path: root/85/f4b3e3810d79b0b31c9f028f22714d9385cf62

Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <drak@zikula.org>) id 1WNLDY-0002mM-ME
	for bitcoin-development@lists.sourceforge.net;
	Tue, 11 Mar 2014 11:51:32 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of zikula.org
	designates 74.125.82.48 as permitted sender)
	client-ip=74.125.82.48; envelope-from=drak@zikula.org;
	helo=mail-wg0-f48.google.com; 
Received: from mail-wg0-f48.google.com ([74.125.82.48])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WNLDX-0003Hy-9W
	for bitcoin-development@lists.sourceforge.net;
	Tue, 11 Mar 2014 11:51:32 +0000
Received: by mail-wg0-f48.google.com with SMTP id l18so5702402wgh.7
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 11 Mar 2014 04:51:25 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc:content-type;
	bh=yN1NCNQ48ojMwafXc43oz4ACnkbg8aZcS/SVOkIrQWY=;
	b=LJnS2OAmHIloUS86u/r20bABaaonEaSlNCFqXO42sDCJUP56n6JyPi4gJF0/Rh1Fgp
	JsnL23cYqucuVPxcKKXmPXMFrelBjtGPadmB0WSujzLnX6EtS7N4HHgU5aPkGzbPWlYV
	gCXwQJW2bZSxjxXDV/XM/KB2llqMM8Bc8z1Oyb8pzIwT5tRwtgAmDlQJi80pEDEAdrCR
	XcWvmDQ9JqK0n4zWbIOtHCMhIYYsgC08gt8vvJohV0F9zcldTJFXYvabf4tdIyZRIvqk
	mCUc8Kc1UrzFu7Lqq7BCQ9ydheS7ybr3Kg1zApDdqJzBbtcMoVkONcj3yb4rcMaxL684
	Amqg==
X-Gm-Message-State: ALoCoQlm8O9FDeH8I6GBdJt/VKOU2kd5gR1jajS/4+W7zqyuzMMBJtP/lJCyUN2xW9CLdZ13rGC0
X-Received: by 10.180.77.129 with SMTP id s1mr2623031wiw.56.1394538220165;
	Tue, 11 Mar 2014 04:43:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.205.69 with HTTP; Tue, 11 Mar 2014 04:43:20 -0700 (PDT)
In-Reply-To: <CABsx9T3eViYDsEmLm7ceimJNwci3mCOxWoVnVZHrqp7pDmm0+g@mail.gmail.com>
References: <CANAnSg3Bt0e7CfUcJXe96xhU6nqif9ey_vurZMZkSa9OHjHStw@mail.gmail.com>
	<CABsx9T0SMi6Gp4JY=CpHxLEu5pVkvDmnug7PsY7m_dvtT7khzg@mail.gmail.com>
	<531DFDF8.80008@gmail.com> <531E52FE.5090107@jerviss.org>
	<531E5454.1030601@gmail.com>
	<CAJHLa0NZkzQQvMxgCJAJGT=Yn6vrVNK8Bg7RAfAjctpnrfg5zA@mail.gmail.com>
	<CABsx9T3eViYDsEmLm7ceimJNwci3mCOxWoVnVZHrqp7pDmm0+g@mail.gmail.com>
From: Drak <drak@zikula.org>
Date: Tue, 11 Mar 2014 11:43:20 +0000
Message-ID: <CANAnSg2kzPF0886PsQW8chzsWi6Urp+=-x+9bbv8Mv6hmpvBPw@mail.gmail.com>
To: Gavin Andresen <gavinandresen@gmail.com>
Content-Type: multipart/alternative; boundary=f46d043c801e3d337604f4533b55
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
X-Headers-End: 1WNLDX-0003Hy-9W
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>,
	kjj <bitcoin-devel@jerviss.org>
Subject: Re: [Bitcoin-development] Multisign payment protocol?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 11 Mar 2014 11:51:32 -0000

--f46d043c801e3d337604f4533b55
Content-Type: text/plain; charset=UTF-8

Gavin,

You have pretty much nailed my intent in both respects. This sets up a way
to negotiate the address and abstract away the nasty details of finding
public keys from bitcoin addresses, and provides a nice clean way for
redemption abstracting away the long strings of hex.

