Youngsters created by these wallets will not be hardened
They’re m/44'|49'|84'/0'/0' for trezor one/T and m/49'|84'/0'/0' for ledger X/S. All subsequent kids aren’t hardened.
If an xpub is leaked for a mnemonic phrase + passphrase, if in case you have
any of the youngsters’s personal keys, you’ll be able to compromise your complete
pockets linked to the xpub and all different kids, hardened or
non-hardened BUT the attacker won’t be able to compromise another
meomonic phrase + paassphrase you’ve got because it has a unique xpub, and
in the end completely different kids
That is the reason from bip32: “data of a guardian prolonged public key plus any non-hardened personal key descending from it’s equal to figuring out the guardian prolonged personal key (and thus each personal and public key descending from it). Which means that prolonged public keys should be handled extra rigorously than common public keys.”
I need to know the way it’s even potential to leak a childs personal key on
a trezor or a ledger as not one of the outputs are capable of leak these
Personal keys ought to by no means depart {hardware} wallets with none extraordinary trigger. Often, solely the grasp seed is transferable as a risk from a {hardware} pockets system. And there will not be many causes to take action. If an attacker is ready to backdoor your system and steal keys, the very fact of sharing xpubs can be irrelevant.
