Published on: 2014-05-13T10:29:43+00:00
Chris Pacia and another individual discussed the potential of using the payment protocol for stealth, which would require frequent wallet backups. They considered auto-respending transactions to a private HD derived key, but this approach would be inefficient in terms of block space. The ability to access funds with just 12 words and a date is desirable.Peter Todd and Jeff Garzik rejected the idea of depending solely on a communications backchannel to retrieve funds as it would make the payment non-atomic. Garzik argues that putting the communications medium in the blockchain itself is wrong and goes against the purpose of the blockchain.Pieter Wuille proposed using PaymentACK messages as proof of payment. The sender would send a Payment message containing a scriptSig-less Bitcoin transaction and a limit on its byte size to the receiver. Once the receiver acknowledges it, the sender can either send the full transaction or broadcast it themselves. This approach ensures both parties agree with the transaction before committing.In a conversation between Peter Todd and Pieter Wuille, Wuille proposed a method for making payments more atomic. It involves having PaymentACK messages signed with the same key as the payment request. The sender would send a scriptSig-less Bitcoin transaction with byte size and sigop count limits to the receiver. The receiver would only acknowledge the transaction if it satisfies certain criteria. However, there are still issues with the system, such as the possibility of the sender withholding the signed transaction or the receiver claiming to have never received it.Pieter Wuille posted about the benefits of stealth addresses and payment protocols. He suggests improving atomicity in the payment protocol instead of adding stealth functionality as a last resort. However, there are many edge cases due to how payments tie up txouts. Wuille also plans to write a relaxed version of IsStandard() rules based on soft-fork safe whitelisting/blacklisting.The speaker discusses a proposed method of including nonces in a payment protocol. They acknowledge that it makes sense but understand the proposal.The author believes that stealth addresses and payment protocols have different use cases. They suggest using anonymous donations for anonymity and direct communication for other benefits such as negotiating transaction details and refund information. The author suggests improving atomicity instead of adding stealth functionality as a last resort.Mike Hearn proposes a method to achieve atomicity and stealth payments without additional space in the blockchain. A lightweight client would identify transactions via the payment protocol. The speaker discusses the benefits of atomicity and extending BIP70 with ECDH.Todd proposed the idea of using a communication backchannel for retrieving funds again, but this time, the payment messages would be sent directly to the merchant who takes responsibility for broadcast. The author argues that a good store and forward network ensures atomicity.Mike Hearn mentions Amir Taaki's proposal for stealth addresses but rejects the idea of depending solely on a communication backchannel for retrieving funds. He also addresses recent advancements in ECDH multi-party signing and emphasizes the importance of letting the free market for fees do its job.The article discusses an ECDH extension for BIP 70 that is not backward compatible with the stealth address proposal. It resolves privacy issues and allows for attaching messages to payments. The article presents a way to combine nonces for backwards compatibility. The article also discusses the justification for the original stealth address design.
Updated on: 2023-08-01T09:13:02.325424+00:00