![]() So the only way to find payments to your stealth address is to try all of them and see if any match. ![]() But in this case the address is brand new, and the tag is a random number. Normally a wallet does this by scanning the block chain looking for payments to addresses it generated. Once such a tagged transaction is made, the recipient has to be able to find it. Second problem: stealth payments look different to regular payments. It can be public without causing problems, so the current stealth address scheme tags it onto the transaction using a new output.įirst problem: stealth address usage bloats the block chain. Let’s put aside the questionable name choice and look at the technology - to redeem the payment, the recipient needs the big random number. ![]() Unfortunately it’s the conversion of this scheme into “stealth addresses” that is where the problems start. This number is fed into a bunch of equations along with the published key and out pops what we need: a new public key (read: address) for which only the recipient can calculate the private part, and which can’t be linked to the original published key. But at a very high level, the sender selects a large random number. The exact mechanism is well explained in this writeup by Peter Todd, although it’s worth noting the original idea of doing elliptic curve Diffie-Hellman is from ByteCoin in 2011. What’s needed is a way for a sender of money to generate a public key that they don’t own the private key for, such that the receiver can calculate the private key, and it’s impossible to link the payments together. If the genuine recipient can enumerate them all, so can the adversary who wants to learn your income. Why can’t you just publish the chain code and let the sender iterate the keys? Because the receipient of the money has to be able to find the payments, and that means they have to be able to enumerate all possible payment addresses. To know who you are paying you want a signature from them, but then the server would have to be able to sign as you, which reduces security.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |