Author: Peter Todd 2014-01-03 20:39:39
Published on: 2014-01-03T20:39:39+00:00
In an email exchange, Adam Back and Nadav discuss a proposal that has been previously suggested by others. Adam points out that the general limitation of this proposal is its lack of Simple Payment Verification (SPV) compatibility, which requires the recipient to test each payment to see if it can compute the private key for it, or for the sender to send the derivation key out of band. However, he believes that this proposal has the potential to be more SPV compatible than other alternatives as it allows for receiving unlimited unrelated payments with a single prefix query with a fixed bandwidth/anonymity set size tradeoff in conjunction with prefix filters.Adam also argues that approaches such as BIP38 with UI's that make it easy to create a new address for every payment force users to either accept higher bandwidth consumption, decrease their anonymity set size, or lose payments. In addition, he acknowledges that most of the bitcoin infrastructure currently uses the bitcoin broadcast channel as the communication channel, which supports payer and payee not being simultaneously online. He notes that it is important to ensure that the key is not lost and that subsequent data loss events do not result in the loss of money for the recipient. Adam concludes that fixing the address reuse issue is an attractive proposition, but admonishment to not reuse addresses has not been successful so far, and there are multiple widely used wallets that reuse addresses. He plans to publish a post tomorrow discussing this proposal in more detail, as well as an overview of bloom filters vs. prefix filters, with the argument that bloom filters have poor scalability and should be depreciated.
Updated on: 2023-06-07T23:26:34.276910+00:00