From e21d527523485e94bb8a6d1561b2d8d9fc7d29ce Mon Sep 17 00:00:00 2001 From: "David A. Harding" Date: Sat, 17 May 2014 14:29:03 -0400 Subject: [PATCH] Fix Formula For Normal HD Key Derivation; Mention Ancestor Key Risk _includes/guide_wallets.md: * Fix formula given for normal child key derivation to state that public keys must also be provided to the HMAC hash function. This required updating both text and images. * Add one-paragraph warning about ancestor key compromise when the ancestor extended public key is compromised along with a descended private key. Update img/dev/en-hd-private-parent-to-private-child.* to help illustrate this warning. en/developer-reference.md: * Remove %include% of previously-removed file which caused new versions of Jekyll to die. --- _includes/guide_wallets.md | 19 +- en/developer-reference.md | 1 - ...n-hd-cross-generational-key-compromise.dot | 74 ++++-- ...n-hd-cross-generational-key-compromise.png | Bin 5685 -> 9474 bytes ...n-hd-cross-generational-key-compromise.svg | 228 +++++++++++++----- img/dev/en-hd-overview.dot | 24 +- img/dev/en-hd-overview.png | Bin 6417 -> 6591 bytes img/dev/en-hd-overview.svg | 38 +-- .../en-hd-private-parent-to-private-child.dot | 22 +- .../en-hd-private-parent-to-private-child.png | Bin 10602 -> 10921 bytes .../en-hd-private-parent-to-private-child.svg | 98 ++++---- 11 files changed, 322 insertions(+), 182 deletions(-) diff --git a/_includes/guide_wallets.md b/_includes/guide_wallets.md index b9cf1848..e6eb779f 100644 --- a/_includes/guide_wallets.md +++ b/_includes/guide_wallets.md @@ -158,7 +158,7 @@ As illustrated above, HD key derivation takes four inputs: * The [index][key index]{:#term-key-index}{:.term} number is a 32-bit integer specified by the program. In the normal form shown in the above illustration, the parent chain -code and the index number are fed into a one-way cryptographic hash +code, the parent public key, and the index number are fed into a one-way cryptographic hash ([HMAC-SHA512][]) to produce 512 bits of deterministically-generated-but-seemingly-random data. The seemingly-random 256 bits on the righthand side of the hash output are @@ -218,14 +218,14 @@ which makes them special. Deriving [child extended keys][child extended key]{:#term-child-extended-key}{:.term} from parent extended keys is more nuanced than described earlier due to the presence of two extended private key derivation formulas. The normal formula, described above, combines -together only the index number and the parent chain code to create the +together the index number, the parent chain code, and the parent public key to create the child chain code and the integer value which is combined with the parent private key to create the child private key. ![Creating Child Public Keys From An Extended Private Key](/img/dev/en-hd-private-parent-to-private-child.svg) The hardened formula, illustrated above, combines together the index -number, the parent chain code, and also the parent private key to create +number, the parent chain code, and the parent private key to create the data used to generate the child chain code and child private key. This formula makes it impossible to create child public keys without knowing the parent private key. In other words, parent extended public @@ -235,13 +235,22 @@ Because of that, a [hardened extended private key][]{:#term-hardened-extended-private-key}{:.term} is much less useful than a normal extended private key---however, it's more secure against multi-level key compromise. If an attacker gets a normal parent -chain code, he can brute-force find all 231 normal chain +chain code and parent public key, he can brute-force find all 231 normal chain codes deriving from it. If the attacker also obtains a child, grandchild, or further-descended private key, he can use the chain code to generate all -of the extended private keys descending from that private key. +of the extended private keys descending from that private key, as +shown in the grandchild and great-grandchild generations of the illustration below. ![Cross-Generational Key Compromise](/img/dev/en-hd-cross-generational-key-compromise.svg) +Perhaps worse, the attacker can reverse the normal child private key +derivation formula and subtract a parent chain code from a child private +key to recover the parent private key, as shown in the child and +parent generations of the illustration above. This means an attacker +who acquires an extended public key and any private key descended from +it can recover that public key's private key and all keys descended from +it. + For this reason, the chain code part of an extended public key should be better secured than standard public keys and users should be advised against exporting even non-extended private keys to diff --git a/en/developer-reference.md b/en/developer-reference.md index 83e250fa..c93aa32c 100644 --- a/en/developer-reference.md +++ b/en/developer-reference.md @@ -22,7 +22,6 @@ title: "Developer Reference - Bitcoin" {% include ref_block_chain.md %} {% include ref_transactions.md %} {% include ref_wallets.md %} -{% include ref_payment_processing.md %} ## Bitcoin Core APIs diff --git a/img/dev/en-hd-cross-generational-key-compromise.dot b/img/dev/en-hd-cross-generational-key-compromise.dot index a41b9105..dead1601 100644 --- a/img/dev/en-hd-cross-generational-key-compromise.dot +++ b/img/dev/en-hd-cross-generational-key-compromise.dot @@ -3,47 +3,73 @@ digraph extended { size=6.25; rankdir=LR; penwidth=1.75; -node [ penwidth = 1.75, shape = "box" ]; -edge [ penwidth = 1.75 ]; +node [ fontname="Sans", penwidth = 1.75, shape = "box" ]; +edge [ fontname="Sans", penwidth = 1.75, style = "" ]; +graph [ fontname="Sans" ]; nodesep=0.15; -splines = ortho; +splines = false; ranksep = 0.7; subgraph cluster_parent { - attacker_parent_private_key [ label = "Private", style = "invis" ]; - attacker_parent_chain_code [ label = "Chain", style = "filled" ]; - attacker_parent_public_key [ label = "Public", style = "invis" ]; + parent_private_key [ label = "Private", style = "" ]; + parent_chain_code [ label = "Chain", style = "filled" ]; + parent_public_key [ label = "Public", style = "filled" ]; - label = "Parent" + label = "Parent\n " } subgraph cluster_child { - attacker_child_private_key [ label = "Private", style = "filled" ]; - attacker_child_chain_code [ label = "Chain" ]; - attacker_child_public_key [ label = "Public" ]; + child_private_key [ label = "Private" ]; + child_chain_code [ label = "Chain" ]; + child_public_key [ label = "Public" ]; - label = "Child" + label = "Child\n " } subgraph cluster_grandchild { - attacker_grandchild_private_key [ label = "Private" ]; - attacker_grandchild_chain_code [ label = "Chain" ]; - attacker_grandchild_public_key [ label = "Public" ]; + grandchild_private_key [ label = "Private", style = "filled" ]; + grandchild_chain_code [ label = "Chain" ]; + grandchild_public_key [ label = "Public" ]; - label = "Grandchild" + label = "Grandchild\n " +} + +subgraph cluster_greatgrandchild { + greatgrandchild_private_key [ label = "Private" ]; + greatgrandchild_chain_code [ label = "Chain" ]; + greatgrandchild_public_key [ label = "Public" ]; + + label = "Great-\nGrandchild" } +parent_public_key -> child_public_key; +parent_public_key -> child_chain_code; +parent_chain_code -> child_chain_code [ label = "Normal Child\nKey Derivation", weight = 100 ]; +parent_chain_code -> child_public_key; +parent_chain_code -> child_private_key [ style = "invis" ]; +parent_private_key -> child_private_key [ dir = "back", style = "", label = "Parent Key\nDerivation" ]; -attacker_parent_public_key -> attacker_child_public_key [ style = "invis" ]; -attacker_parent_chain_code -> attacker_child_chain_code; -attacker_parent_chain_code -> attacker_child_public_key [ style = "invis" ]; -attacker_parent_private_key -> attacker_child_private_key [style = "invis" ]; +parent_chain_code -> parent_private_key [ constraint = false ]; + +child_private_key -> grandchild_private_key [ dir = "back", style = "" ]; +child_public_key -> grandchild_chain_code; +child_public_key -> grandchild_public_key; +child_chain_code -> grandchild_private_key [ style = "invis" ]; +child_chain_code -> grandchild_public_key; +child_chain_code -> grandchild_chain_code [ weight = 100 ]; + +child_chain_code -> child_private_key [ constraint = false ] + +grandchild_private_key -> greatgrandchild_private_key; +grandchild_public_key -> greatgrandchild_chain_code; +grandchild_public_key -> greatgrandchild_public_key; +grandchild_chain_code -> greatgrandchild_private_key; +grandchild_chain_code -> greatgrandchild_public_key; +grandchild_chain_code -> greatgrandchild_chain_code [ weight = 100 ]; + +grandchild_chain_code -> grandchild_private_key [ constraint = false, style = "invis" ] +greatgrandchild_chain_code -> greatgrandchild_private_key [ constraint = false, style = "invis" ] -attacker_child_private_key -> attacker_grandchild_private_key; -attacker_child_public_key -> attacker_grandchild_public_key; -attacker_child_chain_code -> attacker_grandchild_private_key; -attacker_child_chain_code -> attacker_grandchild_public_key; -attacker_child_chain_code -> attacker_grandchild_chain_code; label = "Cross-Generational Key Compromise" } diff --git a/img/dev/en-hd-cross-generational-key-compromise.png b/img/dev/en-hd-cross-generational-key-compromise.png index b44c0819fd2140ff2908d42e6519929419f8befe..8869dcf0aeb6df1cb5e580f8fab62239470f9d01 100644 GIT binary patch literal 9474 zcmZvCcOcyF((meJm5{JX^v((qL_`Uqx9F>{E{KGv(R=SDL69gRcCiT2SzYwDI?;RY z{ciF*=e*~>_x|@V1000aOeDnk$z%n=o z-C&w4%fAHNg~jzY0RXIZiZ7+KJ*IXt3B0vs)0=rRk5l^l$YSFG0r(pCq93vwnYZBt zl@E3OR+({nC$MfiF~6&xq~Gp=lyeU$Iru4zHtyjP}+d*j}ja#Jo0)>w2laJA{P2jdQwdU4H&pANuo#>7Cp0D$k^ z0|5W&{~7$#Ke!Lc7TWHb9xFMmR|qX4*^}nTSgp_9~_bv5~-okc52i1rwv#<=1B}Ia(m5}?vh3O5D@f@ zz^&3M4izM#W6iVUIimL#t{3YLeY2lSm;nF-fX$eQ|7l>;Na=F%Je2kN;_uoeRzJFgxgMA}%u?caO|Cl{arN0)AA9K2c&a%DTZ z4Jrmz_35J8JP=c>a~dP>P9{P(44PYfF?xV0*8s|nlin2(Z$0VWrYtixusWfInh$@! z==G%V>i*6F>b6NFN`Ks*Kd91yzF5GN?cfyQSnb(n*V=55!1LOqN+_f%<$-F{HDhaf zz3z43T-mbd2DWkzxt~u6P=&89V+(d4eoGa1Q+=`6O3KgSc$@X?Xk$V>qcN>A`I$eM%R_u+yvgGsPTX=*0zB+F5*%-$;vOKduhq8#(sQq^kmq{j|952)_Ybtbv{A?LdDMZ?({n-CK2AsBm`B(N$ z^m}bZKYPwsnK{Lo$oiugBFO8!_M3FFzm6RKCe&???Jtl|MXRfqn|Su~#Hq_4+XG>5 z-6r17F};pdZEXpfn)T1frm>1>bcGQ@Ja%5O%o3k(9!4v?Kjdr5>*M)RoM&sW{LLx# z>)YzU{6WRiAZ=~MuEZv^f}f7-J%N0{nWLx;T)_))4*^j6<3KSW|Eo!5Xg-u+B|_T* z;tUyzUR(h}Oz>zwFxcaxH`^un2zPm+4f@lRYG9cy7Oy4q@8kbjpwx}nPQr7x3m3vhn_v_Ee*+7^NllGNoS2=G z;=up|U_2(?S)38uzJhH8?qEO<79aP0HiG*bg{sMI4)Zmq{Hoed*9j}82lpPLiEuSL zr*TH8<>d-%khfS(uCYZpqXe$DC|l@&&57T?pl34`V?W zdq_ufSj(zm_^SjijQ+A{YDwMtX8r@@nY$$<%~CXf<@u7~P6^;^MBkUDX^>O43LDDD z{$u9hglW8u{wFm|Ky1<-6RmI`tSt$d&GSGxgvsN)V=-~45KRSLjmLJ++BlJC&c6v;j4hl52Azo|W%`ho>7*gXEF+W@uNeB0Oi1qb;0 zk`OJa2;05#f|(1)f{(|HXz30~z|n?&g`d2qDQ15@Mo&0vW7sbr;X`XIIiABP_dM}0<%;3)9^ij0pO!&jtUt_#`$tJQa0M{Ip8ZNw z&G4B>$)0koEhFQNh8Tgm1OuP3`MrNw)zZU)&lY5R_J{Gh1A1OQCr9w3sn=k@ZmKll zxgdw8>0EglMFNoo=&ZpL8ySN|sC89@C3(D}M85u$Q zoo;hU?!wzDC4vvYqq)$p007Vx3lgdEtIJE=+a-P~anB>{eLQ#T6~Ax)^+PX4Y)oei zzimC3CX0xB5D7wXeCQsc>s4ZM;M60e^ev9^vj?+Rl!F+lpxk8ffD@e+jfea>xTz@7 zNNC@+Wt=r)bF&ftX}{vpTeXgWla^Cq3Pe41q@x&QhSMtUR%vrGIcV%L-J~i5o+xB@ zQ=!xP$Te9{0{|mTQ{~$Nz)BqD8LZca+W4K%$3>j4rfARfLNg65avd-1=?q2R@2+U1 z=7pVYVcI)+9GBXQ8Y2^h{YiPhfZ(?i6-|jBgxR2#daJVOWRb+U2<h*{gbD97b>tfx7^jsvsS@ct3uPhVFn3}s~sn4Wut1%rtuav!>CYdc|mIF4Y_ zAj^w9?G#HD153~Nso?B!4Ia`goEW?Kq zZzh9#GCyL%l{^q~xT!xdylpXzGu<7N%jNypP8^(v9iN2hpL4cC9)y?AM~M>ZEN^j^ zGW!N^93Q4l@=ByW+NsY71JCqqZ{M#qI?!=_zSuovTE0XkKmcveP|0&41M`x%zol;1 zdOk|q97Z|#ny}&Uk2rioH|1}9JP^)=m~z{0jv3$hLpEI>6m|LK7n(n-otqnP3lQqF z=yqavl2kS$Y^OW)99XPvxmbp_v=rS`DxCkiEXz5PFiP|is2zX5!twR-5WLomplW*1 z@+t9e86Xv5D(xTqkv{O%NNUPM267@F@X25Jg@w!`op$bXR#5~avz>`SC#Qq8$v?XT zZlY>ypQb%o!0Q@1XS>WM1l`{vqfIlM%-Oc!YCbH%A;Rg2Y0`X{1oq(;D-)xXoeUxY ze~p!Jq0gfjp&_{S<=@d$cn2;1qhC>orf?|5?#Mwab9^%BU}^QtKqZDy}Tf z)Kh8Y`zwr8cU~wMvU#iIq*6W{ccNgoAJ9IoQJC{e-jhOBQg>=XFB*F*AzXeUC~{~u zpvj^iPUXP7Hm?4|kfUS_4<&TxqtX|*LYS(@J2ucvjoN+ZxLvTluQK8G)`y{+J6Z;;ZYZ=Zr2K|5p7N{e^t8t8pFOu72orQg~kYO zh*T3iQ)6k=X1t{fIW6AjI#i@NQsmiGJka7(VK3Iy%1T zf<)I5lQw_v9Q!A2PD_=WY4f49Oh*1(Pad*%!eb4Pykj*C)qnB3AT63eMVb?A7bmIB zj|msF^pj{qUW$?H_lJ-}Oqcm}`R|5T3lZylPX2+e;WgQ@L{11wS;o#i8C-b(FK}>4 zW}NWv(*TW1kypqMErIbnP=%l|wa^L`d@@8yYMd-*=VZ62!u-v15(om9T(avv6LD%% zv|+_VQXIsiWTF>j7gz6om)=&6t7U<4T|xyQz%GlL8^0h1_+^XjGN%}KH7zC$Jgg7S zW2ufGG}e2&_eBFqqHElUL(DDCa#@B+4L=pB8e*Z}bVR%Y6~u3Q<$>U;Gp}5x7rx*| z9Z$%AjOr1<7J-bJ5xmT~bYI5-s_wg$Thx^B4&)hHl>a;@gB#Hr%J)-lrr>D)Rm8}}Pbdzo%z=|| zKu?4c({E$$iHTQ!9qv|vnT-eC`V`v?{6i^mMfBtiO5tiW*JbsE#<^|bW3|Y`G9gT2`2CQwE|c?O0gXKjVAGHI5hWB+?nT|VIu8>LGo!v)DYg;7{@3v5?r)BYnqgNx=fsqs`rAgM_M z!l#M`GX3Grn)rC+qOzJ>TA_Qu*y8{PZPX(&iS;~Z?eWzDIsKfsvqiX+CeMF7t)+G2 zU`{r2o0KUs!O|sF;0$cXHTOR6b{@dv$+(7R(3Yqb#F_vf0-z0^aU$4 zf2e~g5lM}^oSfLyBBwrnH%0-|KJzHPT)n<&j0;{}cHH5fDJBDpw+1-}V#7f$qfQx) z2)9kn%%J>al6frZt(D8GQk?&~F2x7#IS}L#Ij#sKJJ9RhvNBabtV6z^9(}OyqTYQCL^Q3VF)3p z;(x2)* zBi`a)*`SvHwS8#JdYBm8pxM_=vlw&SR|3I81i!7hh_SGj$jU?2@qo5$d=&6kg z)IoZClXo)sq;>_dJ@4@sYS2w~I4+n1BnAghJ#-9Zo)+Rs4TnYqL9P0AHUo63jiQEn z%(I>kzT{J)r$jntMVYPnJ0JV3yON=?&j9j;!V_4$t(!d zGTg{;sq#;oPiIz1)!NnhB3f7o{lS%&eVT?JvsPwe2_zd)&m z54`kyRfgSCfYyRXKUl7!U2IP#sDblYf19JVGc=@q`rDTe(&*5Jg+| zx=Lr>d(>%^3}Yex(hcn0Hy+3--{$6=3!W}iKE9vh4mMO4WtZ;*c5)GVBZa;>5W?lS z>|SKWif)y{B}5|C@dX2LlFmZ+nsLM8d*KV$eGsJ5;{E(xM%(NQ33F+~ zxmBLS0_lHKS!ynCpKvsCmAlnmx7esf3Ur?6*X!MC7v^A&Ax)uUV-kYB+tnL7T+$S| zeOP{=&(IsYONK{vqC^|(c2j}nWD^|$LYIEN?_A?Ab!$x!n!ft83yX}dIsu!%pCY8~ z_}lXflc`BdJpAtRvpn@C=mBUqC+LLj_)B)v@kNS%g9Td>UdwtHe`lBAG2~}Z2o?bR z5DrZc663wkaM8NZ{{q`SV1Ja3J{E-qL1LqJOjAI4N%?dS^+WDs5y2%&)uR?c)D2ez z_!$H(9`GI^E6<2!%+nsO?_wZ;imP`eyJY6cJi=azT~A6(cOUmMvruL2dcXCk$Iifu zq)1sud5=|DIYf5C^rqz(mEBe1DwO2daAq3G>;w1n)-m}cMU?w27jX@9v?