Bitcoin Forum
October 21, 2017, 11:13:41 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: IDEA: a service that bind bitcoin receiving addresses to your email...  (Read 1387 times)
lixiaolai
a friend of time
VIP
Full Member
*
Offline Offline

Activity: 169



View Profile WWW
May 09, 2013, 03:03:28 PM
 #1

I confront a difficulty when I initiated the charity donation for Lushan Earthquake (https://bitcointalk.org/index.php?topic=181336): somebody reposted the text and replaced the receiving address with his own.

It's not the first time it occurred to me. I've once posted a receiving address in one of my article, which was quite popular, however, I lost that wallet, while the post were being reposted all the time.

Therefore, I want a service that can bind my bitcoin receiving address to my email address, which is almost "permanent" to me. With this service, I might change the bitcoin receiving address, but for others, what they only need to do is to send bitcoin to my email address.

Is this useful to you? If the idea is viable, I'll try to make it.

Thanks for your suggestions.


https://bitfund.pe | A leading Private Equity investing bitcoin related projects and startups.
1508584421
Hero Member
*
Offline Offline

Posts: 1508584421

View Profile Personal Message (Offline)

Ignore
1508584421
Reply with quote  #2

1508584421
Report to moderator
1508584421
Hero Member
*
Offline Offline

Posts: 1508584421

View Profile Personal Message (Offline)

Ignore
1508584421
Reply with quote  #2

1508584421
Report to moderator
1508584421
Hero Member
*
Offline Offline

Posts: 1508584421

View Profile Personal Message (Offline)

Ignore
1508584421
Reply with quote  #2

1508584421
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Brushan
Member
**
Offline Offline

Activity: 112



View Profile
May 09, 2013, 10:20:43 PM
 #2

I think it's a great idea and something like this is a must to make Bitcoin hit the mainstream.
Knecke
Full Member
***
Offline Offline

Activity: 152



View Profile
May 10, 2013, 11:03:23 AM
 #3

We need a service like a DNS, where a bitcoin client makes a request for the mail address "name@domain.com" and the service responses the Bitcoin address.

But the response must be signed or something like that, to avoid (man-in-the-middle)attacks of the service.
lixiaolai
a friend of time
VIP
Full Member
*
Offline Offline

Activity: 169



View Profile WWW
May 10, 2013, 11:07:32 AM
 #4

We need a service like a DNS, where a bitcoin client makes a request for the mail address "name@domain.com" and the service responses the Bitcoin address.

But the response must be signed or something like that, to avoid (man-in-the-middle)attacks of the service.

works like namecoin?

https://bitfund.pe | A leading Private Equity investing bitcoin related projects and startups.
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
May 10, 2013, 11:10:51 AM
 #5

GPG would be perfect for this, although I'm not sure how many people would be comfortable with using it. Cheesy

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
Knecke
Full Member
***
Offline Offline

Activity: 152



View Profile
May 10, 2013, 11:29:55 AM
 #6

We need a service like a DNS, where a bitcoin client makes a request for the mail address "name@domain.com" and the service responses the Bitcoin address.

But the response must be signed or something like that, to avoid (man-in-the-middle)attacks of the service.

works like namecoin?

No, i mean a centralized service.

You sign up, sign in, insert your address and sign the address.
But you need a trusted service.

Only a thought experiment from me... not yet thoroughly thought through
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
May 10, 2013, 11:42:34 AM
 #7

We need a service like a DNS, where a bitcoin client makes a request for the mail address "name@domain.com" and the service responses the Bitcoin address.

But the response must be signed or something like that, to avoid (man-in-the-middle)attacks of the service.

works like namecoin?

No, i mean a centralized service.

You sign up, sign in, insert your address and sign the address.
But you need a trusted service.

Only a thought experiment from me... not yet thoroughly thought through

The service need not to be trusted if you use some kind of crypto... The best way as I said would be to use PGP/GPG with included Bitcoin address in the note field along with your email or just signing the current BTC address with you GPG key and posting the clearsign text on the 3rd party website where users can view it and optionally check in their own gpg client.

EDIT: It would be nice if you could do it all with just Bitcoin signatures, but that's impossible for this use-case (you would be signing e-mail address with an "untrusted" Bitcoin key pair).

EDIT2: Also note that all previously created clearsigned addresses can be securely revoked as long as you keep your private key private, which is good in case your wallet gets compromised (but not your GPG private key; but there's also way to create GPG revocation certificate and broadcast it to keyservers when you private key gets compromised and it invalidates everything signed with the now compromised key).

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
bujiraso
Newbie
*
Offline Offline

Activity: 28


Developer/Scientist


View Profile
May 10, 2013, 05:38:12 PM
 #8

I feel like a smart enough wallet client could solve this problem entirely, using many of the above suggestions -- most importantly crypto
I'm a dev... I'll think on whether or not I could make something that works for this purpose.

