i wonder if another reason to avoid exporting Armory linear deterministic privkeys is if you reveal that privkey on your phone along with perhaps the master public key, can ALL your privkeys be determined similar to how it can be done with an xpub+childprivkey in HD wallets?
molecular would probably know.
if SINGLE privkey is compromised from linear chain then ALL privkeys can be computed in same chain.
Are you sure? A type 1 wallet is the simplest and weakest, and even in this one knowing the private key of one address provides zero knowledge of other addresses, that is unless SHA256 is broken.
https://en.bitcoin.it/wiki/Deterministic_walletIn this simple type you take (string + n) and then put that through SHA256 to get a priv key. Then increment n for each additional key. Knowing the priv key of one address provides zero knowledge of either the root string or increment n, these are the pieces of information needed to generate new keys. And this is for a Type 1, Type 2 which both BIP0032 and Armory are a form of is more secure.
The linear aspect does not mean a sequential set of priv key values. Instead the linear aspect is run through a non-reversible algorithm to generate the priv key, which protects the seed.
I think the advantage of type 2 HD wallets is you can generate a chain of both private and public keys.
This enables you to create watching only wallets (which aren't possible with type 1). Here you can take "HD seed" -> generate "public seed" -> then generate "chain of public addresses", this has obvious benefits.
Ok, you are right. => If I can generate watching only wallets(I know all public keys) and I know 1 private key in this chain then I think I can compute all privkeys in this chain.
edit: or maybe I'm wrong.