Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Wlheu-0005Q6-4B for bitcoin-development@lists.sourceforge.net; Sat, 17 May 2014 16:40:28 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.215.47 as permitted sender) client-ip=209.85.215.47; envelope-from=gmaxwell@gmail.com; helo=mail-la0-f47.google.com; Received: from mail-la0-f47.google.com ([209.85.215.47]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Wlheq-0000tQ-MB for bitcoin-development@lists.sourceforge.net; Sat, 17 May 2014 16:40:28 +0000 Received: by mail-la0-f47.google.com with SMTP id pn19so2863738lab.20 for ; Sat, 17 May 2014 09:40:18 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.113.3.167 with SMTP id bx7mr2123889lbd.64.1400344817906; Sat, 17 May 2014 09:40:17 -0700 (PDT) Received: by 10.112.89.68 with HTTP; Sat, 17 May 2014 09:40:17 -0700 (PDT) In-Reply-To: <5377892C.8080402@gmail.com> References: <5377892C.8080402@gmail.com> Date: Sat, 17 May 2014 09:40:17 -0700 Message-ID: From: Gregory Maxwell To: Chris Pacia Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Wlheq-0000tQ-MB Cc: Bitcoin Development Subject: Re: [Bitcoin-development] Paper Currency X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 16:40:28 -0000 On Sat, May 17, 2014 at 9:07 AM, Chris Pacia wrote: > I can't really just hand someone the note and walk away > because they have to scan it to see if it is actually valid. Not just scan it, but they actually must successfully sweep it=E2=80=94 otherwise they can be trivially double spent. This is especially bad since any prior bearer can perform such an attack. E.g. record the private key of everyone that passes through your hands and then doublespend race any redemption that happens >24 hours after you spend them. The wrong person would likely be blamed and even if you were blamed you could plausibly deny it ("Must have been the guy that gave it to me!"). Othercoin seems to have much better properties in the space of offline transactions: https://bitcointalk.org/index.php?topic=3D319146.0 Separately, Cassius also ran into some regulatory issues selling physical bitcoin artifacts. Especially printing things that seem to be redeemable for a named USD value sounds especially problematic. Some random comments=E2=80=94 The base58 encoding is fairly human unfriendl= y. It's fine for something being copy and pasted, but I've found typing or reading it works poorly due to mixed case. I expect the A/B side to be difficult to educate users about. "This side is private" is more easily understood, you could just pick one of your sides and call it private. I find it kind of odd that this design seems to have no facility for checking its txouts without recovering the private key, though considering no one should rely on such a measurement without sweeping perhaps thats for the best. (As far as the numbering goes, I think you should be calling these draft-felix-paper-currency etc. As a matter of hygienic practice I will not assign a matching bip number for something that went public with a number outside of the assignment.)