From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Ylnrh-0001r3-3B for bitcoin-development@lists.sourceforge.net; Sat, 25 Apr 2015 00:22:37 +0000 Received: from mail-ig0-f181.google.com ([209.85.213.181]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Ylnrf-0005ZF-JH for bitcoin-development@lists.sourceforge.net; Sat, 25 Apr 2015 00:22:37 +0000 Received: by iget9 with SMTP id t9so37766329ige.1 for ; Fri, 24 Apr 2015 17:22:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=th3q2BmRlFFdvOWFCbQT8DMcJatNp7nhGjA1aAxiK20=; b=S4DmVIk0IyI6UN0ziGxe8i/GXTlKiFz/XSHIpj1W8Po8SEFvGv8ttnWnNtDq3iZazD fzPFqxEeB8fOwhuRLjEQQmOT3tklOuUF4O5ErEbm9NQhlLDPjvQb31JtYObaSXWbdvQB u4PD9v4iodhFtRX1GC47PZCHXounlL/NJktL984oNQ28wEIUWWVd8yyMXVpDj9FmL1Zj EAZcW4q6voloONrK4m4FN3rv6qY0dh3OjJb7Lz/z+vj27F3ZdAvBFatbUgoCC5ASG4I1 ATE0IeUkGrK7J7jpDKXviHDHlldH6/99nOEAzDEhgKNfEFgUlQERyPF9zOFBln1eWl6A IqXQ== X-Gm-Message-State: ALoCoQkg8zvZUH1QksILQvO5L/RzP1nuPB9mPAUR+QoAY0APhetitgMFC3uFoDG4QONbMYAA8sXt MIME-Version: 1.0 X-Received: by 10.42.135.131 with SMTP id p3mr1625243ict.81.1429921350204; Fri, 24 Apr 2015 17:22:30 -0700 (PDT) Received: by 10.36.205.135 with HTTP; Fri, 24 Apr 2015 17:22:30 -0700 (PDT) In-Reply-To: References: <1AE7B0A2-90EE-42EE-9D30-4DC1B5892E53@newcastle.ac.uk> Date: Sat, 25 Apr 2015 02:22:30 +0200 Message-ID: From: Justus Ranvier To: Bitcoin Dev Content-Type: multipart/alternative; boundary=90e6ba2121e522df3f05148182e5 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1Ylnrf-0005ZF-JH Subject: [Bitcoin-development] Fwd: Reusable payment codes X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Apr 2015 00:22:37 -0000 --90e6ba2121e522df3f05148182e5 Content-Type: text/plain; charset=UTF-8 Taking the hash of the secret would then require an extra step to make sure the hash is valid for secp256k1. Using the x value directly avoids the need for that check. On Fri, Apr 24, 2015 at 10:35 PM, Patrick Mccorry (PGR) < patrick.mccorry@newcastle.ac.uk> wrote: > When computing the diffie Hellman secret - why do you choose the x > co-ordinate instead of the hash of the secret which is standard practice > for stealth addresses > > Sent from my iPhone > > On 24 Apr 2015, at 21:27, Justus Ranvier > wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > https://github.com/justusranvier/rfc/blob/payment_code/bips/bip-pc01.mediawiki > > > This link contains an RFC for a new type of Bitcoin address called a > "payment code" > > > Payment codes are SPV-friendly alternatives to DarkWallet-style stealth > addresses which provide useful features such as positively identifying > senders to recipients and automatically providing for transaction refunds. > > > Payment codes can be publicly advertised and associated with a real-life > identity without causing a loss of financial privacy. > > > Compared to stealth addresses, payment codes require less blockchain > data storage. > > > Payment codes require 65 bytes of OP_RETURN data per sender-recipient > pair, while stealth addresses require 40 bytes per transaction. > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1 > > > iQIcBAEBAgAGBQJVOqCRAAoJECpf2nDq2eYjluEP/RVJk+miDIihY4ilIvUbKvMd > > JLLqHr7Q1dlZyMIG/UqVWdoP5hzg/16B+q2iAB9jXozPnrDp0mggBh6rIGroevAa > > Kqfrs+Rrog1w9auhd67LWORDqav6YIrjTJIxdLxe11IEiq5rWbHPNUEDMzdEmHbz > > QfTH7KWAP2BasO5ETXcfu6BcccrXZ3XOKLON2h3NGD/cEDizY+uT2k3QN54z+KxG > > NB9scKbzVvsJwkyBrgbV+As9H3k6PnFsojYgAaE9gkp7D2+ahjzUiOH5rv6TbbYR > > o2X5MOiTY2/YZEqZPG7IR03ZAgeLVCvXXysjPOfzUKbmTF4w849sm8BuhixzDXHo > > 2V/HHKoGclIohcODBCWi0tVQXshZt4QkCNJBW5o3nL6Nn2YOp6hmw8YKAHnw3E7h > > /wIgk5f+NOLl/iIxoAxAdavEj5P6N4ic+OB6MAjnhEilWfBvCIpqWLGNvrtOhEa9 > > EnPHcgb4ILBu4OionJhsNpJ/O95C0OEypMm25MIS+rQcV4Uxe5IOS2OuT/GreLET > > n/7Y0mJbqYbLBjVsfS+DNjvsgyJl5AxhcMrdVyXJjSYVcCoRhcoX5Ceidd+YkbHI > > OMs5f63tM1Rgi/WY4Ct80SD5EbULZuu8j1KJ9HPGuMt081JSBH+L5isiKuazPeO+ > > SGApMBd4Q89fKzL2djae > > =Dypr > > -----END PGP SIGNATURE----- > > > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --90e6ba2121e522df3f05148182e5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Taking the has= h of the secret would then require an extra step to make sure the hash is v= alid for secp256k1.

