From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Sun, 15 Jun 2025 10:49:30 -0700 Received: from mail-qv1-f55.google.com ([209.85.219.55]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1uQrU1-0001ZV-GD for bitcoindev@gnusha.org; Sun, 15 Jun 2025 10:49:30 -0700 Received: by mail-qv1-f55.google.com with SMTP id 6a1803df08f44-6fafb2f0a33sf52399486d6.0 for ; Sun, 15 Jun 2025 10:49:29 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1750009763; cv=pass; d=google.com; s=arc-20240605; b=aw0akcqaWLwlBm1WFMhq0xpxkqozqHVONUcxpfIMT33INvTv/RR4CFX7iih94gpfsi NyFJFQvCPTkpDwhybtqqVjDgfFwxXf4o0Chw3qE1IJnimnn11N5eTLBmHzEQryuqURrn GEIk8HBZqh4ez3PQPYz5lLdU6WSFmHtLfT3SHcW/+z2tXIyzQpwlqjC8H3KlgND2dMhF IJ77SnuMB9GapDm/6K4MAgMEMAXDlZA8+8h6iDJk/SITIqL/cGAapYKgx1XzpJzWTXkr LA3CzlAXObTnr48ZRgUiDwe1s4s4eeoCl8UfgAFpukKfKZB8v6SQSshwHycEXm2nUUdO MRoQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:sender:dkim-signature :dkim-signature; bh=5BHoTH35R7oP6e6kzc+0eI2SkK4FAstvBghIZlAH6Z8=; fh=A48Z5IFKeKqwLXyc22rqByJpYcRflF5/dlFmQQ1Mf18=; b=E0luHs6tLgvbsvdi42XFjPjb3b9oU6dzSnJFBu6AqQrl7nHreewX5hI2xElrDEc77D G63i0DZc4bFDY600R+L5dyMW4pqYLKqB9YFYvrR3s8YFniC2VskEt/gliVRkvq60OM6d QZ8i9VxxMIqm26IYvlDYoADrxegY49G+woztFkFFVebCnYiDVcOW8nRlmQl+eCv/q4Pb 4O/40JQTfyrWy2S8gAhoY5bKRz4W19k835HPtHxQGUdcXWepxQapR1XjsqQOO3+6fVh2 wo+uK+97xZ+FkfSba3vJLSXFhe1wd4k0SHToOFP/sHLvrtUbnK9aeJ0ZTyqOf/bqSVRq 4DPA==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=e7cwDhMU; spf=pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1030 as permitted sender) smtp.mailfrom=gmaxwell@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1750009763; x=1750614563; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:sender:from:to:cc:subject:date:message-id :reply-to; bh=5BHoTH35R7oP6e6kzc+0eI2SkK4FAstvBghIZlAH6Z8=; b=fPkoKHu3CrDcEBqZ6xxjb0+eTD+GWwAPVq5XSzGQAPk+g8eZq2W85X/xg83zVJjdGP zr7ffyu3As4QDVsGh/kKjhidTlfuLPbNxZNxmJU7k0wcZGcIYydQb++y9J0SaefLd20q ky3KZ/2BNPSTgESQ/JAt/Iw0JbAoORFk+6ZbFc7Xqwk38JUkAL/VJUDyDFc4sXRPA8ND RDUSI2UxbhOec5A6JprbybjNtqXMo/FkpwXnzTQSA+tsGIWBnslqHl6XyBXfyu5TKBJr 2VdgKFeKU94C86h9BfTcu6WgE3/sPIAzoEcIPOwL/b5OyY7DxXWrr+TCPqxaJ9xs33R7 QQ2g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750009763; x=1750614563; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:from:to:cc:subject:date:message-id:reply-to; bh=5BHoTH35R7oP6e6kzc+0eI2SkK4FAstvBghIZlAH6Z8=; b=HLaM1TOK300+xf9UdQV7t9R2WqBEGGFg6p1SPpguE5uFHZxt8mZ3KVI54MEznky5zI ycm8MSniQ/q6VP1fmDk33GSIokpVV+ilzYuJcfZXhXy9aQpPZEFJRriN9/5m0SO3q4wC gnKS6O7OLW3mNfLt/BQWzkCqn26Cp5OC3Lcl0Hhtw66jzRILVR9B9J2Fvl3oEQ9Qvww3 iWb7SAD7wFc5D9zajgleoP3otiph787O7lD/l39SrG/VBmnbi/U4kw+uZrMalxCFXbLw NjkoxdhcD/OAWiYGeNW+6vf0LvC9hlB1bL4lcTX3doGaYfbxQjFRuEd2MoE5YhFiBIUo FgCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750009763; x=1750614563; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:x-beenthere:x-gm-message-state:sender:from :to:cc:subject:date:message-id:reply-to; bh=5BHoTH35R7oP6e6kzc+0eI2SkK4FAstvBghIZlAH6Z8=; b=A34rPTp/kDdJsWSvMChJcE9yAO7mps1G5y0hnG6oWmZ4niKdwcIaebsiW9lWRGDqhe iAoeuvU20PKLxl/5eLqWfCDMCUDzoULrfm9g71Egm7TEArJfSznt6kHnlE4b8g04sj5N Nd8qYPCDo3jM+EClUOt6uqaG0nAMhyDV3d54G8NlQdtD7MDMGls8ykKeXNwcRP6B4Cm3 vN2AfBjlSZI6tHHAotJzXhn/RlL3TYNoL+ipeyJQDrF+yJsujScXg/wAyyGsaXD5XG+X C/fduFdJvrKl2qr5FBwVgWKjFV2rePoDnk9twKpJzsc1BYhutl2qO1yFnLMedvTr67DS 0k7Q== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCU+Jo1SO1AwQcTamIerJ+a1sEz0x3aVLQO0A8oR5nQl38QP1PGEOB6674VLgiJybe/P9BZuxZuQ5PWc@gnusha.org X-Gm-Message-State: AOJu0Yy2ImL0PCUgtQMkrulBiYO4e1pPknh+aLa4Sxdo93+n33O6jvK9 dLKI1r5qyAj34XWWL26VafBDng3wDRr0YAtXJAhXABXLjE3zd5S0fLsK X-Google-Smtp-Source: AGHT+IEKnT1cuy1y4odE6R+l/TwE+QIt0CcoR0mLli3phpmWmD270O7Ui9RY0eedu53zsEFMt+pptw== X-Received: by 2002:a05:6214:485:b0:6fa:bb44:fddf with SMTP id 6a1803df08f44-6fb477349a4mr119714206d6.16.1750009763115; Sun, 15 Jun 2025 10:49:23 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZc51ezkkKp9JXvXT+mqnFuEvk/hXctuzL79dS0pbh0OsQ== Received: by 2002:a05:6214:194b:b0:6fa:c4e4:78b3 with SMTP id 6a1803df08f44-6fb3555eec5ls56646346d6.1.-pod-prod-03-us; Sun, 15 Jun 2025 10:49:18 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWGX7MnxUtXnYXVjdM9rpaWtk01JVNVMYYINj0NFg+5OIBjZVPuDpSuaUDb/t1oNk+qXrj91T8D+Gn2@googlegroups.com X-Received: by 2002:a05:620a:2a0f:b0:7d2:15f:f976 with SMTP id af79cd13be357-7d3c6cfe8f5mr1102703485a.52.1750009757964; Sun, 15 Jun 2025 10:49:17 -0700 (PDT) Received: by 2002:a05:620a:a00b:b0:7c5:495f:5415 with SMTP id af79cd13be357-7d3bbd841abms85a; Sun, 15 Jun 2025 10:43:27 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVmVRoqegszbiMzzIxBIIOhxID5xVB5UjDSYnYKG1U9alIt2V035fvyrw3pkp+3jVEzCNdUIpPuqvXg@googlegroups.com X-Received: by 2002:a05:6214:4197:b0:6fa:c6ed:dc84 with SMTP id 6a1803df08f44-6fb4777460emr114922736d6.23.1750009406376; Sun, 15 Jun 2025 10:43:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1750009406; cv=none; d=google.com; s=arc-20240605; b=NoPfIRR1orphWcYyiBxfxB9+RjDfS0iABsbW44y7KKYrZJLh2nVHDMPuo4h062InvP m/470pxHc45HHBz3FjojXamTVPmtMgsYz/4Iw2Artk+I3GWnEeIaDwS13WBzAPIgQMNT yqT6u+MFbRAMEa/QeCD/RfKulmYFFSwqp/sTvgKHfgoZYowjmF6MicXyY/hOcUewKO3w J5/SEG+lRZShf1VCyPuh3uEqdGSiCEhvUi1oxxsTqpHnyWFDVKwYVCwXrTEg+w9HyOdC 41TbPIyjx4Lb8GjF1MyamoMe7GM8p2YFQILh6KBLk/sjonH8fLF/YXH7kz+d/OusFPPa cDRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=WjXZX56tTHh7u+XmKkgI4o4D6Ukd88ZryxUAW/ZHKY4=; fh=uzwsw2k3S+O8FjkQUkxrGu9tvHS0pahScDO6wDZXMyY=; b=cYgLcnrxUC+XKI+zxxeWGe3ktxmUpV0tlLxNY3PHFeAAUWYwUvsIgMCgmoVQnSoFJM CKFFg8l5VceSOJ+QMO9e7Z05X57ut1xjiHKgZBus7qhbu1cWzpJ2J4rLQ9xUlBJDcnb9 t/Epyl8FZqc0ZF7DzkVT+Rv2cmlBooaeDD5PIRSIWGwhOpquLa4+Yvw8az/a5Cmh3Vku YUqijizWbarVTnwMCncEg/KOrGb9IXkR/vh0ro0HhnguamXtdR8GqZ4as119O1i7Y2Xh 6yShmkMZAOOfe2S8lXlaNC59z07gfkmz5+J83YVvnGc8p0FN0X9bciyVPMfCBNkHKSUp iBcA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=e7cwDhMU; spf=pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1030 as permitted sender) smtp.mailfrom=gmaxwell@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com. [2607:f8b0:4864:20::1030]) by gmr-mx.google.com with ESMTPS id 6a1803df08f44-6fb35ad9d60si2983086d6.1.2025.06.15.10.43.26 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 15 Jun 2025 10:43:26 -0700 (PDT) Received-SPF: pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1030 