Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id ED6CBC0032 for ; Fri, 4 Aug 2023 18:42:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id C7974408D1 for ; Fri, 4 Aug 2023 18:42:11 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org C7974408D1 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20221208 header.b=ROKac77p X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CMbo5yK3Tjor for ; Fri, 4 Aug 2023 18:42:07 +0000 (UTC) Received: from mail-ua1-x92c.google.com (mail-ua1-x92c.google.com [IPv6:2607:f8b0:4864:20::92c]) by smtp4.osuosl.org (Postfix) with ESMTPS id 0F72C4098E for ; Fri, 4 Aug 2023 18:42:06 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 0F72C4098E Received: by mail-ua1-x92c.google.com with SMTP id a1e0cc1a2514c-79a2d0e0ce6so778140241.3 for ; Fri, 04 Aug 2023 11:42:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691174526; x=1691779326; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=iBjnwICtuQZc9gDRrOXRE/LL6piM0GwOktveDtgA0FI=; b=ROKac77pjIiB2j7C3++uJgrRXaC+qXHPBzLbKJdkTk1lGggijUHPFgYNYtSiO0KSlM TTc4kGVdwuWcWyFyic++W/svrm9Gq7KoeK9JBVIuIwA3V8np1bMwsSMO8KqUT/XlZFD8 h3jwT6VNUagolFbITuZJM/KE/wnrNPw83qKuA3TR2fTB46rRn09h715F3VOmlW7TMz3e v2IpL/a25Z3ORktYfTe4tdLB+k9dHB0feC54ZIKrN3POkiL3EaAvrwOkM1zyGyIG7agC dsuo9G/mgCZ3Dhi1O5CUGC2nJzsIoiVm57pR26HZFMHY2sEjAJkTfLK71Z74KMEXAj6v 2OpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691174526; x=1691779326; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=iBjnwICtuQZc9gDRrOXRE/LL6piM0GwOktveDtgA0FI=; b=DsKF2j2dplHa2x+qYhoSZsR6ZBQR5gSIeak+xtaPU7JVnGcM9uKt8JMTB5nrEmrFwi fa44FxJA25A68SgzAszEF3HRIwXNI4sEvWsGBhCKKJi2GDH6BfeLdaKoX4bZln6IfMHl pzHbXZlEdCgcSiR80NsGQPfdZ8JjOv5lZeHfs5WffVjLRrPr6pkBQXg1PavL2R0jG5/p FPBskIbx7u1ibRxw2pAW/TF5/laL4xuJZrwcntSygKuUNVaHVPq8kbsKsHRHmjVxZaSx 9Kk5IxbHnEAoB4bWf3nTbBDpSrn90TqK4jn8prO5UYbHv+V/VIj33ytGUjDGP8JDMiUX Ea7A== X-Gm-Message-State: AOJu0Yw1rT44StqpNyIX51r0J7xUL9rZ9nRfuAvUTT4A/eHbiAVCHeXJ 08alXMlg48bz+nZ4peTOSjabX9qf3mn7VfTueW0ou/yO0js= X-Google-Smtp-Source: AGHT+IFX59VRgr/wWAVVOTkcCIbZZO3bayWXFSFMRenVsi3HYqazlRmWyZnxMadBgAUq4mdvhlYQvIf6x9bI20GVwtg= X-Received: by 2002:a67:eb87:0:b0:443:7eba:e22c with SMTP id e7-20020a67eb87000000b004437ebae22cmr1310075vso.8.1691174525719; Fri, 04 Aug 2023 11:42:05 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Samson Mow Date: Fri, 4 Aug 2023 11:41:39 -0700 Message-ID: To: Peter Todd , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000dbdc1706021d403b" X-Mailman-Approved-At: Sun, 06 Aug 2023 14:28:42 +0000 Subject: Re: [bitcoin-dev] BIP-352 Silent Payments addresses should have an expiration time X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Aug 2023 18:42:12 -0000 --000000000000dbdc1706021d403b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Why the 180 year limit? imho should plan for longer. On Fri, Aug 4, 2023 at 10:41=E2=80=AFAM Peter Todd via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > tl;dr: Wallets don't last forever. They are often compromised or lost. Wh= en > this happens, the addresses generated from those wallets become a form of > toxic > data: funds sent to those addresses can be easily lost forever. > > All Bitcoin addresses have this problem. But at least existing Bitcoin > addresses aren't supposed to be reused. Silent Payments are: the whole > point is > to have a single address that you can safely pay to multiple times, witho= ut > privacy concerns. Failing to make Silent Payment addresses eventually > expire in > a reasonable amount of time is thus a particularly harmful mistake. > > Fixing this is easy: add a 3 byte field to silent payments addresses, > encoding > the expiration date in terms of days after some epoch. 2^24 days is 45,00= 0 > years, more than enough. Indeed, 2 bytes is probably fine too: 2^16 days > is 180 > years. We'll be lucky if Bitcoin still exists in 180 years. > > Wallets should pick a reasonable default, eg 1 year, for newly created > addresses. Attempts to pay an expired address should just fail with a > simple > "address expired". Lightning invoices are a good example here: while > invoices > does not require expiration from a technical point of view, they do expir= e > for > similar UX reasons as applies to silent payments. > > -- > https://petertodd.org 'peter'[:-1]@petertodd.org > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --000000000000dbdc1706021d403b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Why the 180 year limit? imho should plan for longer.
=
On Fri= , Aug 4, 2023 at 10:41=E2=80=AFAM Peter Todd via bitcoin-dev <bitcoin-dev@lists.linuxfound= ation.org> wrote:
tl;dr: Wallets don't last forever. They are often compromise= d or lost. When
this happens, the addresses generated from those wallets become a form of t= oxic
data: funds sent to those addresses can be easily lost forever.

All Bitcoin addresses have this problem. But at least existing Bitcoin
addresses aren't supposed to be reused. Silent Payments are: the whole = point is
to have a single address that you can safely pay to multiple times, without=
privacy concerns. Failing to make Silent Payment addresses eventually expir= e in
a reasonable amount of time is thus a particularly harmful mistake.

Fixing this is easy: add a 3 byte field to silent payments addresses, encod= ing
the expiration date in terms of days after some epoch. 2^24 days is 45,000<= br> years, more than enough. Indeed, 2 bytes is probably fine too: 2^16 days is= 180
years. We'll be lucky if Bitcoin still exists in 180 years.

Wallets should pick a reasonable default, eg 1 year, for newly created
addresses. Attempts to pay an expired address should just fail with a simpl= e
"address expired". Lightning invoices are a good example here: wh= ile invoices
does not require expiration from a technical point of view, they do expire = for
similar UX reasons as applies to silent payments.

--
http= s://petertodd.org 'peter'[:-1]@petertodd.org
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000dbdc1706021d403b--