Clear DefinitionsChild Key (HD Wallet)
2 min read
Pronunciation
[chahyld kee]
Analogy
Think of child keys as branches growing from a larger branch on a tree. Each child key sprouts from a specific parent branch, inheriting certain characteristics while developing its own unique properties. Just as you can identify which branch a leaf grew from by following its path back to the trunk, each child key has a specific path linking it back to the master key (the trunk). And just as cutting off one branch doesn't affect the others, compromising one child key (in certain implementations) doesn't endanger the rest of the tree.
Definition
A cryptographic private key mathematically derived from a parent key in a hierarchical deterministic (HD) wallet structure. Child keys maintain a defined relationship with their parent key, allowing complex organizational structures while enabling all keys to be recovered from a single seed through deterministic derivation.
Key Points Intro
Child keys provide powerful organizational capabilities within hierarchical wallet structures.
Key Points
Derived security: Generated through cryptographic functions that use the parent key, chain code, and an index number as inputs.
Path identification: Each child key has a specific derivation path (like m/0/1) indicating its position in the hierarchy.
Functional separation: Allows wallets to create distinct key branches for different purposes, cryptocurrencies, or security domains.
Selective sharing: Extended public keys enable generating child public keys without revealing the ability to create the corresponding private keys.
Example
Sarah uses an HD wallet for her cryptocurrency holdings. For her business, she uses child keys derived from the path m/44'/0'/0' for Bitcoin transactions. When a client pays her, the wallet automatically generates a new child key with path m/44'/0'/0'/0/42 (the 43rd receiving address for her Bitcoin business account). Meanwhile, her personal Bitcoin transactions use a completely different branch starting with m/44'/0'/1', keeping her business and personal finances organized but recoverable from the same seed phrase.
Technical Deep Dive
Child key derivation follows the specifications in BIP-32. Starting with a parent private key and chain code, the process applies HMAC-SHA512 using the chain code as the key and a message constructed from the parent key and an index number. The resulting 512-bit output is split into two 256-bit halves: the first becomes the child private key (after addition to the parent private key modulo the curve order), and the second becomes the child's chain code. The index can be normal (0-231-1) or hardened (231-232-1, often denoted with a prime symbol). Hardened derivation prevents parent compromise from a child breach, as it incorporates the parent private key rather than public key in the derivation function. Public derivation allows creating child public keys directly from parent public keys, but only for normal (non-hardened) indices. The complete serialized format for extended keys includes version bytes, depth, parent fingerprint, child number, chain code, and the key itself, typically encoded in Base58Check.
Security Warning
If a malicious actor obtains both a child private key and the parent's extended public key, they may be able to derive all non-hardened siblings of that child key. For this reason, extended public keys should be treated with care, especially for high-value accounts. Always use hardened derivation (indices 231 or greater) for the first level of children from your master key to prevent potential master key compromise.
Caveat
While child keys provide organizational benefits, they increase complexity and can lead to recovery problems if non-standard derivation paths are used without documentation. Different wallet implementations may use different default paths, potentially making cross-wallet recovery challenging. Additionally, the theoretical security boundaries between keys may give users a false sense of compartmentalization, as most compromises occur at the device or seed level, bypassing the cryptographic separation between child keys completely.
Child Key (HD Wallet) - Related Articles
No related articles for this term.