:: Re: [unSYSTEM] Stealth Bitcoin Addr…
Top Page
Delete this message
Reply to this message
Author: Robert Williamson
Date:  
To: System undo crew
Subject: Re: [unSYSTEM] Stealth Bitcoin Addresses
Semi-working example of stealth addresses, without needing to embed data in
the blockchain,

people just need to share their mpks and expect or subscribe to addresses
generated from the shared secret.

https://gist.github.com/Bobalot/8446822

Thanks
Bob



On 15 January 2014 18:41, Robert Williamson <bobalot@???> wrote:

> Reading through this now and on irc, might not reply straight away.
>
>
> On 15 January 2014 14:11, Amir Taaki <genjix@???> wrote:
>
>> Robert, maybe you're interested to participate in this conversation:
>>
>> https://groups.google.com/d/msg/twister-users/cgxyB2oOQkk/Ov-MUUv3uG4J
>>
>> Also about the secret, it allows you to put a static address somewhere
>> and receive anonymous payments. It doesn't preclude treating the address
>> itself like a secret though and sending that over a special channel like
>> Twister uniquely to different participants. You don't have to send
>> everyone the same address.
>>
>> Together with those 3 schemes 1) Twister transmission 2) Stealth
>> addresses 3) CoinJoin, we have very strong financial privacy.
>>
>> Are you on IRC ever? I'm in Freenode #darkwallet. I've got some
>> questions if you're around in next few days for some minutes.
>>
>> On 15/01/14 13:19, Robert Williamson wrote:
>> > Ah this has all just clicked with me, using Diffie-Hellman to create a
>> > shared secret then using that to encrypt the nonce.
>> >
>> > This could also be used for generating a temporary/disposable aes key
>> > for encrypting messages between people.
>> >
>> > satoshi mentioned that storing data in the blockchain or anywhere
>> > publicly might be a bad idea as if you had your private key compromised
>> > then all the data would be revealed.
>> >
>> > https://bitcointalk.org/index.php?topic=25.msg159#msg159 (post 10)
>> >
>> > Doing private messages/etc over twister or another distributed platform
>> > this is probably a good way to do it securely without having your key
>> > attached to every message that is sent.
>> >
>> > Thanks
>> > Bob
>> >
>> >
>> >
>> >
>> >
>> > On 15 January 2014 12:33, Amir Taaki <genjix@???
>> > <mailto:genjix@riseup.net>> wrote:
>> >
>> >     some code: https://gist.github.com/jspilman/8396495

>> >
>> >     On 15/01/14 03:57, Thomas Hartman wrote:
>> >     > Awesome if true.
>> >     >
>> >     > On Jan 14, 2014 5:38 PM, "Amir Taaki" <genjix@???
>> >     <mailto:genjix@riseup.net>
>> >     > <mailto:genjix@riseup.net <mailto:genjix@riseup.net>>> wrote:

>> >     >
>> >     >     I'm not sure that's true (asked Peter about it):

>> >     >
>> >     >     <petertodd> stealth addresses are "I give you a chain code,
>> you
>> >     >     derive new
>> >     >     pubkeys with random 32-byte nonces, and then encrypt that
>> nonce in
>> >     >     the tx
>> >     >     itself so I can decrypt it and recover the funds"

>> >     >
>> >     >     if so then combined with CoinJoin this is holy-grail, and we
>> don't
>> >     >     need to
>> >     >     worry about Twister/XMPP/BitMessage for transmitting secrets
>> >     around.

>> >     >
>> >     >     > So sad that you're fed up with me.

>> >     >     >
>> >     >     > This seems great for fairly anonymous payments.

>> >     >     >
>> >     >     > My only problem is if the deterministic offset n is encoded
>> >     in the
>> >     >     paying
>> >     >     > transaction then anyone else you also gave that mpk to, will
>> >     also
>> >     >     see the
>> >     >     > address.

