Bitcoin Forum
December 10, 2016, 06:31:43 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Suggestion: Allow short messages to be sent together with bitcoins ?  (Read 6389 times)
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416


View Profile
October 24, 2010, 08:53:29 PM
 #21

It would be unwise to have permanently recorded plaintext messages for everyone to see.  It would be an accident waiting to happen.

What bad effect would you anticipate?

This is already sort-of possible with the current system due to the broadband subchannel in ECDSA.

I was looking for ways of distributing arbitrary information in the block chain to support the implementation of a full client which did  not have to bother remembering the entire block chain.
See http://bitcointalk.org/index.php?topic=505.0 - a thread about "Balance Sheets"
A naive way of encoding the data would be based on sending money to a variety of addresses, the data to be decoded by examining let's say the first couple of of bytes of the receiving addresses but this is rather wasteful of bandwidth with many transactions required to transmit relatively little data.

An interesting property of DSA is that if you're trying to sign a 32 byte message then each signature is 64 bytes long. This means that the signature includes 32 bytes of information just created out of thin air. If you look up the algorithm http://en.wikipedia.org/wiki/Digital_Signature_Algorithm , this information comes from the random parameter k. A signature consists of a pair of numbers g^k and another expression involving both k and g^k. If you could choose k such that g^k contained your data then you could include your plaintext data in the block chain in great big chunks. (Un)Fortunately, doing this has to be hard otherwise ECDSA is insecure.

However, if you effectively release the private key then everyone can, through some simple algebra recover the k values used in all your signatures signed with that key. I was not the first to realize this. See http://en.wikipedia.org/wiki/Subliminal_channels.
If you've spent all the money associated with that key then you don't care about it anymore. (Of course if someone sends more money to that key then everyone will race to spend it!) So you can encode a load of data in some normal transactions for days or months or whatever and then effectively release your private key (for which there is an elegant method) and then all the data is plain to see.

Of course my "balance sheet" scheme does not suffer from this problem (if problem it is) so badly   Wink

ByteCoin
1481394703
Hero Member
*
Offline Offline

Posts: 1481394703

View Profile Personal Message (Offline)

Ignore
1481394703
Reply with quote  #2

1481394703
Report to moderator
1481394703
Hero Member
*
Offline Offline

Posts: 1481394703

View Profile Personal Message (Offline)

Ignore
1481394703
Reply with quote  #2

1481394703
Report to moderator
1481394703
Hero Member
*
Offline Offline

Posts: 1481394703

View Profile Personal Message (Offline)

Ignore
1481394703
Reply with quote  #2

1481394703
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481394703
Hero Member
*
Offline Offline

Posts: 1481394703

View Profile Personal Message (Offline)

Ignore
1481394703
Reply with quote  #2

1481394703
Report to moderator
1481394703
Hero Member
*
Offline Offline

Posts: 1481394703

View Profile Personal Message (Offline)

Ignore
1481394703
Reply with quote  #2

1481394703
Report to moderator
Anonymous
Guest

October 25, 2010, 03:17:03 AM
 #22

Why should we reinvent the wheel when theres an existing way to do things ? When you send a bitcoin to a merchant you also send them a tweet or direct message on twitter!. Twitter allows you to add metadata to tweets http://dev.twitter.com/pages/annotations_overview .

Quote
When you create a tweet, you can add one or more annotations to that tweet. These annotations represent structured metadata about the tweet. What that metadata contains is up to you. The feature simply provides a structure for how to specify the annotations and retrieve them along with the tweet.

A tweet can have one or more annotations. An annotation is a tuple whose first element is a 'type' and whose second element is one or more attribute names with values. Here are some examples of various annotations represented in JSON and in a simple custom format:

A single annotation of type 'type', with a single attribute named 'attribute' whose value is 'value':


Quote
when you sum up all the bytes that make up all your annotation types, attribute names and attribute values, the total size of bytes must be no more than 512 bytes (we're hoping to increase this over time as capacity permits to something closer to 2K).

