Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 1C816F08 for ; Fri, 4 Oct 2019 10:03:15 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ua1-f50.google.com (mail-ua1-f50.google.com [209.85.222.50]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2C852709 for ; Fri, 4 Oct 2019 10:03:13 +0000 (UTC) Received: by mail-ua1-f50.google.com with SMTP id q11so1867348uao.1 for ; Fri, 04 Oct 2019 03:03:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=MFF/hvL8zglvcf0UmnknMTIlGO5VnjbVZ+jipSh3hUc=; b=dMg8O6TS9HOKr03FBNuF0XziVqZEDRxF9y0zTRUuQsjnYi2uNSXrJDvR5+p+2vm3f4 mZw6sTFhj0eNfkSfztn+xS1ud5csaALJDRgs6lG4iXfotIj5MXmGJlVm07xMbPGeRI5b IrSUqr8G07jUyfM7oSUDnSDtsBZxzLcGfGbFSZLoWniIMFQrmFgdEYOE+bUDaKncZAF9 Rc+sPBh5KNZtdQzLJbBNN6EdX8xzPsB55/6Em1peuAOW706iayMjNyNv/yWUTIeUDWyG m0SsLoVie8l9FddKeoxPnsVYvCgnMJeFeluy1hdV7ybcp870oaTp6m72nMpIHsx4XZsd QigQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=MFF/hvL8zglvcf0UmnknMTIlGO5VnjbVZ+jipSh3hUc=; b=K6CPkgUYazN6RdUpGyY9PmXzRvVH+LrieACZ8RmJbzRa3cMoScNFpl10mXugKZxyjW LisVyXoLG5n2MlOTBTAYgLgQEMLdIszOKmQ92/kDxh0yPyyfXTXVwCPQ9m0Be8UCcGbH C0oVczaUkPePzfgRuVG6WelliRN5iLgl6szIdWZysA4RIOL92TSWOgNdPJZXlxRK24pc oM89gbY2n9Kc3QFLX03+77omoAJIaR+gTqHwbsgir9V+IwzqyZqwPoqWKY1ijzXrTJXN LqZMToThehSOvDNciwpfnCOrOfmoNA4YnCgMHH7OFLFq4+QauQN9gaL9nRMJzKmavabc 4F5g== X-Gm-Message-State: APjAAAXzls8eylREPLpWgcCf0p9OQ98KgONkBNsigxPhZZcme9VndJiv uZDUnvqz29Hm3e6KOMWyReVJspSYZQ5pQMxprE8K4w== X-Google-Smtp-Source: APXvYqzUey1RxiWp25uXGecEbja4zqyNuNkItMmCYJ++J1QVsEyctGwxaM4nkViKNX3UwcmkuHOwWjRIowKqJSVmctk= X-Received: by 2002:a9f:21f6:: with SMTP id 109mr4867780uac.109.1570183391738; Fri, 04 Oct 2019 03:03:11 -0700 (PDT) MIME-Version: 1.0 References: <4E84E4B0-7354-4681-985F-3DBFAA4E856F@astrotown.de> In-Reply-To: <4E84E4B0-7354-4681-985F-3DBFAA4E856F@astrotown.de> From: Bryan Bishop Date: Fri, 4 Oct 2019 05:02:59 -0500 Message-ID: To: Bitcoin Dev , Bryan Bishop Content-Type: multipart/alternative; boundary="0000000000004c0557059412cff4" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DOS_RCVD_IP_TWICE_B, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] ChainWallet - A way to prevent loss of funds by physical violence X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Oct 2019 10:03:15 -0000 --0000000000004c0557059412cff4 Content-Type: text/plain; charset="UTF-8" Since the user can't prove that they are using this technique, or petertodd's timelock encryption for that matter, an attacker has little incentive to stop physically attacking until they have a spendable UTXO. I believe you can get the same effect with on-chain timelocks, or delete-the-bits plus a rangeproof and a zero-knowledge proof that the rangeproof corresponds to some secret that can be used to derive the expected public key. I think Jeremy Rubin had an idea for such a proof. Also, adam3us has described a similar thought here: https://bitcointalk.org/index.php?topic=311000.0 - Bryan On Fri, Oct 4, 2019, 4:43 AM Saulo Fonseca via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Hi everyone > > If you are a hodler, I like to propose the creation of a key stretching as > a new layer of protection over your current wallet. > --0000000000004c0557059412cff4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Since the user can't prove that they are using t= his technique, or petertodd's timelock encryption for that matter, an a= ttacker has little incentive to stop physically attacking until they have a= spendable UTXO.

I belie= ve you can get the same effect with on-chain timelocks, or delete-the-bits = plus a rangeproof and a zero-knowledge proof that the rangeproof correspond= s to some secret that can be used to derive the expected public key. I thin= k Jeremy Rubin had an idea for such a proof.

Also, adam3us has described a similar thought here:

- Bryan

On Fri, Oct 4, 2019, 4:43 AM Saulo Fonseca via bitc= oin-dev <bitcoin-dev@lists.linuxfoundation= .org> wrote:
Hi everyone

If you are a hodler,=C2=A0I like to propose the creat= ion of a key stretching as a new layer of protection over your current wall= et.
--0000000000004c0557059412cff4--