1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mith@jrbobdobbs.org>) id 1QwLvD-0005e7-NM
for bitcoin-development@lists.sourceforge.net;
Wed, 24 Aug 2011 22:27:43 +0000
X-ACL-Warn:
Received: from mail-iy0-f171.google.com ([209.85.210.171])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-MD5:128)
(Exim 4.76) id 1QwLvC-0003zU-O6
for bitcoin-development@lists.sourceforge.net;
Wed, 24 Aug 2011 22:27:43 +0000
Received: by mail-iy0-f171.google.com with SMTP id 13so3042842iyf.30
for <bitcoin-development@lists.sourceforge.net>;
Wed, 24 Aug 2011 15:27:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.231.251.214 with SMTP id mt22mr11284091ibb.9.1314224862608;
Wed, 24 Aug 2011 15:27:42 -0700 (PDT)
Sender: mith@jrbobdobbs.org
Received: by 10.42.167.10 with HTTP; Wed, 24 Aug 2011 15:27:42 -0700 (PDT)
Received: by 10.42.167.10 with HTTP; Wed, 24 Aug 2011 15:27:42 -0700 (PDT)
In-Reply-To: <CAAS2fgSwkvcpFTUAAEdXg2upGTXfToztS_bKfUNbUGcvRJ9xOQ@mail.gmail.com>
References: <CABsx9T1uw43JuvhEmJP0KCyojsDi1r7v6BaLBHz7wWazduE5iw@mail.gmail.com>
<CALxbBHXAcRse9YE-evKNmDut684vjkUMHkbx+8E+aTNT5wMg5A@mail.gmail.com>
<CAAS2fgSwkvcpFTUAAEdXg2upGTXfToztS_bKfUNbUGcvRJ9xOQ@mail.gmail.com>
Date: Wed, 24 Aug 2011 17:27:42 -0500
X-Google-Sender-Auth: wbNbFJW1wsQVHJFv0naUF60LE6I
Message-ID: <CAPiTikUY+7c8gPxPf-mvUQgFh-G1xEy0Mo_5rf1NAObf15keTw@mail.gmail.com>
From: Douglas Huff <dhuff@jrbobdobbs.org>
To: Gregory Maxwell <gmaxwell@gmail.com>
Content-Type: multipart/alternative; boundary=0015175cab96173be304ab47d247
X-Spam-Score: 1.0 (+)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
1.0 HTML_MESSAGE BODY: HTML included in message
X-Headers-End: 1QwLvC-0003zU-O6
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] New standard transaction types: time to
schedule a blockchain split?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 22:27:43 -0000
--0015175cab96173be304ab47d247
Content-Type: text/plain; charset=ISO-8859-1
On Aug 24, 2011 3:29 PM, "Gregory Maxwell" <gmaxwell@gmail.com> wrote:
>
> On Wed, Aug 24, 2011 at 3:05 PM, Christian Decker
> <decker.christian@gmail.com> wrote:
> > we could add an rsa-like scheme which allows m-out-of-n signatures. It
works
> > by distributing shares of the key which are points on a curve having the
> > actual key as 0-value. It does not require special length for the key so
if
> > ecdsa allows something similar there need not be anything changed.
>
> This works fine for ECC. But it requires that the composite key
> signer has simultaneous access to all the key-parts, so it doesn't
> solve the "my PC has malware" problem.
I don't think anything simple enough to actually be used by people in
general does. Same concept as what I proposed earlier before nanotube gave
me the context for Gavin's intent on irc.
Now that I'm understanding the use case I really think the best way to go
about this initially is like you said earlier.
Provide methods to export/import unsigned txns, provide methods to run the
GUI in a way that can track your own addresses with only pubkeys available
to the client, provide methods to sign and import/export/broadcast signed
txns.
With these tools offline wallets become feasible. Combined with wallet
crypto I think this is really the best that can be done to protect users
from themselves in a way that isn't too complicated for them to actually
use.
--0015175cab96173be304ab47d247
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<p><br>
On Aug 24, 2011 3:29 PM, "Gregory Maxwell" <<a href=3D"mailto:=
gmaxwell@gmail.com">gmaxwell@gmail.com</a>> wrote:<br>
><br>
> On Wed, Aug 24, 2011 at 3:05 PM, Christian Decker<br>
> <<a href=3D"mailto:decker.christian@gmail.com">decker.christian@gma=
il.com</a>> wrote:<br>
> > we could add an rsa-like scheme which allows m-out-of-n signature=
s. It works<br>
> > by distributing shares of the key which are points on a curve hav=
ing the<br>
> > actual key as 0-value. It does not require special length for the=
key so if<br>
> > ecdsa allows something similar there need not be anything changed=
.<br>
><br>
> This works fine for ECC. =A0But it requires that the composite key<br>
> signer has simultaneous access to all the key-parts, so it doesn't=
<br>
> solve the "my PC has malware" problem.</p>
<p> I don't think anything simple enough to actually be used by people =
in general does. Same concept as what I proposed earlier before nanotube ga=
ve me the context for Gavin's intent on irc.</p>
<p>Now that I'm understanding the use case I really think the best way =
to go about this initially is like you said earlier.</p>
<p>Provide methods to export/import unsigned txns, provide methods to run t=
he GUI in a way that can track your own addresses with only pubkeys availab=
le to the client, provide methods to sign and import/export/broadcast signe=
d txns.</p>
<p>With these tools offline wallets become feasible. Combined with wallet c=
rypto I think this is really the best that can be done to protect users fro=
m themselves in a way that isn't too complicated for them to actually u=
se.</p>
--0015175cab96173be304ab47d247--
|