Tim Ruffing [ARCHIVE] on Nostr: 📅 Original date posted:2020-03-24 📝 Original message:Hi Dustin, That sounds ...
📅 Original date posted:2020-03-24
📝 Original message:Hi Dustin,
That sounds interesting but I can't follow your email to be honest.
On Mon, 2020-03-23 at 07:38 -0700, Dustin Dettmer via bitcoin-dev
wrote:
> This mitigates, I believe, all leak vectors besides k/R hacking and
> prechosen entropy.
Hm, so what vectors is this supposed to mitigate? Leaking through the
generated public keys? Anything else?
Here are a few questions:
- What are you trying to achieve? You seem to describe how you get
from the setup to the goal in four steps but I don't understand what
the setup is or what the goal is. (What's a storage solution?)
- "all SW being compromised" do you mean "SW and HW compromised"? Note
that SW and HW are parties in Pieter's writeup, not just abbreviations
for software and hardware.
- Where are the two stages? You mention four steps.
- Where do you run the external software? On a second SW? Is this the
second stage?
- Do you use unhardened derivation?
- What's a k commitment?
Best,
Tim
📝 Original message:Hi Dustin,
That sounds interesting but I can't follow your email to be honest.
On Mon, 2020-03-23 at 07:38 -0700, Dustin Dettmer via bitcoin-dev
wrote:
> This mitigates, I believe, all leak vectors besides k/R hacking and
> prechosen entropy.
Hm, so what vectors is this supposed to mitigate? Leaking through the
generated public keys? Anything else?
Here are a few questions:
- What are you trying to achieve? You seem to describe how you get
from the setup to the goal in four steps but I don't understand what
the setup is or what the goal is. (What's a storage solution?)
- "all SW being compromised" do you mean "SW and HW compromised"? Note
that SW and HW are parties in Pieter's writeup, not just abbreviations
for software and hardware.
- Where are the two stages? You mention four steps.
- Where do you run the external software? On a second SW? Is this the
second stage?
- Do you use unhardened derivation?
- What's a k commitment?
Best,
Tim