public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Jacob Eliosoff <jacob.eliosoff@gmail.com>
To: Mats Jerratsch <mats@blockchain.com>
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Generalised Replay Protection for Future Hard Forks
Date: Thu, 9 Nov 2017 15:45:43 -0500	[thread overview]
Message-ID: <CAAUaCyjVxJbPrbBUdb9irK5CNnuqUSnzSjywpozhLqONcb_m_w@mail.gmail.com> (raw)
In-Reply-To: <C9A47922-5777-44AC-871A-6C27A22054AC@blockchain.com>

[-- Attachment #1: Type: text/plain, Size: 2279 bytes --]

OK, I see.  On the whole this is the best replay protection solution I've
seen.  In particular, I hope developers of Bech32 and other new address
formats will take a close look at incorporating a fork ID this way.

As I understand you, a private key in cold storage would (of course) remain
valid across HFs, but an *address* would be valid only for the nForkId it
was generated for.  There may be cold-storage-type cases where it's
important for an address to be valid across all chains, ie, to
intentionally allow replay?  But I guess this could just be a special
nForkId value, say -1?


On Nov 8, 2017 9:45 AM, "Mats Jerratsch" <mats@blockchain.com> wrote:

> Hey Jacob!
>
> > Take the specific and common case of non-upgraded wallet software.
> Suppose a HF happens, and becomes the network used by 90% of users.  Will
> old wallets still default to the old nForkId (10% legacy chain)?  If so,
> I'd expect a lot of accidental mis-sends on that chain.
>
> With this proposal implemented, a 'mis-send' is fundamentally impossible.
> The address contains the identifier of the token that should be sent.
>
> If anything, it's possible to 'mis-receive'.
> That is, the receiving wallet was not aware of a newer chain, and the
> receiver actually wanted to receive the newer token, but instead his wallet
> created an address for the old token. It is the responsibility of the
> receiver to write a correct invoice. This is the case everywhere else in
> the world too, so this seems like a reasonable trade-off.
>
> I would even argue that this should hold in a legal case, where the
> receiver cannot claim that he was expecting a payment in another token
> (contrary to how it is today, like when users send BTC to a BCH address,
> losing their funds with potentially no legal right for reimbursement). If I
> sent someone an invoice over 100€, I cannot later proclaim that I actually
> expected $100.
>
> With this proposal, wallets are finally able to distinguish between
> different tokens. With this ability, I expect to see different
> implementations, some wallets which advertise staying conservative,
> following a strict ruleset, and other wallets being more experimental,
> following hashing rate or other metrics.
>
>

[-- Attachment #2: Type: text/html, Size: 2741 bytes --]

  reply	other threads:[~2017-11-09 20:45 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-05 23:48 [bitcoin-dev] Generalised Replay Protection for Future Hard Forks Mats Jerratsch
     [not found] ` <CAAUaCyii2U5VBLS+Va+F3h4Hka0OWDnFFmjtsvyaaD4TKVzV3Q@mail.gmail.com>
2017-11-06 19:21   ` Jacob Eliosoff
2017-11-08 16:45     ` Mats Jerratsch
2017-11-09 20:45       ` Jacob Eliosoff [this message]
2017-11-09 21:01         ` Sjors Provoost
     [not found]           ` <CAAUaCygeOxAK=EpzfWndx6uVvVO9B+=YTs1m-jHa3BFp82jA4w@mail.gmail.com>
     [not found]             ` <95ECB451-56AE-45E5-AAE6-10058C4B7FD7@sprovoost.nl>
     [not found]               ` <CAAUaCyg_PGT0F=RHfX89T54j-vuyz5wcbXaYoikJv95WKgsNPg@mail.gmail.com>
     [not found]                 ` <55467A01-A8B2-4E73-8331-38C0A7CD90EF@sprovoost.nl>
     [not found]                   ` <CAAUaCyhncyCt_ao9i0=33LswDOkCf6o-+36zrGxKWD+WranmZw@mail.gmail.com>
     [not found]                     ` <46E317DF-C97C-4797-B989-594298BC6030@sprovoost.nl>
     [not found]                       ` <CAAUaCyibOEHqw1J5O8yEp8v=j8t9sovn2vn=S8bZPZCzCY-gRw@mail.gmail.com>
2017-11-10 11:28                         ` Mats Jerratsch
2017-11-11  5:18                           ` Jacob Eliosoff
2017-11-13 10:03                             ` Mats Jerratsch
2017-11-13 15:31                               ` Jacob Eliosoff
2017-11-13 17:02                                 ` Spartacus Rex
2017-11-14 13:49                                   ` Mats Jerratsch
2017-11-15  5:02                                     ` Jacob Eliosoff

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAUaCyjVxJbPrbBUdb9irK5CNnuqUSnzSjywpozhLqONcb_m_w@mail.gmail.com \
    --to=jacob.eliosoff@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=mats@blockchain.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox