Obfuscation - only to be used by wizards in magic spells, not cryptography

[coastermonger]

Let's imagine a challenge with 4 facts:

1.) There is a merchant out in the world who is offering something you want, (something truly amazing, like an Enzo Ferrari) for 1,000 BTC.

2.) Fortunately, I'm about to give you 1,000 BTC because I owe ya.

3.) Using a wallet of your design, your job is to create a new address to receive this bitcoin into your wallet, and then subsequently spend this bitcoin into the merchant's 3rd party address.  

4.) Unfortunately, the computer you are using is infected with undetectable and unremovable keylogging Malware and screencapture technology.  It's designed to immediately intercept and re-spend bitcoins to a thief's address.  You don't even know its infected.  In other words, as soon as the malware is able to see either your password or your private key, any funds in your wallet will immediately be stolen.

So how can you receive this bitcoin onto the computer's wallet and spend it again without the thief intercepting ANY of it?  AND without changing the current bitcoin protocol?

(Hint: easier than you think, don't spend too much time on it, I will reply with the correct solution in about 12 hours time.)

Just for fun, let's also imagine that the memory is infected as well.  The thief already knows your password and the private key to every address you have ever created.  The wallet is currently empty, but as soon as any funds go into it, they're going to get stolen right back out unless the wallet is truly of a remarkable design.

One type of valid solution would be to remove the lines of communication.

Step 1) Turn off your computers internet connection.

Step 2) Open up your computers wallet and generate an address and private key at your leisure.

Step 3) Tell me to transfer that 1,000 bitcoin to your new address now.

Step 4) Use another computer to monitor the blockchain.info page of that address. Once confirmed call up the merchant to tell him you have a 1,000 BTC address to import via private key when ready.  (But I will admit, all this is a little cumbersome and only slightly bending the rules by using 2 computers)

There is an even better solution, but before describing it I'm still interested in what else you might think of.

[1714036893]

1714036893

[1714036893]

1714036893

[dserrano5]

There is an even better solution, but before describing it I'm still interested in what else you might think of.

Ah, is a second computer ok? Then unplug from the internet. Ask you the txid of your 1000 BTC payment to me. Generate and sign another transaction redeeming the coins in your transaction and sending them to the merchant. Broascast the transaction from another computer (or from the same computer after setting up a tight firewall that only permits the blockchain.info URL that allows you to broadcast transactions, I can't remember it now blockchain.info/pushtx—thank you TBZ!).

[TheButterZone]

blockchain.info/pushtx

[virtualmaster]

Obfuscation can be useful especially if the method is unknown and even more if paired with steganography.
Just look how the freemasonry kept their secrets over hundreds of years. If it were secured with cryptography we would already know their secrets or at least the secrets what they had 60 years ago.
They have just hidden(a kind of steganography) the secrets and obfuscated it(gave false explanations and hints).
Was this method successful ? Sure.

[DannyHamilton]

- snip -
Thanks to those (very few) that were helpful.

You're welcome.