Bitcoin Forum
November 04, 2024, 11:33:07 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > Stealth addresses in darkwallet
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Stealth addresses in darkwallet  (Read 1742 times)
caedes (OP)
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
May 02, 2014, 01:43:53 AM
Last edit: May 04, 2014, 04:38:15 AM by caedes
 #1
Hi!

This is a topic to increase awareness of how we are doing stealth in darkwallet, which is an evolution of the previous iteration implemented by sx.

The implementation of the idea is developed by Peter Todd, Amir Taaki and others. Invented by ByteCoin and with input also by Gmaxwell, Adam Back and others. see http://sourceforge.net/p/bitcoin/mailman/message/31813471/

After discussing over different media, we have arrived to the current "spec": https://wiki.unsystem.net/index.php/DarkWallet/Stealth#Dual-key_stealth

The address results in something like:
vJmskssYSW6wrxsiSWfcCzrUp2GrhHA3hNHtrPDS4ZwCWbHcZCm7L4UwSGQ9fe7sehxpZjGJeNU478J AUitGnQrDssycWemxg5vHfB

(there is no speced version, but we're using 42 for mainnet and 43 for testnet)

But can be later for multisig since it's like an "extended" multisig script.

That includes the following information:
[version:1] [options:1] [scan_pubkey:33] [N:1] [spend_pubkey_1:33] ... [spend_pubkey_N:33] [number_sigs:1] [prefix_length:1] [prefix:prefix_length/8, round up]

You can see the wiki above about how each key is used, but the key factor is we will keep our scan private key generally unlocked (in the client9 while the spend one will be locked, this way the wallet can scan for their tx while not compromising funds security (compromises privacy).

Our implementation is javascript:
https://github.com/darkwallet/darkwallet/blob/develop/js/util/stealth.js
https://github.com/darkwallet/darkwallet/blob/develop/test/unit/util/stealthSpec.js

For now we're not using the prefix, that is aimed at splitting stealth information in namespaces. Also we haven't implemented parts for multisig stealth, that would use several spend keys and result in a stealh multisig where the address is a (long) stealth address, and payments would contain the nonce and a p2sh address. We will be looking to implement this part in the near future.

We welcome any feedback about the idea, and would like to standarize it soon into a bip. This totally works today: Also can be tried on testnet by using darkwallet. https://blockchain.info/tx/6ea5c6f1a97f382f87523d13ef9f2ef17b828607107efdbba42a80b8a6555356.

Cheers!

Edit: Changed a bit the attributions to better reflect the reality as seems Peter and Amir did more developing the implementation details while ByteCoin actually invented the idea of ecdh keys and others added up.
Bit_Happy
Legendary
*
Offline Offline

Activity: 2114
Merit: 1040


A Great Time to Start Something!


View Profile
May 02, 2014, 07:01:00 AM
 #2
Thank you for working on this.
Darkwallet is going to be one of the biggest projects released this year.
A serious question(?) about decentralization. | Homeless Token (HOME) You Can Make Good Honest Money By Helping People In Urgent Need. | +++ Positive Coin +++ Stay Tuned!
spooderman
Legendary
*
Offline Offline

Activity: 1652
Merit: 1029


View Profile WWW
May 04, 2014, 08:46:29 AM
 #3
Yes thanks a lot

Is there a thread on here discussing the code/UI?
Society doesn't scale.
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1076


View Profile
May 04, 2014, 11:44:21 AM
 #4
Quote from: spooderman on May 04, 2014, 08:46:29 AM
Yes thanks a lot

Is there a thread on here discussing the code/UI?

https://bitcointalk.org/index.php?topic=592493.0
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > Stealth addresses in darkwallet
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!