>> >     >     >
>> >     >     > So I still really prefer some solution where payment
>> >     addresses are
>> >     >     > contracted and signed by a key, for either a one off payment
>> >     or a
>> >     >     sequence
>> >     >     > of payments over a period.

>> >     >     >
>> >     >     > Thanks
>> >     >     > Bob
>> >     >     > On 14 Jan 2014 00:31, "Nicolás Mendoza"
>> >     <nicolasmendo@??? <mailto:nicolasmendo@gmail.com>
>> >     >     <mailto:nicolasmendo@gmail.com
>> >     <mailto:nicolasmendo@gmail.com>>> wrote:

>> >     >     >
>> >     >     >> Thanks for using Drak in your example, I'm fed up with Bob
>> >     and Alice

>> >     >     >>

>> >     >     >>
>> >     >     >> On Tue, Jan 14, 2014 at 5:29 AM, Amir Taaki
>> >     <genjix@??? <mailto:genjix@riseup.net>
>> >     >     <mailto:genjix@riseup.net <mailto:genjix@riseup.net>>> wrote:

>> >     >     >>
>> >     >     >>> great, thanks for showing me this. I know the basic idea.
>> >     The only
>> >     >     >>> thing
>> >     >     >>> I'd add is that once you know the nonce, that the payor
>> >     doesn't
>> >     >     need to
>> >     >     >>> recreate these txs repeatedly. So when I pay Drak, I only
>> >     need to do
>> >     >     >>> this the first ever time I pay Drak.

>> >     >     >>>
>> >     >     >>> On 13/01/14 19:49, Drak wrote:
>> >     >     >>> > Have you guys seen this discussion on the bitcoin
>> >     mailing list
>> >     >     (and
>> >     >     >>> now
>> >     >     >>> > there is a working
>> >     >     >>> > implementation):

>> >     >     >>>
>> http://sourceforge.net/mailarchive/message.php?msg_id=31813471

>> >     >     >>> >
>> >     >     >>> > Seems to be a major step forward in terms of privacy.
>> >     Probably
>> >     >     needs
>> >     >     >>> a
>> >     >     >>> > few more technical eyes on it but it looks really
>> promising.

>> >     >     >>> >
>> >     >     >>> > Drak

>> >     >     >>> >

>> >     >     >>> >
>> >     >     >>> > _______________________________________________
>> >     >     >>> > unSYSTEM mailing list: http://unsystem.net

>> >     >     >>> >
>> >     https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >     >>> >

>> >     >     >>>

>> >     >     >>>
>> >     >     >>> _______________________________________________
>> >     >     >>> unSYSTEM mailing list: http://unsystem.net

>> >     >     >>>
>> >     https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >     >>>

>> >     >     >>>

>> >     >     >>

>> >     >     >>
>> >     >     >> --
>> >     >     >> Nicolas Mendoza

>> >     >     >>
>> >     >     >> PhD Researcher
>> >     >     >> School of Creative Media
>> >     >     >> City University of Hong Kong
>> >     >     >> China PDR - HKSAR

>> >     >     >>

>> >     >     >>
>> >     >     >> _______________________________________________
>> >     >     >> unSYSTEM mailing list: http://unsystem.net

>> >     >     >>
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >     >>

>> >     >     >>
>> >     >     > _______________________________________________
>> >     >     > unSYSTEM mailing list: http://unsystem.net

>> >     >     >
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >     >

>> >     >

>> >     >
>> >     >     _______________________________________________
>> >     >     unSYSTEM mailing list: http://unsystem.net

>> >     >
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >

>> >     >

>> >     >
>> >     > _______________________________________________
>> >     > unSYSTEM mailing list: http://unsystem.net
>> >     > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >     >

>> >
>> >
>> >     _______________________________________________
>> >     unSYSTEM mailing list: http://unsystem.net
>> >     https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>> >
>> >
>> >
>> >
>> > _______________________________________________
>> > unSYSTEM mailing list: http://unsystem.net
>> > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>> >
>>
>>
>> _______________________________________________
>> unSYSTEM mailing list: http://unsystem.net
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>
>>
>