lukechampine
commented
5 years ago Another option would be to query the set of current addresses and try to regenerate one (using its associated keyIndex). This means you can't detect the wrong seed when you have 0 addresses, but that shouldn't be very common.
Currently there are no safeguards against using multiple seeds with a single walrus server. To catch this, the server could store a hash of the user's seed. Then, the client would include this hash in each query to the server. If the hashes differ, the server can return an error.
The one twist here is with Ledger wallets. We can't hash the Ledger's seed directly, so we need to get a unique identifier some other way. (An obvious choice would be to generate an address with a very high key index.) Unfortunately, this means we need an extra setup step for Ledger users. Not a huge deal, but possibly confusing.