Published on: 2015-04-25T00:22:30+00:00
The discussion revolves around the use of x co-ordinate instead of hash of the secret while computing Diffie Hellman secret as an alternative to DarkWallet-style stealth addresses. The author suggests that using the x value directly avoids the need for a check to make sure that the hash is valid for secp256k1. A link shared in the email contains an RFC for a new type of Bitcoin address called a "payment code", which provides useful features such as positively identifying senders to recipients and automatically providing for transaction refunds.Payment codes can be publicly advertised and associated with a real-life identity without causing a loss of financial privacy. Compared to stealth addresses, payment codes require less blockchain data storage, requiring 65 bytes of OP_RETURN data per sender-recipient pair, while stealth addresses require 40 bytes per transaction. The author has updated a proposal by incorporating feedback, which can be found on GitHub. The proposal involves using payment codes as a messaging layer and providing a Heartbleed-free payment protocol.However, there are concerns about privacy leaks and the compatibility with multisignature. The author optimized for non-reliance on third-party services and the ability to recover spendable funds from a seed backup, resulting in tradeoffs. Payment codes could be used by merchants to positively identify customers and provide refund capabilities automatically. Exchanges could restrict bitcoin withdrawals to a single payment code known to be associated with their identified customer, making thefts easier.The ability to prove that withdrawals are sent to a positively-identified party might move some Bitcoin businesses out of money transmitter territory into less onerous regulatory situations. The email conversation discusses a proposal to use a constantly reused address as a messaging layer, which may undermine the privacy of the idea. The output associated with notification transactions would require special handling to avoid privacy leaks and would require mixing or being donated to miners as a transaction fee. Payment codes are suggested as an alternative solution, which can positively identify customers and provide refund capabilities in a merchant-customer relationship. However, payment codes could be more expensive to compute and are incompatible with multisignature. The proposal optimized for non-reliance on third-party services and a guaranteed ability to recover spendable funds from a seed backup. It is suggested that there are enough benefits to make them worthwhile, particularly for bitcoin businesses in some jurisdictions to move out of money transmitter territory.
Updated on: 2023-08-01T12:19:22.577263+00:00