public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Jeremy Papp <pappjm@gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Question regarding Confidential Transactions
Date: Tue, 9 Feb 2016 16:12:37 -0600	[thread overview]
Message-ID: <56BA6455.9030803@gmail.com> (raw)
In-Reply-To: <20160209131215.GE2329@banane.informatik.uni-ulm.de>

My understanding of the paper is that the blinding factor would be 
included in the extra data which is incorporated into the ring 
signatures used in the range proof.

Although, since I think the range proof is optional for single output 
transactions (or at least, one output per transaction doesn't require a 
range proof since there's only one possible value that it can be to make 
the whole thing work, and that value must be in range, I'm not entirely 
sure how you'd transmit it then, though in any case, since using it will 
pretty much require segwit, adding extraneous data isn't much of a 
problem.  In both cases, I imagine the blinding factor would be 
protected from outside examination via some form of shared secret 
generation... Although that would require the sender to know the 
recipient's unhashed public key; I don't know of any shared secret 
schemes that will work on hashed keys.

Jeremy Papp

On 2/9/2016 7:12 AM, Henning Kopp via bitcoin-dev wrote:
> Hi all,
>
> I am trying to fully grasp confidential transactions.
>
> When a sender creates a confidential transaction and picks the blinding
> values correctly, anyone can check that the transaction is valid. It
> remains publically verifiable.
> But how can the receiver of the transaction check which amount was
> sent to him?
> I think he needs to learn the blinding factor to reveal the commit
> somehow off-chain. Am I correct with this assumption?
> If yes, how does this work?
>
> All the best
> Henning
>



  reply	other threads:[~2016-02-09 22:12 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-09 13:12 [bitcoin-dev] Question regarding Confidential Transactions Henning Kopp
2016-02-09 22:12 ` Jeremy Papp [this message]
2016-02-10 11:53   ` Henning Kopp
2016-02-10 16:39     ` Jeremy Papp
2016-02-13 16:55       ` Adam Gibson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56BA6455.9030803@gmail.com \
    --to=pappjm@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox