1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id BC34010E0
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 14 Sep 2015 19:54:38 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pa0-f43.google.com (mail-pa0-f43.google.com
[209.85.220.43])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 489B41F2
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 14 Sep 2015 19:54:38 +0000 (UTC)
Received: by padhk3 with SMTP id hk3so152285834pad.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 14 Sep 2015 12:54:38 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
:subject:content-type;
bh=oBe8fHnw6dposuEBLmA5B2Cf/60Tn1VpLFbJRe81i0I=;
b=maPvt77UiXvn3i1iDWgdp5DcQUXYSdCrjTWMWC7qqthx6FrsMuoROJ6sH8C+CABJLn
UH3hSqXHXmnanI9EFw+aO1zBxNAbolWtx2FSPfQU+DT4/YvlQStmPLjBneKBpvio9ICw
z9XznBHj+XtD/A9fRY92agaNxdvD0F3GbVRPZOtJtOvDXoEatsbOsFP8LXy5FiDM84HB
VOWmHhF6JDBoCVsBoQwMWnSq/aER2oCQH9fVTxN82SDprh9vj5aY/gT3B3OLQfNSEroR
IuknIC28V46JsW+GvMHGDyJZcBE1AxXTMY9bT1mcYh/889idTbCFBKadB9I8QK8ocWNo
Id9A==
X-Gm-Message-State: ALoCoQk7x15pqgg7TxmU1yZXwX2/Y+f4/L50Uyb1r5OXb4tBpo+i81yBFtQgBDjflCT1sKrTt5tq
X-Received: by 10.66.193.162 with SMTP id hp2mr38100286pac.108.1442260478013;
Mon, 14 Sep 2015 12:54:38 -0700 (PDT)
Received: from [10.0.1.13] (c-73-225-134-208.hsd1.wa.comcast.net.
[73.225.134.208]) by smtp.googlemail.com with ESMTPSA id
uh10sm17804914pab.41.2015.09.14.12.54.37
(version=TLSv1/SSLv3 cipher=OTHER);
Mon, 14 Sep 2015 12:54:37 -0700 (PDT)
Message-ID: <55F725FF.8030507@voskuil.org>
Date: Mon, 14 Sep 2015 12:54:39 -0700
From: Eric Voskuil <eric@voskuil.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: bitcoin-dev@lists.linuxfoundation.org,
Neill Miller <neillm@thecodefactory.org>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="NBPV5JhMDTQuuo2qpaVGtjuW4ceOWaL6K"
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: [bitcoin-dev] BIP-38 issue and altchain support
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Sep 2015 19:54:38 -0000
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--NBPV5JhMDTQuuo2qpaVGtjuW4ceOWaL6K
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
In the integration of BIP-38 into libbitcoin we ran into two issues.
First, the scenario that justifies the "confirmation code" is flawed. We
have implemented full support for this, but have also marked it as
deprecated.
I am seeking counter arguments, in case there is some scenario that we
haven't imagined where it might be useful. Details here:
[TLDR: the confirmation code cannot prove anything about the owner's
ability to spend from the public-key/address that it confirms.]
https://github.com/libbitcoin/libbitcoin/wiki/BIP38-Security-Consideratio=
ns
Second, BIP-38 envisions altchain integration but doesn't specify it. We
have implemented the capability, documented here:
[TLDR: incorporate the payment address version into the last byte of the
encoded encrypted key prefixes, with backward compatibility]
https://github.com/libbitcoin/libbitcoin/wiki/Altchain-Encrypted-Private-=
Keys
If there is sufficient support I'll write up a Proposal that modifies
BIP-38.
Thanks to Neill Miller for the libbitcoin and bx BIP-38 pull requests.
e
--NBPV5JhMDTQuuo2qpaVGtjuW4ceOWaL6K
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJV9yX/AAoJEDzYwH8LXOFOapkH/2cbJMCKI6iSMPIPzPT5Iuou
qbEUPQvQowk1I6nFhN3mkBb9OmVM6yqEnbsi31HHs1m3Fwci9A1+KzNpuw+xRTIB
PYRcJ/EfBrwWYhUgWPPVzoAp4UPBOffOKJKaWS6YaxAjuWd/RQAWg/7TQf8IPklV
aZ0op5mjOWuf6xw1I0fQoZJVwAIZN3rH4ekBLBEUKRLQlwMMNNkXKknQ1M2hLkXY
D1ds89Aln1XAOPiOQGYdXEpL/eG8dZb0MKiznO3hSwVZTu1EX/TxElbSsBLWdX7B
/1x6Jzhf7IWvei0aLjycKCAuM+FslvFje0eEdSLpyxfElbbqj83sw/WkH015ONA=
=5r8m
-----END PGP SIGNATURE-----
--NBPV5JhMDTQuuo2qpaVGtjuW4ceOWaL6K--
|