For redemption, I think as each party signs the tx if the script returns
true, it would be acceptable to just go right ahead and broadcast it, or
maybe as you suggest all signatures go back to the initiating party and
they do the final work.

I very much like the idea of assuming each party uses HD wallets, that
certainly simplifies things greatly. I also like the use of email addresses
as a negotiation medium, but I also wonder if this could be made agnostic
in any BIP proposal so it could work with other communication mediums like
bitmessage for example (just forward thinking anonymity a little).

I definitely think there is a need for a protocol because multisig,
regardless of the application has two technically involved steps:
negotiation of an address, and redemption of any subsequently encumbered
funds. A protocol would enable different wallet implementations to
participate in such a transaction and make wide-spread use much more likely
and possible.

Drak


On 11 March 2014 01:15, Gavin Andresen <gavinandresen@gmail.com> wrote:

> Multisig is orthogonal to the payment protocol (but payment protocol is
> needed first).
>
> There need to be protocols for:
>
> a) Establishing multisig wallets of various sorts. See:
>   https://moqups.com/gavinandresen/no8mzUDB/
>   https://moqups.com/gavinandresen/no8mzUDB/p:ab18547e0
> ... etc.  for a UI mock-up.
>   There needs to be some protocol so all participants in a multisig wallet
> contribute keys (actually, we should just assume everybody uses BIP32 HD
> public keys so we get privacy from the start).
>
> Multi-person shared wallets, escrows, and "wallet protection service"
> wallets (which might be protected with two-factor authentication) are
> different use cases and probably use slightly different protocols (and will
> probably need different BIPs eventually).
>
>
> b) Gathering signatures for a multisig spend. Here is where the payment
> protocol is useful; the PaymentRequest message should be passed around so
> all participants know what is being paid for, and maybe a partially-signed
> Payment message is where the signatures are gathered (or maybe the
> signatures are sent separately and one of the participants creates and
> submits the Payment and gets the PaymentACK... "to be designed").
>   See:
>     https://moqups.com/gavinandresen/no8mzUDB/p:a7e81be96
>     https://moqups.com/gavinandresen/no8mzUDB/p:af7339204
> ... for UI mock-up for the multi-person-spend case.
>
> And maybe a protocol for "I don't want to be part of this multisig any
> more / I lost control of my private key don't trust me in this multisig any
> more".
>
>
>
> On Mon, Mar 10, 2014 at 8:14 PM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>
>> All of that only melds with the payment protocol under an extremely
>> expansive definition of "payment."  The payment protocol is really
>> geared towards a direct one-to-one relationship....
>
>
>
>>
>>
> --
> Gavin Andresen
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/13534_NeoTech
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

--f46d043c801e3d337604f4533b55
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Gavin,<div><br></div><div>You have pretty much nailed my i=
ntent in both respects. This sets up a way to negotiate the address and abs=
tract away the nasty details of finding public keys from bitcoin addresses,=
 and provides a nice clean way for redemption abstracting away the long str=
ings of hex.=C2=A0</div>

<div><br></div><div>For redemption, I think as each party signs the tx if t=
he script returns true, it would be acceptable to just go right ahead and b=
roadcast it, or maybe as you suggest all signatures go back to the initiati=
ng party and they do the final work.</div>

<div><br></div><div>I very much like the idea of assuming each party uses H=
D wallets, that certainly simplifies things greatly. I also like the use of=
 email addresses as a negotiation medium, but I also wonder if this could b=
e made agnostic in any BIP proposal so it could work with other communicati=
on mediums like bitmessage for example (just forward thinking anonymity a l=
ittle).</div>

<div><br></div><div>I definitely think there is a need for a protocol becau=
se multisig, regardless of the application has two technically involved ste=
ps: negotiation of an address, and redemption of any subsequently encumbere=
d funds. A protocol would enable different wallet implementations to partic=
ipate in such a transaction and make wide-spread use much more likely and p=
ossible.</div>

