From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1315EC0032 for ; Fri, 4 Aug 2023 17:39:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id ED3996109B for ; Fri, 4 Aug 2023 17:39:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org ED3996109B Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=EONdZ48G X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -0.701 X-Spam-Level: X-Spam-Status: No, score=-0.701 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AnfrYp9rfhWW for ; Fri, 4 Aug 2023 17:39:09 +0000 (UTC) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by smtp3.osuosl.org (Postfix) with ESMTPS id 33C1061371 for ; Fri, 4 Aug 2023 17:39:09 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 33C1061371 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 244085C0068 for ; Fri, 4 Aug 2023 13:39:07 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Fri, 04 Aug 2023 13:39:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1691170747; x=1691257147; bh=wov3r/TBgcd0M8Tt/a9rTZaQVjV81RNsbrn 0pbfDzp8=; b=EONdZ48GpbNLKBpPc/WabvW3oOm+OFksOLlDGXRBjZtxT6PSM72 rwQ4Ve0Rq2jy2llnVw0FZ5PqMNF65t6eTd+lm5gNCZjLECNARKoEphQcLMGU4Qi6 feH84cvJo8ckKWsEg3fX/k8T+vEmv3rOECySoW6t4Mct/4Wai22qPXH7vvB6FIgR FEubNVNVXrCNJcmLIV7JCeTPBY1SoIcZkJy7c4QRenK6dnF69VigRnzqdzBPRTQD LGjwuZ8GAC3pStvenqyan0kBj+JBwcU4139sDQ4a8XmeOE8ud8V9MKJyu0znDRiL xHuQmRV3sVhQiNd5Q+jsVRztbkIMCHVztOA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrkeeggdduudegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesghdtreertd dtvdenucfhrhhomheprfgvthgvrhcuvfhougguuceophgvthgvsehpvghtvghrthhouggu rdhorhhgqeenucggtffrrghtthgvrhhnpefhteevgeeuvdekheeivdeffeduuedufefhte elheffgfelueefieffjeefffeuleenucffohhmrghinhepphgvthgvrhhtohguugdrohhr ghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvg htvgesphgvthgvrhhtohguugdrohhrgh X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Fri, 4 Aug 2023 13:39:06 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id 6A6BF5F851; Fri, 4 Aug 2023 17:39:03 +0000 (UTC) Date: Fri, 4 Aug 2023 17:39:03 +0000 From: Peter Todd To: bitcoin-dev@lists.linuxfoundation.org Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="SB8PAdHnrhigqCwh" Content-Disposition: inline Subject: [bitcoin-dev] BIP-352 Silent Payments addresses should have an expiration time X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Aug 2023 17:39:11 -0000 --SB8PAdHnrhigqCwh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable tl;dr: Wallets don't last forever. They are often compromised or lost. When this happens, the addresses generated from those wallets become a form of t= oxic data: funds sent to those addresses can be easily lost forever. All Bitcoin addresses have this problem. But at least existing Bitcoin addresses aren't supposed to be reused. Silent Payments are: the whole poin= t is to have a single address that you can safely pay to multiple times, without privacy concerns. Failing to make Silent Payment addresses eventually expir= e in a reasonable amount of time is thus a particularly harmful mistake. Fixing this is easy: add a 3 byte field to silent payments addresses, encod= ing the expiration date in terms of days after some epoch. 2^24 days is 45,000 years, more than enough. Indeed, 2 bytes is probably fine too: 2^16 days is= 180 years. We'll be lucky if Bitcoin still exists in 180 years. Wallets should pick a reasonable default, eg 1 year, for newly created addresses. Attempts to pay an expired address should just fail with a simple "address expired". Lightning invoices are a good example here: while invoic= es does not require expiration from a technical point of view, they do expire = for similar UX reasons as applies to silent payments. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --SB8PAdHnrhigqCwh Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmTNN7QACgkQLly11TVR Lzcqag//XGfqhEuXQMff0t8/BdgkNuOlW0JVbDcbQkoqtlvjtKEQNSvhSCPO6CVk 8GXc59qBLGe0oz+O5BdRrwnymEGj3bu9cSLm9l9n/t/LPZ4i6/3TIG1t4f5VVvuD jmFA/1/tneA7Gv6ZGj1pxbmpZ1XluhrGLRrLi52BPjbXExIIfzoJWjnVvhUSjzvO X966+Kj3Y1iIe2BOUfncT/Ig0tViU0JfbGXsLD4skTc7Jn8VrUWvpp55DMy8cRuK XtIu660reaFLJVsC67IsvZJdTJR++Jsa4lhIuoCNnRLU50YyVckdUlsoOiZcfI0v W5pC28fIcf3CAIjUDJMV3sp7DdEhNH8MTFGngZHuGqNLnj3KRbQ55bBkaUlliKNn NRxoLebKLenbGweO7mxT4BMa0K4N3GA/7Pan4HYF4/p7soGjvTO/j8Lh/EqYvoF2 c4KF0LlHfnnCaHlAflIgar1RsnQ0dBZtA439sDQhKaGc2dkevsztU+gj9PDqNPRv eaW6NLwhgbU8VV1iR6qeF11tPe8nfP+fpK0Abz3zYWnsnPttG1OvUVhAWJGxjNrp SD+zTi4Q5WSJ9JnFP70Eep4CXtC2qwWSRUxMKCg5jsJtGrhzi3yMRXzYegRweO+A mc5dv37uTGnc5Le981X+TbQI77AKxbajXd5jY/irCK59WnoVFOg= =2pUB -----END PGP SIGNATURE----- --SB8PAdHnrhigqCwh--