=P=Piz%P z$uiaTN@=r*kuAHwHA*|>g>Wp{9L3Zv7^x{Uze)e7lzlT`B$%tk1L15q<|u|%4rGZq znO}A#uxOFrXK|1sLYd9+uU7DF;PQtaIJnbD9f3%ua3f$S6*(R($M-B2@_Dv6e+lft~m18iy43_J?iujedt$^e=IpEWl)Olc? zkdg}5524_&R1Z04Ser@5-9s9r+sJVSWvb6|Am*YeO#<$W)ETxq%Mb9|S4Jjjy)o?Z z?vBl4=jo(_xTYe^h(JUZ1(KfU%hoUTlt#M7K^2v>DXyejL668C&+pliuuIpCi7 zB~Wu@o4r5IHMe8Jkmwo;?lq>{wreTMR%0SI_A3{a}lprF?YV542ywoPQF@ zlRcy0<^I-WP)9gMgA`Emj&=MJ`Z%yJz zv6@X*%*HrBsM0Vs1;)D#bNMwMU$=5%)p>Hl<+FEzLl5~}^CdK4Xyv+1vdqT9Hc0Hs{>^j_n$8AyR+q{_1l;g?}nws zV??E}5XtJI_yq<&(AiL?Vm--1+7` zJylZ)^bffWi9HBOcoE@7Z1n1fjy-LSwwBTJR>qs>4B*ADJakefI5}nZ{dFF5H>9b* zlWh#Z%0&QwwiLBP+;AcUk=Enr076}?jnc4$x&E{)jIE3urk5D~T%^z%BLv!9Ate16_+;9voF0xP*(J<85?vP|)qjA*Q&U9qPR@6J*-BB&+uU{_WIF zfiC9Pi_W9j*N;S%oiCk3%i1O%C_o?UjY(f_E$$bgl!lXR7=~-H;65R}eoNt+5jxw2 zOmmgdO|> zA{MgOW*T_-TV`ARaR*-q&(e6lnWZyRP(VwBnZp?dn5D&9jn7PJ*YvnDESu=*<7-l` zOULiTlk{uN0_+Z}w%tOORmF5!zOEs`ef&2Kax?UAH+zb)$P*7BeT}qDC3!Jaa`)d- z#kqkXJ1L&JxG<#wnQ6HU+HrLP8EfYy#NA?%6jbQlu4}=^0AJ5&#qFkZif@u{O+k@R z#jpYGTg%@`1dpR{JX;~2b9+!aE}H09MWkQ5JC)@{Cp?Za9#N5{8>QK-&2E{5vHR%= z0!~=yw61bu2QjzuM7+OUhnr@3<%eoKQ$oE!q<8hTXuKNP7=cD!ush~-A@4?ksD&KX zZ$RV2%E+|_Ac88XIxB-)zedO zmewUwn)5PXwy4yl7Tey(!&_Qf+S^FQrCJ{kvh>MhxGlv-$8^I3+x}tBJ5qc*L?h2y zwCTrIn``!Rjq+k5$a6Zf(~napfv(fFxRrXMSkC?JGtoWs1EkjVA~|7iat@ot<{0N!nnz5&r0$E@pBHV|Sa zMQslW`Chc-;TT>&xl6O$m!&nqv} zjhZ+4>V9yI5kF75lg@D6YUU-LU*5uv5)&0+?&3~XLTD?4niEq>KwxrDd)mV`Gd;v* zod!||FQ|Fyr_->wCc?z5if@)P(Df!tQ|prs>o3mZtsDS(*ph^AiJal+4XGm1ZdUSr z!uGJPz;xfp>xwyac%7?WzPI9DzK4c0!~F|y)A8HI51e(c>i1ToR z>Pr6P`zG_*l3G8jf9bQ6QTv1=zFgyi0oLEhShq`0x8(QH3x|`yN2PRd z^yrA5gt)Bv(?H4u5apRUDl%J{7_0{eJT+0|7I(6$-)9~~deL!1*}9Mh+^aQYF=si; z%lN{)4CUs1#n%dsgkxwuDaE5Bdse$iL(j8x&V{(yGYDpgdxWiJ8(JRJ>Y#NdgN(ci z26M`*nuX${f>)%Dw9)T~1k`ix(rTAE{S6srhQ_>9D9sxbHEoOsH>(dAX7xcfNqNn< z;VHS{8C!snvWxuqTc!0a& zL+4JSJ9Ul)eYNlR!{l7%R8Q@1f6~LmD2hJ*QMEB21hpO_lxe3P;`m3iuMl>t9U1cC z>dgiMtls-iG~HVxHCCktuyG*shvQ?!5Sybb{f-9JDOVl4HpEj_(&>y2{m{m*Ah@zR zU5A}7*gap%J?Mu^CbW2N?%QVPrZgHRlu3mRV*DXz!Psn|k>^h$?ti7k|G(kYe@9t^ zk&)}Us*6GR@QIgi7SYdig_!(KYCPRfaunpPKLW=-7aAW1VZ-%YN6VC+Lh4+SZ*!!e zs)Hph*fCIQwg943sT?w}j4TU8j_|*;f9TxepCly{02O^j^f4KL)nn~VvF3%Bx*;K{ zl;{psJ;^0}QVZzeBZojQ@*_M?to7D?bqS2xVX0oW+1ChegN3Sp9+vr>=8 z94D_OVef{CA&iWn1pYXf&;S605kQHL&N=?m|1B z!-Tb!%cRDVjH5M?Tkb%w^TAV-szN{0PL0ie&-Y1b_Dbm8ec{jWu9WM;AScwqK$Y3? zsfYcY>F1OzvnQheDi9dwl5X+7k)At#DwvSBGKWrf_HAuR>3zBh^<7K;6{+7K+$&&x zX2`Om6{n;tvs}c?npi-##m-3ty^!kI{-!j4Eq-)SkXO{BqnJW9zrT2a;&Tom=2$un zm%Mh_E>NBCHHg&spwk-R1yUG5P{;gJH_)ZR)R%E9r@)E<17Fp%mOdtKsS5e$?F9uUzJ}Wgu@a@4AV10}ZoV|%(4w?Ux`W?{G z_tb3(a}j#U1t}N&go>fWgi`Y*P*2S8EY?4d1&FA;a zX@}HQzs5hkiHTR3@{|-@c74n@lUmLL>-$6Q0Zq4Ec;ZX+e?v-62ms>y&O+6|V}CPb zrvfMcF1bEw<4ypyZYp8t;ISiT)~fjLngWHyT?LOLho#tOZ0f6c`mcI~6Te^m+jYpqYk|pGL9o#a`L4e|6Zd#j0WZa2%enKYB8An8 zzJ@I;j7jO&dkp2m2fWzLn?B`i3{!N?0w!ukdZarfQ0n=_*y6$6|HtYu|JyVd87};& YiK^f7J?1$6Q{1E|tM;-)8XEY201EC44FCWD literal 5685 zcma)A2{=@3`#(dLUZTmKtt?TAY9ca2F<}yuEs>>^#+FHlF=3)KvcxDNj-nb=*2vg~ zkR=+jj_gZgGS;y#_M3zEdc;R+qsnacN74*MN4Go#^qvaj0CnHKW(7`fY=NQdCoepZ+ZY9D7r-9o0}ah zls4dxljK4XjV^IP^B;t{QB+6Y?rWEP+r4l_yOo>2)6^Be$P__b*<+h2T)ap1c@V2T zOVvX9#A@J(34Gt)DR z*n}bBI;a^$9fH4`ufq2y`&;0{7yd)@m=1y-zM1Na7pE?ow~7RLY`iZ&w)}b4ZjW!~ z@x=_WlvI2F$!yoxKNX@7_+-W{_Wr1rIXJBKo0snkP@tS#>?j$ADaJ|6ewc$7wS4<< z<|6IO3}xf+P4x1=iS`}OMYugDYXfD`*Mq#DD5~Q_l%Wup-_2r#c(7IDBD!!zx_q+e zcp0;;d%Mr9@*4=q$Up8%=NCcH`X@tMX3S|fL>{Rr^d&SFc^)}r`~joR`=PHVkn`R@ z;Zv*^iSfu?av{mkjFFT6GV3v>JUf7%Fv-7;%)#jF^EhK6nua)iy{$bz4?e)6OoP@N z)l;7Xd%86)lt9}}t@gR72d|1kA;-R*bTRUZ`|0Kj$Bd!QmpxE>Xf##*(I=8klV&DA z##p)2CfndEwL0IL|T9H%o4ASB& zlP$DhR9&U&GqcQFIS*5EJ=tNdZR{tZ*{&0JFu%rHn+3+ZbuDEJGUfU|USxEJ2|jiQ zJJY>!rCHi3V!jIH>TfOzlD_Sur*&-hHI(=fNi`Ak#*Vu)7 z!}YiSZ4v)z9sj2sZB5&Xc&gH?N!z*=6CkM!+C@Co@6n{G6@6{EfnJU_q0zDXq3&fk z^;4LN+N^np15(iBGMspdmBxP<;D4W@0}iPUYLB*6t}knx@7zz8y+&JxLwcPBTZ__? zqS@9@I|gGhx*AL3XjGrw89ANTTYK+?W3G&SDpFBGkxIUFrGa_YB~wygwWnE!1G#Ld zl5R`6R{GdN&nkU^PR+T9qhw7XP}5HL{t;s}a#ipO;8Ng~FThB%Fvh_LxRzFXSp zOVV-E5x-){scC>@$g^VQBV%=B{Bvp=BTaM&c#Zo` zs4|Y&?A?NXUUYpXX_5aOinO@dsU!`MSvvcrl~JVT_=7>>*0@Yj)sKJZsGoZfdJ`Sh zdZu7}VVEH{t3CZ-2Uj5_QXl&9ym~gTqKd)w-R`6QiLYU1?C{==$G)bgHK?3~YR+37oC?MN?6VIy;7Go&A1M4t1v4SlxF zy%m7^@wSwmc7*BM-XWDm<$&VjJ)b8I-@knkIUS;;bx)h1iw~l5xK@tU4Um-TUs;mg zU?3=xTJN!)h5chYbH1YRO}F$cWVS0prZ#_E+_Xd;&kGFK%{7&sp!eU&D4vl#R;+0wZ(FgvaIL?u z8AQ;1`-iJej5hqFPNdW1rg2F`_o>?H+rlfGhJ`Kel&5*=2+sOiR&Ad9v0odnJgzf!v$sQ% z7CvJQTo%1F22^W}sTE*WLFmcBKr5!-QG(3u(CL0`(O`$$<&gFX_xleoJr14`1tMoW zhH%zb2hAKY0peJLo_Dr&@hQW&3~fFFf|~Kx zmr(;k$LaR*vs`yj?d|62e0Za1jAJ`L5WD$Az)@RxIa-jGSa@HBaP)$?-!!}zwht~$ z=>Y1)to_&Ey+uC}!Loe%hjrf8;_@-4@iPI!yvN%dKhk!d0)md{3T0IL-hLfxK_+9; zz~qlzA8I9dwjfI7)R~r*xAANKgH}DXKXR59KXk*2hJ$U>4>v)sebew{Iq2TF8R9rE z6PJyC!<l2*n!q)qpcVk`ViK5#}>q3$H7btF{)6z*mv;#;&1kY`5hi z5#>WgRpTD-`+cfGL_f@(pAfBJvj&1YUB6u-ktCQTSCtsrzTy&7aS z{fp=&3{bO!#44zrxlfr+uI@`Y(Bekx?(wyf@u9PiX1AhtRMIV?Xau|C8@tGJ@2LdT z!$6P%J(utTNh0U2F(-8PY=x}MaqrjZFd z`G|2FAas$m4`vQog_zl*wV~VZp9q|z++4+LgTFMoJIw1>n{ zBp>yRmraT!={{czeseX%Xh3*Ce)H9Cw~LLc6^8<2TPz+5g!>xA*4&v844>l;%KjZP zmOad;bM}V%4j4sUeWJ#QccRZ}*Y~j;0=dh(sU4=D3EGYhwJ(aQ-1KU&B2THf#5vwK z*@Cx)=H05SqevR&+V*-ZFv$%hwq2=$yL6#o-9bct_evE4bd(u%*nW8A?@;J$Y1lar9Te#^cuVEZu2@3n$H@7bJ<1Al%9O;eTn$hviH zCjy|5HatE6?=gBUXfcBFD^qIt*?K1yky(>K%o&IT*2Sy~$a3JAIJq1NNlFj{h)^RuA+Yq)!j{%&ehd_a;|FxsylvLUvu zrAJj=iheEA=e}~aIfboi(ZR}oZJ}o+P;MC zR#;}ugGh;6+M5~M?JXc;kp1cC9et1TnN#>>KbpVR8l+Y)BMgBrW$cRTkQ$qN8hVC^ zz?YE8le<^Ad3+bJASod&e!qMJh}dLwRBZMpAn1P+tPcUH)>@4{vh?%eb?_%hr|m)q zv!`VLtkI0~$sub?yl4elZuX1*bCrU(vBJeE&zxuHl+J|d4KQ&Vac`Ypkep{1L@_47 zcL}BCH2+KOpr!<)uHO7`#{gTa*M}K84b!6zj?hat>@N!C^h^VB_Z+fpJEE(RszG?J z{IS9>!Mu!~@|nlamYV;neG06zdj47OsNH}=qPTB7p~6m5ofaxcq|f1Dzio_=SOwFp z9?1_@v$_Z?sQX#_Ta6>t!0Z?01y-2&#!Uo!>TM6YzA#TuC313?gF&T>1$i(aN1dvy zi_}b?5E@vR>H@_-?Xw8hUTRjetmCfcK7Y{o8Qc@3Bq)8J5nM3!A~Yt`^#hEKE6qpRPYt+?p464*uRMy*FSAQqK#UupVv@r2HFmQ9|93rsK*0R>J8Cr@K-VrrSJ}a_gA?jA;~D&_#^rX+b|4doT;ur^iMPas3$53)YtC$+9KybR~%1NA$b=7Tu$5 z2ZVPUi>laX%uDj zg0a(xXkR@FZD&iGDjpx>Fjk;V0yzQe2$f+Gg$#Q^6|O;*3~r)r-f|*tszp>6NNTpy z&MD>l*c!=iQoAH)DT|YNLIlrWe&5YJEPM&Ih#jIfy-6wcu;PCypbUi(^Ou(&e*U9@ zNc_FmG~G!MIL$eru?m6B6$d8$;M029o_cc~DGP6dr-pC|uX#_nIp zT`aSjmP1|fLk6Sth=YL^?8Rq%b9;-|ImK}vE)GUHlbhye#B0{7->_yoN7N zp*2>4FVx?WT)O?K<0PV#-v;}_cI7!Rvml=6#{D(Ow#Vg_#{*(>{FS2>o-%s2v%GB% z({+ax`ULmJ^Ryb^kILKhhL=))ulZuQetkM3bndO>aY>p-y3-s)^lbA#VO38~E^{6} z@bq~3+q2t@RHXKW5YrI5RjhxxjplUbhr?%?;BlUjG?Zu6d}_9x(B5|5Hy`w`%+kwe zjy#I^`ulp|_-fOSa{yF%Yoq6XzYU?>-NHGUd{u676@_DX{Y_7 zx3jT6>{pzhPhI8-f&3Xs1eHGR%3*F*!ZQ(`d!;(NmF;9sOdqqD@`PEjeCPs49tGi^ z7?ryiYhaafQUf9t-7Qg36$g-ZPAM=>voUprgPoGij_tJ&p1B;vo9At()1SN+2s?`; zi{I4d>Rhm>M-X4~tu$bLMxi5nk?99HH?NW<`~aS~yBXC&r&S7+TzEHe$>6*vTofhC zV$qAWUqpu%VmfybUPdA^8#?