Closed Bosch-0 closed 1 week ago
This isn't really a concern any more with descriptors. With descriptors, users can create any type of derivation/path with any set of output scripts. The default for multisig will probably by BIP87 (I'm biased, I wrote it), but advanced users will probably be able to do custom ones under an advanced dialog.
We just abstract details to the internal wallet, so not exactly a consideration at the gui level, but can revisit if a specific use case is needed in the future
Currently Bitcoin Core uses hardened private key generation for security reasons which comes with a major UX tradeoff (not possible to use BIP39 recovery phrases).
However, If we want to turn the Bitcoin Core app into a multisig cold-storage wallet (which should be the primary aim imo) it is likely non-hardened addresses need to be used for the below reason:
More details here.
If we use non-hardened addresses for multi-sig it would make sense to also offer this for single-sig. However, something to consider is still offering hardened derivation wallet creation for those more advanced users who do not want to make the trade-off of using non-hardened key derivation. With good design we can cater to a wide range of user risk tolerances and skill levels. We can also offer some kind of progressive security where we educate and move users towards more advanced practices over time.