Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A9532A7A for ; Wed, 27 Sep 2017 20:19:21 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pf0-f173.google.com (mail-pf0-f173.google.com [209.85.192.173]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3A1C94CF for ; Wed, 27 Sep 2017 20:19:21 +0000 (UTC) Received: by mail-pf0-f173.google.com with SMTP id e1so7815113pfk.1 for ; Wed, 27 Sep 2017 13:19:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=toJgy6RT/w55ap0J6dbqBAeEY95tNlo529S+JGzXBT8=; b=kuhRZ3WVFokFrD5wunN67cU0da7DWVgH6x30mGpPlM8hG7Oqel+ZQcCmD8Lh7QhQQW OdD5MeldwQEiTAIDeNywbvfFLw7wu1F0hpqL3uwDnG1c3uUgGjcvlkyO3TM/PyZTp9fJ mnzWhTF9QxUQ0hMGxa0iou3geV460zn8YiiJO4VXsn8NVrwjo7LsVDqXmE9sm/VOA2Wq l0sOfVKelwUpYQQdrODi1Ls8uUt3pBk2sJl32hZGSvARWwUKa7cy4hhw5Xkgp3tIBZ24 0bW4IADD+kAwSq3Ywfsv/WXyGR74gJ+y7hzVfCOyHifDGUJBxauzlwsI2KBS+79M6PHd 8Yvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=toJgy6RT/w55ap0J6dbqBAeEY95tNlo529S+JGzXBT8=; b=qHht0c/zKqUdkPoRyJTYTc91+Y1D0Z/apmdlYAnZjzN6ouJqAcnG+Ht6f/R0PM1NcD MveGQxm5I/BoENhPP6QZnnyeNQqZulWh8E3ikAUmZOoGdyq+LfBl9iUypSibJ8SagKSL kg1MVFXGS7+losRGI8VcnG9iG1hpPRa0YVO8Gs62JT24TN2bOSeWHryZLVQXXlB8dqO1 PfA03Zv76V2Y5SE/mbdvuJNaOyPHcaAPYBnJEUjslgzc3HrbJ67TYGc8U9LTFBd+EGsa hEOW+t+SiuYIVeWeMG0Q4qcvzuK5o53kxElEz8BjPvcrMVDrx9rM4/lVoTtSMhsXx5Pu LU3w== X-Gm-Message-State: AHPjjUjqKsUVpFRy5FwgSwOa0W48KSSqbl1CQWarRALLIehT50hPzePJ Gvfm00jIhvxuCGYLmwqw5oCtWfCw X-Google-Smtp-Source: AOwi7QBE4B9LfMcqcwNw3ojr+67EV2AQRwuMg36G68XPkpBtNaw3EwWZK1MYA2yXs/1xnZ0PKSs4gw== X-Received: by 10.84.224.75 with SMTP id a11mr2163738plt.106.1506543560322; Wed, 27 Sep 2017 13:19:20 -0700 (PDT) Received: from [192.168.1.3] (c-73-240-125-172.hsd1.or.comcast.net. [73.240.125.172]) by smtp.gmail.com with ESMTPSA id p124sm7982587pfg.179.2017.09.27.13.19.18 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Sep 2017 13:19:19 -0700 (PDT) To: bitcoin-dev@lists.linuxfoundation.org References: <20170927160654.GA12492@savin.petertodd.org> From: CryptAxe Message-ID: <0e625a3c-46fa-239f-e646-cf97ae226df0@gmail.com> Date: Wed, 27 Sep 2017 13:11:09 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------DDDE22FFC9C6136C54289F11" Content-Language: en-US X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE autolearn=disabled version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 27 Sep 2017 20:21:56 +0000 Subject: Re: [bitcoin-dev] Address expiration times should be added to BIP-173 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Sep 2017 20:19:21 -0000 This is a multi-part message in MIME format. --------------DDDE22FFC9C6136C54289F11 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit See https://github.com/bitcoin/bitcoin/pull/9722 What still needs to be done is that during the first start up after updating with this popup, the wallet needs to scan for addresses that have been used in the past. That way the popup isn't only shown for addresses that are reused after updating. On 09/27/2017 12:35 PM, Chris Priest via bitcoin-dev wrote: > A better solution is to just have the sending wallet check to see if > the address you are about to send to has been used before. If it's a > fresh address, it sends it through without any popup alert. If the > address has history going back a certain amount of time, then a popup > comes up and notifies the sender that they are sending to a non-fresh > address that may no longer be controlled by the receiver anymore. > > Also, an even better idea is to set up an "address expiration > service". When you delete a wallet, you first send off an "expiration > notice" which is just a message (signed with the private key) saying > "I am about to delete this address, here is my new address". When > someone tries to send to that address, they first consult the address > expiration service, and the service will either tell them "this > address is not expired, proceed", or "this address has been expired, > please send to this other address instead...". Basically like a 301 > redirect, but for addresses. I don't think address expiration should > be part of the protocol. > ... --------------DDDE22FFC9C6136C54289F11 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit

See https://github.com/bitcoin/bitcoin/pull/9722

What still needs to be done is that during the first start up after updating with this popup, the wallet needs to scan for addresses that have been used in the past. That way the popup isn't only shown for addresses that are reused after updating.


On 09/27/2017 12:35 PM, Chris Priest via bitcoin-dev wrote:
A better solution is to just have the sending wallet check to see if the address you are about to send to has been used before. If it's a fresh address, it sends it through without any popup alert. If the address has history going back a certain amount of time, then a popup comes up and notifies the sender that they are sending to a non-fresh address that may no longer be controlled by the receiver anymore.

Also, an even better idea is to set up an "address expiration service". When you delete a wallet, you first send off an "expiration notice" which is just a message (signed with the private key) saying "I am about to delete this address, here is my new address". When someone tries to send to that address, they first consult the address expiration service, and the service will either tell them "this address is not expired, proceed", or "this address has been expired, please send to this other address instead...". Basically like a 301 redirect, but for addresses. I don't think address expiration should be part of the protocol.

...
--------------DDDE22FFC9C6136C54289F11--