Bitcoin Forum

I am not developing anything. I have low-level EC math capabilities. This might not be the right place to put this. But I have been thinking there is another way to send unique payments to others without waiting for them create an address first. Its a different way to send coins without waiting for them to provide you a unique address. Might have been dismissed / discussed already.

TTBit's lawn mowing service public key:
04fea05bcacad1d37c930b144d33be0df666a7a2413002cee90a61a65658a4a6dc921f3833bc17c bee18e5d744d63a092f1fa7c46458ee1f71e2f464d9ce650a65

I mow your lawn, and leave an invoice:
TTBit Lawn Mowing Service
Invoice #: B01559AF
Total: 1.50 BTC

You type in your client.
Send to: TTBit Lawn Mowing Service
Invoice: B01559AF
Send: 1.50 BTC

In my client:
I type in: B01559AF

And the coins are there. No addresses necessary.

What happened in your client:
sha(B01559AF) = "52dcfe43dce1da7160d31590d541e4c39edba642fd9d2296db27dbca1a4c87d9"
multiplied by my public key: 04fea05...
Which gives public key (0462051a9...) and ultimately a unique bitcoin address that only I can decode:
1Bz79TwSuJRz9CprFp5c7HZjzGNZcJwt7w

In my client:
I multiply my private key (which is:5Jh5CB3SuQophegapGjwshi5XtFAykzkvnZvzsMP15aTdL1rpJz) times sha(B01559AF) and come up with private key for 1Bz79T... (5KXnjCHmaodbCUf3zqGuuSkqKg17nkduSeMq5oKkh7vtXcbm5aJ)

Other Notes / Uses:
* I can 'push' a unique payment for the user to 'pull' when he gets around to it. For example, I am pushing a 0.10 btc payment to etotheipi with "2012-11-12 TTBit Thank You!". Those coins exist and he should be able to find them. (its @ 19hvpBYTgVKoZXLN4owJHzrHUWyLykem2Z)

* Your grandma can now send coins to you with just "Happy 25th Birthday Bobby!" (but she has to relay the message correctly)

* A website would only have to keep a DB of unique invoice numbers.

* If the IDs are "unique enough", your private key can be stolen by a 3rd party without immediate consequence, as you will be the only one who sends out the invoice ID.

you can do the same with type 2 deterministic wallets.
I already thought about building this into Electrum.

The drawback is that you need to know the ID of the payment (your invoice), and to use exactly the same ID on both ends.
if there is some confusion there, I imagine that it some disputes can arise between sender and receiver.

I'll have to read up on type 2 deterministic wallets. I don't think I'm discovering something new. I question why we need all these addresses and private keys in the first place. All you need is one private key per entity. Create a new address? Just sha(description) or sha(timestamp). Want my SMTP to send your email? sha(message) to each recipient so they can recover coins.

I agree. as I said, I considered doing this within Electrum. I guess I will add it at some point.
Two obstacles have prevented me from doing it:
 - lack of privacy. if you give out your master public key, anyone can see if you received payment at a given label.
 - it is not as idiot-proof as Bitcoin addresses. As I said above, if the label is misspelled or incorrectly transmitted, the receiver might get very angry.

the second point could be mitigated if the address generation from public key is a webservice.
that service would keep a log of all the addresses generated, and it would be possible to find a missing payment.