multi signature – What are the privateness implications of unveiling one xpub in a multisig setup?

What info can a 3rd celebration derive a few multisig pockets if one of many xpubs within the setup is understood? For instance, for a 2-of-3 setup, I do know 3 of the xpubs are wanted to generate pockets addresses, which initially led me to suppose that revealing 1 (or 2) xpubs wouldn’t reveal any details about the pockets. Nonetheless from poking round on the block explorer I now suppose the scenario is extra like the next, which I want to affirm:

1. Every xpub is used to derive a sequence of public keys that are used within the spending script. These public keys are revealed at spending time, so whereas the complete set of pockets addresses/UTXOs can’t be generated from one xpub, somebody who is aware of one xpub may discover transactions on the blockchain that spent from the multisig pockets. (This may very well be related for e.g. a collaborative custody setup akin to Unchained if an xpub that’s shared with them can be utilized in a separate non-public pockets setup).
2. Equally, utilizing the identical xpub in a number of multisig wallets setups looks like a foul privateness observe as transactions from the totally different wallets may doubtlessly be linked collectively – particularly transactions spending from the identical tackle index in every. e.g. if one setup makes use of xpub1, xpub2, xpub3 and the opposite xpub1, xpub4, xpub5, then the spending script for tackle index ok within the two wallets will include one thing like (pubkey1k, pubkey2k, pubkey3k) and (pubkey1k, pubkey4k, pubkey5k) – so they’re linked by having the identical pubkey1k in every.
3. The answer to avoiding the above points can be to make use of totally different derivation paths, which might generate totally different xpubs from the identical non-public key, e.g. utilizing totally different account numbers within the derivation path for a personal vs. collaborative custody setup. (For that reason, revealing a multisig xpub wouldn’t reveal data about single sig pockets and vice versa).

Can somebody with extra data about how these setups work and what data is definitely revealed on the blockchain assist test/right my understanding right here?