From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Tue, 16 Jul 2024 10:57:48 -0700 Received: from mail-vs1-f59.google.com ([209.85.217.59]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sTmQu-0002eF-2E for bitcoindev@gnusha.org; Tue, 16 Jul 2024 10:57:48 -0700 Received: by mail-vs1-f59.google.com with SMTP id ada2fe7eead31-4900d3556b7sf19976137.0 for ; Tue, 16 Jul 2024 10:57:47 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1721152662; cv=pass; d=google.com; s=arc-20160816; b=KKG+nSzzZ01KXInYcc+tKWMJALM3VePEYe8LV8tPsOJAPSfS7bCVgsQLdelExQsNjV ymHkwtd4TQ0k8Hit2zl0RvXEAECBX46ssoQQbBUvcYfy6d5l+daDcg1WPm75N4Y5GAaF Li3tJZSHxX4k4he846dDK7LR8emj0nDM+eLF6uZUAmttFw+AXab4bttJMf7FLWNfRrYG sbPUPnH3411CVYiICeLyNqTzOVcQXEPexJWrqqI4iuOeR0RTcc8DKh+ITgQe7WYyswXQ G5zvw4CiFwBdNcjMjIvPMZ318f4faAvLdvLZVjZ1LvojUAhS+SDy6N1OJ5gnZMmvf4Jt 8srA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :sender:dkim-signature; bh=v8az7NQvvletvFBvf1wSgTxBvtncRlVkgrJLn4CAads=; fh=UFddz5FsfCUoFRKP1BByjflA/702FHZL2L+UkvcsYdA=; b=lVWRVYtCypPdxILXMoeXD1duMdrsJSjIOLryIyDK0bZLlCmJvMKYo73mu2XykeeedU YBfrfnTKh19BLUBKI+pULSDYv0T77KY4Zm0iFm+NvoF/y80ReqKPIucFPSR7uNmoHjC2 /hTwbMaEXwzs5/MyTNaX4I8pPs2stTO6hnsfMTHP/gHhAzcnjIoBzx00hT33K/KbzboU 8W/KYijKrKYiLhQp6aA9cv3NX2F74KelKy7Rra8+7ZZFbu2SvAEqnC5nn9Ov4Fyrw69I Q9C9Hliw5VgRDxwFFLQFVISQ6wZEu0u7ujct9Z5VusMCWKfsnZZTneOwlT2phhfcZ8Y/ Q2zw==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="cRRk6/T/"; spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::630 as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721152662; x=1721757462; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:from:content-language:references:cc :to:subject:user-agent:mime-version:date:message-id:sender:from:to :cc:subject:date:message-id:reply-to; bh=v8az7NQvvletvFBvf1wSgTxBvtncRlVkgrJLn4CAads=; b=GAeqM0z4x45KajpHLUOTkTgpjxj44LBmWQM6XgYZDa8a7OLFQhIR0U81iqjzG+DluM DT26YRtONPMFMplRGroBbPhG9HfGI2W/gX4XJkf7uyifglLomw2BXBYMV4Y0tgMilItC GR8vA+gJ2LuTefN+m0Cy/ovhN3V6l9mF/dAsr5iZ9R+1e3N4huPmEk3Uewetj3MBunGS jlAT875PSXwcsCfvqEAcGEOqFX1HQNSXZ8rRn8AYWoVCoHroowzpt2ib6t/w53C9X89c oMsT2nq7HUgwrOTw0yi3YxYYCv0T+Q7jTmQMKJ6CobwiJd1kip6meb32ntLfb9Sf48Ls KxOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721152662; x=1721757462; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:from:content-language:references:cc :to:subject:user-agent:mime-version:date:message-id:sender :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=v8az7NQvvletvFBvf1wSgTxBvtncRlVkgrJLn4CAads=; b=EGGdDONwAmfCzP5mWILEMCKPQgGdPY6RoOmGPzF73l6GRA1xrI5FZbmH0zTdEa1nc8 XFTZEQhTTrDSN4YutVGPRsZlopFmOA/bK8XWfUk0+u7jZfsJiWIc/ck/dkIv2fphwH5+ FglGWNR7VtURemdIrwNm/IQ7MsjpZ75sDpLXhZdayMKsAVjMaeca2R9bNx/lz0qSHX4j FYxY3G/Brzz9cAT+wGheVjqBb6pmCA11MVL2uj7DW8pf2TX8OWLBjFDStTI6pP/0PRdL GZ9F3ID90J1Fi8UwcIr/K+D8SUzUMbqX3t8gDxOiWUQbY94ZrNH/QXRXFSZ+V34lxr86 d+Vw== X-Forwarded-Encrypted: i=2; AJvYcCV5ByoIBnrMZgbCfUgZWMvVaot0aMriwXhhFhIyJb6V71YpKvQMdIUpoPedxScxBN2rdm/ktg4jD34uDUUkd9vfjZwF1fA= X-Gm-Message-State: AOJu0YyUW0a2ijXnclbGj6PDnGXlk7/dn/4kcBfYlstXAaz1EAoy4Rk7 3gigRdGq/tXuhx7H7lZyi2FEFWakMnS0EkTHbJat47Bi5nN1nJpb X-Google-Smtp-Source: AGHT+IFaL7tfYmbBHT1CqKMl0+m7wnw9pavsR4rHqV2Z4uqstrUYAmImGoOH2rYJpTcWwcrczkttAA== X-Received: by 2002:a05:6102:3746:b0:48f:89cc:dd2b with SMTP id ada2fe7eead31-4915616f471mr228516137.11.1721152661676; Tue, 16 Jul 2024 10:57:41 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:ad4:57c7:0:b0:6b5:a3b:a77 with SMTP id 6a1803df08f44-6b74b32548dls97835336d6.0.-pod-prod-09-us; Tue, 16 Jul 2024 10:57:40 -0700 (PDT) X-Received: by 2002:ad4:4ea4:0:b0:6b5:e284:5713 with SMTP id 6a1803df08f44-6b77f558845mr1976006d6.13.1721152660143; Tue, 16 Jul 2024 10:57:40 -0700 (PDT) Received: by 2002:a05:620a:3636:b0:79f:13a0:3096 with SMTP id af79cd13be357-7a18438c5eams85a; Tue, 16 Jul 2024 10:31:52 -0700 (PDT) X-Received: by 2002:a05:6512:39d4:b0:52c:d8c7:49ce with SMTP id 2adb3069b0e04-52edef1df2cmr2023039e87.22.1721151109799; Tue, 16 Jul 2024 10:31:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1721151109; cv=none; d=google.com; s=arc-20160816; b=AaYimqddUq9YzGusZiT/X9lLwzkwqGgMv6J5I04TIg148uFTKV27MmNrMiNC8iqYyk 7XJo6V2Hsh8XFmZtAUaN0mXtI1ScH3e/NmM6otFGRXcQtQSmefYUr7ZUdhZDmJQUcu1Q qkorvQke6HliUnfyPIcCfizi/HIQRYdAF+7r8hjKq8+i4FBn2NLwLtXd1rwIvcliLag3 z7P6PfTm3QRbOrO0AKKf2YVl5CtshvmwX9rJIzyOBHi5ij10OdmC5iKLZbDNUBTZhl+W lUbx8+FVGWq2EBqnlr/FPTrb+ONL04YP7S4Yh94hx1eJssSaoObO0piCVArMpRz6xYTF iQnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :sender:dkim-signature; bh=eb5IO53SokXMAHXNA70860o7J6LZZnErlLFsOeX2RRk=; fh=VZo8vIvmrD8/JTLXAYicEP+ciNPPsCOg9rH1aVGR2nQ=; b=EDp6aLxQpQ/dWFG2U0e70IRzGR8n4d9pCb00+x+0EMEIoqnUCd3GRUZccnJGvurVf1 xYqf8Bkhzh4UZS69TvGPvNQyDSrfj/w5tyzCgTkb/LU5Lu3d0nHsBVlHB17SBbloUdqS fqM21QMwywQD+kwa5wmiKo8yYiiwhMsnIv/ITiHW5rHFRMHe4QfSVKmTE9fvJJCezCP2 oMC8IgK5u+38n8eJ8Gk7Rlk2wLgi7nP8r84nlgkeKL29VkdQnn2JOgrFDs6C6zt0KyLc hkQPcwFAo9olYGvjzBslmEqFOd5ukVKq2IZ7D3B7t0w7IEbUYTZq+FlqvBvVEhOwOd6F 0RNA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="cRRk6/T/"; spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::630 as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com. [2a00:1450:4864:20::630]) by gmr-mx.google.com with ESMTPS id 2adb3069b0e04-52ed257c6c7si115751e87.8.2024.07.16.10.31.49 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 16 Jul 2024 10:31:49 -0700 (PDT) Received-SPF: pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::630 as permitted sender) client-ip=2a00:1450:4864:20::630; Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-a77e7a6cfa7so629609166b.1 for ; Tue, 16 Jul 2024 10:31:49 -0700 (PDT) X-Received: by 2002:a17:906:488:b0:a72:5bb9:b140 with SMTP id a640c23a62f3a-a79eaa73fc1mr206299566b.54.1721151108673; Tue, 16 Jul 2024 10:31:48 -0700 (PDT) Received: from [10.11.10.42] (p50879922.dip0.t-ipconnect.de. [80.135.153.34]) by smtp.googlemail.com with ESMTPSA id a640c23a62f3a-a79bc5d2040sm340810866b.84.2024.07.16.10.31.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 16 Jul 2024 10:31:48 -0700 (PDT) Sender: Jonas Nick Message-ID: <7084f935-0201-4909-99ff-c76f83572a7c@gmail.com> Date: Tue, 16 Jul 2024 17:31:47 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [bitcoindev] BIP Draft: "ChillDKG: Distributed Key Generation for FROST" To: "David A. Harding" , Tim Ruffing Cc: bitcoindev@googlegroups.com References: <8768422323203aa3a8b280940abd776526fab12e.camel@timruffing.de> <5ce152c9181ea552b8e146c9329f011b@dtrt.org> Content-Language: en-US From: Jonas Nick In-Reply-To: <5ce152c9181ea552b8e146c9329f011b@dtrt.org> Content-Type: text/plain; charset="UTF-8"; format=flowed X-Original-Sender: jonasdnick@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="cRRk6/T/"; spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::630 as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) Thanks Dave. There are indeed potential privacy implications of the recovery data because only the secret shares are encrypted. Most importantly, the recovery data contains in plaintext: - the long-term "host" public keys of the participants - the final threshold public key that is the result of the DKG For example, we could imagine a scenario where a DKG participant puts their recovery data on a cloud hoster and an adversary is able to obtain it. Then the adversary could use to contained threshold public key to associate on-chain transactions with the victim. However, there's nothing preventing the participants from encrypting the recovery data before backing it up. We do not specify that encryption in the BIP because it is an operation local to the participants and does not affect the communication between them. But now that you mention this, I think we should be a bit more clear in the BIP (and don't call the recovery data "public"). For example, it may make sense to use the DKG protocol seed to derive an encryption key, so you don't have to backup any secret data besides the seed. -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/7084f935-0201-4909-99ff-c76f83572a7c%40gmail.com.