To scan for cash obtained to Bobs silent fee deal with, he wants to make use of his b_scan personal key because the shared secret is calculated by the sender utilizing a*B_scan.
This query isn’t about whether or not host wallets / companion apps for {hardware} wallets will make the most of scanning servers or another method to implement scanning however quite how they are going to take care of the personal key b_scan being required to be “on-line”.
- {hardware} wallets typically don’t assist exporting personal keys (and mustn’t imo.)
- BIP-352 says that wallets MAY use BIP32 derivation paths however this may not be potential for {hardware} wallets that do not export personal keys.
How might potential implementations appear to be? The host pockets / scanning server might simply compute all A (sender’s public key a1 + a2 + ... + an for n inputs) after which {hardware} wallets might have an API to calculate the shared secret given the A?
Recovering the pockets steadiness from a sure block peak (the block peak that the {hardware} pockets rolled out silent fee obtain for instance) can be loads of work, and for all subsequent receives the {hardware} pockets additionally needs to be linked.
Does anybody have an thought how {hardware} wallets might probably take care of this with out destroying UX / including complexity to the {hardware} pockets firmware?