Surely a bitcoin message would fit in there?  We can define the standard ourselves for how it is done.
I repeat-
What that metadata contains is up to you.

Does this mean you could  also fit your pgp key in that message allowing the merchant to identify you and preventing your message from being read by anyone else?Can you compress things in a way that fits inside the 512 limit?
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416


View Profile
October 25, 2010, 04:00:53 AM
 #23

Why should we reinvent the wheel when theres an existing way to do things ? When you send a bitcoin to a merchant you also send them a tweet or direct message on twitter!. Twitter allows you to add metadata to tweets
Because this relies on the twitter infrastructure which is another point of failure. If the Bitcoin infrastructure fails then no Bitcoin payments are possible. If a messaging infrastructure is implemented within the Bitcoin protocol then (under plausible circumstances) the messaging would only fail if the payment infrastructure failed in which case there was no point sending the message anyway. Nothing lost.

If you implement the messaging in twitter then you have to cope with both the additional scenarios in which exactly one of twitter and Bitcoin fail. This would complicate your implementation.
I don't believe that twitter provides a guaranteed quality of service so you would be vulnurable to the human factors whereby support for your metadata is limited or terminated etc...

Does this mean you could  also fit your pgp key in that message allowing the merchant to identify you and preventing your message from being read by anyone else?Can you compress things in a way that fits inside the 512 limit?
Considering that the fundamental size of a number used by the elliptic curve cryptography in Bitcoin is 32 bytes, 512 bytes means you can transmit 16 of them in one metadata packet. If you steer clear of the patent-encumbered point compression then a public key or a signature take two slots each and encrypting a one slot message takes four slots if you're keen on security. This still leaves plenty of room for your payload. The details on how much room is left depend on exactly what sort of security guarantees you're trying to achieve.

However, I suspect that a secure public key cryptography system implemented over twitter would be subject to various kinds of interference until rendered unsuitable.

ByteCoin

PS Thanks for the interesting twitter info.
Anonymous
Guest

October 25, 2010, 04:33:05 AM
 #24

Why should we reinvent the wheel when theres an existing way to do things ? When you send a bitcoin to a merchant you also send them a tweet or direct message on twitter!. Twitter allows you to add metadata to tweets
Because this relies on the twitter infrastructure which is another point of failure. If the Bitcoin infrastructure fails then no Bitcoin payments are possible. If a messaging infrastructure is implemented within the Bitcoin protocol then (under plausible circumstances) the messaging would only fail if the payment infrastructure failed in which case there was no point sending the message anyway. Nothing lost.

If you implement the messaging in twitter then you have to cope with both the additional scenarios in which exactly one of twitter and Bitcoin fail. This would complicate your implementation.
I don't believe that twitter provides a guaranteed quality of service so you would be vulnurable to the human factors whereby support for your metadata is limited or terminated etc...

Does this mean you could  also fit your pgp key in that message allowing the merchant to identify you and preventing your message from being read by anyone else?Can you compress things in a way that fits inside the 512 limit?
Considering that the fundamental size of a number used by the elliptic curve cryptography in Bitcoin is 32 bytes, 512 bytes means you can transmit 16 of them in one metadata packet. If you steer clear of the patent-encumbered point compression then a public key or a signature take two slots each and encrypting a one slot message takes four slots if you're keen on security. This still leaves plenty of room for your payload. The details on how much room is left depend on exactly what sort of security guarantees you're trying to achieve.

However, I suspect that a secure public key cryptography system implemented over twitter would be subject to various kinds of interference until rendered unsuitable.

ByteCoin

PS Thanks for the interesting twitter info.


Is there anything stopping a competitor from doing it?
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416


View Profile
October 25, 2010, 05:07:10 AM
 #25

Is there anything stopping a competitor from doing it?

A competitor to whom from doing what?
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 25, 2010, 07:42:30 AM
 #26

Why should we reinvent the wheel when theres an existing way to do things ? When you send a bitcoin to a merchant you also send them a tweet or direct message on twitter!. Twitter allows you to add metadata to tweets http://dev.twitter.com/pages/annotations_overview .

