Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <jgarzik@bitpay.com>) id 1WN4hR-0006wr-2b
	for bitcoin-development@lists.sourceforge.net;
	Mon, 10 Mar 2014 18:13:17 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of bitpay.com
	designates 74.125.82.177 as permitted sender)
	client-ip=74.125.82.177; envelope-from=jgarzik@bitpay.com;
	helo=mail-we0-f177.google.com; 
Received: from mail-we0-f177.google.com ([74.125.82.177])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WN4hP-0003zj-SM
	for bitcoin-development@lists.sourceforge.net;
	Mon, 10 Mar 2014 18:13:17 +0000
Received: by mail-we0-f177.google.com with SMTP id u57so8995113wes.36
	for <bitcoin-development@lists.sourceforge.net>;
	Mon, 10 Mar 2014 11:13:09 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc:content-type;
	bh=iMwv+sS7yaVZj11a8dAaqRckQqqUagGnXwbwPzBhAoI=;
	b=dAaI/sjRbpwifk/fQRrN5dXOJYb9tgx+Eoksam6tsbUCWN8g4CvXxhFE6NapVMs1WJ
	7ecm/+gFoXaFSQCFrtXayEZTRQ5ZzmOR0EQTJ4D34sSMWkrxhbbr9txaD1XDhXcpkWi3
	Rrmp/ZR3ZTfsQchaUYGB+alcZSRSerzXKe+y1kuY05r5efPMCwDikf5sVwjMXMD/lLR0
	3QxAVeEHBm4x0DfqG5f1ox9iQXTofW6jtEN3UHB3WUo+h51cdHBu+o5UY8Y5ap062yJH
	Ke2T6NaACqs3eO2kUeapvjSMvJHUGzELtyoTP3bjsQBi0Vpnd4xLR+0nWdrDTWZ/f8rS
	hqww==
X-Gm-Message-State: ALoCoQk/nWZYVguq39fpcSXhDMkul3gn5booN7f5yslUMU3AMVQFt4HpWp/o+YJga/7G1eTXWU+C
X-Received: by 10.194.20.65 with SMTP id l1mr9876297wje.39.1394475189249; Mon,
	10 Mar 2014 11:13:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.82.197 with HTTP; Mon, 10 Mar 2014 11:12:49 -0700 (PDT)
In-Reply-To: <CANAnSg3Bt0e7CfUcJXe96xhU6nqif9ey_vurZMZkSa9OHjHStw@mail.gmail.com>
References: <CANAnSg3Bt0e7CfUcJXe96xhU6nqif9ey_vurZMZkSa9OHjHStw@mail.gmail.com>
From: Jeff Garzik <jgarzik@bitpay.com>
Date: Mon, 10 Mar 2014 14:12:49 -0400
Message-ID: <CAJHLa0PNW9FP7btMphLK+GxKo5u0Seiw5tbV_dT6ghg9YjH4yQ@mail.gmail.com>
To: Drak <drak@zikula.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WN4hP-0003zj-SM
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Multisign payment protocol?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 10 Mar 2014 18:13:17 -0000

Payment protocol currently supports payments to multi-sig addresses.

In general, almost all wallet software sucks RE multisig.  Just try
any of these actions in Bitcoin-Qt or another wallet:
* obtain a public key you control, given a bitcoin address
* easily share public keys
* easily share partially signed transactions
* build a P2SH multisig address from public keys, reliably.  Right
now, participants have no idea about pubkey order, leading various N
possible P2SH addresses, given a list of public keys.  Reproducing the
P2SH address is harder than it should be.
* track "partially controlled" balance (balance of coins of which you
may sign at least 1 of N)
* support for remote oracles and services that provide 1-of-N signatures
etc.




On Mon, Mar 10, 2014 at 1:39 PM, Drak <drak@zikula.org> wrote:
> I was wondering if there would be merit in a kind of BIP for a payment
> protocol using multisig?
>
> Currently, setting up a multisig is quite a feat. Users have to exchange
> public keys, work out how to get the public keys from their addresses. If
> one of the parties are not savvy enough, an malicious party could easily be
> setup that was 2 of 3 instead of 2 of 2 where the malicious party generates
> the multisig address+script and thus be able to run off with funds anyway.
>
> It's also terribly complex to generate and keep track of. There's been a
> nice attempt at creating an browser interface at coinb.in/multisig but it
> still lacks the kind of ease with created by the payment protocol. If there
> was a BIP then it would go a long way to aiding future usability of multisig
> wallet implementations.
>
> What are your thoughts?
>
> Drak
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/13534_NeoTech
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>



-- 
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.      https://bitpay.com/