If one of your private keys were compromised, then whoever has that private key will be able to figure out the rest of your private keys. All they have to do is go a few billion keys +/- of the one they have and they can get all of the private keys that you will ever use.
BIP32 derivation is vastly superior. In order to figure out all of your private keys, an attacker would need to know the master private key and the derivation paths. This means that if one of your private keys were compromised, your whole wallet isn't compromised. It is far easier to protect one key than it is to protect billions of keys.
OK, we know the risks of getting stolen are higher. But I still believe the benefits outweighs the risks, just be careful. But are there any technical risks?
BIP32 seems too complicated, I am looking for something I can calculate in mind without effort. Then can easily obtained by hand, without additional code I may not have access to, and still secure (i.e. not technically exploitable).
What if we change the way its range is obtained to a less obvious one, like this. The good thing is that we can set our own simple customized rules:
Random key:
0x72401339D3318F8FA1707C21447D220ED03D1086E1D0388F976C8DE223619C77
Random mask:
0xFFFF00FFFFFFFF00FFFFFFFFFFFFFFFF00FFFFFFFFFFFFFFFFFF00FFFFFFFFFF
In this case, valid range would be:
0x72400039D3318F00A1707C21447D220E003D1086E1D0388F976C00E223619C77 - 7240FF39D3318FFFA1707C21447D220EFF3D1086E1D0388F976CFFE223619C77
Not sure if one would even bother try the same thing you did with the other to figure out near keys, that is
in case any of my keys are stolen.
Or we can try more tricky things, yet without loosing simplicity and portability (i.e. can be write down in a piece of paper, easily remembered, easy to execute).
Thank you for reading!