ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2021-09-20 📝 Original message: Good morning SomberNight, ...
📅 Original date posted:2021-09-20
📝 Original message:
Good morning SomberNight,
> Solutions:
>
> 1. Naively, we could just derive a static key to be used as
> payment_basepoint, reused between all our channels, and watch the
> single resulting p2wsh script on-chain.
> Clearly this has terrible privacy implications.
If the only problem is horrible privacy, and you have an `OP_RETURN` identifying the channel counterparty node id anyway, would it not be possible to tweak this for each channel?
static_payment_basepoint_key + hash(seed | counterparty_node_id)
This (should) result in a unique key for each counterparty, yet each individual counterparty cannot predict this tweak (and break your privacy by deriving the `static_payment_basepoint_key * G`).
?
Regards,
ZmnSCPxj
📝 Original message:
Good morning SomberNight,
> Solutions:
>
> 1. Naively, we could just derive a static key to be used as
> payment_basepoint, reused between all our channels, and watch the
> single resulting p2wsh script on-chain.
> Clearly this has terrible privacy implications.
If the only problem is horrible privacy, and you have an `OP_RETURN` identifying the channel counterparty node id anyway, would it not be possible to tweak this for each channel?
static_payment_basepoint_key + hash(seed | counterparty_node_id)
This (should) result in a unique key for each counterparty, yet each individual counterparty cannot predict this tweak (and break your privacy by deriving the `static_payment_basepoint_key * G`).
?
Regards,
ZmnSCPxj