (Hierarchical-Deterministic Key) type automatically manages key generation and mapping in a standard way. For greater control, use Key.