[bitcoin-dev] BIP-352 Silent Payments addresses should have an expiration time

author: Peter Todd <pete@petertodd.org> 2023-08-04 17:39:03 +0000
committer: bitcoindev <bitcoindev@gnusha.org> 2023-08-04 17:39:11 +0000
commit: 5ebfdae9ff8d69d764a62ac12995256280bf3b47 (patch)
tree: db57253a16476de5e0039253f3602c646ae0f693
parent: 994cbfae6df60fa53d73027e6a85567cd753f630 (diff)
download: pi-bitcoindev-5ebfdae9ff8d69d764a62ac12995256280bf3b47.tar.gz
pi-bitcoindev-5ebfdae9ff8d69d764a62ac12995256280bf3b47.zip
1 files changed, 155 insertions, 0 deletions
diff --git a/6b/4b93933f6ee78135476986d73e8c47166a8de5 b/6b/4b93933f6ee78135476986d73e8c47166a8de5
new file mode 100644
index 000000000..53b1e39e8
--- /dev/null
+++ b/6b/4b93933f6ee78135476986d73e8c47166a8de5
@@ -0,0 +1,155 @@
+Return-Path: <pete@petertodd.org>
+Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])
+ by lists.linuxfoundation.org (Postfix) with ESMTP id 1315EC0032
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri,  4 Aug 2023 17:39:11 +0000 (UTC)
+Received: from localhost (localhost [127.0.0.1])
+ by smtp3.osuosl.org (Postfix) with ESMTP id ED3996109B
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri,  4 Aug 2023 17:39:10 +0000 (UTC)
+DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org ED3996109B
+Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key,
+ unprotected) header.d=messagingengine.com header.i=@messagingengine.com
+ header.a=rsa-sha256 header.s=fm3 header.b=EONdZ48G
+X-Virus-Scanned: amavisd-new at osuosl.org
+X-Spam-Flag: NO
+X-Spam-Score: -0.701
+X-Spam-Level: 
+X-Spam-Status: No, score=-0.701 tagged_above=-999 required=5
+ tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
+ RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001,
+ RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
+ autolearn=ham autolearn_force=no
+Received: from smtp3.osuosl.org ([127.0.0.1])
+ by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id AnfrYp9rfhWW
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri,  4 Aug 2023 17:39:09 +0000 (UTC)
+Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com
+ [66.111.4.28])
+ by smtp3.osuosl.org (Postfix) with ESMTPS id 33C1061371
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri,  4 Aug 2023 17:39:09 +0000 (UTC)
+DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 33C1061371
+Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
+ by mailout.nyi.internal (Postfix) with ESMTP id 244085C0068
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri,  4 Aug 2023 13:39:07 -0400 (EDT)
+Received: from mailfrontend2 ([10.202.2.163])
+ by compute5.internal (MEProxy); Fri, 04 Aug 2023 13:39:07 -0400
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
+ messagingengine.com; h=cc:content-type:content-type:date:date
+ :feedback-id:feedback-id:from:from:in-reply-to:message-id
+ :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy
+ :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=
+ 1691170747; x=1691257147; bh=wov3r/TBgcd0M8Tt/a9rTZaQVjV81RNsbrn
+ 0pbfDzp8=; b=EONdZ48GpbNLKBpPc/WabvW3oOm+OFksOLlDGXRBjZtxT6PSM72
+ rwQ4Ve0Rq2jy2llnVw0FZ5PqMNF65t6eTd+lm5gNCZjLECNARKoEphQcLMGU4Qi6
+ feH84cvJo8ckKWsEg3fX/k8T+vEmv3rOECySoW6t4Mct/4Wai22qPXH7vvB6FIgR
+ FEubNVNVXrCNJcmLIV7JCeTPBY1SoIcZkJy7c4QRenK6dnF69VigRnzqdzBPRTQD
+ LGjwuZ8GAC3pStvenqyan0kBj+JBwcU4139sDQ4a8XmeOE8ud8V9MKJyu0znDRiL
+ xHuQmRV3sVhQiNd5Q+jsVRztbkIMCHVztOA==
+X-ME-Sender: <xms:ujfNZOCAGqUDcP3xueXLIZHJNr_sTKgwef8cxP3Y1lm0FLh949MxSg>
+ <xme:ujfNZIg7iHL1wFG75fySHXvu4DV-LCeqFrAEMB-8-HSuxDd7za2z4GSQyF7_fyVvI
+ lYk69_bcHFaaqRkJ9o>
+X-ME-Received: <xmr:ujfNZBnhPfIVgwWnIFZv5X40yQYx1GOukA4_PVdLXb6-1FQfYsUN-QulMQ>
+X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrkeeggdduudegucetufdoteggodetrfdotf
+ fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
+ uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesghdtreertd
+ dtvdenucfhrhhomheprfgvthgvrhcuvfhougguuceophgvthgvsehpvghtvghrthhouggu
+ rdhorhhgqeenucggtffrrghtthgvrhhnpefhteevgeeuvdekheeivdeffeduuedufefhte
+ elheffgfelueefieffjeefffeuleenucffohhmrghinhepphgvthgvrhhtohguugdrohhr
+ ghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvg
+ htvgesphgvthgvrhhtohguugdrohhrgh
+X-ME-Proxy: <xmx:ujfNZMy5hDJR3597zmnN92dIO6acvLYr2AERl6cvK1QAXxvpNZblFg>
+ <xmx:ujfNZDQoxC3FSP0DBKONY1U983nUdBlYmLBHY9D4UUQvoIfhTEcgSA>
+ <xmx:ujfNZHZyemGZbVGdpPwvprrbFTwu04Ki9BT_scHKKvATk3Ppq2QFlw>
+ <xmx:uzfNZOeHkJO8UcgyZYN0p9XDRSHxi71RVAm5fd1Lyrzsioj2lvRKRw>
+Feedback-ID: i525146e8:Fastmail
+Received: by mail.messagingengine.com (Postfix) with ESMTPA for
+ <bitcoin-dev@lists.linuxfoundation.org>; Fri,
+ 4 Aug 2023 13:39:06 -0400 (EDT)
+Received: by localhost (Postfix, from userid 1000)
+ id 6A6BF5F851; Fri,  4 Aug 2023 17:39:03 +0000 (UTC)
+Date: Fri, 4 Aug 2023 17:39:03 +0000
+From: Peter Todd <pete@petertodd.org>
+To: bitcoin-dev@lists.linuxfoundation.org
+Message-ID: <ZM03twumu88V2NFH@petertodd.org>
+MIME-Version: 1.0
+Content-Type: multipart/signed; micalg=pgp-sha512;
+ protocol="application/pgp-signature"; boundary="SB8PAdHnrhigqCwh"
+Content-Disposition: inline
+Subject: [bitcoin-dev] BIP-352 Silent Payments addresses should have an
+	expiration time
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.15
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Fri, 04 Aug 2023 17:39:11 -0000
+
+
+--SB8PAdHnrhigqCwh
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: inline
+Content-Transfer-Encoding: quoted-printable
+
+tl;dr: Wallets don't last forever. They are often compromised or lost. When
+this happens, the addresses generated from those wallets become a form of t=
+oxic
+data: funds sent to those addresses can be easily lost forever.
+
+All Bitcoin addresses have this problem. But at least existing Bitcoin
+addresses aren't supposed to be reused. Silent Payments are: the whole poin=
+t is
+to have a single address that you can safely pay to multiple times, without
+privacy concerns. Failing to make Silent Payment addresses eventually expir=
+e in
+a reasonable amount of time is thus a particularly harmful mistake.
+
+Fixing this is easy: add a 3 byte field to silent payments addresses, encod=
+ing
+the expiration date in terms of days after some epoch. 2^24 days is 45,000
+years, more than enough. Indeed, 2 bytes is probably fine too: 2^16 days is=
+ 180
+years. We'll be lucky if Bitcoin still exists in 180 years.
+
+Wallets should pick a reasonable default, eg 1 year, for newly created
+addresses. Attempts to pay an expired address should just fail with a simple
+"address expired". Lightning invoices are a good example here: while invoic=
+es
+does not require expiration from a technical point of view, they do expire =
+for
+similar UX reasons as applies to silent payments.
+
+--=20
+https://petertodd.org 'peter'[:-1]@petertodd.org
+
+--SB8PAdHnrhigqCwh
+Content-Type: application/pgp-signature; name="signature.asc"
+
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmTNN7QACgkQLly11TVR
+Lzcqag//XGfqhEuXQMff0t8/BdgkNuOlW0JVbDcbQkoqtlvjtKEQNSvhSCPO6CVk
+8GXc59qBLGe0oz+O5BdRrwnymEGj3bu9cSLm9l9n/t/LPZ4i6/3TIG1t4f5VVvuD
+jmFA/1/tneA7Gv6ZGj1pxbmpZ1XluhrGLRrLi52BPjbXExIIfzoJWjnVvhUSjzvO
+X966+Kj3Y1iIe2BOUfncT/Ig0tViU0JfbGXsLD4skTc7Jn8VrUWvpp55DMy8cRuK
+XtIu660reaFLJVsC67IsvZJdTJR++Jsa4lhIuoCNnRLU50YyVckdUlsoOiZcfI0v
+W5pC28fIcf3CAIjUDJMV3sp7DdEhNH8MTFGngZHuGqNLnj3KRbQ55bBkaUlliKNn
+NRxoLebKLenbGweO7mxT4BMa0K4N3GA/7Pan4HYF4/p7soGjvTO/j8Lh/EqYvoF2
+c4KF0LlHfnnCaHlAflIgar1RsnQ0dBZtA439sDQhKaGc2dkevsztU+gj9PDqNPRv
+eaW6NLwhgbU8VV1iR6qeF11tPe8nfP+fpK0Abz3zYWnsnPttG1OvUVhAWJGxjNrp
+SD+zTi4Q5WSJ9JnFP70Eep4CXtC2qwWSRUxMKCg5jsJtGrhzi3yMRXzYegRweO+A
+mc5dv37uTGnc5Le981X+TbQI77AKxbajXd5jY/irCK59WnoVFOg=
+=2pUB
+-----END PGP SIGNATURE-----
+
+--SB8PAdHnrhigqCwh--
+
author	Peter Todd <pete@petertodd.org>	2023-08-04 17:39:03 +0000
committer	bitcoindev <bitcoindev@gnusha.org>	2023-08-04 17:39:11 +0000
commit	5ebfdae9ff8d69d764a62ac12995256280bf3b47 (patch)
tree	db57253a16476de5e0039253f3602c646ae0f693
parent	994cbfae6df60fa53d73027e6a85567cd753f630 (diff)
download	pi-bitcoindev-5ebfdae9ff8d69d764a62ac12995256280bf3b47.tar.gz pi-bitcoindev-5ebfdae9ff8d69d764a62ac12995256280bf3b47.zip