Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 28AB3724 for ; Fri, 12 Aug 2016 12:36:37 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-yw0-f175.google.com (mail-yw0-f175.google.com [209.85.161.175]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3A932135 for ; Fri, 12 Aug 2016 12:36:33 +0000 (UTC) Received: by mail-yw0-f175.google.com with SMTP id j12so14260250ywb.2 for ; Fri, 12 Aug 2016 05:36:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=QCNGoG9HS7KyDU/kF+C4ISeONf/Jx6P7O976MmoGwKs=; b=nQUPu7F+G6IatpgmHszsEGjZQD+vW4Kolh+y2jBv9DP8FkbyOmoS5mWXc3xP55amC3 hfy+xU8iyqNKg94ljfzabEvXNcKgY0Gnk4n09bc2Oxyb5GXC70Nj9DN0HbJ71g8Ss9M7 gq+d2XqinklD9rRh98MO/ReK8U96rwHNhY4LeLkkkodTd9osaE0jHnLfKt7JkabjSuwp DC30Aul2UIzhaQs8DXu9cgUnEGzNpKX3AcJs8X3HFnB+JkT72Q6j/uXHxUAUE+7RvEi2 DpNPodVddNY7ZA00KnDLFzXMrLNV3EQlHdzD5uLt4Zhd6zj7psEYbnWsZVEZarll/PR3 GGKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=QCNGoG9HS7KyDU/kF+C4ISeONf/Jx6P7O976MmoGwKs=; b=BDzl37aPPeVR1feaEgA/wfSDavkX4zYe0Oy4aErhGLGtRG9ZpaUbZvMH4wkKxdytwB FUyVNXUFgTjudN/sUlqEics3IcK9IYG7IDoA7OFjucAz2fC2Jb078qH9m1apLw91VyQt Bj6N2kLDUtlWW+xFsWoYt7baOKPJFYmX3/wZw5TIQ1aie6LoqFz4Den5xalByvIlLROX Yc2xpk09UZbQs3bCGMK8CxJdXop/CV9DDcd2QUDaorU8sA8omNL0XbhZSonMkSXBs94+ hlmgWHQjgvIANDJGaAyxWIhALZQllbwLfSjwHQz/5VIgrsQTHaNNnUb6XbYq9+6zAkeD S9Kw== X-Gm-Message-State: AEkooutgRkxbUYSONN7CSFVX4wbGplsiH2uyX9gwEh6vgERrOMaFQj6sKCPXazC1izjKDFxBVF0BzMaiPrUs1w== X-Received: by 10.129.83.193 with SMTP id h184mr11500483ywb.52.1471005392391; Fri, 12 Aug 2016 05:36:32 -0700 (PDT) MIME-Version: 1.0 Sender: earonesty@gmail.com Received: by 10.37.88.214 with HTTP; Fri, 12 Aug 2016 05:36:31 -0700 (PDT) In-Reply-To: References: From: Erik Aronesty Date: Fri, 12 Aug 2016 08:36:31 -0400 X-Google-Sender-Auth: RkOsHP7uxAvAVVWE3k9FAItXuRY Message-ID: To: Gregory Maxwell Content-Type: multipart/alternative; boundary=001a114d6f1ce0664a0539df2116 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] BIP Number Request: Addresses over Audio X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Aug 2016 12:36:37 -0000 --001a114d6f1ce0664a0539df2116 Content-Type: text/plain; charset=UTF-8 I'm imagining a "publishable seed" such that: - someone can derive a random bitcoin address from it - and send funds to it. - the possible derived address space is large enough that generating all possible addresses would be a barrier - the receiver, however, knowing the private key, can easily scan the blockchain fairly efficiently and determine which addresses he has the keys to - another interested party cannot easily do so Perhaps homomorphic encryption may need to be involved? On Thu, Aug 11, 2016 at 8:36 PM, Gregory Maxwell wrote: > On Thu, Aug 11, 2016 at 8:37 PM, Erik Aronesty via bitcoin-dev > wrote: > > Still not sure how you can take a BIP32 public seed and figure out if an > > address was derived from it though. I mean, wouldn't I have to compute > all > > 2^31 possible public child addresses? > > Which would take a quad core laptop about 8 hours with competent software > > And presumably you're not using the whole 2^31 space else the receiver > also has to do that computation... > --001a114d6f1ce0664a0539df2116 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I'm imagining a "publishable seed" such= that:

=C2=A0- someone can derive a random bitcoin address from it -= =C2=A0 and send funds to it.
=C2=A0- the possible derived address space= is large enough that generating all possible addresses would be a barrier<= br>
=C2=A0- the receiver, however, knowing the private key, can e= asily scan the blockchain fairly efficiently and determine which addresses = he has the keys to
=C2=A0- another interested party cannot ea= sily do so

Perhaps homomorphic encryption may = need to be involved?=C2=A0=C2=A0


On Thu, Aug 11, 2016 at 8:3= 6 PM, Gregory Maxwell <greg@xiph.org> wrote:
On Thu, Aug 11, 2016 at 8:37 PM, Erik Arone= sty via bitcoin-dev
<bitcoin-dev@li= sts.linuxfoundation.org> wrote:
> Still not sure how you can take a BIP32 public seed and figure out if = an
> address was derived from it though.=C2=A0 =C2=A0I mean, wouldn't I= have to compute all
> 2^31 possible public child addresses?

Which would take a quad core laptop about 8 hours with competent sof= tware

And presumably you're not using the whole 2^31 space else the receiver<= br> also has to do that computation...

--001a114d6f1ce0664a0539df2116--