Bitcoin Forum
November 22, 2017, 03:39:42 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Stealth addresses in darkwallet  (Read 1671 times)
caedes
Jr. Member
*
Offline Offline

Activity: 44


View Profile
May 02, 2014, 01:43:53 AM
 #1

Hi!

This is a topic to increase awareness of how we are doing stealth in darkwallet, which is an evolution of the previous iteration implemented by sx.

The implementation of the idea is developed by Peter Todd, Amir Taaki and others. Invented by ByteCoin and with input also by Gmaxwell, Adam Back and others. see http://sourceforge.net/p/bitcoin/mailman/message/31813471/

After discussing over different media, we have arrived to the current "spec": https://wiki.unsystem.net/index.php/DarkWallet/Stealth#Dual-key_stealth

The address results in something like:
vJmskssYSW6wrxsiSWfcCzrUp2GrhHA3hNHtrPDS4ZwCWbHcZCm7L4UwSGQ9fe7sehxpZjGJeNU478J AUitGnQrDssycWemxg5vHfB

(there is no speced version, but we're using 42 for mainnet and 43 for testnet)

But can be later for multisig since it's like an "extended" multisig script.

That includes the following information:
[version:1] [options:1] [scan_pubkey:33] [N:1] [spend_pubkey_1:33] ... [spend_pubkey_N:33] [number_sigs:1] [prefix_length:1] [prefix:prefix_length/8, round up]

You can see the wiki above about how each key is used, but the key factor is we will keep our scan private key generally unlocked (in the client9 while the spend one will be locked, this way the wallet can scan for their tx while not compromising funds security (compromises privacy).

Our implementation is javascript:
https://github.com/darkwallet/darkwallet/blob/develop/js/util/stealth.js
https://github.com/darkwallet/darkwallet/blob/develop/test/unit/util/stealthSpec.js

For now we're not using the prefix, that is aimed at splitting stealth information in namespaces. Also we haven't implemented parts for multisig stealth, that would use several spend keys and result in a stealh multisig where the address is a (long) stealth address, and payments would contain the nonce and a p2sh address. We will be looking to implement this part in the near future.

We welcome any feedback about the idea, and would like to standarize it soon into a bip. This totally works today: Also can be tried on testnet by using darkwallet. https://blockchain.info/tx/6ea5c6f1a97f382f87523d13ef9f2ef17b828607107efdbba42a80b8a6555356.

Cheers!

Edit: Changed a bit the attributions to better reflect the reality as seems Peter and Amir did more developing the implementation details while ByteCoin actually invented the idea of ecdh keys and others added up.
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511365182
Hero Member
*
Offline Offline

Posts: 1511365182

View Profile Personal Message (Offline)

Ignore
1511365182
Reply with quote  #2

1511365182
Report to moderator
Bit_Happy
Legendary
*
Offline Offline

Activity: 1638


A Great Time to Start Something!


View Profile
May 02, 2014, 07:01:00 AM
 #2

Thank you for working on this.
Darkwallet is going to be one of the biggest projects released this year.

spooderman
Legendary
*
Offline Offline

Activity: 1442


View Profile WWW
May 04, 2014, 08:46:29 AM
 #3

Yes thanks a lot

Is there a thread on here discussing the code/UI?

Society doesn't scale.
genjix
Legendary
*
Offline Offline

Activity: 1232


View Profile
May 04, 2014, 11:44:21 AM
 #4

Yes thanks a lot

Is there a thread on here discussing the code/UI?

https://bitcointalk.org/index.php?topic=592493.0
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!