Many of you are asking if BlueWallet tracks or leaks xpubs, specially on the watch-only wallets.
Short answer: No.
In-depth answer π
A xpub, stands for "extended public key". Is the the key that generates all your addresses, thus one can get all your wallet data, past transactions and future transactions.
Even though it stands for "extended public key". This key should remain private and never be shared.
1/n
When we started the project, we were relying on public APIs (blcokchair,blockhaininfo) to get his data through the xpub.
This allowed us to focus on the UX we wanted to create, without thinking much about the backend.
2/n
Once we saw that there were some crazy of you actually using it, we started to work on our own backend to mitigate this privacy leak. And eventually this work was finished and released to the public around May/June of 2019.
3/n
This backend is based on the battle tested Electrum Server.
Today we even allow you to connect to your own node with support for all Electrum Server implementations. ElectrumX, Electrs and Electrum Personal Server.
4/n
Electrum Server has a privacy preserving approach architecture. It does not rely on xpubs to get the data. It uses a scripthash of addresses (encrypted addresses). In a typical request-response fashion.
In simpler terms -> "Yo Electrum! Does this address has a balance?"
5/n
For a technical reference, here is the documentation
electrumx-spesmilo.readthedocs.io/en/latest/protβ¦
6/n
To sum it up.
There was a time we were leaking xpubs. Nowadays none of our supported Bitcoin wallets leaks xpubs to 3rd parties nor our backend server is tracking xpubs to retrieve data.
Keep building! π
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.