as permitted sender) client-ip=2607:f8b0:4864:20::1030; Received: by mail-pj1-x1030.google.com with SMTP id 98e67ed59e1d1-3138e64b42aso4138134a91.0 for ; Sun, 15 Jun 2025 10:43:26 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCX5NRJTywQ6YBuJbDKG3mZsP37ELItJ2iJxeUmvpv502OCyksyXQMPchz12AQv3t6HVccjEY0ZQ7OIP@googlegroups.com X-Gm-Gg: ASbGncu9AJLxoFccO0Sz5rPFkHNS0TvMR4HWDP3/Lqrnr5tYYtv8UqlBRLukBgW5BqQ uj9swfqgBpey07sQmrvac77/nK/J4vtrTyLW9WREcwHtJsnShU5uFk2KHWAWQ1FvD+Xmua+4YLN hnAspFzgTlW3qKAkNgDw9SrSJCTt0hT1jbzlvSxaUTTwA= X-Received: by 2002:a17:90b:57e8:b0:313:1ea2:a577 with SMTP id 98e67ed59e1d1-313f1d3072bmr10366743a91.29.1750009405334; Sun, 15 Jun 2025 10:43:25 -0700 (PDT) MIME-Version: 1.0 References: <46349b6c-ccec-4378-8721-aecec22752e7@mattcorallo.com> <8d158e3d-b3cc-44b6-b71b-ab2e733c047c@mattcorallo.com> In-Reply-To: From: Greg Maxwell Date: Sun, 15 Jun 2025 17:43:14 +0000 X-Gm-Features: AX0GCFu8UVvYybymhunOEZT0oKVEFQzv_scyqpPq8tGCLVfN7iqOjL-d1flw5GE Message-ID: Subject: Re: [bitcoindev] CTV + CSFS: a letter To: Jameson Lopp Cc: Antoine Poinsot , Matt Corallo , Andrew Poelstra , Bitcoin Development Mailing List Content-Type: multipart/alternative; boundary="000000000000f5671c06379fd0c5" X-Original-Sender: gmaxwell@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=e7cwDhMU; spf=pass (google.com: domain of gmaxwell@gmail.com designates 2607:f8b0:4864:20::1030 as permitted sender) smtp.mailfrom=gmaxwell@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) --000000000000f5671c06379fd0c5 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sun, Jun 15, 2025 at 2:40=E2=80=AFPM Jameson Lopp wrote: > It's the same problem as securely generating and storing keys. In order > for presigned transaction vaults to actually be trustworthy then ephemera= l > key usage needs to occur on a hardened offline device that is highly > unlikely to be compromised. I'm not aware of any of the hardware > manufacturers offering functionality for generating and signing with > ephemeral keys. > What device(s) generates the key/key(s) that can immediately terminate the vault release and take custody of the coins? --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= CAAS2fgQTxppt3J6RNr%3DkjRT3Nyaqy0q80w3oohDw%3Dk6dAmwkig%40mail.gmail.com. --000000000000f5671c06379fd0c5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Sun, Jun 15, 2025 at 2:40=E2=80=AFPM J= ameson Lopp <jameson.lopp@gmai= l.com> wrote:
=
It's the same problem as securely generating an= d storing keys. In order for presigned transaction vaults to actually be tr= ustworthy then ephemeral key usage needs to occur on a hardened offline dev= ice that is highly unlikely to be compromised. I'm not aware of any of = the hardware manufacturers offering functionality for generating and signin= g with ephemeral keys.

Wh= at device(s) generates the key/key(s) that can immediately terminate the va= ult release and take custody of the coins?


--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/= d/msgid/bitcoindev/CAAS2fgQTxppt3J6RNr%3DkjRT3Nyaqy0q80w3oohDw%3Dk6dAmwkig%= 40mail.gmail.com.
--000000000000f5671c06379fd0c5--