From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id BE6E9727 for ; Sat, 29 Dec 2018 11:56:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-oln040092068015.outbound.protection.outlook.com [40.92.68.15]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 54669189 for ; Sat, 29 Dec 2018 11:56:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zr6g5xbzE2EbBbvZ5NDOSbSjf2musnEzdDIb8sVi3lI=; b=pRxitEOifkh+jAzTM4UkcQI6lJchAMH2bcLMsTkXmSAq9lGEbGJ8os34SYY8qHljsNj8XqeTwVqFY60Dh40X1JGObYpNFsoU+hAJSxZ2LPAWRRVY9r/P55KJTD7QKmAyRYhctRCaSgoEGzUMVmpx6yGiVoqYg/s/FvEaNJ2+pdvKQG6y4qczDdnpkuUAh3i1qGptkZTh+tj4D8nV7sMtqKJ6KWPuoQ+5zdwhyizsGYdlzvjpuSP/i3G2h/wDmoChzJqlLFlasBuuYAU22pMFhBbmaQ1TlUHnEnszXadP4EApIx4hdHClCgRXYJHyt48L4k+jixjDAHlI+Z7RnJHgkg== Received: from AM5EUR02FT058.eop-EUR02.prod.protection.outlook.com (10.152.8.59) by AM5EUR02HT036.eop-EUR02.prod.protection.outlook.com (10.152.9.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1471.13; Sat, 29 Dec 2018 11:56:09 +0000 Received: from DB6PR10MB1832.EURPRD10.PROD.OUTLOOK.COM (10.152.8.60) by AM5EUR02FT058.mail.protection.outlook.com (10.152.9.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1471.13 via Frontend Transport; Sat, 29 Dec 2018 11:56:09 +0000 Received: from DB6PR10MB1832.EURPRD10.PROD.OUTLOOK.COM ([fe80::d1fd:8ac9:2da9:3a62]) by DB6PR10MB1832.EURPRD10.PROD.OUTLOOK.COM ([fe80::d1fd:8ac9:2da9:3a62%5]) with mapi id 15.20.1446.027; Sat, 29 Dec 2018 11:56:09 +0000 From: "Kenshiro []" To: "bitcoin-dev@lists.linuxfoundation.org" , SomberNight Thread-Topic: [bitcoin-dev] Create a BIP to implement Confidential Transactions in Bitcoin Core Thread-Index: AQHUnvYraZSu+i5rG0KKcN7WJfuPUqWVlzUn Date: Sat, 29 Dec 2018 11:56:08 +0000 Message-ID: References: <3VIFGj5yxFpKlSgjMAlPCuTJOSzYkZI2l7tMwtQq4LStjiXgfS7A61jdZ5ZoyalJmjo71EQtNC_F06JgpQ1m046fWbq_6Nhe3BGkMOU-17I=@protonmail.com> In-Reply-To: <3VIFGj5yxFpKlSgjMAlPCuTJOSzYkZI2l7tMwtQq4LStjiXgfS7A61jdZ5ZoyalJmjo71EQtNC_F06JgpQ1m046fWbq_6Nhe3BGkMOU-17I=@protonmail.com> Accept-Language: en-US, es-ES Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-incomingtopheadermarker: OriginalChecksum:DBA458E2996C9F7FE9E244D4544317B36667911586FA1B6FD5D3B96F9C97D6C3; UpperCasedChecksum:6E6D09211C6DB36EC74B1CF523560A0787F3354A21F54CD68F319D892BF0BDD1; SizeAsReceived:7299; Count:45 x-tmn: [yzePAfQvi4ShnyzlmoTbXaF2TGVBJZID] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM5EUR02HT036; 6:bfAaiJdIGGwstNnjjw3wgTYpMksWrFwDdcA+Ve91xIVnqSRhKn0k7EZIGAKaq3IoUmNo2BMZ9zjN2BHFitvXDNG0iGn0UxB/S7rBrRuD5ByVcqjExpxgDMGe6VmJrQFHqn66OO6Wv/qixkjJI2YWPaBioNTeSItUqwZdm+Y1XqbqAA9bI3MoLCWUBFsoYgqhzBpCg5k3y8K30aNl3yTVl56AeG6Ch+q3HHo1Id/7gelp51mM1Y/ZZmb2it/l9VQNrQX400OGK4/GNWO4LJlsqQGjvWdbWYpOfMnBKD2rvfDdUP2rTEv9op1uO9/jEFW1lZKUf0ovIV1QE3HZNbiQqjcIWOphY5b0CAFG/at4xZNPSyjqcr92d6Dgo8qi7qLqv72Mp1pSbcvOSkY4PUpdTWlDDMpEts7mJYOmf45Sn73RzMAC+GLaO9U3D6Fy2h+GsZLf7Zb1Rh8UoZ2pJj4xLQ==; 5:c7q4McZVAxnPHr5Yn/7X1/y7KPtyAtBUJWA2Qp9KBGfZ19C7BMmXcCOqxnY9APmOC5VXIDBWo5VJkCeSXPHKQjR+F474fkZ5QrVnKxJqRW4NbVANRY8ME0TDIBBOfR1H8RFA5uwJaY4iz/0ais0YdlCW2Esuos0ApkVW+swi4hE=; 7:Auys96cb+XCowB+FBPcm3ywuGofXqeAIhQ04vR0oqpUqwfRDiREhNpPiY9BVv5QAGEvcrLhuYyOm0bj3Z/vU/YhBxpyVcrYwIvBMoj1RTSrhFvR0mkBdm6ZXanSJ2S7dVnzWUIoSq8OtQ1x1bhIJtw== x-incomingheadercount: 45 x-eopattributedmessage: 0 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031323274)(2017031324274)(2017031322404)(1601125500)(1603101475)(1701031045); SRVR:AM5EUR02HT036; x-ms-traffictypediagnostic: AM5EUR02HT036: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(4566010)(82015058); SRVR:AM5EUR02HT036; BCL:0; PCL:0; RULEID:; SRVR:AM5EUR02HT036; x-microsoft-antispam-message-info: oDzC7Abdp0+rtExhv+mTtbQT/8VWcs/USghDZncanw4M/0tK0ApSCM/DV9yZ9UyY Content-Type: multipart/alternative; boundary="_000_DB6PR10MB1832A1A6EB2628CAB0035192A6B00DB6PR10MB1832EURP_" MIME-Version: 1.0 X-OriginatorOrg: hotmail.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: d4d70346-2c10-4f39-8c00-e767963926d9 X-MS-Exchange-CrossTenant-Network-Message-Id: 2d5836c9-ada7-49bf-5817-08d66d849f02 X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: d4d70346-2c10-4f39-8c00-e767963926d9 X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Dec 2018 11:56:08.9004 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5EUR02HT036 X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Mon, 31 Dec 2018 14:02:58 +0000 Subject: Re: [bitcoin-dev] Create a BIP to implement Confidential Transactions in Bitcoin Core X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Dec 2018 11:56:13 -0000 --_000_DB6PR10MB1832A1A6EB2628CAB0035192A6B00DB6PR10MB1832EURP_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I understand, thank you! :) From: SomberNight Sent: Friday, December 28, 2018 22:41 To: bitcoin-dev@lists.linuxfoundation.org; tensiam@hotmail.com Subject: [bitcoin-dev] Create a BIP to implement Confidential Transactions = in Bitcoin Core Hi Kenshiro, That is not how the BIP process works. Instead of requesting the creation of a BIP, you just create one. :) Re CT in Bitcoin, I have my doubts whether you can get consensus for that. >From section 4.6 of the Bulletproofs paper [0]: "Bulletproofs ... are computationally binding. An adversary that could break the discrete logarithm assumption could generate acceptable range proofs for a value outside the correct range. ... An adversary that can break the binding property of the commitment scheme or the soundness of the proof system can generate coins out of thin air and thus create uncontrolled but undetectable inflation rendering the currency useless" I don't have the domain knowledge to debate whether quantum computers will ever exist but AFAICT their emergence would easily kill a currency that uses these kind of range proofs for confidential transactions. [0]: https://eprint.iacr.org/2017/1066.pdf > From: "Kenshiro []" tensiam@hotmail.com > > Hi, > > I think Confidential Transactions (CT) are a great idea to provide enough= privacy for normal users (hidden amounts) and fungibility. > > I would like to request the creation of a BIP to implement CT in Bitcoin = Core. I read that CT are already implemented in Grin and Monero so it looks= that CT are enough mature to be implemented in Bitcoin. > > If the CT transaction size is 3x the size of a normal transaction the blo= ck size could be increased by 3x too, or just keep the current block size a= nd make CT transactions optional. > > Thank you! --_000_DB6PR10MB1832A1A6EB2628CAB0035192A6B00DB6PR10MB1832EURP_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I understand, thank you! :)