^QsJ#h_E>-fBU4Of;zlFctn}x`>u=E}!X$o0f^3Q%S N>byBJ*Wg;%{{RclX%qke diff --git a/img/dev/en-hd-cross-generational-key-compromise.svg b/img/dev/en-hd-cross-generational-key-compromise.svg index bd0c21ca..c0bb8e18 100644 --- a/img/dev/en-hd-cross-generational-key-compromise.svg +++ b/img/dev/en-hd-cross-generational-key-compromise.svg @@ -4,93 +4,189 @@ - - + + extended - -Cross-Generational Key Compromise + +Cross-Generational Key Compromise cluster_parent - -Parent + +Parent + cluster_child - -Child + +Child + cluster_grandchild - -Grandchild + +Grandchild + - - -attacker_child_private_key - -Private +cluster_greatgrandchild + +Great- +Grandchild - - -attacker_parent_chain_code + +parent_private_key + +Private + + +child_private_key + +Private + + +parent_private_key->child_private_key + + +Parent Key +Derivation + + +parent_chain_code Chain - -attacker_child_chain_code - -Chain + +parent_chain_code->parent_private_key + + - -attacker_parent_chain_code->attacker_child_chain_code - - + + +child_chain_code + +Chain - -attacker_child_public_key - -Public + +parent_chain_code->child_chain_code + + +Normal Child +Key Derivation - - - - -attacker_grandchild_private_key - -Private + +child_public_key + +Public - -attacker_child_private_key->attacker_grandchild_private_key - - + +parent_chain_code->child_public_key + + - -attacker_child_chain_code->attacker_grandchild_private_key - - + +parent_public_key + +Public - -attacker_grandchild_chain_code - -Chain + +parent_public_key->child_chain_code + + - -attacker_child_chain_code->attacker_grandchild_chain_code - - + +parent_public_key->child_public_key + + - -attacker_grandchild_public_key - -Public + +grandchild_private_key + +Private - -attacker_child_chain_code->attacker_grandchild_public_key - - + +child_private_key->grandchild_private_key + + - -attacker_child_public_key->attacker_grandchild_public_key - - + +child_chain_code->child_private_key + + + + +grandchild_chain_code + +Chain + + +child_chain_code->grandchild_chain_code + + + + +grandchild_public_key + +Public + + +child_chain_code->grandchild_public_key + + + + +child_public_key->grandchild_chain_code + + + + +child_public_key->grandchild_public_key + + + + +greatgrandchild_private_key + +Private + + +grandchild_private_key->greatgrandchild_private_key + + + + + +grandchild_chain_code->greatgrandchild_private_key + + + + +greatgrandchild_chain_code + +Chain + + +grandchild_chain_code->greatgrandchild_chain_code + + + + +greatgrandchild_public_key + +Public + + +grandchild_chain_code->greatgrandchild_public_key + + + + +grandchild_public_key->greatgrandchild_chain_code + + + + +grandchild_public_key->greatgrandchild_public_key + + + + diff --git a/img/dev/en-hd-overview.dot b/img/dev/en-hd-overview.dot index 6cfcfb32..50d053e6 100644 --- a/img/dev/en-hd-overview.dot +++ b/img/dev/en-hd-overview.dot @@ -3,10 +3,11 @@ digraph extended { size=6.25; rankdir=LR; penwidth=1.75; -node [ penwidth = 1.75, shape = "box" ]; -edge [ penwidth = 1.75 ]; +node [ fontname="Sans", penwidth = 1.75, shape = "box" ]; +edge [ fontname="Sans", penwidth = 1.75 ]; +graph [ fontname="Sans" ] nodesep=0.15; -splines = ortho; +//splines = ortho; ranksep = 0.3; subgraph cluster_parent { @@ -15,24 +16,25 @@ parent_private_key [ label = "Parent Private Key" ]; parent_chain_code [ label = "Parent Chain Code" ]; parent_public_key [ label = "Parent Public Key" ]; } + child_private_key [ label = "Child Private Key" ]; child_chain_code [ label = "Child Chain Code" ]; child_public_key [ label = "Child Public Key" ]; + i_norm [ label = "Index Number" ]; hmac [ label = "One-Way Hash", style = "diagonals" ]; rel1 [ label = "Mathematical\nRelationship", shape = "none" ] rel2 [ label = "Derived\nMathematical\nRelationship", shape = "none" ] -rel1 -> parent_private_key [ weight = 0, dir = "back" ]; -rel1 -> parent_chain_code [ style = "invis" ]; -rel1 -> parent_public_key [ weight = 0 ]; +rel1 -> parent_private_key [ weight = "", dir = "back" ]; +rel1 -> parent_chain_code [ weight = "", style = "invis" ]; +rel1 -> parent_public_key [ weight = "" ]; -child_private_key -> rel2 [ weight = 0 ]; -child_chain_code -> rel2 [ weight = 1, style = "invis" ]; -child_public_key -> rel2 [ weight = 0, dir = "back" ]; +child_private_key -> rel2 [ ]; +child_chain_code -> rel2 [ style = "invis" ]; +child_public_key -> rel2 [ dir = "back" ]; -//rel1 -> rel2 [ weight = 0 ]; //parent_private_key -> parent_public_key [constraint = false, label = "Math Rel" ]; //child_private_key -> child_public_key [constraint = false, minlen = 2]; @@ -40,7 +42,9 @@ child_public_key -> rel2 [ weight = 0, dir = "back" ]; parent_private_key -> child_private_key; parent_public_key -> child_public_key; +parent_public_key -> hmac; parent_chain_code -> hmac; +parent_private_key -> hmac [ style = "invis" ]; i_norm -> hmac; hmac -> child_public_key; diff --git a/img/dev/en-hd-overview.png b/img/dev/en-hd-overview.png index edfdf9d5fa5edc0a2b852d415618fdaaacdfa0d2..48e637bce3a30d91962bd0eb38459d58a089ef9f 100644 GIT binary patch literal 6591 zcma)BXE
rXWD1$_aPK-`;qGv+%Vf4{kB08f-wCF?hcJwx6h~7IP2x0_7qPHM~ z2qNwzIp^H+-1|KD&;Hild+oK}_3rQa_FnJzLRVXZoa7b>001BdKTy>N0C1sL``r!f z0r1n~elB*vwb9g21zblbz3m1782!PjN{0Rm`+3Acw1fG>t|`e{4<3kSai+#`=Hjfs z*)Whc6om8YDcz~yzw3XL+<)4a#DFOOi^=+?hr~#g$yJPcvI@og7k86&d3bED5+Z{C z4(tXS@j9o0?2^T-#gbPEOERJ99I}XO4fsm zhwAA8fd00zCx7feH?a0UP7Teyg`qTTI$>)d|XGk zdb@efJo_7d+hP2g?g7e{o;8FbK_LWwaNj;og6gX?)xnV6hKi13Vt_;w3F)dSGEE9IKechFuwwe4pZ_h94)q)o_cQM#j# z8*be;L4wSAgWn&vbR-RyuFu@*kXt;0gi@x`L>l(JP_~)T-gy8v#mlcBecJQze#N85 z&6uyWNR-U)z((cl@s#ZI68al$fs+Ymyxt#@R0M7iaL6_@voJA5geMoV^7}s7|KY1< zIM1p_ccQwYvZBg18~c)dXQX9vKTCogDgrDpeVG;*P#EJbp49*?MMlR+J*gdR0lo<| zcQN-nY-Q`+eQ6can0rztnj~h-nDY{bV5Jl^{hsXqt9C@m#XysW+;P7^J4>p};kCk8 z`8PYJVTjfb;TiMk;ZZLF;G7M!@`T0t=AU2>&CQHO)599Qzpq^2(QHHF6+hoX_SIT6 zzu+OMjG%F@f}kx{5lVhPm@lV_QBU3`pEgccylbj$^G~5h=H4vVq4Xn9*O*%hbbElh zXWs-iQ}1yxMGJh^+1rM^O;8f-t#`EhF!-B1n<|NPs*P~KKTRJac zvybXHLEe9&P$2vc7cYg*b(pHFpp18B-*^GW_IxY%oE0gOcQ>TNHhj*)m-~nCH8-Wh zN-KL8$^Wm3{(JTtk@m#yF17n5y`<>$X*LYSapfRMNUR&0r#283_mSc|CA8)ky#d>> zOKRy2*9~Z*L{2F7$WV=TXGCi4t2^(y$%zi0wMH+Fwp#X9bw0c&NUs&IQfLAnu0sf9 zZQb1*R8JT?=TPLwKh5;|KqR<}X9T7X(VuSZKsNC@*z~G#sLVp8IQkuwc{!bPSOzUd zCSBHGd*yr7NFked_(5)iOAar;uSebDF!1pie$B}H`C#6N7XB69Ng^;gNutK=_<8-~ z&*h^&h{dNV9Aq1j4OJ{NRYXA7u}UhUvg++*?ER+ld+%4v@b})T%g1$P7SKhBN;R>N z?5|}xX_#f_b{f-hcM(*VRA=S5ih54zsrXe-2r|2=SBm+P><^CR_`K?2>0c)LP3F}xKX)*(6Pl+*{!UYRVfc{ zq)jbIdQ_|Glo+~2N=j->PaBk;kzov`5XfGY^@_F4%TNe>->xSAt>Me%iWKep&}T)r zg&|Le=@H@kK(=ro?PakByNmLFNnP#%8X}A+KOX^2AkH{=^Me=|cbEG5*tZE6R=vr! zL@okYv^fq-Io!JC_kLco23_pr#<7?o{XJHz|G{z_^<(F0q{h2jD+qZ$w{AaD*%Uc# zhBG?$t)bq6Yoiewk35*##EbYAvv^c?hSNKkI8 z;h^Vcct-b|p$qP6Z%D*Z9d@Fq{A=2^1OujMsI^cLF?W>2atzp9QL*WY0?rg!WY1CR@Aa`@ZCuWbj4E z7_&`e=Qian^quHr(VO)1$pws5F!I?H{zT*=4rti-?7-LZBJSq5qEEus_m+?q!x?Bg1xaHYW5*ZtTlwlP4DGbQ(uA4efCAT*EgOS@>DXR({Vk?+`7O%%LGgUQkbjxDzM> zY$!S7kYl3paSw+7$pm#VpRWkQmLkX*Jrx zxc>T*X~_zyoP!(tPqZwvPs%?l)r;r5B+FE|Nhs9U>zuDtp&WmokE^)Avq7yJUJe3pr_?3->g zw>^h3yB+Oca{p(V^Dts(VP@Ryn9#z0tv@v7ovB(|T9wcR*FLVJouVTWv)5Dn7=PU% z*=8PJCVXqxCQeOZL2O~cUTjf^Pj#o^z0=B*3Y6|i3`V3`=8$BPan5YLRRh)VLWJ#U zyv$T%SgG=_`H@PQnM~*fcV^!V47^c?