[ad_1]
The fingerprint (usually together with the full derivation path for that key, which gives the full key origin information) only helps to identify the origin of a certain key. It does not affect the resulting addresses, however:
- software wallets use to identify which signing devices should be plugged in order to sign with a specific key; they also use it to correctly fill the various PSBT fields, which require the key origin information.
- signing devices can then use the information in the PSBT in order to identify what keys in the descriptor are internal, and what are the derivation paths of the private keys they need to derive and sign with.
Without the key origin information in the PSBT, signing devices would have no idea what keys are their own, what keys belong to cosigners, and what derivation paths to sign with.
Note that storing that information as part of your backup is not optional: even if you own the seed (root key) from which a certain xpub is derived, there is no guaranteed way to be able to deduce the derivation path for that xpub – which is necessary in order to be able to spend it. The only option is brute-forcing all the possible paths, which in general is not guaranteed to be successful, or even feasible.
It is of course safe to strip the key origin information from the descriptor before sending it to a third party that only needs to use it in order to generate addresses, like a watch-only wallet.
[ad_2]
Source link
Leave a Reply