Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <ematiu@gmail.com>) id 1YWWAg-0006l7-Hd
	for bitcoin-development@lists.sourceforge.net;
	Fri, 13 Mar 2015 20:27:02 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.223.173 as permitted sender)
	client-ip=209.85.223.173; envelope-from=ematiu@gmail.com;
	helo=mail-ie0-f173.google.com; 
Received: from mail-ie0-f173.google.com ([209.85.223.173])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1YWWAf-0003l8-Ff
	for bitcoin-development@lists.sourceforge.net;
	Fri, 13 Mar 2015 20:27:02 +0000
Received: by iegc3 with SMTP id c3so128116794ieg.3
	for <bitcoin-development@lists.sourceforge.net>;
	Fri, 13 Mar 2015 13:26:55 -0700 (PDT)
X-Received: by 10.107.8.215 with SMTP id h84mr62364641ioi.89.1426278413304;
	Fri, 13 Mar 2015 13:26:53 -0700 (PDT)
MIME-Version: 1.0
Sender: ematiu@gmail.com
Received: by 10.50.33.74 with HTTP; Fri, 13 Mar 2015 13:26:32 -0700 (PDT)
In-Reply-To: <CANEZrP1a_hqkZSfnWbfzJj2Y7Z0yptUOuH5iFG=CB5hwjWG3Ew@mail.gmail.com>
References: <CA+vKqYfG=SoNAgTeD0C_Q7F2p6MWdWE90u7728g9s3=nkmNi4w@mail.gmail.com>
	<CANEZrP0t0oXGz6uXaLrGHFKUeRNFBC_MKr7x3uTH3WPkTbe5tQ@mail.gmail.com>
	<CA+vKqYfNLvuQH2CEcgvJqPPOYg=1M6=1sTPm65xec7vdzTgP_A@mail.gmail.com>
	<CANEZrP1a_hqkZSfnWbfzJj2Y7Z0yptUOuH5iFG=CB5hwjWG3Ew@mail.gmail.com>
From: Matias Alejo Garcia <matias@bitpay.com>
Date: Fri, 13 Mar 2015 17:26:32 -0300
X-Google-Sender-Auth: Cq82OhoMzQyzia45kZE-tQ69wDI
Message-ID: <CA+vKqYeafvwJkwWfiMTZDhO_7nxbdLFRppptZRbRoeBJP8O9qg@mail.gmail.com>
To: Mike Hearn <mike@plan99.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.4 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(ematiu[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
	0.2 AWL AWL: Adjusted score from AWL reputation of From: address
X-Headers-End: 1YWWAf-0003l8-Ff
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP32 Index Randomisation
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 13 Mar 2015 20:27:02 -0000

> It sounds like the main issue is this is a web wallet server of some kind=
.
> If the clients were SPV then they'd be checking their own balances and
> downloading their own tx history, which would mean the coordination tasks
> could be done by storing encrypted blobs on the server rather than the
> server itself having insight into what's going on (see: Subspace).

You are killing us Mike! :) We really don't like to think that BWS is
a webwallet. Note
that private keys are not stored (not even encrypted) at the server. Addres=
ses
can be generated offline, funds received and transferred by the peers
without accessing
BWS.

Currently Copay uses the encrypted blob idea (checks balances and tx
history thought Insight), but after working with Copay for ~6 months
we think having some visibility of the wallet by the multisig
facilitator will make the user experience much better (e.g: mobile
notifications).

Thanks for the Subspace reference, we will definitely check it.

> So whilst you might be able to use some scheme to avoid the server knowin=
g
> the xpubkey, if the server still knows all addresses and all transactions
> because the clients are web wallets ..... is there any point? It seems li=
ke
> maybe going from server knows everything to server knows 95% of everythin=
g:
> maybe not worth the engineering cost.

Interesting point. IMO, if we can prevent the server from having the xpubs =
keys
it would be valuable: It will give us more flexibility for future
features, and if the server is compromised future addresses will not
be known by the attacker, but of course we need to evaluate the cost.

mat=C3=ADas


>
> -------------------------------------------------------------------------=
-----
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub fo=
r
> all
> things parallel software development, from weekly thought leadership blog=
s
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>



--=20
BitPay.com