1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
Return-Path: <alicexbt@protonmail.com>
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
by lists.linuxfoundation.org (Postfix) with ESMTP id EA20CC002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 12 Oct 2022 09:04:46 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp4.osuosl.org (Postfix) with ESMTP id B6B69417F7
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 12 Oct 2022 09:04:46 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org B6B69417F7
Authentication-Results: smtp4.osuosl.org;
dkim=pass (2048-bit key) header.d=protonmail.com header.i=@protonmail.com
header.a=rsa-sha256 header.s=protonmail3 header.b=SejR7d//
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp4.osuosl.org ([127.0.0.1])
by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id QWxwwLZZfbNn
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 12 Oct 2022 09:04:45 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 4CAF6417E0
Received: from mail-40135.protonmail.ch (mail-40135.protonmail.ch
[185.70.40.135])
by smtp4.osuosl.org (Postfix) with ESMTPS id 4CAF6417E0
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 12 Oct 2022 09:04:45 +0000 (UTC)
Date: Wed, 12 Oct 2022 09:04:35 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
s=protonmail3; t=1665565483; x=1665824683;
bh=wsG9b+GevHxMfQOXLNS4S8Zjku//UFCE1QWOVvKKieg=;
h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
Message-ID;
b=SejR7d//H3qBXnUulUpsPDI/QbFF6bCeV4OqdGYeMHHGaXYV2WT4sNdJYiM5LrWIZ
BkjgJUclOTg9ZX2bfybB8uahcVdD5jz93cJpMDWqPgolQEm60unu70loEVajFPf7n4
aJuO6moEpisEPUao1TtOQWFvrhIAjATTA9F24XQKEe7Nt0T57Qx0gYHzuU8B1AJXvp
r9aWtSnG04D0q0K5s+oGjd3sp/7WRGlZItscLQklAjRx/PR75rxRUdIPC/lcr9CTnf
qJAm8DFIPiyzUV1Qp7FLXThAnd0lYEq5h8MPDKIPMGMi9Y8HFuSMf6kcc3LtwAGXzh
c/VTEZVjSmUOw==
To: woltx <woltx@protonmail.com>
From: alicexbt <alicexbt@protonmail.com>
Message-ID: <XxDzawKpNd-w31EPhjsQhW2VIjUOOAixK2X9RvZAB-Z-uFnasDCyLc5GlJ1HptXsuIggz7ee4tKMSxRsqMj8eoZUPgKuRFNqlejjObn43-4=@protonmail.com>
In-Reply-To: <P_21MLHGJicZ-hkbC4DGu86c5BtNKiH8spY4TOw5FJsfimdi_6VyHzU_y-s1mZsOcC2FA3EW_6w6W5qfV9dRK_7AvTAxDlwVfU-yhWZPEuo=@protonmail.com>
References: <P_21MLHGJicZ-hkbC4DGu86c5BtNKiH8spY4TOw5FJsfimdi_6VyHzU_y-s1mZsOcC2FA3EW_6w6W5qfV9dRK_7AvTAxDlwVfU-yhWZPEuo=@protonmail.com>
Feedback-ID: 40602938:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Wed, 12 Oct 2022 11:41:32 +0000
Cc: "bitcoin-dev@lists.linuxfoundation.org"
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Silent Payment v4 (coinjoin support added)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2022 09:04:47 -0000
Hi=C2=A0woltx,
Thanks for working on silent payments improving it in each version.
1) All inputs being used sounds good although I do not understand how it wo=
uld benefit coinjoin.
2) New RPC command name is better.
> I opened a new PR (#1143) to add a function to convert from x-only to com=
pressed public key with even y.=20
Not sure about the concerns expressed by Andrew Poelstra in the pull reques=
t related to rogue-key attacks.
> Tutorial updated: https://gist.github.com/w0xlt/c81277ae8677b6c0d3dd07389=
3210875
> "warnings": "This address is not a new identity. It is a re-use of an exi=
sting identity with a different label."
I could not understand the warning in the output for `getsilentaddress` RPC=
when used with a label.
/dev/fd0
Sent with Proton Mail secure email.
------- Original Message -------
On Tuesday, October 11th, 2022 at 12:32 PM, woltx via bitcoin-dev <bitcoin-=
dev@lists.linuxfoundation.org> wrote:
> Silent Payment v4 (coinjoin support added)
> Changes:
>=20
> . Silent payments now use all inputs to create transactions. Previously, =
they only used the first input. This change increases privacy and makes sil=
ent payments compatible with coinjoin.
>=20
> . `getspaddress` RPC renamed to `getsilentaddress` for clarity
>=20
> . Added support for silent payment in PSBT via `walletcreatefundedpsbt` R=
PC.
>=20
> . Added a new index scheme (which stores the sum of input public keys for=
each transaction). The previous index `bitcoin/signet/indexes/silentpaymen=
tindex` should be removed as it is no longer compatible with this new versi=
on.
>=20
> For reviewers:
>=20
> Now, silent payments use the scheme `hash(i1*X + i2*X + i3*X + ...)*G + X=
=3D=3D hash(x*(I1+I2+I3+...))*G + X`, as described here: https://gist.gith=
ub.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8#variant-using-all-input=
s
>=20
> As inputs can be Taproot, this introduced a new issue as `bitcoin-core/se=
cp256k1` does not support x-only public key sum (perhaps due to missing pre=
fix byte).
>=20
> I opened a new PR (#1143) to add a function to convert from x-only to com=
pressed public key with even y. This is the solution being used by the curr=
ent silent payment implementation.
>=20
> Tutorial updated: https://gist.github.com/w0xlt/c81277ae8677b6c0d3dd07389=
3210875
|