Youngsters created by these wallets will not be hardened
They’re m/44'|49'|84'/0'/0' for trezor one/T and m/49'|84'/0'/0' for ledger X/S. All subsequent kids aren’t hardened.
If an xpub is leaked for a mnemonic phrase + passphrase, if in case you have
any of the kids’s personal keys, you possibly can compromise all the
pockets linked to the xpub and all different kids, hardened or
non-hardened BUT the attacker will be unable to compromise every other
meomonic phrase + paassphrase you’ve because it has a unique xpub, and
in the end totally different kids
That is the reason from bip32: “information of a mother or father prolonged public key plus any non-hardened personal key descending from it’s equal to figuring out the mother or father prolonged personal key (and thus each personal and public key descending from it). Which means that prolonged public keys have to be handled extra rigorously than common public keys.”
I wish to know the way it’s even doable to leak a childs personal key on
a trezor or a ledger as not one of the outputs are in a position to leak these
Non-public keys ought to by no means go away {hardware} wallets with none extraordinary trigger. Normally, solely the grasp seed is transferable as a risk from a {hardware} pockets gadget. And there will not be many causes to take action. If an attacker is ready to backdoor your gadget and steal keys, the actual fact of sharing xpubs could be irrelevant.