Using the x value directly avoids the need for t= hat check.

On Fri, Apr 24, 2015 at 10:35 PM, Pa= trick Mccorry (PGR) <patrick.mccorry@newcastle.ac.uk>= wrote:
When computing the diffie Hellman secret - why do you choose the x co-= ordinate instead of the hash of the secret which is standard practice for s= tealth addresses=C2=A0

Sent from my iPhone

On 24 Apr 2015, at 21:27, Justus Ranvier <justus.ranvier@monetas.net> wrote:=

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1


https://github.co= m/justusranvier/rfc/blob/payment_code/bips/bip-pc01.mediawiki


This link contains an RFC for a new type of Bitcoin= address called a "payment code"


Payment codes are SPV-friendly alternatives to Dark= Wallet-style stealth addresses which provide useful features such as positi= vely identifying senders to recipients and automatically providing for tran= saction refunds.


Payment codes can be publicly advertised and associ= ated with a real-life identity without causing a loss of financial privacy.=


Compared to stealth addresses, payment codes requir= e less blockchain data storage.


Payment codes require 65 bytes of OP_RETURN data pe= r sender-recipient pair, while stealth addresses require 40 bytes per trans= action.


-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1


iQIcBAEBAgAGBQJVOqCRAAoJECpf2nDq2eYjluEP/RVJk+miDIi= hY4ilIvUbKvMd

JLLqHr7Q1dlZyMIG/UqVWdoP5hzg/16B+q2iAB9jXozPnrDp0mg= gBh6rIGroevAa

Kqfrs+Rrog1w9auhd67LWORDqav6YIrjTJIxdLxe11IEiq5rWbH= PNUEDMzdEmHbz

QfTH7KWAP2BasO5ETXcfu6BcccrXZ3XOKLON2h3NGD/cEDizY+u= T2k3QN54z+KxG

NB9scKbzVvsJwkyBrgbV+As9H3k6PnFsojYgAaE9gkp7D2+ahjz= UiOH5rv6TbbYR

o2X5MOiTY2/YZEqZPG7IR03ZAgeLVCvXXysjPOfzUKbmTF4w849= sm8BuhixzDXHo

2V/HHKoGclIohcODBCWi0tVQXshZt4QkCNJBW5o3nL6Nn2YOp6h= mw8YKAHnw3E7h

/wIgk5f+NOLl/iIxoAxAdavEj5P6N4ic+OB6MAjnhEilWfBvCIp= qWLGNvrtOhEa9

EnPHcgb4ILBu4OionJhsNpJ/O95C0OEypMm25MIS+rQcV4Uxe5I= OS2OuT/GreLET

n/7Y0mJbqYbLBjVsfS+DNjvsgyJl5AxhcMrdVyXJjSYVcCoRhco= X5Ceidd+YkbHI

OMs5f63tM1Rgi/WY4Ct80SD5EbULZuu8j1KJ9HPGuMt081JSBH+= L5isiKuazPeO+

SGApMBd4Q89fKzL2djae

=3DDypr

-----END PGP SIGNATURE-----

----------------------------------------------------------------= --------------
One dashboard for servers and applications across Physical-Virtual-Cl= oud
Widest out-of-the-box monitoring support with 50+ applications=
Performance metrics, stats and reports that give you Actionable Insig= hts
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y


--90e6ba2121e522df3f05148182e5--