<div><br></div><div>Drak</div><div class=3D"gmail_extra"><br><br><div class=
=3D"gmail_quote">On 11 March 2014 01:15, Gavin Andresen <span dir=3D"ltr">&=
lt;<a href=3D"mailto:gavinandresen@gmail.com" target=3D"_blank">gavinandres=
en@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Multisig is orthogonal to t=
he payment protocol (but payment protocol is needed first).<div><br></div><=
div>

There need to be protocols for:</div><div><br></div><div>a) Establishing mu=
ltisig wallets of various sorts. See:</div>
<div>=C2=A0=C2=A0<a href=3D"https://moqups.com/gavinandresen/no8mzUDB/" tar=
get=3D"_blank">https://moqups.com/gavinandresen/no8mzUDB/</a></div><div>=C2=
=A0=C2=A0<a href=3D"https://moqups.com/gavinandresen/no8mzUDB/p:ab18547e0" =
target=3D"_blank">https://moqups.com/gavinandresen/no8mzUDB/p:ab18547e0</a>=
</div>


<div>... etc. =C2=A0for a UI mock-up.</div><div>=C2=A0 There needs to be so=
me protocol so all participants in a multisig wallet contribute keys (actua=
lly, we should just assume everybody uses BIP32 HD public keys so we get pr=
ivacy from the start).</div>


<div><br></div><div>Multi-person shared wallets, escrows, and &quot;wallet =
protection service&quot; wallets (which might be protected with two-factor =
authentication) are different use cases and probably use slightly different=
 protocols (and will probably need different BIPs eventually).</div>


<div><br></div><div><br></div><div>b) Gathering signatures for a multisig s=
pend. Here is where the payment protocol is useful; the PaymentRequest mess=
age should be passed around so all participants know what is being paid for=
, and maybe a partially-signed Payment message is where the signatures are =
gathered (or maybe the signatures are sent separately and one of the partic=
ipants creates and submits the Payment and gets the PaymentACK... &quot;to =
be designed&quot;).</div>


<div>=C2=A0 See:</div><div>=C2=A0 =C2=A0 <a href=3D"https://moqups.com/gavi=
nandresen/no8mzUDB/p:a7e81be96" target=3D"_blank">https://moqups.com/gavina=
ndresen/no8mzUDB/p:a7e81be96</a></div><div>=C2=A0 =C2=A0=C2=A0<a href=3D"ht=
tps://moqups.com/gavinandresen/no8mzUDB/p:af7339204" target=3D"_blank">http=
s://moqups.com/gavinandresen/no8mzUDB/p:af7339204</a></div>


<div>... for UI mock-up for the multi-person-spend case.</div><div><br></di=
v><div>And maybe a protocol for &quot;I don&#39;t want to be part of this m=
ultisig any more / I lost control of my private key don&#39;t trust me in t=
his multisig any more&quot;.</div>


<div><br></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote=
"><div class=3D"">On Mon, Mar 10, 2014 at 8:14 PM, Jeff Garzik <span dir=3D=
"ltr">&lt;<a href=3D"mailto:jgarzik@bitpay.com" target=3D"_blank">jgarzik@b=
itpay.com</a>&gt;</span> wrote:<br>


</div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;b=
order-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:s=
olid;padding-left:1ex"><div class=3D"">All of that only melds with the paym=
ent protocol under an extremely<br>



expansive definition of &quot;payment.&quot; =C2=A0The payment protocol is =
really<br></div>
geared towards a direct one-to-one relationship....</blockquote><div>=C2=A0=
</div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;b=
order-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:s=
olid;padding-left:1ex">


=C2=A0<br></blockquote></div>--<br>Gavin Andresen<br>
</div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Learn Graph Databases - Download FREE O&#39;Reilly Book<br>
&quot;Graph Databases&quot; is the definitive new guide to graph databases =
and their<br>
applications. Written by three acclaimed leaders in the field,<br>
this first edition is now available. Download your free book today!<br>
<a href=3D"http://p.sf.net/sfu/13534_NeoTech" target=3D"_blank">http://p.sf=
.net/sfu/13534_NeoTech</a><br>_____________________________________________=
__<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div></div>

--f46d043c801e3d337604f4533b55--