From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 77E97C0032 for ; Sat, 5 Aug 2023 14:06:20 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 1AE1F403A7 for ; Sat, 5 Aug 2023 14:06:20 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 1AE1F403A7 Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=qIad/Seq X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2-URMhTpoU4H for ; Sat, 5 Aug 2023 14:06:18 +0000 (UTC) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by smtp2.osuosl.org (Postfix) with ESMTPS id 41C07402EB for ; Sat, 5 Aug 2023 14:06:18 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 41C07402EB Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 7F5525C007B for ; Sat, 5 Aug 2023 10:06:15 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Sat, 05 Aug 2023 10:06:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1691244375; x=1691330775; bh=Ctjw5xCf9E6HL JIulZbVVoSgXUmWabVDgQ/TESBGjKM=; b=qIad/SeqdoG15p8T0FoSR3p5fmS7E 1QU6hIhUD2CH2WPg+CpAI1Tggrai3C4gFOFXN0g1lL+bpLsdzS/w9FsiNQGqTy19 NeHKX2UXpu2MTfiZOzUHBh6XvoMSvmw5K+mIPzjv/RcsfRan9Z+fLJWehxJ6VQPm JJePeBbfKLR0b8T6JD6IfqmppMVdUekuN4n3BkDrpB7/iYXqadq//1Y0+0bG6655 w32j0xLLhXTfoJg2QM60kxJaKMk3E++Y4DyM+IffmFtOyh/5MVLnih/9e/oLMNGw PMNuN9Qow62nyNUU6zgCNDQQbfM96uXmSGcYbW5QUQ/TPiaHEF80djbug== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrkeeigdejudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjsehgtderre dttddvnecuhfhrohhmpefrvghtvghrucfvohguugcuoehpvghtvgesphgvthgvrhhtohgu ugdrohhrgheqnecuggftrfgrthhtvghrnhepiedvvdelieekjeeukefgtdelfeegheehle ffueehteeghfelveejfeelgeevffefnecuffhomhgrihhnpehpvghtvghrthhouggurdho rhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepph gvthgvsehpvghtvghrthhouggurdhorhhg X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 5 Aug 2023 10:06:13 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id E74F95F886; Sat, 5 Aug 2023 14:06:10 +0000 (UTC) Date: Sat, 5 Aug 2023 14:06:10 +0000 From: Peter Todd To: Bitcoin Protocol Discussion Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="OCNLvmm47FThI7YQ" Content-Disposition: inline In-Reply-To: Subject: Re: [bitcoin-dev] BIP-352 Silent Payments addresses should have an expiration time X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Aug 2023 14:06:20 -0000 --OCNLvmm47FThI7YQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 04, 2023 at 03:27:17PM -0700, Brandon Black wrote: > I agree. Non-expiring addresses are a significant risk to bitcoin users. >=20 > On 2023-08-04 (Fri) at 17:39:03 +0000, Peter Todd via bitcoin-dev wrote: > > Fixing this is easy: add a 3 byte field to silent payments addresses, e= ncoding > > the expiration date in terms of days after some epoch. 2^24 days is 45,= 000 > > years, more than enough. Indeed, 2 bytes is probably fine too: 2^16 day= s is 180 > > years. We'll be lucky if Bitcoin still exists in 180 years. >=20 > Instead of a fixed width nDays, consider a custom compact encoding with > the position of the first 0-bit indicating the number of extension bytes > and the encoded granularity. >=20 > bytes | prefix | usable bits | granularity | max expiration > ------|------------|-------------|-------------|--------------- > 1 | 0b0 | 7 | year | 128 years > 2 | 0b10 | 14 | week | 315 years > 3 | 0b110 | 21 | day | 5700 years > 4 | 0b1110 | 28 | block | 5100 years > 5 | 0b11110 | 35 | ??? | ??? > 6 | 0b111110 | 42 | ??? | ??? > 7 | 0b1111110 | 49 | ??? | ??? > 8 | 0b11111110 | 56 | ??? | ??? >=20 > For address expiration, year or week expiration will typically be > sufficiently granular, but for rare occasions more granularity can be > encoded with longer addresses. This method also degrades cleanly even if > the same address format is still in use in 100 or 300 years. 1) Having the granularity of the limit depend on *when* the limit is to be applied in a UX nightmare. It is far simpler to just pick a useful granular= ity, and include enough bytes of integer to work until well into the future. 3 bytes, 24-bits, of days is 45,000 years. That's plenty. 2) Your suggestion would result in a protocol that degrades over time, as t= he granularity of *newly* created addresses goes up. This isn't like CTV/CLTV, where we're creating something now with a limit in the future. 100 years fr= om now - if silent payments still exists - people will still want to create si= lent payment addresses that expire, say, 30 days in the future. Your suggestion = does not allow that. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --OCNLvmm47FThI7YQ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmTOV04ACgkQLly11TVR LzdGgBAAtYLexccxchGn+m9IFUzgwEuzqE3z2PKKDfctvrFxv14FCjMCj3Lyp79Q eh6KxGZsiYteBw+U+9MYMBeemaep8vZtULBw665URcBsALeu87uroPmOmE3fEvXk 8PcyxEgZ8SYxivx63QS4zbXbqGBZe8eqBQzE3SFB+Y7nzWVIvBH/yO9JKjxrzQZo 4AYL/QGyCL0E+paD+dCr5aEVJJjR5kDAygCZLwNeTCzABomh4GRSHLqgaTTbjmUc VPLeu196aps6tDvTtYcL7ylSBs1SQJfEWvrD/oXibupWHKF7+GXtTrRYq6xRx2Xb 5+IqG1ZCc2ArS88kOa7lUrNZQLeiAPDQSjht0mm5hgUCGBcrd6UE/oOr0FAzuvbJ F2FQ2bQvs644EQ2OwZlmCPbgq9XFpX5Ewr3IBnlQoUFnAWQKFwJh8EaL6OoQySaC abDG0MHT21FZbHqnuThT5aGnzfFtjGD2PPU9s2o2OIY7tALRS3XX3vXi+wZOqe0z ViMnm5cJS6e4udtrqwfxrH7ouBirWIM1fIEZiLoyTGbSSWY17WAvMRCcm4Dmaf7B 8DHQ4uAzyl0q5jeIWi1OfCBJ+rCWqvHoDNE/LFvBt92LXqqgISvrsZGHMUfmcph7 5a4h9XvR9OBWq+uaNrjtil0fS1V6DYcjFLICwu2i1IAnZ3YDoVI= =KkVP -----END PGP SIGNATURE----- --OCNLvmm47FThI7YQ--