Cesium - Do I need to make a new secret identifier and password for each new public key?

In other cryptocurrencies, one wallet has a secret phrase (seed) and a password. From then on, it’s trivial to make new public keys. It didn’t seem like I was doing something right when I made a simple wallet and filled out a new phrase/password pair.

Are you talking about hierarchical derived wallets (HD wallets) ?

We generate a public key from a private key, and a private key from scrypt credentials. (but scrypt is not part of the protocol so it’s optional)

However we could implement a sort of derived wallets in clients (for example by appending a password or another identifier to the private key and then hashing it to form a new private key).

Are you talking about hierarchical derived wallets (HD wallets) ?

I’m not familiar with the exact terminology but that does seem to describe what I was using in other wallet clients. Often, making a new address involves clicking a button. With Cesium/G1, I’d have to generate another phrase and password (and save that information safely). So it seems more cumbersome than I am accustomed to.

I don’t know how it works in the other cryptocurrencies, but we could also generate this password/id randomly and store it in the client config.

Example:
Main wallet private key = 0x80...5f (64 bytes, truncated for clarity)
Derived wallet id = 0x01 (0x02 for the next wallet, and so on, or a random seed if you prefer)
Derived wallet seed = sha256(0x80...5f01) (or any other 32B hash function) (the private key is given by hashing this seed)

This thread should be continued in the technical forum… (there already exist at least one thread about this topic)

Yes, that’s exactly right, most other crypto’s use HD wallets to generate ads at will.

You shouldn’t do that. Because if one key is compromised then they are all compromised! The HD wallets were precisely invented so that the compromise of a derived key does not make it possible to go back to find the other keys.