> Uh while I'm responding again, what I'd discussed with Peter Todd in > IRC used two EC points in the stealth address. One for the payment and > one for the ECDH. The reason to use two is that it makes delegating > detection possible and so you don't have to have you spending keys > online to even detect these payments. Why'd that get dropped?
I think this is exactly what I've implemented. I decided to put both pubKeys in a 2-of-2 multisig, instead of keeping one of the pubKeys in the OP-RETURN, to prevent a malicious sender from triggering false positives on your online detection key when the funds are actually still fully controlled by the payer. You can still have a false positive (only 1 of 2 keys actually yours) but the funds would be trapped so it's unlikely anyone would do it. Can you take a look at the Gist and TXs on TestNet I sent out, and see if that's in line with what you expected? I would also greatly appreciate if you could review the discussion around doing two ECDH operations with a single ephemeral key. Thanks! --Jeremy ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
