[bitcoin-dev] SLIP-0039: Shamir's Secret-Sharing for Mnemonic Codes

2018-09-21 Thread Andrew Kozlik via bitcoin-dev
Hello everyone, We are currently writing a new specification for splitting BIP-32 master seeds into multiple mnemonics using Shamir's secret sharing scheme. We would be interested in getting your feedback with regard to the high-level design of the new spec:

Re: [bitcoin-dev] SLIP-0039: Shamir's Secret-Sharing for Mnemonic Codes

2018-09-26 Thread Andrew Kozlik via bitcoin-dev
deal with > the existing legacy privatekeys already encoded into BIP-0039, or > stored in other formats, and how to migrate them securely into a > schema of encoded SSS shares? > > Best regards > Ignacio Berrozpe > > > > > > > > On Fri, Sep 21, 2018 at 8

Re: [bitcoin-dev] SLIP-0039: Shamir's Secret-Sharing for Mnemonic Codes

2018-09-26 Thread Andrew Kozlik via bitcoin-dev
21, 2018 at 11:18 AM Andrew Kozlik via bitcoin-dev > <mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote: > > We are currently writing a new specification for splitting BIP-32 > master > seeds into multiple mnemonics using Shamir's secret sharing scheme. W

Re: [bitcoin-dev] BIP-341: Committing to all scriptPubKeys in the signature message

2020-05-01 Thread Andrew Kozlik via bitcoin-dev
@JeremyRubin <https://twitter.com/JeremyRubin> > > > On Thu, Apr 30, 2020 at 1:22 AM Andrew Kozlik via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> Hi everyone, >> >> In the current draft of BIP-0341 [1] the signature message commits to t

Re: [bitcoin-dev] BIP-341: Committing to all scriptPubKeys in the signature message

2020-05-04 Thread Andrew Kozlik via bitcoin-dev
> > A side effect of this proposal is it would seem to make it not possible to > produce a signature for a transaction without having access to the inputs. > This is limiting for a number of cases where you don't care about that > data. There are a litany of use cases where you don't want to have

[bitcoin-dev] BIP-341: Committing to all scriptPubKeys in the signature message

2020-04-30 Thread Andrew Kozlik via bitcoin-dev
Hi everyone, In the current draft of BIP-0341 [1] the signature message commits to the scriptPubKey of the output being spent by the input. I propose that the signature message should commit to the scriptPubKeys of *all* transaction inputs. In certain applications like CoinJoin, a wallet has to

Re: [bitcoin-dev] BIP70 is dead. What now?

2021-02-19 Thread Andrew Kozlik via bitcoin-dev
Hi Thomas, I am working on an experimental implementation [1] of a new payment request format in Trezor T. In some respects it's similar to BIP-70. The main differences are: 1. There is no reliance on X.509, since that seems to have been the main reason for BIP-70's downfall. The signature is