oh ok. How can this be established by convention? i.e how would the
client know whether to use 02 or 03?

On 01/08/2015 07:49 PM, Eric Voskuil wrote:
> Maybe I'm missing something, but I thought the idea was that the sign of
> the ephemeral public key would be established by convention and thereby
> not be required in the OP_RETURN *and* not require testing of both signs.
>
> I'd be concerned that by including the sign byte, and with the payment
> id at 5 bytes, we would be limiting the nonce space to one byte. That
> may not be sufficient.
>
> e
>
> On 01/08/2015 03:31 AM, Amir Taaki wrote:
>> Oh if you mean the <P:32>, that doesn't help. It still doubles the
>> number of rows that clients need to process.
>> We want to lessen the processing burden on clients, so they can use a
>> smaller prefix (= more data) to remain more anonymous.
>>
>> On 01/08/2015 12:28 PM, Amir Taaki wrote:
>>> Yep I got rid of that, that's not staying.
>>> That's more the type or info byte.
>>>
>>> On 01/08/2015 08:25 AM, Peter Todd wrote:
>>>> On Thu, Jan 08, 2015 at 05:11:53AM +0100, Amir Taaki wrote:
>>>>> This increases the number of client side computations, which reduces the
>>>>> anonymity. It is trivial for the server to store this data and halves
>>>>> the computation workload for the client, thereby increasing the
>>>>> acceptable working dataset & improving anonymity for the client.
>>>>
>>>> Good point.
>>>>
>>>> However, what about changing the stealth standard itself to not have the
>>>> sign byte in the OP_RETURN? I believe we've discussed this, along with
>>>> getting rid of that version byte. We're still at the point where we can
>>>> change things.
>