1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
|
Return-Path: <alicexbt@protonmail.com>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 6BB18C002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Oct 2022 20:54:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp2.osuosl.org (Postfix) with ESMTP id 3DCA940112
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Oct 2022 20:54:34 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 3DCA940112
Authentication-Results: smtp2.osuosl.org;
dkim=pass (2048-bit key) header.d=protonmail.com header.i=@protonmail.com
header.a=rsa-sha256 header.s=protonmail3 header.b=FpfJeVhJ
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 6FUUSnbCrURH
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Oct 2022 20:54:33 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 2A6514010E
Received: from mail-40135.protonmail.ch (mail-40135.protonmail.ch
[185.70.40.135])
by smtp2.osuosl.org (Postfix) with ESMTPS id 2A6514010E
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 23 Oct 2022 20:54:33 +0000 (UTC)
Date: Sun, 23 Oct 2022 20:54:26 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
s=protonmail3; t=1666558471; x=1666817671;
bh=k8Ac9xIbqGpE9T23S/Jec6AN09qT0bMH/p3KR7Tf40w=;
h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
Message-ID;
b=FpfJeVhJ5tDndyg0Mg5F4VSkEFd20jQ/jyseZmjszoVDl8v8Cfxx2uuTp6VWJg+Pd
zFzt6tQO/O2xgRhBos22wnWTPSl0s2m7IDSmCWVLRu0H/krcUJd+kjfMiTo2Qyumxa
NDXGNtJ302YxpLCxVmGDBZ6RBpk+9O15akcMFYfQJyS++uptrVQWIFY3cm+sxXgJy/
nmyjBGy4PqNn8xrGXEfTSiWU1FFMse2dLPMgXYYuIdYHeIE8jyYIsHD5BFxHzwwmf2
Q76JVR9n0GRJmS45Eo92epR+CkU6wrRO2DbGdbRSzNoQFORM2Yhduonqg5EDn8OZBp
TB0MrMYci+uZg==
To: woltx <woltx@protonmail.com>
From: alicexbt <alicexbt@protonmail.com>
Message-ID: <9NRBqDuofrouYeeEea2AxtVOlSQ89-iUzH-BevnDyK4yQE_qGaCAn0hIPK5SkfSqQK8WiDl7-7TyvrT4m6VsXodO4MgUT-ZFaA9ycXd62z8=@protonmail.com>
In-Reply-To: <c4zJHH8C3dXNRFYDNKZShbmUcHYEl2A0bj8ByqgFxjb4pTOoKOi2_crU7YgZGhbmiCBPb_zrI3uZ0P4eNbpIJ43B-nPg0raxV-nsbl3x8rc=@protonmail.com>
References: <P_21MLHGJicZ-hkbC4DGu86c5BtNKiH8spY4TOw5FJsfimdi_6VyHzU_y-s1mZsOcC2FA3EW_6w6W5qfV9dRK_7AvTAxDlwVfU-yhWZPEuo=@protonmail.com>
<XxDzawKpNd-w31EPhjsQhW2VIjUOOAixK2X9RvZAB-Z-uFnasDCyLc5GlJ1HptXsuIggz7ee4tKMSxRsqMj8eoZUPgKuRFNqlejjObn43-4=@protonmail.com>
<c4zJHH8C3dXNRFYDNKZShbmUcHYEl2A0bj8ByqgFxjb4pTOoKOi2_crU7YgZGhbmiCBPb_zrI3uZ0P4eNbpIJ43B-nPg0raxV-nsbl3x8rc=@protonmail.com>
Feedback-ID: 40602938:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Sun, 23 Oct 2022 21:19:50 +0000
Cc: "bitcoin-dev@lists.linuxfoundation.org"
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Silent Payment v4 (coinjoin support added)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Oct 2022 20:54:34 -0000
Hi woltx,
Thanks for the response.
> Using all inputs, it becomes possible to use SP addresses in coinjoins as=
long as all participants agree.
> More information:
> https://gist.github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8#vari=
ant-using-all-inputs
Using new addresses and SP address would be same in my opinion in coinjoin.
> I think Andrew Poelstra is referring to a multi-party scheme.
> This is not the case with the Silent Payments scheme, which only relies o=
n transaction data, which is publicly available on the blockchain.
Sounds good.
> This warning was suggested by Aur=C3=A8le Oul=C3=A8s in https://github.co=
m/bitcoin/bitcoin/pull/24897#issuecomment-1276160738 and the reason was a d=
iscussion in PR about users thinking that each address would come from a di=
fferent key and not the same key.
It makes sense although could be rephrased.
/dev/fd0
Sent with Proton Mail secure email.
------- Original Message -------
On Sunday, October 23rd, 2022 at 12:30 PM, woltx <woltx@protonmail.com> wro=
te:
> Hi /dev/fd0
>=20
> I haven't accessed ML for a while.
>=20
> 1) All inputs being used sounds good although I do not understand how it =
would benefit coinjoin.
>=20
> Using all inputs, it becomes possible to use SP addresses in coinjoins as=
long as all participants agree.
> More information:
> https://gist.github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8#vari=
ant-using-all-inputs
>=20
> 2) Not sure about the concerns expressed by Andrew Poelstra in the pull r=
equest related to rogue-key attacks.
>=20
> I think Andrew Poelstra is referring to a multi-party scheme.
> This is not the case with the Silent Payments scheme, which only relies o=
n transaction data, which is publicly available on the blockchain.
>=20
> 3) I could not understand the warning in the output for `getsilentaddress=
` RPC when used with a label.
>=20
> This warning was suggested by Aur=C3=A8le Oul=C3=A8s in https://github.co=
m/bitcoin/bitcoin/pull/24897#issuecomment-1276160738 and the reason was a d=
iscussion in PR about users thinking that each address would come from a di=
fferent key and not the same key.
>=20
>=20
>=20
>=20
> Sent with Proton Mail secure email.
>=20
>=20
> ------- Original Message -------
> On Wednesday, October 12th, 2022 at 6:04 AM, alicexbt alicexbt@protonmail=
.com wrote:
>=20
>=20
>=20
> > Hi woltx,
> >=20
> > Thanks for working on silent payments improving it in each version.
> >=20
> > 1) All inputs being used sounds good although I do not understand how i=
t would benefit coinjoin.
> > 2) New RPC command name is better.
> >=20
> > > I opened a new PR (#1143) to add a function to convert from x-only to=
compressed public key with even y.
> >=20
> > Not sure about the concerns expressed by Andrew Poelstra in the pull re=
quest related to rogue-key attacks.
> >=20
> > > Tutorial updated: https://gist.github.com/w0xlt/c81277ae8677b6c0d3dd0=
73893210875
> > > "warnings": "This address is not a new identity. It is a re-use of an=
existing identity with a different label."
> >=20
> > I could not understand the warning in the output for `getsilentaddress`=
RPC when used with a label.
> >=20
> > /dev/fd0
> >=20
> > Sent with Proton Mail secure email.
> >=20
> > ------- Original Message -------
> > On Tuesday, October 11th, 2022 at 12:32 PM, woltx via bitcoin-dev bitco=
in-dev@lists.linuxfoundation.org wrote:
> >=20
> > > Silent Payment v4 (coinjoin support added)
> > > Changes:
> > >=20
> > > . Silent payments now use all inputs to create transactions. Previous=
ly, they only used the first input. This change increases privacy and makes=
silent payments compatible with coinjoin.
> > >=20
> > > . `getspaddress` RPC renamed to `getsilentaddress` for clarity
> > >=20
> > > . Added support for silent payment in PSBT via `walletcreatefundedpsb=
t` RPC.
> > >=20
> > > . Added a new index scheme (which stores the sum of input public keys=
for each transaction). The previous index `bitcoin/signet/indexes/silentpa=
ymentindex` should be removed as it is no longer compatible with this new v=
ersion.
> > >=20
> > > For reviewers:
> > >=20
> > > Now, silent payments use the scheme `hash(i1*X + i2*X + i3*X + ...)*G=
+ X =3D=3D hash(x*(I1+I2+I3+...))*G + X`, as described here: https://gist.=
github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8#variant-using-all-i=
nputs
> > >=20
> > > As inputs can be Taproot, this introduced a new issue as `bitcoin-cor=
e/secp256k1` does not support x-only public key sum (perhaps due to missing=
prefix byte).
> > >=20
> > > I opened a new PR (#1143) to add a function to convert from x-only to=
compressed public key with even y. This is the solution being used by the =
current silent payment implementation.
> > >=20
> > > Tutorial updated: https://gist.github.com/w0xlt/c81277ae8677b6c0d3dd0=
73893210875
|
