Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QwFwz-0000bT-69 for bitcoin-development@lists.sourceforge.net; Wed, 24 Aug 2011 16:05:09 +0000 X-ACL-Warn: Received: from mail-ww0-f53.google.com ([74.125.82.53]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1QwFwy-00086X-CI for bitcoin-development@lists.sourceforge.net; Wed, 24 Aug 2011 16:05:09 +0000 Received: by wwf25 with SMTP id 25so1300966wwf.10 for ; Wed, 24 Aug 2011 09:05:02 -0700 (PDT) MIME-Version: 1.0 Received: by 10.227.59.71 with SMTP id k7mr421824wbh.1.1314201902138; Wed, 24 Aug 2011 09:05:02 -0700 (PDT) Sender: mith@jrbobdobbs.org Received: by 10.227.58.207 with HTTP; Wed, 24 Aug 2011 09:05:02 -0700 (PDT) Received: by 10.227.58.207 with HTTP; Wed, 24 Aug 2011 09:05:02 -0700 (PDT) In-Reply-To: References: Date: Wed, 24 Aug 2011 11:05:02 -0500 X-Google-Sender-Auth: Pfp8kulXDYhyj8LNQ6gdjfcl7bA Message-ID: From: Douglas Huff To: Gavin Andresen Content-Type: multipart/alternative; boundary=20cf30025e9a8a43df04ab427992 X-Spam-Score: 0.9 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 AWL AWL: From: address is in the auto white-list X-Headers-End: 1QwFwy-00086X-CI Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] New standard transaction types: time to schedule a blockchain split? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Aug 2011 16:05:09 -0000 --20cf30025e9a8a43df04ab427992 Content-Type: text/plain; charset=ISO-8859-1 On Aug 24, 2011 10:12 AM, "Gavin Andresen" wrote: > > If anybody has some open-source, patent-free, thoroughly-tested code > that already does DSA-key-splitting, speak up please. > If the caveat of a trusted third party is acceptable and, as greg mentioned, if there was a way to export unsigned transactions and then import/broadcast after signing this becomes fairly trivial. Shamir's + 3rd party to combine and sign means no protocol level changes. Process could work something like this: Parties agree to endpoint destination address and provide it to third party. Third party generates key and provides shares to each party in the txn and the resulting address to both as well. Third party destroys (preferably, never stores) private key. Sender sends to address. Both parties after confirmation of reciept of goods or what have you provide shares back to third party who uses the privkey to xfer inputs to the previously agreed upon destination subtracting their fee. This resembles more traditional escrow setups and relies on the trust of a third party, which is not ideal, but would be fairly simple to implement until the other proposals could be better investigated and implemented. --20cf30025e9a8a43df04ab427992 Content-Type: text/html; charset=ISO-8859-1


On Aug 24, 2011 10:12 AM, "Gavin Andresen" <gavinandresen@gmail.com> wrote:
>
> If anybody has some open-source, patent-free, thoroughly-tested code
> that already does DSA-key-splitting, speak up please.
>

If the caveat of a trusted third party is acceptable and, as greg mentioned, if there was a way to export unsigned transactions and then import/broadcast after signing this becomes fairly trivial.

Shamir's + 3rd party to combine and sign means no protocol level changes.

Process could work something like this:

Parties agree to endpoint destination address and provide it to third party.
Third party generates key and provides shares to each party in the txn and the resulting address to both as well.
Third party destroys (preferably, never stores) private key.
Sender sends to address.
Both parties after confirmation of reciept of goods or what have you provide shares back to third party who uses the privkey to xfer inputs to the previously agreed upon destination subtracting their fee.

This resembles more traditional escrow setups and relies on the trust of a third party, which is not ideal, but would be fairly simple to implement until the other proposals could be better investigated and implemented.

--20cf30025e9a8a43df04ab427992--