LaurentMT
commented
4 years ago In terms of security, it seems likely that if an attacker is able to read these logs, he will also be ale to access the database that is storing the xpubs.
That being said, I see at least one benefit to the obfuscation of xpubs and addresses in the logs. It would allow users to share their logs (for support) without having to worry that these logs leak too much info about their wallet.
Possible solution: Logs only register the first and last characters of xpubs and addresses. It still leaks some info but it limits the leak while providing enough info for troubleshooting issues.
Some people seem to be (genuinely or not) worried about this and from a security standpoint it makes sense to do it. Either put every xpub log behind the debug flag, or mask/remove all instances altogether (maybe make this futureproof by making the project's Logger understand xpubs and always mask them).