BTC Donations: 1ww5X9NtLcumUuvcfXdKdNB71E5xNuqJr
edmundedgar
Sr. Member
****
Offline Offline

Activity: 352


https://www.realitykeys.com


View Profile WWW
May 11, 2013, 05:25:26 AM
 #9

We need a service like a DNS, where a bitcoin client makes a request for the mail address "name@domain.com" and the service responses the Bitcoin address.

But the response must be signed or something like that, to avoid (man-in-the-middle)attacks of the service.

works like namecoin?

No, i mean a centralized service.

You sign up, sign in, insert your address and sign the address.
But you need a trusted service.

Only a thought experiment from me... not yet thoroughly thought through

The service need not to be trusted if you use some kind of crypto... The best way as I said would be to use PGP/GPG with included Bitcoin address in the note field along with your email or just signing the current BTC address with you GPG key and posting the clearsign text on the 3rd party website where users can view it and optionally check in their own gpg client.

EDIT: It would be nice if you could do it all with just Bitcoin signatures, but that's impossible for this use-case (you would be signing e-mail address with an "untrusted" Bitcoin key pair).

EDIT2: Also note that all previously created clearsigned addresses can be securely revoked as long as you keep your private key private, which is good in case your wallet gets compromised (but not your GPG private key; but there's also way to create GPG revocation certificate and broadcast it to keyservers when you private key gets compromised and it invalidates everything signed with the now compromised key).

I'll post a proper announcement later but I've been working on a service a bit like this. I'm planning on starting with a version that runs on Twitter for Twitter usernames, then doing email, then other kinds of identity. (My original motivation was virtual world avatars for OpenSim, which I'd also like to do.)

The way I see it, the problem is split into two parts, which could conceivably be run by different people:

1) Confirming identity-address pairs (eg this address belongs to this email) and signing them with the identity-confirmer's GPG certificate. This is done either by sending a confirmation message (email) or by trusting the information given by a system's API (Twitter). Traditionally this is the kind of thing that webs of trust can help with, and that may turn out to be the ultimate solution, but I think we get something usable quicker with just a few trusted parties. If somebody turns out not to be trustworthy we can stop serving data they've signed.

2) Storing and serving the GPG-signed identity-address pairs, and making them available through an API to anyone who knows the identity side (eg the email address). People using the API would check the signature of the data they fetched against a list of known good identity-confirmers, which should protect against the web server serving the data getting hacked.

Ideally I'd envisage this data being shared by at least 2 or 3 different people or organizations which all support the same API, so that you could develop applications that use it and be reasonably confident that it won't suddenly disappear. In a world full of technical people the data would all be entirely public, but in the real world that we sadly inhabit non-technical people generally have reservations about the way their email addresses are shared, so in practice I think this is also better done by a smallish number of independent people or organizations that agree to try hard not to leak it. Email addresses can be stored hashed, but that can be brute-forced in a lot of cases as they're fairly predictable. If somebody ends up accidentally leaking the data, that's bad, but not devastating.
lixiaolai
a friend of time
VIP
Full Member
*
Offline Offline

Activity: 169



View Profile WWW
May 11, 2013, 12:05:42 PM
 #10

I feel like a smart enough wallet client could solve this problem entirely, using many of the above suggestions -- most importantly crypto
I'm a dev... I'll think on whether or not I could make something that works for this purpose.

If you embed this feature into a wallet client, that means the feature is only available to a portion of bitcoin users, which is a limit...

https://bitfund.pe | A leading Private Equity investing bitcoin related projects and startups.
btharper
Sr. Member
****
Offline Offline

Activity: 389



View Profile
May 11, 2013, 07:49:38 PM
 #11

I feel like a smart enough wallet client could solve this problem entirely, using many of the above suggestions -- most importantly crypto
I'm a dev... I'll think on whether or not I could make something that works for this purpose.

If you embed this feature into a wallet client, that means the feature is only available to a portion of bitcoin users, which is a limit...
I think the intent is to be able to add this functionality to any wallet (the wallet could confirm the address you're adding goes to the correct person), and users of wallets that don't support this functionality natively can just use a standalone program or web interface
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
May 11, 2013, 07:54:02 PM
 #12

This has been done so many times, and have failed cause the users don't know how to handle a trust-less system.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
lixiaolai
a friend of time
VIP
Full Member
*
Offline Offline

Activity: 169



View Profile WWW
May 12, 2013, 03:12:57 AM
 #13

This has been done so many times, and have failed cause the users don't know how to handle a trust-less system.

essentially I think namecoin is nearest solution for this purpose.

https://bitfund.pe | A leading Private Equity investing bitcoin related projects and startups.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!