[Feature Request]Export WIF private keys from addresses

[jonjonez]

I haven't found this possibility within the Sparrow app, is it within the roadmap in implementing it?

I know that only the BIP39 seed has access to all the data necessary to create and restore the wallet, however, at some point the user will need to have access to a single key from a public address, and if he wants to do this, he you will have to jump from app to app to get where you want, like having to enter iancoleman html.

It would be easier, more practical and safer if you had it all in one app.

[pycanis]

Just asked the same thing on reddit today!

[craigraw]

I know that only the BIP39 seed has access to all the data necessary to create and restore the wallet, however, at some point the user will need to have access to a single key from a public address

It's not clear to me what the use case for this requirement is.

Exposing private keys in any fashion introduces another attack vector for scammers to exploit. A lot of user education has gone into explaining that BIP39 seed words should not be shared - much less so for formats like WIF, which are difficult to identify for the average user.

In addition, the use of HD wallets has replaced the use of single key wallets, which commonly lead to address reuse. The WIF format is part of this legacy wallet approach, and adding this functionality would serve to encourage use of the old approach we are trying to leave behind.

For both of these arguments to be overcome, strong substantiation would be needed.

[pycanis]

I'm learning to build a raw transaction and having the ability to export a private key of a single address would be helpful. Other than that I completely agree with your reasoning - it doesn't make sense for a regular user.

[craigraw]

I appreciate this use case, but I think I must unfortunately err on the side of security with this tradeoff.

[BeniSchlattmann]

Hey @craigraw
What about making it an option in settings to activate this option (exporting private keys) and warning the User about potential abuse cases?

We really need this feature. I'm also willing to pay something for the implementation...
When I joined your Telegram Group to ask about this feature I even got approached by multiple scammers claiming they have a new Update ready adding this Feature to the Sparrow Wallet.

[craigraw]

We really need this feature.

Who is we? I saw the discussion on Telegram, and it was not convincing. Let's move forward from single key wallets.

[pycanis]

There's another use case for this feature. When selling bitcoin in public places p2p, it's tedious operating with hardware wallet when there's a person sitting in front of you. Not to mention the risk of losing the whole wallet in case of some unexpected situation.

The ability to pre-select a single UTXO and take its private key to the meeting would be extremely helpful. You'd be able to operate with a single UTXO on a hot wallet basis, simplifying the p2p transaction process significantly and risking only that specific UTXO in a catastrophic scenario.

If this feature had to be enabled in settings under a warning, I don't really see much harm it could do to a regular user. And the advanced one would appreciate it.

[craigraw]

risking only that specific UTXO in a catastrophic scenario

There is another risk - if the attacker knows the xpub at the derivation path of the parent (e.g. m/84'/0'/0'/0) all of the private keys for the receive or change chain can be derived.