Does NBitcoin use hardened private derivation?


When writing the following code:

            ////////////////1st offline SERVER//////////////////
            //Create Master Private Key with a seed
            ExtKey privateKey = new ExtKey("16236c2028fd2018eb7049825e6b4f0191de4dbff003579918de7b7348ff06ac");
            //create master public key from this privateKey
            ExtPubKey pubKey = privateKey.Neuter();

            //save it's wifStr as key to the next server to use and generate all child keys 
            string wifStr = pubKey.ToString(Network.Main);

            ////////////////2nd online SERVER//////////////////
            ExtPubKey key = ExtPubKey.Parse(wifStr);
            //The payment server receive an order, note the server does not need the private key to generate the address
            uint orderID = 1001;
            //address created with only extendet publik key 
            BitcoinAddress address = key.Derive(orderID).PubKey.GetAddress(Network.Main);


Am I using hardened private derivation function ? please explain why . I know that in order to use hardened private derivation function I should derive it from a hardened parent, but how do I know that the parent is hardened parent ?

Haddar Macdasi

Posted 2015-04-22T12:19:06.363

Reputation: 930



Am I using hardened private derivation function?

No. You're using nonhardened derivation. That's the only kind of derivation that you can use when you only have the public key.

Hardened derivation looks like this:

BitcoinAddress address = privateKey.Derive(orderID, true).Key.PubKey.GetAddress(Network.Main);

It requires the private key. It also doesn't matter if the parent is hardened or not.

I would recommend using nonhardened keys for most applications.

Nick ODell

Posted 2015-04-22T12:19:06.363

Reputation: 27 521

Why so ? in the book "Mastering bitcoin" the recommendation to use hardened keys, for using nonhardened keys and leak of a private Key can expose the all brunch from the extended Publik Key. I don't understand the issue in using hardened keys where you have to give the top private key so how can it create a "firewall" ? – Haddar Macdasi – 2015-04-23T18:35:25.507

@HaddarMacdasi If you're using hardened keys, then the private key needs to be present whenever you want to generate addresses. That is, in practice, less secure. – Nick ODell – 2015-04-23T18:36:47.183