diff options
| author | Ruben Somsen <rsomsen@gmail.com> | 2022-10-18 14:40:38 +0200 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2022-10-18 12:40:51 +0000 |
| commit | febb184322081f044ce0e2c93fa46e652a70d11e (patch) | |
| tree | 7928c53ddd348296df15f5f3ad879e1ba0ce3ce4 | |
| parent | 7c2cf734549ccdaee850522d06b729809ff12378 (diff) | |
| download | pi-bitcoindev-febb184322081f044ce0e2c93fa46e652a70d11e.tar.gz pi-bitcoindev-febb184322081f044ce0e2c93fa46e652a70d11e.zip | |
Re: [bitcoin-dev] Trustless Address Server – Outsourcing handing out addresses to prevent address reuse
| -rw-r--r-- | b5/e50e3c04b60db8a46fa280eec49b44e2c3d49c | 214 |
1 files changed, 214 insertions, 0 deletions
diff --git a/b5/e50e3c04b60db8a46fa280eec49b44e2c3d49c b/b5/e50e3c04b60db8a46fa280eec49b44e2c3d49c new file mode 100644 index 000000000..1211caea3 --- /dev/null +++ b/b5/e50e3c04b60db8a46fa280eec49b44e2c3d49c @@ -0,0 +1,214 @@ +Return-Path: <rsomsen@gmail.com> +Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) + by lists.linuxfoundation.org (Postfix) with ESMTP id 6B145C002D + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 18 Oct 2022 12:40:51 +0000 (UTC) +Received: from localhost (localhost [127.0.0.1]) + by smtp4.osuosl.org (Postfix) with ESMTP id 35E4241932 + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 18 Oct 2022 12:40:51 +0000 (UTC) +DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 35E4241932 +Authentication-Results: smtp4.osuosl.org; + dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com + header.a=rsa-sha256 header.s=20210112 header.b=qmp7HCuM +X-Virus-Scanned: amavisd-new at osuosl.org +X-Spam-Flag: NO +X-Spam-Score: -2.098 +X-Spam-Level: +X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 + tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, + DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, + HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, + SPF_PASS=-0.001] autolearn=ham autolearn_force=no +Received: from smtp4.osuosl.org ([127.0.0.1]) + by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 4MsOLpoO7uGl + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 18 Oct 2022 12:40:50 +0000 (UTC) +X-Greylist: whitelisted by SQLgrey-1.8.0 +DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org C9BE34183E +Received: from mail-oo1-xc32.google.com (mail-oo1-xc32.google.com + [IPv6:2607:f8b0:4864:20::c32]) + by smtp4.osuosl.org (Postfix) with ESMTPS id C9BE34183E + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 18 Oct 2022 12:40:49 +0000 (UTC) +Received: by mail-oo1-xc32.google.com with SMTP id + s125-20020a4a5183000000b0047fbaf2fcbcso3038882ooa.11 + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 18 Oct 2022 05:40:49 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; + h=cc:to:subject:message-id:date:from:in-reply-to:references + :mime-version:from:to:cc:subject:date:message-id:reply-to; + bh=lqAB2G0fs6wEN+LSIKjHmckOCTcBABBxw9J2GbRZE1M=; + b=qmp7HCuMMxPPNPMHFuhFGT8XFPk1nvK4UfJYaDendEK1YmNzUcUU1xfabBW1kydkTz + 7KZxhKUGF7kTmuctPnUrHFLIuQPxqpJ14w7xvMkJX2t7glrFKzmw4P2Rulo/EgEFVLzy + wPNCBL0V35zacgtJAfnY5GC0Zu7gDIJgXY+sC1tJG/M4ys+y9v/qEvB4cnDda+me96ZA + DQUhCn7D/8/VLOUwquGkjlFaL8qlw2sK8Ai6DrvkOn8JtplN9xNX9t6868pox7j06whM + xKH2OtHscj9yl38+Ni3i2bpiYx8Oa2hbxZpMfAyrRCljm4rT84+Q3C0Y3bmUzW0bNi/g + PIZQ== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20210112; + h=cc:to:subject:message-id:date:from:in-reply-to:references + :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id + :reply-to; + bh=lqAB2G0fs6wEN+LSIKjHmckOCTcBABBxw9J2GbRZE1M=; + b=mEfpGMyvbPSNOEA/znh9/K4YoiNHklImxTOvMqc4CC723ui7KUBUDEwUPPN4xgcv0u + pEKQRAPOxAJyKRmvW5szF7yeLXgYzmzlxZWcWwBMcoPOfqC3mhF9vrnwQR0tEu8xWuZk + I8LIQNnS4ewDNTVh27FCknwpHLtsYaqiO1YB456cqgbvWxzK+8SFp3V5ClEf8Xhd2WHC + 3aQgXFG3J8WA/9FiedL31unlb7/A5knwwdOwN2WuFD6eHqaSGmI7WJICEVo6lToBAMH9 + 0zKqqrZD88Rj+L91Wa/Zo2JPIrmVFKqGdZyVTkxs4H9kuJjbiq216fsZTAhXUJ+86714 + WWJw== +X-Gm-Message-State: ACrzQf0SaB2dlGF0pj0E1RgZ000ma4k+d3u06ooRqYBI4CZM7LyZhkug + brGq0grxWFZ0eqt+J6sb/GbPNojVQIRxyaz3hRk= +X-Google-Smtp-Source: AMsMyM66KYFmo1EfLvBORIuSK1Q5cVnTzk92stk3nt9EJvD/wvFdFWEZJqCwUyFCU+YPhZiObbyqeYq8XR2Dx3KM+cQ= +X-Received: by 2002:a4a:af4d:0:b0:475:dcf4:65fb with SMTP id + x13-20020a4aaf4d000000b00475dcf465fbmr1141619oon.1.1666096848705; Tue, 18 Oct + 2022 05:40:48 -0700 (PDT) +MIME-Version: 1.0 +References: <CAPv7TjbOcH2mte8SWALc2o5aEKLO7qoZ-M_e1wHdGSp6EmMc2Q@mail.gmail.com> + <9f399e0c2713f2b1d2534cd754356bb5@dtrt.org> + <CAPv7TjY=35H2rmCxBavLwe3+8A9osao0QAMF_grb6WFA502b5Q@mail.gmail.com> + <1-euAstnYmNT7A9s0rniXdimmudFXODjkXiYXLK1hx1W7f_2rBLD1lPpaNi9Vx9tq2oahdCs6wDuXMy9SR6WfRTYzl2vDxSi6IVQLELKNLs=@protonmail.com> + <CABaSBazV-ZO2kUEZzDubGQbxn-zt4acJ1wQxzJo9y4qFYtWM-w@mail.gmail.com> +In-Reply-To: <CABaSBazV-ZO2kUEZzDubGQbxn-zt4acJ1wQxzJo9y4qFYtWM-w@mail.gmail.com> +From: Ruben Somsen <rsomsen@gmail.com> +Date: Tue, 18 Oct 2022 14:40:38 +0200 +Message-ID: <CAPv7TjYnM=3RMAwXe_Ssa-RXz5CxP0xAxxLdQVq79T5BYvT9mQ@mail.gmail.com> +To: rot13maxi <rot13maxi@protonmail.com> +Content-Type: multipart/alternative; boundary="000000000000d41cea05eb4e6688" +X-Mailman-Approved-At: Tue, 18 Oct 2022 12:49:26 +0000 +Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org> +Subject: Re: [bitcoin-dev] + =?utf-8?q?Trustless_Address_Server_=E2=80=93_Outsou?= + =?utf-8?q?rcing_handing_out_addresses_to_prevent_address_reuse?= +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.15 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Tue, 18 Oct 2022 12:40:51 -0000 + +--000000000000d41cea05eb4e6688 +Content-Type: text/plain; charset="UTF-8" + +Hi Rijndael, + +I think your thoughts are pretty much compatible with this proposal, as +what I'm describing (the recipient signing their keys) is also essentially +a form of authentication. + +It's a good observation that in general this makes the communication of +addresses more secure. I do wish to re-emphasize Bryan's remark that you +still need to ensure the pubkey itself is securely communicated. + +>depending on the setup, this could be that the address server also has the +Address Authentication privkey for bob, or it could be that bob gets some +callback or notification, or that bob has pre-signed a batch of addresses + +In my opinion the only meaningful distinction is whether Bob runs the +Trustless Address Server himself (full privacy) or not. In either case I +see no reason to diverge from the model where Bob deposits a batch of +signed keys to the server, ensuring that no malicious addresses can be +handed out. + +Note I discussed the Trustless Address Server design in the first 20 +minutes of this podcast: +https://twitter.com/bitcoinoptech/status/1580573594656333825 + +And I also brought it up in my presentation at Tabconf last Saturday, but +that video isn't online yet. + +Cheers, +Ruben + + + +On Tue, Oct 18, 2022 at 2:07 AM Bryan Bishop via bitcoin-dev < +bitcoin-dev@lists.linuxfoundation.org> wrote: + +> On Mon, Oct 17, 2022 at 7:05 PM rot13maxi via bitcoin-dev < +> bitcoin-dev@lists.linuxfoundation.org> wrote: +> +>> Unbeknownst to them, the clipboard contents have been replaced with an +>> address controlled by some bad actor. +>> +> [snip] +> +>> Now imagine instead that the wallet has some address book with a pubkey +>> for each recipient the user wants to send bitcoin to. +>> +> +> Isn't this the same problem but now for copy-pasting pubkeys instead of an +> address? +> +> - Bryan +> https://twitter.com/kanzure +> _______________________________________________ +> bitcoin-dev mailing list +> bitcoin-dev@lists.linuxfoundation.org +> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +> + +--000000000000d41cea05eb4e6688 +Content-Type: text/html; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr">Hi=C2=A0Rijndael,<div><br></div><div>I think your thoughts= + are pretty much compatible with this proposal, as what I'm describing = +(the=C2=A0recipient signing their keys) is also essentially a form of authe= +ntication.