`{h`JO>~f3!S6v3?eU(xyU=UCBL0pgi4(3L ztM39!oJfj)v8B-Wp-V)M0(i-*T9|I8SW9&Y9pCBTmvc0Kir8Z5o#q}|7q?R#k=d1$ zT%lWM1iinDGTiPkkoG>tp_ztNsnLx4o`^?vJ^WpnJxpylVJRSOr{gf;y3Et|hh_OT z$X_^ot+UsK4lZQDur*n@_B}JMii2p zB+P@m2?y**1Z=b{f2JnJe*WQpk#WzC*qq=7^q3))%1(bM(+LWO#1r@Q-9o6fkWiu4 zMYu0UU&sxq_CKt$(EBfco+bj^T{>4TYbY`NvBL8YSryZCL4tmo~47qCU$ymJ}b#4`x0{epB+eZo4a% zAr%eVcgaZ;3I)s>UQXE2f!BoK?tSSF+A{AX<(jHy)zV+(<;E-|UNwXZT+}ZoYR2|` z3mxB$XJ`Gs8(YpmLoCW?qxF&tBEntMDmbMd(JX)>>qoeVBfxR56UqD{1K@zkr)Hr~X(Lo(fONtC)5g zDAU~P+_}zwq_SeGu%WvCP$eIE#s~5FsQpN7Q;&aQ;YlyCnSA-xmG)2j)d@?!miSb& z$xOYGPHhj{X4`=CK%^^C?aKJ1OPs#L=l9CQXg}DLM&Jm_o+l$Bs`T)T5z_sNiRPIN zPsrd|6U&ZIS=PF-x+g4hE1>#&Z1{_PUCaPEPtC}&)rEiVQzeh~udn;`9LH62f=Pgm zM9bTb$`(w1qxJ73DSMzDCi@VlNj^s8N3otf-v6>o+{0JNnU~Ccg#98dyU2H1~zl{uS=zO%O=#C4G z!r#kivCI(ub(s-qus<^i1CaI{i$dvwi_fe9V==Hopi#FP46?M~ON71+TJLz#v4ZV; zT#OKARR!#ouR|o{P2UGEN`ymvT-ODWtWc7{Cp=&`NPfHDQYQA#U}QXuOK0~YaPPxa z*VhBr$8~~~WFMnW@x~%on{YuAzuYQd;8;vwz>YV%L_Z~mlkOB82~I)sieL9$Xh+Ay zc=PdRFX5tGqH~&EwlAtQeCO?9e00ruoUIV}M4N(4?kT24Aid<(IM{Q>B=sTKEyb{- zqmL6j5ToqH8kG4)UMxZmI`#MzCXq<`Q(to~qqw4_l86!YGImir1yd!L(V7UIOjsCB zp>2&ko!&u$OF1RMcP%ZgQ#e!NlsRawLzYC*9xmg=P0roA z|2+!%CGS8AA^llA%;C|fOvU3ldsZKtAIR*rB6@8$a_L;lb7<)#ta`sA#lh4fMel-&bRGu|$T3VkmXq$hA9>|> zc29`j$yMyTami{F^6=3m6kgk7^NR~Xzr0h-2&~R?BDQfx4NHUfC(PLJK^ixhU7gnS zLBnX9reRUK>g(Clx+=mfN$33wPg;k){7YG}yN3VZSdm%#7e`zQW__;LY<%aM?@@}K zS|PXy+cH+E3cPTr#;x`YgU4;w3h4x$R~RtGK`_24>qZ-`eLh28F&%*)v1sXF7Tc^% zmX|UX9`x|J(O<3OP^^O_CHjRM!tA7j&@_B7fC2_zk}wi)H$nND7*MY6;e)ca0O@6D zCg^RBHs;|uQm7~%Du@^z`{`MLP9Xt`41n(YYX!p4gNy1QHCig(w!Wfs2O#&Dku;sk z$3gDoSepqM%02ja5Zj7w*rOCE_P*UFMAhC#xp+5eSUmTU7#81_`$i5u+god`>zTgx zq04|>Dd5XnMhD}kTjt*;Mjoc`x}6JF9YGp4TtD-hm1b;xWV`|DMqMzL;qZtsgl$;x zckwxCa{vG^_`E{W*A-i;o;J%GaZ++=96#2c<64VgS-CF2fjl<b{4QW3WWE8~MvVgqO3pwX*eG z40GICBx-ot=nL5WqQs1Ge;#(qw~KkCNqQ;Sl{tF79n%&(4QO7x4@+~&z9wgas);QS zES=UcyWI=hP($5a?j~r=@x?z758HUOhp<+^GB)ZBCPZ~$Y)Tca@Ff|0rpuBD2>({6 z2w~4~pfy$WxF`T91I9*osw~-FBZ6HTEbySA=eStfO(}pTkD@>v9H1(%t!9Q$4Wq;R zMD6c2t4Z#}|JxOLJY#I5qHN}+#6GEqikP(<5f$wVmkJCN7yoviPzHB-L58eM6jq^MZ9ODwfCAF-(^1)EChAe3s;^&GxrAbUhQ2}XrOkCjP-XWm|45Tz*Vk~GH4!{ z8$}UlLSa!BF+|uh)?o;Hy9kJN*I38GhrO_uo3EpjTaaX=>8KvEcB)^v-}JJNjohg2 z!yKjA8h)qeOSp326y)y@=K=}$3l89630q*qy8Ti0e)INQ{J`=D`&$LUj+s+E0rt<* z9q>@`BrljuKP`py_|5tDPSCl-S+-1vK%Ju55E-v133AQ%Rs1B9?K?$N< zSeTeqIpOIOknTMfCIL?@S5E|DSLxh|R+xOhq4wL(_oi(5y6=N?yq04FS}Mss%{02q zBiN%^%G5aaI){aqy#t}s#amy}3pY!Kg&v#=(?Sm#8|A}%5(I#Kza)qs?@bT$Qib69 z>YbUFC4M`-hq8yhX^0LMfiCG1OqJy23#*oTljp)L$3AMan8NQ9L}-8TLrj{TO=-2v1CPl} zBA@E9<}PB;!?}W-TgOz#z8_Emqnj_snAZ|GMtV>4C=k>S*G7fiVibj{qdUF?Gw(Aj z${z4E0>_FoVhp4CnioKH7L06CCQIqp5IVNMf#j}~ma16Na5iu~+yA3rM)0GcZ=Phw zE{1ry9}PNImPi&|3Lf(%ri!k7oBs!fmZ^o`vB%LA=lZ^IB8@cE{D7fAlZqlF6Rria zUXY7#PE46ov6MR4^LGJ$>#sKz!$Q!w+q_$&q!q^%{^3RF-=V-y3?Cn4P1~Z)@V~I65m;yx|Bt6y5{kX{<}V;ze~^fQ@V)( zG3Ri%d~uD%y*L;#+)H3sx*W)#|D?{Sgci&de~HOA;dm8Y^d+{UUa{!zufzy%z6Y%m zt$tGEE_b&uo8QkZ7Tg}c2gW(M&b;DCUz*cC-!L9S{3iS!B;&a!Dk7Nv{4FboL!VH5 zpTjl~r18NkiSI`l3rrb7%$9z4@G4 zGy3y1#>}nu;_R&LU?U2^DRln+_IVtv0TcUUHQ8Tz_Zb;|-w2uJA5$YdZ<4UK=ujB-CKT=$2=Xj-xzw>x!6~HzgX61< zZOt`0K8AwVJRxYjp0=*f`g1cw9>AXILw%yoXq^Atx%hV_!NtRFZ~S=kleLg8+0>Ey RsO;Cy3|LKDwN@Dx{vV=(C+dl=Iyngw2@VbpIZ#7I9|s2)jFm@-un(Ny zZVxiB1MV{|brqbeh<5|+I5-S_K$V9EzSBFIqye{8v%0Tn4tY3xZK(N(Z*&MPE|wrg z6d|jeRf2kcYCly7EFF)cV+1)MheR8bw1KVzNxZWy>F93gTKP5K^?q+ z8~%nfJ}gXo$J58q$7`57^WL2JqpK@+jWa!S!>irBuLhUnM?xHSb~hOogdaRYjNAf9 z;FFS*qm=*3*UBIHp9!q|&!T=`=3A`t&9}IG6wprHgkT(ax`zct;vBIdCoXIUH#@!hY(mHTp zZ>=ThN_Io9VeQ39Eu%KABy_B}JIbov-M+3hIaO&V)KdQ7q1oE-gdkoh$o%DT8HMO&@8HfATkb zbzKi$)TY4`x5kj;BKM%BU9n1gRG!kV|MJoK>K_j!CN$SXe)UL8I|YF^TCTQga;B|| zagBQI>!)o;7146@NNN-K<-%0T%K@)%S*FzRpN}22)btT_k}wpwkC=SMyjgLC^9sLAH+sj$h(w?%ebz?625rQ>f0InF@gSZ2`9)I)8PnRmaTwFsRs^;YeXRA4km+!lZ8XF-veK0VOJHvi^kVl zl?i$NX>o>}h%N*Q;ROHp0Yrn;Y?*gfn3gScN9m19R;{6v{U-Nppnx24X(4HxhaU%r_Jah8#!m31jh71 z{$1^d7Rl*lnMS-|sK9|~?-Z@iod-*i&%4WJ4b11yJf%8kf92s(pJhmuj=T+Nv0K0Y zJpJ_e1g&HtMZiXbbnq3U%DFNh9l87^>;)<+sp7cHmhrBlf|I0+PKhue-)?R zh;!5Dx!iB-?TjUIVt0%&MlYVAroR6DN&B9u2?LL;nVCEQt4o1_s?)*%+& z*z>o@YB!?QcG|Zp1B@b%111Ji3e_8dwSxqu#_JD#gK2%sZ&!6t!q1ju1itnDC;nx8 zq}bw`S}cfW-HND#2_S9ck88=oE3}Oap=12j(H*1vFO)3utn8Kz;|L3)qp3?QTu2Sn z5KPPQH27%yJnXivEBg|(^%LKF7PK#~OyFEba-Hc!6j5>ZsED7U0s{!b*hR}risE|m zDmMCJm+%RxzbK;w9r``Ek?Xbo>f8BEm9Q4soYU>`lF-E)FgG)x4JUYar&-A&NKURZ zto1z^6RD#?yvbrvj4Tyr=1FD1BnpAEWsTQJ-Ft?M!qxv;jiK-0w3v*(gjkWkBC3fB z>j^*WL*O{ZCzui2%!NQ2>zlniqQ)#U5cGHvq>dU_l2J{O!gLCDWMJ3l^u7c_uOljb zyj~`rTPbvLvItA-e@ul6A`S^g zvw2TmsTkoCWggkQ{)wx14X)-jFPY_0 zF5T-91Yx{wO+uRK!xy3Z*p-tUmaHXV?P@%QOr7*+&A^eTL`y=n1_O2xxLAJ=DA-16 zE59)J>=ScqEbbYzgkzqhqVj6{P8*IVxy@<~AhqEQD_ipl6_#t}%Q9=PlH^YaVGl)% z5F>ss+}F3msK*xK5Gt%tdRf`Z6WRMWd@UqpOapv)1Wr_M!hF4);p(2Mh(c?P?*~#V z^Yz9OP|TB$73safu)64Xr6sF3w}7C{qpxwlzWSXk$#}H_v(EAQa~Ph2 z*IUG8JYR*7+Pkvi!ZZSMxnZps6fyFL?B2#$OB+66K#p^z#3-$__-fR*BhL1jOao5! zr}xRd8oTm7dXsy2PW7BTeVd~oBnf=QEXc>iW+3A#VX!bC;+h&n&fl;ZP!Zyj~z!n6QLGw17dj?H7jp1@oYrP(!yZU(o8R1Q2 zbPB4GrT5Iq>8=ckMvs}l$=x}r#BLyr?@;4B&+ui)bM2U3>mH&7hO_*4`y{7?q-g{& zihrw9ZUPvM-p%@wv+<|?76c&u%^sc9#-a1wnqfiGac_SWBNcykMIXu@rDUOg$4{Yr zD&pUfg&o?K5MCRbVgB#x(AbR@NBK3gmx*h?QDQt_R(R>$Y`^HVEqe#Qtn~ahfp272 zxOqxGYAJO4MdaD9 zjkzp0K)dW7)36LCeWg(Zfy-=tNVg)(euq*#$~yqqUE_3LkfQt->aYbZ@YsBe5M*}& zeBo7HwIuPCxw?HR+jISO*H6X6dr5ZPsh-;X;rUAoY3u+>Z|To>BWS?V(l3_yD{|)} zCCMHlCf8+_@A$n3)+}pHKeG9(=jJ*{34_L2e{{tyJz~{K&C#>}bY6cpN`bF6?L&KV z9>#3zK$tuB9=7u~)UhpsBi8pb5xib*)+(n#?{a;>hYC;^1h{Mw8~940Y#+^Qxy5Go z1JXFmMpR1YIH-r$>+a#jzisi86kDb(%TMa9Wn|*Dp-=3!`;pXy7oySl0wiof?gKl=AGZHby9NYs>b}v}3M=ra1$z@f5oGGQPcx;bO?t1tKmH#owINe)ev(*SlplMFTA+Ila^$TCjLZ zY1ha!VBd>?K6-{4{dU>1J#0x4h|oOe4cVE0ux8RI*iLKHiOWOT3{n2*pk38Gp%W^V zRG-!|5Yy`hk7nkJ60cZlrj3v_Qm=lxR#3n&x>zoJd+(ukb8C2zl)H+g=bHBq`nzIE z52n+~KOHaC7frYEfvWEdUEVVGOXaLzaC&>&T=TsHe3&$`;EnMnmHSbs7rzLfDDTk4 zq}^JPVReD?8Rf3!7qWR!SK;K2@W5e9q4?`80_3z((A1_5_YON;NNmF8B@?)CN1yy6 ztAt<1t*!(k{M|R}Y;vla9)JV0dt58p+LPgRMTY$_5nTsaruAL=KWhnqE>e#ALcKakef36ZJj5CNHLlP6%J(xlS5eWnTQ{~Y zbSl$hd;*DiigahYg9{C3kK{@y&FtpZ-YQEaUS&8BR|3YA54juGn z`lM>&;eu*)?`a%w?Bq%7vw0!Wd0WywvRZH5v*7=OvTekvC(#hLN92MoC<*QJ5l#js zBBPW^@4#wha#m1Lwn+!NMC4mMmkw514ViUdrY>hnpo@7{sri~hy%@M9quO@IGrcIU zlAc(mSUVA4_qK_4%~+$>P$VSb5I^grJ8xm+K@8ttdj+k`XHuyCM3u; zUpe-ld`gykWSKGoEQXA$y_*2NIzcaVd2C#6Od6a0Hy2gZ&85TWc^IcY{z6>!G=Q-rAHfvuOI&?|C?%QJN2agFs zJ39%bgYATBAzl7)5Q14r3yB#@aIKHZZ_36Jq`qGqgwdf5Rl>|xnP_GXDJDaaP=JrP zx#qdCEgdZcv8k?l0p$P_f!?4>*jXz>{)$Zj70xn$ckaY~yffoJ;ynsFD*UZY+|p?q z{~j86_`&{5o=8aSy>1W3U|L)U@p5&m8^nBITR#_GL>)kEj-2>eP_&#`;4Moy$NmaC*ua3ZV5nm(-IK<94(_JvK%VT{k zz4~@%5lFA-i!T%pI{0S2J+f)MLV_a6kaS8%vpTiD*mXjF#D?A{X!K4ebh5=KZixm9 zWE=7QI5te`>D!V6H`AN&b|pK6uyEQKl~dr_ZnwI#0AfC3$UL^@{ryPBss{Y*>La9} zxWpBk0@`5lks1P*65YPQt@aPe^M@(=!}k1Pk4lY?aIxAU3Elc9`kx2J)>x$p7x8J7g;TYQ8^*T}rvax5g{DkZHZ1wFaFh%H9Kj{Dh>Kmr&hb5e%gL%vN9;GJa zMsLdB3tIGWH-B8K)E#R0&;fcSdWb9T#F>?UY8VM|g8-R585x^6hNfM1UO(BCJ%1+; z?(^~tW~{sQ?wY)kN9OhSj1ah;-Mu<-(=;z_W+Cu1W@H1{2Q$9rWW&azAF7&~kN|>C zCHgo1ZrV$cxbjl!