1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pete@petertodd.org>) id 1W34q1-0000s7-2F
for bitcoin-development@lists.sourceforge.net;
Tue, 14 Jan 2014 14:19:29 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
designates 62.13.148.110 as permitted sender)
client-ip=62.13.148.110; envelope-from=pete@petertodd.org;
helo=outmail148110.authsmtp.com;
Received: from outmail148110.authsmtp.com ([62.13.148.110])
by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1W34pv-0000Ns-9m for bitcoin-development@lists.sourceforge.net;
Tue, 14 Jan 2014 14:19:29 +0000
Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235])
by punt14.authsmtp.com (8.14.2/8.14.2) with ESMTP id s0EEJH4b006046;
Tue, 14 Jan 2014 14:19:17 GMT
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
(authenticated bits=128)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s0EEJ8Dv089764
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Tue, 14 Jan 2014 14:19:10 GMT
Date: Tue, 14 Jan 2014 09:19:08 -0500
From: Peter Todd <pete@petertodd.org>
To: Jeremy Spilman <jeremy@taplink.co>
Message-ID: <20140114141908.GB29950@savin>
References: <op.w9c5o7vgyldrnw@laptop-air.hsd1.ca.comcast.net>
<20140110102037.GB25749@savin>
<op.w9kkxcityldrnw@laptop-air.hsd1.ca.comcast.net>
<CABsx9T2G=yqSUGr0+Ju5-z9P++uS20AwLC+c3DnFMHtcQjQK6w@mail.gmail.com>
<CAAS2fgTz0TaGhym_35V3N2-vHVzU9BeuV8q+QJjwh5bg77FEZg@mail.gmail.com>
<20140113194049.GJ38964@giles.gnomon.org.uk>
<CANAnSg30V01B_3LCJ09sTwcsYa4_WOg3sKd-=p6COZS6w0b-uA@mail.gmail.com>
<52D4458C.6010909@gmail.com>
<CAAS2fgTzVWUF_B_-1jkRs3WZ8Um_CcHeH7uFU0eLncgEqQ01HQ@mail.gmail.com>
<19AE1549-16E0-4119-8BE9-8F4DFD3381C1@taplink.co>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="oC1+HKm2/end4ao3"
Content-Disposition: inline
In-Reply-To: <19AE1549-16E0-4119-8BE9-8F4DFD3381C1@taplink.co>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: d6bea78a-7d26-11e3-b802-002590a15da7
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdwYUElQaAgsB AmIbWlBeUVR7WGI7 bAxPbAVDY01GQQRq
WVdMSlVNFUsrAWl0 fBZqFBl6fgJAfDBx Zk5hWD4PWhYvJEF1
E1NTQW8AeGZhPWMC AkhYdR5UcAFPdx8U a1UrBXRDAzANdhES
HhM4ODE3eDlSNilR RRkIIFQOdA4wAjM1 QwwCVRwjEVcIXD4+ NHQA
X-Authentic-SMTP: 61633532353630.1023:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1W34pv-0000Ns-9m
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Stealth Addresses
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2014 14:19:29 -0000
--oC1+HKm2/end4ao3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jan 13, 2014 at 02:02:00PM -0800, Jeremy Spilman wrote:
>=20
> > Uh while I'm responding again, what I'd discussed with Peter Todd in
> > IRC used two EC points in the stealth address. One for the payment and
> > one for the ECDH. The reason to use two is that it makes delegating
> > detection possible and so you don't have to have you spending keys
> > online to even detect these payments. Why'd that get dropped?
>=20
> I think this is exactly what I've implemented.
>=20
> I decided to put both pubKeys in a 2-of-2 multisig, instead of keeping on=
e of the pubKeys in the OP-RETURN, to prevent a malicious sender from trigg=
ering false positives on your online detection key when the funds are actua=
lly still fully controlled by the payer.
>=20
> You can still have a false positive (only 1 of 2 keys actually yours) but=
the funds would be trapped so it's unlikely anyone would do it.=20
How would they trigger false positives? The payee recovers the nonce
with ECDH from the payor's ephemereal pubkey and their online detection
secret key. They use BIP32 public derivation with their offline spending
pubkey(s), if the derived pubkeys match the actual scriptPubKey they
know the output is spendable by them. I don't see how that can go wrong.
--=20
'peter'[:-1]@petertodd.org
000000007dd7a87aec311fb7fb13770f54edf628e6976f8c6091a5b2638878a7
--oC1+HKm2/end4ao3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQGrBAEBCACVBQJS1UdbXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwN2RkN2E4N2FlYzMxMWZiN2ZiMTM3NzBmNTRlZGY2MjhlNjk3NmY4YzYw
OTFhNWIyNjM4ODc4YTcvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfsV8Qf+LQ5Gdb3uKMh95chR1IonmIzK
0n3P8E59oYpc/b7YLANfHAUARh/SYkDV/f5Sq5q38bvcGY61suOVqL6FPI2fMYEj
N96hhNWPlqgqj9m4ak2vVnaX193ImVa5tsaDjBPOXCztr7DVoNqy0v+a/TFl3Eu6
Fqr4pm8y9M1fmjOlen+DBEnSTNJgs1hJcCeZy1Qe7+eDTCaqYf4nHmU7Zl2xkFXn
vHf40N2L5HyTJilWgPHD2KnSVNERGp7F7c4hGvW2YzAUi+YLPypvPH/T19o9Ldgv
pZuprzTBA3c3TCTHjzOXwBcK8TNGai+7BTH1USQDUqfbl1lzJKv1C0dbxWagPQ==
=l02T
-----END PGP SIGNATURE-----
--oC1+HKm2/end4ao3--
|
