Jeremy Spilman [ARCHIVE] on Nostr: 📅 Original date posted:2014-01-13 📝 Original message:> Uh while I'm responding ...
📅 Original date posted:2014-01-13
📝 Original message:> Uh while I'm responding again, what I'd discussed with Peter Todd in
> IRC used two EC points in the stealth address. One for the payment and
> one for the ECDH. The reason to use two is that it makes delegating
> detection possible and so you don't have to have you spending keys
> online to even detect these payments. Why'd that get dropped?
I think this is exactly what I've implemented.
I decided to put both pubKeys in a 2-of-2 multisig, instead of keeping one of the pubKeys in the OP-RETURN, to prevent a malicious sender from triggering false positives on your online detection key when the funds are actually still fully controlled by the payer.
You can still have a false positive (only 1 of 2 keys actually yours) but the funds would be trapped so it's unlikely anyone would do it.
Can you take a look at the Gist and TXs on TestNet I sent out, and see if that's in line with what you expected?
I would also greatly appreciate if you could review the discussion around doing two ECDH operations with a single ephemeral key.
Thanks!
--Jeremy
📝 Original message:> Uh while I'm responding again, what I'd discussed with Peter Todd in
> IRC used two EC points in the stealth address. One for the payment and
> one for the ECDH. The reason to use two is that it makes delegating
> detection possible and so you don't have to have you spending keys
> online to even detect these payments. Why'd that get dropped?
I think this is exactly what I've implemented.
I decided to put both pubKeys in a 2-of-2 multisig, instead of keeping one of the pubKeys in the OP-RETURN, to prevent a malicious sender from triggering false positives on your online detection key when the funds are actually still fully controlled by the payer.
You can still have a false positive (only 1 of 2 keys actually yours) but the funds would be trapped so it's unlikely anyone would do it.
Can you take a look at the Gist and TXs on TestNet I sent out, and see if that's in line with what you expected?
I would also greatly appreciate if you could review the discussion around doing two ECDH operations with a single ephemeral key.
Thanks!
--Jeremy