1. We definately should not use any third-party tools for messaging.
Messaging should be done only using some decentralized protocols.

I mean what will happen if some company buys twitter and concludes that it should not exist and then shuts it down ?
Using external services as the core of bitcoin functionality is just not safe.

2. I agree with Satoshi on this - a separate protocol should be used. Perhaps another P2P protocol, or some messaging protocol like Jabber. Let's stick to the Keep It Simple Stupid (tm) rule.

Anonymous
Guest

October 25, 2010, 08:07:02 AM
 #27

Why should we reinvent the wheel when theres an existing way to do things ? When you send a bitcoin to a merchant you also send them a tweet or direct message on twitter!. Twitter allows you to add metadata to tweets http://dev.twitter.com/pages/annotations_overview .

1. We definately should not use any third-party tools for messaging.
Messaging should be done only using some decentralized protocols.

I mean what will happen if some company buys twitter and concludes that it should not exist and then shuts it down ?
Using external services as the core of bitcoin functionality is just not safe.

2. I agree with Satoshi on this - a separate protocol should be used. Perhaps another P2P protocol, or some messaging protocol like Jabber. Let's stick to the Keep It Simple Stupid (tm) rule.

http://identi.ca/ is what I had in mind. Its based on status.net which is the open source version of twitter. It also lets anyone host their own server.
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
October 25, 2010, 10:24:23 AM
 #28

Still, I keep thinking that if precision is ever increased to about 32 decimals, we could send message using small change.

I think it would be pretty cool.

Edit.  For small amounts, one could divide the transfer in two.  The first part being the message, and the second making the necessary complement.

Let's say for instance I want to transfer one bitcoin with the message 'bitcoin is cool'.

I use a simple 27 characters coding.  'a' is 0, 'b' is 1, 'c' is 2 and so on.  The space character is 26.

Then the decimal representation of 'bitcoin is cool' is :

reduce( lambda a, b: 27*a + b, [11, 14, 14, 2, 26, 18, 8, 26, 13, 8, 14, 2, 19, 8, 1])

which is 1262462588570946134764

then we make two transfers :  one of 0.1262462588570946134764 BTC, and an other one of

1 - 0.1262462588570946134764 = 0.8737537411429053865236  BTC

Wouldn't that be cool ?  Smiley


Alternatively, if I'm ok with paying a small fee for such a data transmission, I can transfer an amount of :

1.00000000001262462588570946134764

But this is possible only with a 32 decimals precision.

For very very small amounts, it won't be possible.  But I guess no one would want to associate a message to such small transfers.


Edit.  I suspect there are deep implications to this idea.  I think it could be related to Shannon's theory of information.  Somehow, I think it could be possible to consider the smallest bitcoin unit as a "right to transfer a bit of information trough the bitcoin network".  This could help the whole abstract conceptualization of the network.   I will write more about that once it will get clearer in my head.
Anonymous
Guest

October 25, 2010, 11:00:47 AM
 #29

Is it possible to trigger another program to open when you send or receive a bitcoin?

grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
October 25, 2010, 11:38:07 AM
 #30

Is it possible to trigger another program to open when you send or receive a bitcoin?

Sure.  You can use bitcoind in a bash script, for instance.
extro24
Full Member
***
Offline Offline

Activity: 195


View Profile
December 10, 2013, 12:05:09 PM
 #31

Is there a transaction that would send back coins from a payee address if coins were received by that address?  I'm thinking of things like activation tokens, which could be bundled with the (token) coins sent back to the payer address.

This idea is relevant since there seems to be consensus in allowing prunable messages in Bitcoin 0.9.
extro24
Full Member
***
Offline Offline

Activity: 195


View Profile
December 10, 2013, 12:08:48 PM
 #32

By the way, grondilu, your suggestion of sending messages as part of the Value is very interesting.  For Freicoin, for example, there is a proposal to allow 775 digits after the decimal point.  That would be enough for some substantial text messages.  Or even binary messages.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!