>F?Wz07(b-Ne{651jYoo_F7Q;>fLO9hZ4WNS>OW;P&lEM2_)Py zk`QYoM*L6Cu8Fcg+}mHq?0+Y-H2A1Po_jC~VoVDNB}Y~9feTQOM~!;XA<%G0ZZ0R- zj);y4D`St*T?%MCbb@+u3pnVeHP%!<#qGi3_@aF z_4Hfh@nV8N)aU-zT5!vXloqcOX4o!OJ{$O|c^r6dap)N#W^MK#M-5R&ZBM?F%vyA?DLWp4>7bC(HBaM-@qIM>py2HV*0&&s0$G zE1pXv{k&PX$D6%mz)NG5JsfXz3OhnU2V>qjzEj`|k_7rS>nx~{!?13AG|?hVU4!-U zYNzS+6y1*mALCkw#Eh*5=8n5`qnoa)eA|iVU;)3b zu`-81mD5Y}h|ih|a00psbX-bujViITs^QO>hu&}K=1l+=?&*cpb=395O|rpdVh8FS>b^&`kHT~RtsF{D+6I3Jw0vgJhY@9 zE_NK8<5~rcxR=uZJYo21Fm%y+z6SG_i!?L^l#~rB#;F{c$%cgjLPZi**{fD4__gZP6%7VbGKzGuFs3?z?W!Y1j6G zV7E62cLQ_v^4jd(zTPSLX;Wy&IgDopbgo^V{TCeWf z3e%3qTs-rHOXXk7hI6FG$50mVSQ{U^T|z>8YR?CN2HFN|*RZitq5XDJs2OZVkmb(l zeY(NS4A+d5t=2CVDq0+l)l3pcBXqlcL*4?fD-UbxBVnYsFh1{?;1d|N`oO#p@AHzC zSCAEj?d{dY`8bLbwu9GOexdyn#+29(Se2!RF1XtmzrV$lwKAClZ1?|;l0WASH1U## Xgm45h<~p2p{jUS4s;g423<>!ked$w7 diff --git a/img/dev/en-hd-overview.svg b/img/dev/en-hd-overview.svg index d4e75cf7..f9d8cb5c 100644 --- a/img/dev/en-hd-overview.svg +++ b/img/dev/en-hd-overview.svg @@ -28,11 +28,6 @@ - -parent_chain_code - -Parent Chain Code - hmac @@ -42,8 +37,14 @@ One-Way Hash + + +parent_chain_code + +Parent Chain Code + -parent_chain_code->hmac +parent_chain_code->hmac @@ -62,6 +63,11 @@ + +parent_public_key->hmac + + + rel2 Derived @@ -90,22 +96,22 @@ Index Number -i_norm->hmac - - +i_norm->hmac + + -hmac->child_private_key +hmac->child_private_key -hmac->child_chain_code +hmac->child_chain_code -hmac->child_public_key +hmac->child_public_key @@ -116,14 +122,14 @@ rel1->parent_private_key - - + + rel1->parent_public_key - - + + diff --git a/img/dev/en-hd-private-parent-to-private-child.dot b/img/dev/en-hd-private-parent-to-private-child.dot index 2bc81dfa..ddbd46d8 100644 --- a/img/dev/en-hd-private-parent-to-private-child.dot +++ b/img/dev/en-hd-private-parent-to-private-child.dot @@ -3,12 +3,14 @@ digraph extended { size=6.25; rankdir=LR; penwidth=1.75; -node [ penwidth = 1.75, shape = "box" ]; -edge [ penwidth = 1.75 ]; +node [ fontname="Sans", penwidth = 1.75, shape = "box" ]; +edge [ fontname="Sans", penwidth = 1.75 ]; +graph [ fontname="Sans" ]; nodesep=0.05; -splines = ortho; +//splines = ortho; ranksep = 1.0; subgraph cluster_hard { + style = "invis"; subgraph cluster_h_parent_extended_key { h_parent_private_key [ label = "Parent Private Key" ]; @@ -31,18 +33,16 @@ subgraph cluster_hard { hmac_hard -> child_private_key_hard; hmac_hard -> child_chain_code_hard; h_parent_private_key -> child_private_key_hard; - - label = "Hardened Private" } subgraph cluster_norm { - //style = "invis" - //label = "Creation Of Normal Child Extended Keys (Key + Chain Code)\nFrom Parent Extended Keys" + style = "invis" subgraph cluster_n_parent_extended_key { n_parent_private_key [ label = "Parent Private Key" ]; n_parent_chain_code [ label = "Parent Chain Code" ]; + n_parent_public_key [ label = "Parent Public Key" ]; } subgraph cluster_child_extended_key_norm { @@ -53,15 +53,13 @@ subgraph cluster_norm { i_norm [ label = "Index <0x80000000" ]; n_parent_chain_code -> hmac_norm; + n_parent_public_key -> hmac_norm; i_norm -> hmac_norm; hmac_norm -> child_private_key_norm; hmac_norm -> child_chain_code_norm; - n_parent_private_key -> child_private_key_norm; - - label = "Normal Private" + n_parent_private_key -> child_private_key_norm [weight = 5]; } - -label = "Creation Of Child Extended Private Keys (Key, Chain Code)" +label = "Normal (Top) And Hardened (Bottom) Child Private Key Derivation"; } diff --git a/img/dev/en-hd-private-parent-to-private-child.png b/img/dev/en-hd-private-parent-to-private-child.png index dc66ca130e01171661d4b1df90cb3a8eedfdd801..830816046fc1c67570f2c6e0caa0adb74db3b5a0 100644 GIT binary patch literal 10921 zcmcJVcT^MI*YAgt0HKL=P?{nF0g`)_kSF z4~zq`0O|M<-gr3|flhq*4Oj)974~K;=Bc2}r$d-sND8w|oo^D>0>yxH<$pRLF$6J@ zeTF4;+XK#i2_LpsE&-!U{g$ZgkUC5M=$da~CUQkdrQzK*M7gaumInx$G5DEPXgXgb z_76mfWg=_%p{=fXu4@D3M-Cu^mJL&quNNr+HlToxD}pw`>YD*j|J zI5KjB0{!*I=#2?{8E55}#tBJg{9RAy3rtnmi=RV@5Sj0%hX@>7*f|!Ds72wl&YD+~ znM^lp#*4EA^(TGjKjU`@4dagyaM7)h=Uo<5H=aAo5E45-=2@^vXfIevS+nlwt^x9QUVA6!XBmn2Um! zWa}{-I{DzEuDwLNy9S~6G2x&jA|_HA%51~@MTYhEb<>3NN)@7JO5mnH5$4<5o{Z!@UX`CAa3m~aA zdd^lg3nZ9+TA-(UoPeJ0A&VVUQ^L(A__;=SM$9x~nvvjI6j{E_dMgDL6(fLt*pYZp zA@Ep>8P^-Yavb0Fd9dcCT9Bbob?jV`Qozr^`OU;O241Vt-eQ-s9*L6C@;Iod1l~h& z%KYa}l5Xa~OTnG^9R#*?E55vhh+WE{sn{Dy)O~T8WL81Eqgx%N<}&9t^dKe1i4Oh9 zip?o5t(`Z3erMaI;ae}^3hztLac`j073FHgh?M7pvB20iKf>~T=KJuQvC&mTD8q$< z{E;`aouX-QLvWyGiVGDaX^$7w%~=1wnY*+_>Ki;yKWv4e_tMPz?zJxrj(*SgE8KDk zP#Z4cE_?|RL;pOBNv!PP^f(s+Yx@3EM0AsdYxG_~Lbsmrqj?KE)_?H1ewHs%%=giH)k8ks#A%iu4;LZm;y>vmdl zR^A!-bUcb54t!!8Nu(Msv`32nc{vyw$2^u`wbz`S=5P~yv| z@}Cp}FkCZUt7tpiEAqdew8*LgYi7!E0T@~8R*&!p29Dzy;iHT@-Xog0DL$e?8S!YY zL$LFimh!dG4)|*EoyFq%)56ywEBbfs@53Dw9wNp9i=B*8vB!mZ+ztwoB}56J7pM5V z#rkUJP6moA`K~GUM~BOPM3<;aI;p5Kw$E=z>Z?f!^Sae32ceY3i;omf#Mc0FDt{AgX1w48U12*EFQbo2=6v_?r|bS zbh2mVd=1>30O&gT2{lg}+pjpbwWmhIxv!4Nyb|XDSFMNcXG^p&ourDax;`Q1&9bMz zaW54w-|d_a7-@-k7nxz>ixych|IUdzT`6ZkR#T>GvD9gR34K)1=V)t}UqYyhNRU?sm z^pIp}DkH^>bPMe*4D-49#P(x{$y*(EL<7ldo3*{71fH@#$hwP+$|1)#$VHE*u&f+ z6&Df=XOhMi{Uix@BQ>Ce_Ew5Vz>oNGaXAm&KYF9@hmwd_UC1Fag$-r=c5Ur?k^j4W zR#mles}Iq#rLwQ^<&r`DOU2LOb=vRw)-yc`RhlF+F5oE9mtssglK32G| z4fWrDlbx!Hd&YL%5$(FsRA#O*2Vw6C!95`tPSv3h%kMZ!0?k_P_5^ry+boK>HqnQ4 z8EuI~xxc@IAp^0h1)Un22Rt7hy;6RGv}vulg6YIJx3|yg?zYt3c`0?Qd_0nC-*?P? z{25XJS_ez>HgM!dc3sN((WP$2p>y{;CI=KvGyq-c>!NWuCA5Ae$`q1`?9YV}<@0Mr zqVwZ25tde?Ckmh3bO@WL@Zd);8CIXjGwi#d9C@B3a$oV8PyCPe``yaa&ya9$WL=0>O~9(rNvaopMq4lui{Y;&;-BtR zy;8kCZI+UGR;mW{bUZ4+MWe+MTA1Fjs+XEX@s@T?pp!#T;b-6%p*&m{b}-j|FS~!= zh{JwLl>AAR_G{OT)_Ql>i@)KlhIeFjz8hZIt4PSMr}MfCyZx*o-K^Di_qJd-0i^_5 zW*3tI%3;iqi_6Q`H_LeF>89t<5WXB5JH86$>OP2S}B z{=^M7obhX%aTMs(u)wj7HS~mJWPotpIJ7<9Q{03s)s=PiE=VQUaY^tMy z`gv&}?pkkU{g;w(21|0P+RlLZl0Ny>?Iw?K3hM{qpva z0&O4kgia%~3!eLtFhA_gH=P5q2{`xbm>^bb^^BbyUKIa~^6CjAQWIGB(6e_>4UXi1 z*rY10gZ1P)C?s!c+{qp+%YH0Awmb4NIWRj95_%Qdo0!sJc!L8nI1)Ixt-HsxnpMoH z3p(p^Xo(w%|L%ETAoSPLW+RLA3V1!j)8u8560fRU4!J9>%8EuB--cl!;}y|{AQE|b z$>`73t~NPrlG3ry#*YWbHj@LdkfjQt&SCWF$MHn)oT>!6ST&x^^8m|K z>lO&Z9m+iHng#j_cUGyyp`M6uz`JAi+8`?u<5h@$ns&nP<=93x`y-LG23A>J?bmNJ z<%(l*n66oh{Ijh+Zw+v720s~zaC7O)`Bj|%GZOwgk1G@{e*OAN-3lXDA{pjr897gH zKgW6?8xhR)x84NpsQlQ$4%RU}IhX2%QBgmf{H|BhVfY}A<4 z_LyulS4!Je@k2{)!9IQDej6)|T{TAeLo^oV*|;2Mt4wNZ|~m2Gb`bH%TwPLw7i!uiNH8SUzTIG zYu724y&T3FlpH#`P4+RGOy}6FgT?W&snvzv$oc)|RD6emOn8HMh}Z7!!=8H>LP9dw zSZMeVczTCsjl=4VBu-3_!w7hoe;&+Lgw%<6sVq*6UlRUdK2n9yEEi>{c7Zp4%KMU9 zdmF$L>eO!287*lSl?ZPn&glOw42BSTc=`Uxkny>)cKi^U?0-@ zgka^@{ypo`vZa7F#jj)?%q zB^*WK42am^i9H?t_b*~-pz2nTIdc2oRV4FD@Y zYJX)6l7clb*m=}sZ=TB)vaj=PI2r&|>nqLph1rnKXzYky6C~1ukr%9Dw%L+mx3ezs z#sc*tc{#_wuVW(|=P3O1ff3n83CUM?;W#+ak35S$OkyBafHx_v53GJWC@ zJ)KMf_<<#`Gr8#S^s^Rlmx*gbN60thJsd;;`->9rU@u&HV6uSdH+eD`2!1RH>{PAx z6uis|nsVMV1;oYx&73NmRTofI1WIFSM>GlxfuR1P0l1=(_2TR~q5qKcO!(RlXPMqE zYs^Sq_d-0yMfJC?vGKIwMJ8Zg?p@|`1=aQ);SFX{v&k|ipDdgMAXpx7_XXK!W4!!q zMB5W!W01)0#v&#-R!Dp6U0{3=UmBGQ9zrxUv&8EP)o_ETd0u9B?