Published on: 2012-03-22T00:49:20+00:00
Watson Ladd and Gregory Maxwell have been engaged in an email conversation discussing various proposals for enhancing anonymity in Bitcoin transactions. Ladd emphasizes the importance of a verifiable mix to prevent misconduct by mixers, suggesting that if the final step fails, mixes can be challenged to disclose half of their correspondences in order to identify any defectors. He also considers the possibility of publishing everything if the final stage fails, as this would instantly and provably identify cheaters, although precautions must be taken to avoid fake-failures.Ladd further suggests that private keys and signatures serve as better proofs of knowledge than hashes in P2SH conversations. P2SH, being a superset of other schemes, allows for a signature to prove access to a private key and control of a P2SH address. Ladd believes that interactive proofs for knowing the preimages of hashes can be constructed in Bitcoin.Maxwell proposes a new protocol for purchasing equal amounts of Bitcoin while maintaining privacy. The protocol involves N parties who contribute the relevant amount of gold or any other asset at the exchange. Each participant generates a new bitcoin address, encrypting it with the exchange's public key and the public keys of all the mixers. These encrypted addresses are combined into a block and passed to the mixing chain, where each mixer randomizes the order and decrypts the messages with its key. At the end of the chain, the exchange performs the final decryption and presents a list of addresses to the users involved. Users validate that their address is in the set and sign the entire set before the exchange makes the payment. This protocol ensures strong anonymity as long as one of the mixers remains uncompromised and has minimal overhead.In addition to these discussions, Ladd proposes a new opcode called OP_CHECKEXPSIG for anonymous transactions. This opcode enables scripts to provide proof that the receiver can carry out or has carried out a previous transaction. It combines the strong double spend protection of Bitcoin with the strong anonymity of traditional digital cash techniques. However, Michael Gronager raises concerns about how OP_CHECKEXPSIG maintains protection against double spending, as the revelation of former transactions only occurs upon redeeming the OP_CHECKEXPSIG transaction. He seeks clarification on any points he may have missed.It is worth noting that Michael Gronager is the director of Ceptacle, a company based in Copenhagen, Denmark.
Updated on: 2023-08-01T03:22:44.745430+00:00