Bitcoin Forum
December 09, 2016, 11:31:55 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: How do I know who paid me?  (Read 4903 times)
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
March 17, 2011, 12:46:48 AM
 #21

You CAN encode a message in a currently accepted transaction using the broadband subliminal channel inherent to DSA (and ECDSA).

Googling for 'ECDSA broadband subliminal channel' to figure out what the heck you're talking about...

... doesn't that require that the recipient (as well as the sender) know the private key?
(you encode the message in the 'k' param, which the recipient can only recover using the private key?)

How often do you get the chance to work on a potentially world-changing project?
1481326315
Hero Member
*
Offline Offline

Posts: 1481326315

View Profile Personal Message (Offline)

Ignore
1481326315
Reply with quote  #2

1481326315
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
March 17, 2011, 12:53:37 AM
 #22

Thanks for the link to the wikipedia page in the other thread... so receiver CAN recover 'k' given the public key and signature.

Cool!

That doesn't solve the problem I'd like to solve (because you still need to generate a new keypair for every transaction), but it is cool.

How often do you get the chance to work on a potentially world-changing project?
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416


View Profile
March 17, 2011, 10:54:29 AM
 #23

Thanks for the link to the wikipedia page in the other thread... so receiver CAN recover 'k' given the public key and signature.

Thanks for bearing this useful fact in mind.

Another thing to consider, once any coins associated with an address have ever been spent then the public keys associated with that address are public by virtue of the signature in the transaction. If the merchant's public key is available in this fashion then the customer and merchant can generate a shared secret using Diffie-Hellman key agreement or some similar scheme. This shared secret could be used as the "authentication key" mentioned in the wikipedia article.

Of course, if you're thinking of now enabling currently forbidden scripting features then a lot of options become available.

ByteCoin
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!