</div><div><br></div><div>It's a good=C2=A0observation that i= +n general this makes the communication of addresses more secure. I do wish = +to re-emphasize Bryan's remark that you still need to ensure the pubkey= + itself is securely communicated.</div><div><br></div><div>>depending on= + the setup, this could be that the address server also has the Address Auth= +entication privkey for bob, or it could be that bob gets some callback or n= +otification, or that bob has pre-signed a batch of addresses</div><div><br>= +</div><div>In my opinion the only meaningful distinction is whether Bob run= +s the Trustless Address Server himself (full privacy) or not. In either cas= +e I see no reason to diverge from the model where Bob deposits a batch of s= +igned keys to the server,=C2=A0ensuring that no malicious addresses can be = +handed out.</div><div><br></div><div>Note I discussed the Trustless Address= + Server design in the first 20 minutes of this podcast:</div><div><a href= +=3D"https://twitter.com/bitcoinoptech/status/1580573594656333825">https://t= +witter.com/bitcoinoptech/status/1580573594656333825</a><br></div><div><br><= +/div><div>And I also brought it up in my presentation at Tabconf last Satur= +day, but that video isn't online yet.</div><div><br></div><div>Cheers,<= +/div><div>Ruben</div><div><br></div><div><br></div></div><br><div class=3D"= +gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, Oct 18, 2022 at = +2:07 AM Bryan Bishop via bitcoin-dev <<a href=3D"mailto:bitcoin-dev@list= +s.linuxfoundation.org">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:= +<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8= +ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr= +"><div dir=3D"ltr">On Mon, Oct 17, 2022 at 7:05 PM rot13maxi via bitcoin-de= +v <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_b= +lank">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:<br></div><div cl= +ass=3D"gmail_quote"><blockquote class=3D"gmail_quote" style=3D"margin:0px 0= +px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div = +style=3D"font-family:Arial;font-size:14px">Unbeknownst to them, the clipboa= +rd contents have been replaced with an address controlled by some bad actor= +.<br></div></blockquote><div>[snip]=C2=A0</div><blockquote class=3D"gmail_q= +uote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,2= +04);padding-left:1ex"><div style=3D"font-family:Arial;font-size:14px">Now i= +magine instead that the wallet has some address book with a pubkey for each= + recipient the user wants to send bitcoin to.<br></div></blockquote><div><b= +r>Isn't this the same problem but now for copy-pasting pubkeys instead = +of an address?<br><br></div></div><div dir=3D"ltr"><div dir=3D"ltr">- Bryan= +<br><a href=3D"https://twitter.com/kanzure" target=3D"_blank">https://twitt= +er.com/kanzure</a></div></div></div> +_______________________________________________<br> +bitcoin-dev mailing list<br> +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">= +bitcoin-dev@lists.linuxfoundation.org</a><br> +<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" = +rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail= +man/listinfo/bitcoin-dev</a><br> +</blockquote></div> + +--000000000000d41cea05eb4e6688-- + |