From: SomberNight <sombe= r.night@protonmail.com>
Sent: Friday, December 28, 2018 22:41
To: bitcoin-dev@lists.linuxfoundation.org; tensiam@hotmail.com
Subject: [bitcoin-dev] Create a BIP to implement Confidential Transa= ctions in Bitcoin Core
 
Hi Kenshiro,

That is not how the BIP process works. Instead of requesting the creation of a BIP, you just create one. :)

Re CT in Bitcoin, I have my doubts whether you can get consensus for that.<= br> >From section 4.6 of the Bulletproofs paper [0]:

"Bulletproofs ... are computationally binding. An adversary that could=
break the discrete logarithm assumption could generate acceptable range
proofs for a value outside the correct range. ... An adversary that can
break the binding property of the commitment scheme or the soundness of
the proof system can generate coins out of thin air and thus create
uncontrolled but undetectable inflation rendering the currency useless"= ;

I don't have the domain knowledge to debate whether quantum computers will<= br> ever exist but AFAICT their emergence would easily kill a currency that
uses these kind of range proofs for confidential transactions.


[0]: https://eprint.iacr.= org/2017/1066.pdf


> From: "Kenshiro []" tensiam@hotmail.com
>
> Hi,
>
> I think Confidential Transactions (CT) are a great idea to provide eno= ugh privacy for normal users (hidden amounts) and fungibility.
>
> I would like to request the creation of a BIP to implement CT in Bitco= in Core. I read that CT are already implemented in Grin and Monero so it lo= oks that CT are enough mature to be implemented in Bitcoin.
>
> If the CT transaction size is 3x the size of a normal transaction the = block size could be increased by 3x too, or just keep the current block siz= e and make CT transactions optional.
>
> Thank you!
--_000_DB6PR10MB1832A1A6EB2628CAB0035192A6B00DB6PR10MB1832EURP_--