Non extended private key derivation?

[Fonta1n3]

Is it possible to derive a normal private key instead of only extended private keys?

[Sjors]

I have a fork which adds a privKey method (you'll have to make it public though): https://github.com/Sjors/libwally-swift/blob/dev/LibWally/BIP32.swift#L253

Note: that fork is still in flux and not very well tested.

[Fonta1n3]

Thanks a lot, that did the trick :)

[Sjors]

Update: this is in master now. Feel free to open a PR here to make it public. I'm a bit reluctant to expose it though; what are you trying to do with it?

[Fonta1n3]

Thanks for that. I am using it in this project: https://github.com/BlockchainCommons/Bitcoin-Standup/tree/master/iOS/StandUp-Remote

The app basically connects to your node over tor, then creates seeds locally on your device with LibWally-Swift. For the single signature architecture we store the seed locally keeping the node cold. I use BIP32 derivations to see what index private keys I need to sign a transaction with, fetch the WIF locally using LibWally then pass to the node for signing with signrawtransactionwithkey.

[Sjors]

That makes sense, but it's risky to let the key off the device. If you use an xpub without hardened derivation after it, then revealing one private key lets you spend the entire xpub.

A safer approach would be to create a PSBT on the node and sign that on the device.

[Fonta1n3]

Will certainly try and accomplish that.

[Fonta1n3]

This library is fantastic. I got the offline signing working first go, really impressive stuff, thank you!