Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YbFPD-0007nC-JN for bitcoin-development@lists.sourceforge.net; Thu, 26 Mar 2015 21:33:35 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.101 as permitted sender) client-ip=62.13.148.101; envelope-from=pete@petertodd.org; helo=outmail148101.authsmtp.com; Received: from outmail148101.authsmtp.com ([62.13.148.101]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1YbFPC-0006VW-2U for bitcoin-development@lists.sourceforge.net; Thu, 26 Mar 2015 21:33:35 +0000 Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237]) by punt18.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t2QLXQO9069183; Thu, 26 Mar 2015 21:33:26 GMT Received: from muck ([50.58.157.74]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t2QLXLGA037128 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Thu, 26 Mar 2015 21:33:24 GMT Date: Thu, 26 Mar 2015 14:33:15 -0700 From: Peter Todd To: Tom Harding Message-ID: <20150326213315.GA9362@muck> References: <55121611.1030104@thinlink.com> <551301F0.9020806@thinlink.com> <55146E2C.9020105@thinlink.com> <551479A3.9010104@thinlink.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline In-Reply-To: <551479A3.9010104@thinlink.com> X-Server-Quench: bbf0c29d-d3ff-11e4-9f74-002590a135d3 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdAQUFVQGAgsB AmMbWVVeU157W2Y7 bgpPaA1DY09JQQJu T01BRU1TWkFqYGBp emlvUhp1dgdONn90 ZU9kECIJCkQpd08p XxpXQzsbZGY1bH0W BkdcagNUcgZDfk5E aVUrVz1vNG8XDQg5 AwQ0PjZ0MThBJSBS WgQAK04nCW8HEiQx XAtKMCU3HFcMWyQ0 KVQ6LRYkBksPP0Mu eWEsREkVWwA8 X-Authentic-SMTP: 61633532353630.1024:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 50.58.157.74/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1YbFPC-0006VW-2U Cc: Bitcoin Development Subject: Re: [Bitcoin-development] Address Expiration to Prevent Reuse X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Mar 2015 21:33:35 -0000 --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 26, 2015 at 02:26:59PM -0700, Tom Harding wrote: > On 3/26/2015 1:42 PM, Gregory Maxwell wrote: > > Which is why a simpler, safer, client enforced behavior is probably > > preferable. Someone who wants to go hack their client to make a > > payment that isn't according to the payee will have to live with the > > results, esp. as we can't prevent that in a strong sense. >=20 > I should have been clearer that the motivation for address expiration is= =20 > to reduce the rate of increase of the massive pile of bitcoin addresses= =20 > out there which have to be monitored forever for future payments. It=20 > could make a significant dent if something like this worked, and were=20 > used by default someday. Again, along the lines of what Gregory Maxwell is saying, if the payment instructions you have given to the sender say "don't make funds spendable with scriptPubKey after this date" why are you scanning those "old" bitcoin addresses for future payments? That makes no more sense than taking your p2pkh addresses and scanning for the same scriptPubKey embedded within a p2sh address - you haven't told anyone to pay you via that method so why expect anyone to do so? > Address expiration is not an enhancement to the payment experience and=20 > it doesn't stop sender from doing something weird. Hacking a new=20 > address for the recipient would be just as weird as hacking their client= =20 > IMHO. The sender is free to bury their Bitcoins in a safe in your neighbors front yard; you have no reason to accept such silly behavior as payment and every reason to ignore it. --=20 'peter'[:-1]@petertodd.org 00000000000000000b48023e9c98038c50b9a2044975bbdf9f43313400a156b6 --7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGrBAEBCACVBQJVFHsYXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDAwNzdiMzRkNzM1NjY3OGM5MzM5NWNkYzhiZTUwZGI2NjE1 YWMwZjQ5OWUzYzZiMGQvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQwIXyHOf0udwxcgf7BJTE0caV/nmI2ArR9gf2m3KO 9Ts/X3iXX+PaJiQm/FaqxsLd8gl+2FhNvN/AYOC/kqrYl0GLCnWDHHdzofyjhb7u 1TwA0kNzGQWItAgqzX/aK7r7PNSUfDDN6PReB4MElP/XmVYQrHBD1pMnYeiwDfOz W0ravffV2NDdXtgclJsPy+qHWIbXsLzv4Ss3H5O8JRiYzRMKmFz9uw2USikOL9on 38bwvSppBsjKAT7nrrnP8iBc/VJ+2qPSAUUDzSvtaMJZoLEqB6Rf55RAGycXtDus gfidXeKejfUTckyqIn3qDMENKSiBGJfSPOuoiRLS1vb+cu1jxAkGZIXZpPC2qw== =MXIX -----END PGP SIGNATURE----- --7JfCtLOvnd9MIVvH--