{zTmO$_>BmeM!8 zQK|$vd3i8!H{tdY8x1P=@ByP%MNUlea*cTkJ-_bPi|2m0{Q|zqtZFh=uxhT^DD@u7 z_-Il3V&=Q8Bl09{AtAXW%PTge%M!PB07IAcVVc~wlA~u?@qYeAEYppv^ietol^WrX zN1-H&c=MlJ{t2sQaGe^;hfdD#4fiHYaC z4e?1bx$6tu)*qj=YNUAeSoNF zM5X95;mcr6=Ul6Q3By6bygL}2YSgdjXnOpKWoh@GI3Xb7`<($=2H#}Jv)B+bPa7&P zwm0|K2>$j;>Fsx!TPVcWN~A)re%G$-l07*wCaUk-+YcU)@w~_NqbA2I>K>G-;{+k5 zEGtBGs36n?{H=6Xw?aV5n=sdKUv$+Yas-Drc2MRgpA#0!O<}t8U!m#oZ88K zA-m0;bT=UDF$WllFXI^T;Gp5+N@Qf$7Mr7soU;cXFj_j=1L8hf4nY#Jtku!Tt#x?- z?E%8WsQ}?IpzR zMOQK<>GA%VRDkuSy@c;v^TDshRi;M`GYSHBKI;~+t+MLy69X&l#Rei3pIpHRTUIhG zi(^Yv>~MFyu02LstV$F;xkLDOl3J|?lagMi6sEh$a`&~&huh;36U}UAdTA6-Spm&M z3dGqF5P(0gik@NUeVQP02QT8}4Zs&bK?;(6grj}v!?WqpccC(lbN6{*MQd{M8tIXd z9DQf!r&0f3LELrc^!D=BJ{{$_=`M?QYDDpOV6E#vvA*1TIe_6}C#~O(Lk#=5yj$j= zUT)LWi3z;q>aCTK>~7)|o<5x$a2e!E3g@JK7P-fX`qDQsvL8*#ypg33=G7uiC8B$H z@;5H7s4r`HPWnDK%WGfO*YtD3QiEA_OCE*&re+?UeD1E%6|V-xCd+6G#BfSW(X@4m z$UL@A^24$2-9bE(i4^4chu zbOe44_;j_qGnd-?9)SBCIh8SghOzmv8Rb8ne;<;6gxtyaGL+3G>D#fOD4yf;m&cty zvoxH| zGU5lMJtSyQuMgzj(%Iy}pwfEkZa>DE*K@O=g)wPFbyTw5VE@Mbpb|EwO%u*)-4u0IPL8$P zHMMITfP_ozS+}CeKtevmSKCa_NFpJ!EB#jhI{bd|J=bHc1u_40sIrF_jhR zdY4q>Z``?>0?-8&QwzZDSsBR9WY66pE}E{_C>Zf-t@$z0npG-c>alB6OdsJ zws1p=WV$kHsuCJLOkn<-`7UikAl_Xh3P}>gqI|@g4PjuM`P( zLr~x!s*q$S;_@M46-AK2EW?AB1_l^7=sIj#u`@j+!&-3~5AN#e*=iz)v(6G^#>;o_ zvMEz&K5zs`E$Q)Z23{TL8bOqJ>UPh1>f&A>pi=0lFI#)sbvP69uyEy33r?`R?iW3} zg@>7}M;cyuN1)Id-sWgaMga0{4xeq)uPY`!s`o{mT0t0}AnY5D4ek4*Q7zn>41xl7 z=ie@9C`q_Dde}GwGxF>nknHF0j^A-lDv9XQ`Go*+*ic}HhX3cg(X-3yWcW)8eZsvj z3`;ey#EpCFlDAA`VAt^B74fm|<4PGTqc2}Xx}>rkk&hTZiP3^hsp6oZ^0?*CTW;Uf zkpU0YD^(`=HO9rG%I9wBL`9Blo#X}89U7Q`tEvznz&38r-^@z7Q7iDV=2ne*8IFur z#Pm^7X&yZ4GktCl7{BU>!-_cW*C&|RcC)+nc{Fw{35WC#U|Q~4R)r!SYnyuvj!2Yh zjJLVq71n5T#a$Cow7Q(h`#u~{ElSp#Db&$pL{<}ye+1w6dBx1?f1abUHbz-cbGwQJ z$VB&mP_?8l@TA2uN#-*(hzS1RLUo@L@B8J!%Q{vNkwAQ3ZyV0fAx+5R;5yfDcRb=b z5aAIXPee^Vr`)5(hv8y{AYwV@Loia8{WTXSgKGR|+9-q?{S6ysIbbj$3Gt_g4mgcQ ze}iCFz!`+%+;BypA~U>w(a-UF7rSVxC3brMavvY< zUZnfB=%ol!oAQz@kHU1*ol!$f;utOELE3X10*kE-HvWYBj$>OYb}>sKD{_A7Ng>jx9}v<7r(q0}^hwzf&@QknC?r znt#LbHP<*^xe84o)UN2pJVQt6dQtG+sa#|U-_Aj87a7po7^Av? zA&CE-Et9o@@SxeORz%^!@T03h>RfbUpkjnh zE4ZoD<6i@lv-NV8s;{`76Yjkna_TYl?Zf#_A+gi-JB8+H^J|QR7zJ2!44+qyZZMy0 zJAeMvDi?`{3yD?m!WP_jDOugbe7L^7RJcl^eXm7-w_1b?AHHi#Lo;`v|b=l>( zXyO9E#kEh^>+|Veze_2zI4v|f&xRbmh8vVbEIu~B@$%toxd}85M^t1X*F;fRW&SlojTgT6q-mdBfl0TRW-H5| zvA`~=(PZpU6#F7Wm44*&TlHW2?w#vG%!hKA&`{wjoc%bShi}wJBfUmwg>n;!Vi^fW z9$C#&fO$PJjqh-e5AHH<&@|2bLHAL6{d%bI_i9qZ%LZhr)F^ENVSkL5RPb0J+}vDP z3pR^1X+sCzYe^Et@kA-5!ivrFx?`cs2DqVrRfet@{J4wS^~YIHlw@T2T8J8Ii*#^m!4ta zpsZr0aQTU!(z0{@qg2PqSO|y7tO)O|?3-w}gV>afv)5)HSd^uW!S1NEWENWD>m_zRtn&bicd~eMqtrd)*649V6DJ`5slWI~PX5=%)b=x$7OLH&hRMlY zGhz~FmB-XyBKV!De^z9?Q^i4VTI9!O)9P12Z|isHj$^4#m~iTP@Y2EGs}Ll6&@s%g z*!mA=SetDq0^EevC(CU11aYhYj2b02a2zR_^!g*51kPB1!!b|Ct@sP!;_X<;aRn2P zO1yk=gZ_~jh(4ux9(uv~awshgyql`pyK7if`foKtzV(tIe09)hG;!?pQMXPH-g^-M z6Ye9@t8;DE)o${RQ_H{8i6vqKW&ipA#1t}%q#IL#utz|Cf4+_VRYiH>YPEk{grIN+ zN*?mxX*f6p0UUu~Cknsc>f-|2vr>yMvGR3-Er*k)9JMa8#9)&!Nq4BNQGII$)v3!A z(6sss5w6$UMNQ6~Fy&O2@!R?w@i<-0j7olFE?bhluldteYHK&{$A|f;u{ZxJOPHFH z&|fnY=`CtM5E0h>+JEVQ`!^Pl1<~o3D19VPDY7hlunoSE24I>gAHMClRG&9P#e8q; zF}sSRy|=&rL6W|CUgNJYj@4lyZhv0;pFtq`kMjQCQPV$s01Gih9hZ2KWH2K6LE|qw z`HL1e%<1v}AGyIgPq4xhUxUbm?eIq;Do-5s8XnHHBn)l7i$QnwdnMc%d%B>%9{puF zW3bL=;<82DlUR-02iYiMhO69x%rvFLlhKy6{y42LV-A8b6 zz{I$Jx#$(S@6cjrK0vtsWBzqZaNYicG+Wj;I#ch=2U`{lNRTh@@C0SAELivQip*vN zkN`Wi{dh~LuO~!)+myc`y8C1Kj~a6;pNA8I-~~>F#$A81oweRRs&{1^zZY3RC|#Sl z#gAqm|E=hW;mSHdyLqo_4*dq~c<^1y+OpKRGreyqp;UH4Dd;WxR5;cjIs2$6NsH3}sAlAL*dW!V?>B zS8m#sX@?~ha`zZ<&Ee%;FuH?!mOt3lIQGoEXE(P2YZzW(omjD1cYy0g;L4EGM8YLYN_}J0^iYT5`WKG+;=*gqTx7C%I00 zeB?Oq@;c|6WRHSrUR?(#UGO7^IBQg`2vMf=yDd=HKIgpK99@3Np!u#5auBSHL#DOR zz*bR_ZMLE5p9!7A`bFvOXWS1L!?gF+2}pZ`tmCYHrGu%g;s|bp57eF`b8ZVHb+P64 z4OQlvNYQw*$e3J4&=pB+yd?s*rZ@-}b&K4mf56u4Gw~E<@1<}g)2L~UD^nqO^XSy* z);V*P-fHeb!kNlOZ@#poBHB6-;S#jvcL>GBOu&Y3=PN_xgaw~&+&#!8{m$*-;ub&Y zor8xji)^*uU-=y~Xd`N20=rox>VQGBZjT&Bv^qVYwttFz%#YPRzt~25vr!ADZ4*MX zK28#C>PBm73o97%TAwZI-l>P%$LKmp1csia=NXR~_chovB(ySmPjI}y3L=KlKVmO^ zW1Ad z8m=js=Eef>d*0(pw)4B681yN-Q|ix9X{P<^kF+|zZCIXGL!J;cZCt*mQ+@l*H&`Cz zn;6h*-rv!QCOggNnZaK$LfYyrK3D#?La2PfId(}}(~CQI8$HX)*y5;z0Xn)FMNH?p zA1?Fs%8huuORVnO#LrQL$Udj}4*yji^4WRUZ-jdD zDBS!##gbgYDM|K~=gfmoKYo=<$@7Q{{#y;zXBh<-L%uDop_>y~;FM{gTQ^LB@G}0q z0j1Y|^qp&fTDi#s>D1+k87{de39`>7CPqy^xP-uE$U{xT@1vg6amw4I*<+@~<+|9e zLX4!k?z)KpWOMBM>`lnlxn3$2-9mQ z=ht-i6oj=@mHfn`_Yxaw5`pt9XNXsHM(1)&gbmU*=w)0_u8?(dqq6Be}|Hcg$w`yO7*)cx&S~3 z0|0`m3-|(nU3%Ud{~|QgyrTk~zKHE^1ArS>)KzZldyTDS`1*l|8}_rV%IvcSImapz zipSwV@c<4kQ2)(UUBO3jEceck{skzl_Am!;Ya+u_Edje#a&D6%osidLK{m83l89GH zU;7@CL;1t96QbaRSA*zXf3*azz7eOHT3QAY3)XO@AV$i!jL93 zTl6R<2t!DR843mgMRmX{@n2CGGvV{EWgb-Tx>+S*pCKK}gEk6`@OTp}?javFU-+?+ zz+S$B5_V!Ie_og3tP%=F0j)^busVWrGPtND#69fqA+Z8siIJ26!6a@&3uSK948ky4 za$NEF;7KsaDt1>S6%#3mdLVU2?%4WHXG{PUV4!s`24n!{x%Q3vY0E8Jw16pa+9+W; zq%EC}w$mPJ@0ZPH22w@ShHbdH2@wLbvudqqxGDoIW$*dyhL)j>k*C!#q1${fIS@V3 z@39?o;_dEmeWM=C)KFfwbfk$F(iL`r^oIfnXiKGDSoAz9Q<#dYPQ*k)Q1YzLK$pLd zu>fh21U{rd5iQzwjQaZyaK~9QCLp?Y-#%73l!&xSkSO^DC*oPn@jkEz7KXhdVZi+c zE?>?iQPcz}vIB|}16ejEDeT(xxq*CabyeitZ0I4r@59B2XKvSMX*+JhXhF~~yJj$!wM(yjxlM!>>i=q;1xJKQkIgo%6T+BAY8de)FcA1X8hHQe30 z%_wV-GTg?95yKbbEhe#%l=>M#=i$Q*S|$U)vn?kf?@%WMyMogjQM-C+Vi z<=SW)9mOzHKtBWxi$?%RW`}19tQ2TFKK0ly6+6VZhMk>ffXdFtRVG5jgx+hq!c{ox zpjzpVS5Po$Q~%o`&W8AGq|dzMKYa#khO*0~=Bf?#|F}o$4YF$nm0nKRyZ-y~D#qt( zm*|7EEo%dLz8FApw^m;PU`Fd>*z9!Z7c zOIg%dFoeYEfD-4U!9kz?`Ks?+(6Gk4%Nn<a+mU+`HP8Q_%8g=`A-S|^Vje` zT#8lEho{Z>%0-};UeFqK4>NX4bnuoJG$VeNy`j5SkE+?T`DX%ADcV&8v2*kCEa&!^ z_-lZTb>F_#>`m})b+Cky;K`EOHbs&=DRHSQoE?@)d6^Qu{YCsWLR(F)qfQBs^lAr? zYrhx?fHvn;1!a`aby8^XaOQ;`mMS|lS23~bJ0*?M0eudpiuH=zz{uV9BW37qyNt&~ zfVD{K6>20{=lv3iHA>@_9kc#5lP0q=Yy|sHq$X9j-euPU(RF&Mo9aP{aPc`MQQv0Q z1(Lf~u?cn6YX@a@^(K|SU83_^jLPsTmYz4|zdw_4`d)Ps~TyC ztkzm*g}yht0at^;nkoq_619iqln|rBTc5T+&>@^~ghgBnZ1w6vuZdb*3R8)y>0t-@ zl8%hz7^a1&)$N+x3G-{r@cCRXz$oEPnW%_j4`!{ z)zILn)c-7-t5qetMVx(V2nfuj6G_~7;F>M5uKx_4M9A+HhG-bgz4@N|XMWyD`72_i zc5$MS?{;jiR|qlG?Ed*9VmTjL=Sl**D5lo(pl5thx|R>d?1O5)8{~S=X}tIc8bSgM znYW<4(aq6O4`#e8ifVR^z6v-MwDQ%pHoKi}-d9;IyD7C5b67oAwz;+yQ`kNaf;Wtl z$rUJm3Yx6f>j^R>LxQlMSaeh5B3<|e9V@Z3g!y4&B z$zi)8^0TpSWWl^7PY4+(zk%@6GF%sJn)U?Mn*Kk{mX_=&{5%|HWl0*#YSpVO-V(!4 zO2gty+&Q5`b1C)HVtLW{#U7%o`r6Epj$PGsfuAA7GMcKzubL35J1O(TjeoAk;po2U zkf7jwE^by@ou@PL8PnAb4xtX6Efy~e(z(okkDzo06n-3vCKQw$MLtzY@H^JFufR93 zbV^pZR<`k);5rRdifwWG>u#Cmgr0{VCMS$U(LasMVWcsEw>&f7v@;Y61~WaBu4)FYJjF|t zrd6F!G~if$9h=^uY1rdNY)CeF5x&LIT(!>u3v%U&pQnV$k@91=&BBXJKUFpUT+eI^ z)(nybPyT%3YJY6CLrMa!m7QD1NljF6dGX7dzAz&YP#;1q%KDN59 z+j&zB5gfm$fr$n=K%T==BZ&Z}l^8|lpppQ`i)yc+7lCn+CVgLC|6TWOtS+|go9tl> zBZ1gJ0PrO_)ueg{er(k8!17C(&FYR!7zMN_XgBHe@DCRUpzoGPl2j5%cT!8VJOnju}fBp#s*t#V^6|zac8bqKTa6Uo;?UWHJM$WI*ICaPJ)EXH2UP zv>n^!p6}g)r94En94i@P{O-b+Je!FEBsb&%@&yQxcW&!03vBXHW?Jyu1h@C6H#@Ec>R$su3{x(uXq6qjPY>mr)YN=u227>yjLT z(Ctf3x}GZh;^Cy?