Oddbean new post about | logout
 I was thinking in the context of nips 41 and 109, and around how to improve key safety. Imo master key should never touch a mobile device - if you don’t let the master key touch a mobile device or other low trust environment, but you do let a child key, then if you expose your xpub, it undermines the whole security model of having a well protected master key. 
 A more clumsy but functional option is to list child keys signed by the master key 
 yeah no, my suggestion was for regular anonymous posts, not for DMs or identity management. The point was to have a seed that you can expose your xpub to friends and colleagues, but not to the whole web. It can leak, so it is never actually private.  
 I see. It still reduces the key security overall but I understand what you’re going for.