I have begun mentally planning to add a new address format to Bitmessage which has the public key encoded right in the bitmessage address. This comes at the behest of
gmaxwell. It's a good idea. It would allow a Bitmessage user who receives messages to remain completely passive, and thus anonymous, even against a global attacker who can listen and even modify traffic on any or all individual Internet connections.
But
This would require that the same EC key be used for both signing and encryption where
ECIES is used for encryption. Is there currently sufficient reason to believe that this should be avoided? Or is there specific reason to believe that it is safe?
If there is only a small risk of it being insecure then it might be outweighed by the benefit of completely passive client operation.
-Atheros