>)6g@QmFOzYMme}V!qAoXp)2q+7o9_SShVs zRdmuktB`_2l6O|;n%_|%y}QTWIFpwMr{%divDY?{6qG-;-%E(Plv_MC5IbEsAE86l ztP#`|q)v7?u&pBcgXYfeEmqxXK|eiQFD}Ed_O<^DJ(mGpRCtc=>mNfNj|h|SL&AVa zR8x5u${(;-X_|ChO=|NR2{)e=_>%Oh+ z-FAzXyF8KY$1cL>_(qRC*NK2Hhjh~*7imdF}rGR>h& z>BHGl^8fbA+9wU`>f4R@t&AWEwc*TnpCf-Il` zS5na*Jr733xN{csUXrrb7`?@-1CrY0`=^Dht-MzoGZPsC)~o>W?XtdNN!v9R{!bqM zyCm35vM0wZ{POO%{p*^&_9wSLTqZTiSDeFdJpQ(4K4kNrF-&EodZ1k*`s?sJdzCVa zscHT6noG#9{jvVbZ^spXgmEsrqn`G=Ii)>g$J%4*LfE_#|Irz5DNX4wQTA&5+=7XY z{os|ja75+rG9Zm=eI19hOhc!5B( zOpv3|7XBEsa-T#E6ouJlgw!^|HdV0s&kg^UT!a|tx(n~7=qx4U7k>)0PuEYdraoh` zg$`s)`VI>y9^D@*H`lE{c3{Ls)~cM&yX1sUL3*K8C z5pZ@>8S4xFJW1ia4Mi98^<&Gnc2ZQ$k&zJrnOS64sF1y$$;S3qB9Cx#H&lcpwB7jU zLD(+54gr~1%2y;%PxA)3S6x;@POB<+*mxE=hL&Lrujao;Vj|g4G36QY>MEm_wV&&L zlt-8h5l}*&YM~I2F#fZcr{d(Ye1foO;j6ErN3LJiyd5AEf0-GjI($#0uf%>z&6$J6$Me9bAEj?>)I2DGO^1+&>$Z56Q2{muib_B8D9L99Zx^rzTd-KX?E9B(Lmp+5EIk)*Bm%C8Ak@_h40aj{wyP~u?s0y9|z z&pr|QnA(1=SPSS&;A0;Q_IqlEYA1m7Oxqd9%ox{M`i*xn0+0i3-~dC|ufC9UijPeN zfmv1{`>i55^CDm$=XS4ovo-=lMvl^dQR-0g?MKrwF3YKFlX4VGfVIfX^;YXUt`qz9pu;8%LKpODfSz#%KVa}W`1Pp~c7%*W8W!c%x{eb^dKIDwBY*R8L zy9icH_X}Pgs*@@j(8cFcLgdBwwQE(Qbein6L&pf-dMk*ymH9P}!sVSiK!TB1$JT<8lHvlz; ztoCEQns6rfKdfX8fgmzW4#K{t?#dvFb5LeRqT0;Fg}P&|M-mhf-K;vGU(d=>{ZOPG zHVgH*y@mkpl@Xd`kl_VOe|rGpAIGG6?<+|6-M33C?I=Xa(g`q2qtc~$fOAapeW1aD z^)oz723EWPJf&^$tUaJ_4rf>}dP@$Q7~Q}vxG67><4C&Ry`_MD4H5UY{W-dfA%r}P z(#AyDj4oGsc@mOqcW3Tiz3iS@UB-H5%0bAm{%ejb(;H~l+Jhl49itj1QB-e!VHQzd zuY^_Sq7VGPLuCISB0`92rR7wTrrBdQqMc(tcs>FLKfr;xa#Rk_phzf)*acKogeLvp zaF9S>Nw3|eE}|9Pxcu)<0U@>W;cMcnuSlWxartn606x*oC0Q#ig8599LqE<&1B)eI zddwMp4@DO2t^ZG?@^2^qZwhziV7;xeCZC+D?-C+J!?4T{J=D9N?i$KWgX>y+825PR zWHzsjXA3t-p+WO=M~hDsKPsqj%(y#remqXCfEB=xk>7igq5>OV$%f>A3EB_H$UK80 zCI|A3!Slaf+`GRVucN(HMgwr1_V$#+9lo?(01m1fQPkKMnB z>>eDuilx(b-u^4*99h(VbUlzKRMd*aogsvAonqOfBWfxY|#~eN~BH{qmW6n zmy6)Bvx}F#8ibZsm4~9)ln9F}K8F_9<3$8WTMym;P?d8>x5e9dbcbl_?tlW=M=VNz z#@*^wXsxY`dzsTX=xGY1tdd(z*{pU%*&tKoi%mR4TNd-FLJu2M5s+a=)vXJkFQe&` zcO4fioCBf8rM zR;^mWrTo8PA54EcXBb}05o;F`<&-ybY(th*ZJ5V`AARX|)W#`Xm zz73;7Y7}K=?Rx-{VOq!qGx_EIU+6>d;Uqae{GKL+9%p}HLI&drVG2U^{ktGM8_c2K z9I;|T3R(XT69Ou<7|4;ORoaOEha6c-?WPKXnZ`!urz{3EO#SM2vRNeomDXV*xr`>q zBR?8Gp~l6U4>_5u_Jb!VpiUu)qR(h(b=VRePfhW4zGfj}S)yhilULFmq z-ks;!Qckr~c31`}KO?x4PUjxp zphK!Qv=2Nn=QJ`hv+lF09L*ikp^?}_5H9~PQc5`@T&=gvrg_!o$U$skl)agGlN71v zjwx+p!Bq-!o&lHCaI>F3pkf|JWYCuFFN2bCOvEjV=UOMv_jwuXT9RC~0271|1Ur;~fhyGAq znnGY$tf*>#Y_Q%lIq2jUoB%(wib{e>bJ1a*HvIV3gYv6YvLU;wYcn(S+>!2$5150* zZ-(nWp#Q|V#8zPp9WeE`ke%g$F*xVHnrA?+e~fI9Qc-!sGr#LF`S4}E;@AkB0HAs( z$amkZ&%h)Qa|L#eXGlsLJX~D+V3_+?;yb zv%&eUKwz_tvtvNE!z#mIj7cM%qPK<=qCx2WOUOlt%iHCLRmgR} z%Qq}g!8DN0s+C>R3T-ZK7U8DfNxV5J2b{Hp`8!j~hjwEtG3b#3O_{VMiEA>_AcTJh zC7|XHa;FoW*t75*v}q+mM!91(K>Um)A;v)kaTqcv>cbUtQ2zsNZjB|=Q9TW_3Hk5O zI;XCS=4bTmu*P#8T|JRIm_bKL-eP$mAw1}${Z1m<<}>DVl`JbQ&uH>+X4O?Zx_J;n z0wkYQX-ow0&8Ir)?bvJhzN{+!Y?)S5{U*R%BmrvPsa5YHQ}Ux&OF-)WxA--UJTLAX zjKs-dMpRNhUJV}KsJN@1D z(gLresxdm;neqfE9M1zc4Ika^@Aewk`&jK(Jcq?`Vzy}v#~&>YcI@uiw7>G3V}J23 z;?3ZmMdzXsuJF88(#w-xBKwsXH>DFAmbC3Lf^4}8HA2lcVdl-m0vDkC_f5vQTW7|4 zbjMcosL;a#r1We~E`nGi;?taC-?nTUNniR8OeAsbADBq1d*@sH877j}`-_RJ$$Atp zcudq3CQnMfa_t(AmLIJM>@fNh;-T3TevuxsN7O{T3Gl6&B*fZVlX*&A;3e^2y7%_i zbuY_l?ok0hZ@Bx!PsdnV*okJHoZ)x)@vnZ>AW6N0BqB~cN$RCf4Ge}_=m$=2ao)4X zh0TukSLS9BT}>u2b{SAYN#Afp69rb&K#un;flTixCa` zk##v{d4eX-%J`rFnNcQFZO4;LQg{xSMlXTncV4N&r5v=a2w=7l!E68L?7`<7pppAi{u;$Mu(fb5{0_ zVSORu@@OI8bbQMh0CrL!wH)!y87q?BN&$@i3Xp-`_J?@2d4Pf&r?lHqo z`9(>MTi7;RRyx&+9YPoZzoEc)wSF`-xp;f--jg_@3f;@D@TA~Yw}QUkbT!xcGgt|i z4sq=yuy#vKv7~oGIWPa&gDptI5)R1nIHPUt~trnJ?t9v9NoT*qwn z)23nQCbk&ebrx;} zkPcW{~-xWjB>D%j$aB8ce_B4yP{t-(-l++_wD% z1@vn0@J|fgV7Z&$N7jA#og2fZB3xL`3?@yw-fg`nb3yLE^S?c(=})2O)?j)!qT^V< zBUjobEu3^MbKX@sG-&wo8P&1HQ=JpBB;NJjpLXn6zACoI`0H(AT-yo*qZ-}l>U?wt za8vA7?W1Dz;rD!1^yN$tI+Vsrh@R8IMW{BOEJcJ@VeL9%tbaN_c*kqNw*mbFh8pl- zXu#RCV3Py+1=ow;>W&wX!w%lp}fu{FrOx3Va*E?FYg zQJY7epCSPg&98}BzEDLkc0dWe(8Y=p91#$#p*_b&EBg;MjEvZ%#iK!M_FE4*{lmyo z6Glh{i1{VK#c=VYZ+hXprO3l)+WsU_$y6cWRk;6KFt~ZizC%SzwSn$16T=v>5oDT55gR^ujZ_(x;tF(7lz#?z!iQ}B?0mCqWMypxR)!4uxU9; zyusqq;i3=b=wMuV)P4}YP;MATU;|_4aFNShT{VoqnU^m#Q#x3dsLUh;{OB;pXZ->V*qb6yinB%!jO^qH+uAI`IsG4L!hC zj+^J5bT|6g8SO`a4n8GDa6+6_+V%%44aq&F1InKG5dmWKHe5vPaLU*J1Uj`^?%(|C zrVf8nN*M)V;~x^0mNy~GkO78b-(y&S;xfQlUW@$KuRPC3M*H_*T@rA2({6uTAEf10$I)v5vHG!bO;tC26I-&PUJ)s!wE`StY!Jd6ZZ^4=hD zxL-CtJlqV(cIp0ltb3jF)UF-z&HW*S*7Y=WV&Th%pbw$~zXA{@9f~NE@ZUbtY8@sS z6<=OygRm#NZ%`GACtX-tfSFrvvP5BA2{p&bqC86#c23ZNtrCk_pA}q_#UvH}ml!Bz zxbk@>PH8;@RaoopIjyvm;x%o5&WxtRbTk^C>?h29xFLi1rb+NUiIcCts$*@curROt z;4aw`vP)YN8(5+zUC?q))f`a4kN+JNM`31O;#aY=WQ0Gd4(I6SJPqPsg-~8Zt)u2$ z-Yg86Fv@Gh0xE>qT@B&NtxoT!A&ff9r};;wM5GF8;3Enaz}G{MocLfyl09(^kB5>X z{*`ER&WiqIS>W6JQ}QLK`{v&sSdP3}GxuTR@f}8^l zzfyF8K1-uWT8vbmRu+AEZv`eo-bFh+DDlRs;~C+)x^VC1;}P7>G0%3H^S>^+rmq2T z#7wZ4h#pHJu7aT~nCGeV?)7UgCE2yit~##D8T;CGfeV$;zdM2N4}aDU>X_9I5-a*1 zDHPiKAEg1C*ro@6u1`K6lsk%rgWsy@@o6QK8V)q4)gAXd{a z0s>MZun`>aRUg9aNC=oE2nv47bFn+N>*s^Dr*+$Im9w}=$ArJCuiPKnCw5ys9-E!f zzaSas&Rj418{r|Xfm|1}{Rf-K``o0mYkw=!KsmZ#$Tnwabg0g5+AM(5@7|Xk>RSG! zo2i9Vimts+&l8odge3M8X7ebEj1L)C-d`$*S=YQRJ!`mN@Ye_WEBEijGexlaYWr)e zT*RZg2t6)9uN3jHP)UZJ2P$%bJ{Yj?0PEb5o|rZ8m#KknNs`A&8dR(sEy=#Yt2Xm-axm|@gWn&Bs989>Xe4sMfN<)bzk#E__fo(v!Rg(`fme=?dkLux&i(R9*GQr6^t9IYS zb8z`J;uUb;qp-%{UyW-075p%xXvU59@WHK^bH~#1dHr$!!>XY+;nCokr;&P)qnA5|Z#q@0&~Zx;@6>-R*PDu`g)IyW zejylJ;`O(e3*UTx602VJmx6l;7t#(DVfmEE<|2;?okiw@vm{D&)%z;tO7P(S1Fq@GTL1t6 diff --git a/img/dev/en-hd-private-parent-to-private-child.svg b/img/dev/en-hd-private-parent-to-private-child.svg index 7c2fa2cc..02e85cc3 100644 --- a/img/dev/en-hd-private-parent-to-private-child.svg +++ b/img/dev/en-hd-private-parent-to-private-child.svg @@ -4,31 +4,23 @@ - - + + extended - -Creation Of Child Extended Private Keys (Key, Chain Code) + +Normal (Top) And Hardened (Bottom) Child Private Key Derivation cluster_hard - -Hardened Private cluster_h_parent_extended_key - cluster_child_extended_key_else - cluster_norm - -Normal Private cluster_n_parent_extended_key - cluster_child_extended_key_norm - h_parent_private_key @@ -97,63 +89,73 @@ n_parent_private_key - -Parent Private Key + +Parent Private Key -child_private_key_norm - -Child Private Key +child_private_key_norm + +Child Private Key -n_parent_private_key->child_private_key_norm - - +n_parent_private_key->child_private_key_norm + + n_parent_chain_code - -Parent Chain Code + +Parent Chain Code -hmac_norm - - - - - -One-Way -Hash +hmac_norm + + + + + +One-Way +Hash n_parent_chain_code->hmac_norm - - + + + + +n_parent_public_key + +Parent Public Key + + +n_parent_public_key->hmac_norm + + -child_chain_code_norm - -Child Chain Code +child_chain_code_norm + +Child Chain Code -hmac_norm->child_private_key_norm - - +hmac_norm->child_private_key_norm + + -hmac_norm->child_chain_code_norm - - +hmac_norm->child_chain_code_norm + + -i_norm - -Index <0x80000000 +i_norm + +Index <0x80000000 -i_norm->hmac_norm - - +i_norm->hmac_norm + +