1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
|
Return-Path: <rsomsen@gmail.com>
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
by lists.linuxfoundation.org (Postfix) with ESMTP id 8D0B9C002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Jul 2022 13:41:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp4.osuosl.org (Postfix) with ESMTP id 540524175C
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Jul 2022 13:41:49 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 540524175C
Authentication-Results: smtp4.osuosl.org;
dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
header.a=rsa-sha256 header.s=20210112 header.b=e11cCiAh
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from smtp4.osuosl.org ([127.0.0.1])
by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id h-aPP4ZFqRx2
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Jul 2022 13:41:47 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org ACFD241721
Received: from mail-oa1-x35.google.com (mail-oa1-x35.google.com
[IPv6:2001:4860:4864:20::35])
by smtp4.osuosl.org (Postfix) with ESMTPS id ACFD241721
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Jul 2022 13:41:47 +0000 (UTC)
Received: by mail-oa1-x35.google.com with SMTP id
586e51a60fabf-10d6ddda695so9151226fac.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Jul 2022 06:41:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:in-reply-to:references:mime-version
:from:to:cc; bh=a/nbHIifRhodgOz+Qid4NR6luZmsUNe5O2CSSs/X3XM=;
b=e11cCiAh4aiLAv3IZO1wsJTRpRVkLK1pcmOHpnkJ1wip36tC0OMDlSFh3qa2ug8HkX
mmhuhLn6GB/QeJUxhmu1p60drt7WUMdNRD8ZurIstgWv1Tyr4kSjRbJjMcxExy/WBhRc
ATWsgPukDT7e5Cy42uHHwh5lKEwBEhgyKKj7ds8RhegjWmQXu96KRnuWzmvkdqdPxmFK
j5bBWwrl27BG61lRluhqI1duNfSRuaLCe0qs6otuPRdUw+vA+ctr5me/xhbCSqJsijku
8KncfmA3+LgG/uIKQu/b/sb6s0+Fo4x6a692XBuuztMMg5GOhDB9l95u17Z7tBjjll1y
4DEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:in-reply-to:references:mime-version
:x-gm-message-state:from:to:cc;
bh=a/nbHIifRhodgOz+Qid4NR6luZmsUNe5O2CSSs/X3XM=;
b=sSHbECK+MkHNQx5WdzEs7pIy08JerkJYMTVhOxHu0MakmjU8SAZnhhLfYCKPsjuCJj
KkDMJN244cvJ9fZc9zoGyscXP2Kqg+Tr7VvMz1GDFky1CfetIFTwF2WFD0IrA8SZXl3E
DdUp90/izTqYX0YsdFNiO9M2McJSUi0Qq++y4P57DpZ6drA6OIxRv/ZSw38WSxvYnI/v
bssnNL4kcLhMwAmM9inOI+Poev91o59t/pYt8JDaTf8Qh6Bxd15MuJDsfNfQQuaNSe6t
9HpF6e4iQWiIwrqW/h3wH7oKyJH3IqPbsxOxzCt7dleBbXyQ6cBtROIzJEXbg67ii2rp
+4yw==
X-Gm-Message-State: AJIora/kwBpwkJ52i8sVjUdou+Jm4tSV0Zsf3L0eVk/355n5tNsoD2+H
RxuXLq5TSXkW6dIa8pPK4g2oRMvgzv7lJAlDlUM=
X-Google-Smtp-Source: AGRyM1smEfujYkDyFdk38D4FxhOkf72bVdBhAzij0KGrt2qukowoh0yiitZhAPj9ZH/at52XpJUnpr3bNnHBY9OxyOg=
X-Received: by 2002:a05:6870:b403:b0:10e:7914:adb with SMTP id
x3-20020a056870b40300b0010e79140adbmr3860855oap.126.1659188506669; Sat, 30
Jul 2022 06:41:46 -0700 (PDT)
MIME-Version: 1.0
References: <-BUM-o-GxD7jpYy6cOdoALb-p2xbdEFds3De08nUFseeif6-OS6p_A7u7B_h45rkuflSix9kaC4e9fbOs_YwOL6xbrCF5ebjyGKurT4MeJU=@protonmail.com>
In-Reply-To: <-BUM-o-GxD7jpYy6cOdoALb-p2xbdEFds3De08nUFseeif6-OS6p_A7u7B_h45rkuflSix9kaC4e9fbOs_YwOL6xbrCF5ebjyGKurT4MeJU=@protonmail.com>
From: Ruben Somsen <rsomsen@gmail.com>
Date: Sat, 30 Jul 2022 15:41:36 +0200
Message-ID: <CAPv7TjZHJoY2cN9=X7vxSOEbd-YLQLrFi87e8Yj-xZJUawjRYA@mail.gmail.com>
To: Alfred Hodler <alfred_hodler@protonmail.com>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="0000000000008e363d05e505ed50"
X-Mailman-Approved-At: Sat, 30 Jul 2022 13:43:07 +0000
Subject: Re: [bitcoin-dev] New BIP: Private Payments
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jul 2022 13:41:49 -0000
--0000000000008e363d05e505ed50
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hi Alfred,
Thanks for all the effort.
Note that in the previous thread I mentioned[0] that this proposal
introduces a scanning requirement in order to detect incoming notifications
(complicating light client implementation). I recommend that you put this
information in the BIP, as this is an important downside that readers
should be aware of.
I'm also now realizing that your proposal is actually *very* similar to the
BIP47 protocol improvement suggestions that were made in Prague:
https://gist.github.com/RubenSomsen/21c477c90c942acf45f8e8f5c1ad4fae
As far as I can tell, the one difference is that you added an extra ECDH
calculation to hide the recipient payment code. Uncoincidentally, this is
also exactly what causes the downside of having a scanning requirement, and
it seems the only benefit you get in return is that you don't have to
outsource the notification (as is the case in the Prague protocol) and can
broadcast it yourself instead. I'm personally unsure whether this is a net
improvement, but that is certainly open to debate. I'd say it's worth
having this discussion prior to finalizing the BIP, as otherwise it could
potentially result in yet another incompatible standard further down the
line.
Considering the similarity, perhaps you could consider crediting the
participants of the Prague discussion (namely Alekos Filini, Martin
Habov=C5=A1tiak, and myself). And I imagine Silent Payments[1] may have ser=
ved
as an inspiration as well. I also recommend taking another look at the
"Allowing collisions" paragraph from the Prague discussion, as it can
potentially shave off up to 28 bytes.
I hope you find this feedback reasonable and it doesn't discourage you.
There's way too much work to be done on Bitcoin, so I'm happy to see you
are actively putting in the effort to move things forward. Working out the
details such as how to handle address formats is also very much
appreciated. Keep it up.
Cheers,
Ruben
[0]
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-June/020607.ht=
ml
[1] https://gist.github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8
On Sat, Jul 30, 2022 at 1:59 PM Alfred Hodler via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Hi,
>
> We propose a new BIP that facilitates more private two-party transactions=
.
> This is a strict improvement upon BIP47, with increased privacy and bette=
r
> future-proofing.
>
> The contents may be found here:
>
> https://github.com/alfred-hodler/bips/blob/bip-alfredhodler-private-payme=
nts/bip-alfredhodler-privatepayments.mediawiki
>
> We hope to collect feedback and be assigned with a BIP number. A referenc=
e
> implementation will be published once the BIP is deemed viable.
>
> Alfred
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--0000000000008e363d05e505ed50
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hi Alfred,<div><br>Thanks for all the effort.</div><div><b=
r></div><div>Note that in the previous thread I mentioned[0] that this prop=
osal introduces a scanning requirement in order to detect incoming notifica=
tions (complicating light client implementation). I recommend that you put =
this information in the BIP, as this is an important downside that readers =
should be aware of.</div><div><br></div><div>I'm also now realizing tha=
t your proposal is actually *very* similar to the BIP47 protocol improvemen=
t suggestions that were made in Prague:</div><div><a href=3D"https://gist.g=
ithub.com/RubenSomsen/21c477c90c942acf45f8e8f5c1ad4fae">https://gist.github=
.com/RubenSomsen/21c477c90c942acf45f8e8f5c1ad4fae</a><br></div><div><br></d=
iv><div>As far as I can tell, the one difference is that you added an extra=
ECDH calculation to hide the recipient payment code. Uncoincidentally, thi=
s is also exactly what causes the downside of having a scanning requirement=
, and it seems the only benefit you get in return is that you don't hav=
e to outsource the notification=C2=A0(as is the case in the Prague protocol=
) and can broadcast it yourself instead. I'm personally unsure whether =
this is a net improvement, but that is certainly open to debate. I'd sa=
y it's worth having this discussion prior to finalizing the BIP, as oth=
erwise it could potentially result in yet another incompatible standard fur=
ther down the line.</div><div><br></div><div>Considering the similarity, pe=
rhaps you could consider crediting the participants of the Prague discussio=
n (namely Alekos Filini, Martin Habov=C5=A1tiak, and myself). And I imagine=
Silent Payments[1] may have served as an inspiration as well. I also recom=
mend taking another look at the "Allowing collisions" paragraph f=
rom the Prague discussion, as it can potentially shave off up to 28 bytes.<=
/div><div><br></div><div>I hope you=C2=A0find this feedback reasonable and =
it doesn't discourage you. There's way too much work to be done on =
Bitcoin, so I'm happy to see you are actively putting in the effort to =
move things forward. Working out the details such as how to handle address =
formats is also very much appreciated. Keep it up.</div><div><br></div><div=
>Cheers,</div><div>Ruben</div><div><br></div><div><br></div><div>[0]=C2=A0<=
a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-June=
/020607.html">https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-=
June/020607.html</a></div><div><br></div><div>[1]=C2=A0<a href=3D"https://g=
ist.github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8">https://gist.g=
ithub.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8</a></div><div><br></=
div><div><br></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" cl=
ass=3D"gmail_attr">On Sat, Jul 30, 2022 at 1:59 PM Alfred Hodler via bitcoi=
n-dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-=
dev@lists.linuxfoundation.org</a>> wrote:<br></div><blockquote class=3D"=
gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(20=
4,204,204);padding-left:1ex">Hi,<br>
<br>
We propose a new BIP that facilitates more private two-party transactions. =
This is a strict improvement upon BIP47, with increased privacy and better =
future-proofing.<br>
<br>
The contents may be found here:<br>
<a href=3D"https://github.com/alfred-hodler/bips/blob/bip-alfredhodler-priv=
ate-payments/bip-alfredhodler-privatepayments.mediawiki" rel=3D"noreferrer"=
target=3D"_blank">https://github.com/alfred-hodler/bips/blob/bip-alfredhod=
ler-private-payments/bip-alfredhodler-privatepayments.mediawiki</a><br>
<br>
We hope to collect feedback and be assigned with a BIP number. A reference =
implementation will be published once the BIP is deemed viable.<br>
<br>
Alfred<br>
<br>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div>
--0000000000008e363d05e505ed50--
|
