Author: Tom Trevethan 2023-08-09 15:14:36+00:00
Published on: 2023-08-09T15:14:36+00:00
When receiving a coin, verification of all previous signatures and backup transactions is necessary. If any information is missing, the verification will fail, preventing incorrect transactions. Additionally, the transfer data, including new and previous backup transactions, signatures, and values, is encrypted using the new owner's public key. The server does not have access to this public key to maintain privacy. Currently, individual coins are identified by a statechain_id identifier, unrelated to the coin outpoint, which is used by the receiver to retrieve transfer data through the API. However, this requires the sender to send the identifier separately and exposes the server to potential corruption if the identifier is obtained by someone else. One proposed solution is to use a second non-identifying key exclusively for authenticating with the server. This would result in a "statchain address" composed of two separate public keys: one for the shared taproot address and the other for server authentication.
Updated on: 2023-08-10T02:09:04.686078+00:00