I’ve been working on switching to multisig and would like my Bitcoin Core wallet to be in the quorum but it’s a little rough.
Since Core uses hardened indexes it appears that any computer that can coordinate the multisig (derive the multisig addresses) MUST have one of the following:
1. The private key for the Core HD wallet
2. A list of every public key from the Core HD wallet that will be needed
Option 1 destroys the isolation between the computers and therefore the protection that multisig was supposed to provide.
Option 2 seems out of step with the push toward descriptor wallets. It is a “bag of keys” model, and the coordinating computer has no way to calculate where in the derivation tree a given public key actually sits.
Am I missing something fundamental here? Or does using a fully hardened HD tree just have these trade-offs? It really doesn’t seem worthwhile to harden like this if you are going to be using the wallet in a multisig.
Looks like Core is moving to BIP44/49/84 default derivation for descriptor wallets:
>BIP 44/49/84 Support
>The change to using descriptors changes the default derivation paths used by Bitcoin Core to adhere to BIP 44/49/84. Descriptors with different derivation paths can be imported without issue.