When loading a transaction, every input and change address requires the public key in order to compute the pkScript, which is used in the sighash that is signed.
For single-sig, these public keys are currently always at keypaths:
where coin and account are the same for all inputs/changes in the transaction.
Instead of deriving the xpub at these keypaths repeatedly, we cache the xpubs at the account level and the receive/change level. The xpub then only has to be derived once once for the account level and once for change/receive per script type.
Benefits:
Greatly increased speed. Loading inputs is now about 3x faster for segwit inputs and around 5x faster for Taproot transactions (where no previous transactions need to be streamed).
The seed only has to be used once (to derive the account-level xpub) instead of once per input/change. This increases security assuming the seed receives additional protection (currently it is sitting in RAM unencrypted after unlock, but that will likely change). Fewer seed accesses means it is harder to exploit a potential RAM extraction bug.
When loading a transaction, every input and change address requires the public key in order to compute the pkScript, which is used in the sighash that is signed.
For single-sig, these public keys are currently always at keypaths:
m/(49'|84'|86')/coin'/account'/0/*(receive inputs)m/(49'|84'|86')/coin'/account'/1/*(change inputs)where
coinandaccountare the same for all inputs/changes in the transaction.Instead of deriving the xpub at these keypaths repeatedly, we cache the xpubs at the account level and the receive/change level. The xpub then only has to be derived once once for the account level and once for change/receive per script type.
Benefits: