path: root/ca/0e0cc6b6adb4010383a15184f57dc05063666a

Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <jgarzik@bitpay.com>) id 1WTtIr-0002MB-Gh
	for bitcoin-development@lists.sourceforge.net;
	Sat, 29 Mar 2014 13:28:05 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of bitpay.com
	designates 209.85.160.169 as permitted sender)
	client-ip=209.85.160.169; envelope-from=jgarzik@bitpay.com;
	helo=mail-yk0-f169.google.com; 
Received: from mail-yk0-f169.google.com ([209.85.160.169])
	by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WTtIo-0006G5-54
	for bitcoin-development@lists.sourceforge.net;
	Sat, 29 Mar 2014 13:28:05 +0000
Received: by mail-yk0-f169.google.com with SMTP id 142so4652056ykq.14
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 29 Mar 2014 06:27:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc:content-type:content-transfer-encoding;
	bh=n1sM8iRUu75Tz/2BljPQjje7ooYhTbHygDMad1utPvI=;
	b=C3+c/qjzcugW6k2bhAcNWPnB4CcQCEVhFPTLpNg42uR5rUGl0aJI14wrZ9DsSN2YJC
	J1+HNZyWy3LqzSby+ujSM9b1S8dxQxgkWl4B9KuKypTiobVvF51J+IIfsDCfj2hEscFP
	zDZJldfwD1HE+ROl3YHAYV46yaLrWzt3Lk9MywKX5aiA9iZQJJSicVYE5MD5A1AqroCW
	nZaO2/Xlc+5qxBA0ci6bSjFMwiv7dtxdVxm0Tk/gWXki9sWlZH87Mc//l51gHQiE0zw+
	xbojY3FJVT8MzPUak32S1nOoghi84JHJBae+9fsIg8GJDQ5LM2asK8TwO7m21G19ea06
	jnrA==
X-Gm-Message-State: ALoCoQmGM3pfmClHmXTfG38jzDPjhiMd1MHYz+AXOflQiVyoWsqYMDJRrvooHv2ljZeT5zshmv1v
X-Received: by 10.236.151.198 with SMTP id b46mr20265456yhk.3.1396099676477;
	Sat, 29 Mar 2014 06:27:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.170.162.214 with HTTP; Sat, 29 Mar 2014 06:27:36 -0700 (PDT)
In-Reply-To: <CA0DE0F6-C5B9-4BC4-9F79-D98C89A159F4@beams.io>
References: <1878927.J1e3zZmtIP@crushinator>
	<83BBF97F-290E-4CF9-B062-92445ED35F27@beams.io>
	<1701792.nYQmSeReja@crushinator>
	<CA0DE0F6-C5B9-4BC4-9F79-D98C89A159F4@beams.io>
From: Jeff Garzik <jgarzik@bitpay.com>
Date: Sat, 29 Mar 2014 09:27:36 -0400
Message-ID: <CAJHLa0N0YCHfBeDq+QLqK3ZVWD-rAx85MXvX4OBqSoQqgCXm2w@mail.gmail.com>
To: Chris Beams <chris@beams.io>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WTtIo-0006G5-54
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret
 Sharing of Bitcoin private keys
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 29 Mar 2014 13:28:05 -0000

The comparison with multisig fails to mention that multi-signature
transactions explicitly define security at the transaction level.
This permits fine-grained specificity of what a key holder may
approve.

Shamir is much more coarse-grained.  You reconstitute a private key,
which may then be used to control anything that key controls.  Thus,
in addition to Shamir itself, you need policies such as "no key
reuse."

My first impression of Shamir many moons ago was "cool!" but that's
since been tempered by thinking through the use cases.  Shamir has a
higher D.I.Y. factor, with a correspondingly larger surface of
things-that-could-go-wrong, IMO.

(None of this implies making an informational BIP lacks value; I'm all
for an informational BIP)




On Sat, Mar 29, 2014 at 7:54 AM, Chris Beams <chris@beams.io> wrote:
> Enlightening; thanks, Matt. And apologies to the list for my earlier inad=
vertent double-post.
>
> On Mar 29, 2014, at 12:16 PM, Matt Whitlock <bip@mattwhitlock.name> wrote=
:
>
>> On Saturday, 29 March 2014, at 10:08 am, Chris Beams wrote:
>>> Matt, could you expand on use cases for which you see Shamir's Secret S=
haring Scheme as the best tool for the job? In particular, when do you see =
that it would be superior to simply going with multisig in the first place?=
 Perhaps you see these as complimentary approaches, toward defense-in-depth=
? In any case, the Motivation and Rationale sections of the BIP in its curr=
ent form are silent on these questions.
>>
>> I have added two new sections to address your questions.
>>
>> https://github.com/whitslack/btctool/blob/bip/bip-xxxx.mediawiki
>
>
> -------------------------------------------------------------------------=
-----
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>



--=20
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.      https://bitpay.com/