Author

Topic: I am looking to understand the BIP 47 ( Reusable Payment Addresses ) use case. (Read 163 times)

legendary
Activity: 4410
Merit: 4766
the whole payment code is simple

when you want someone to pay you, you usually press a 'generate address' button which derived from your key. adds another address tro your wallet for it to monitor incoming payment after ou pass around that address.. thus you +1 the nonce/salt of a new address..

however this scheme is where the other person that knows your secret can generate a new address to you to send you funds without you having to give them a new address.. and they notify you that they are sending funds to a new nonce of the key thus allows your wallet to also move your nonce to the also add the same address to your wallet to then see the payment

EG if old wallets only scan/look for address 1,2,3,4,5  its not yet looking for 6,7,8,9 because you have not pressed the generate address to trigger 6,7,8,9

these payment codes notify your wallet that someone has sent funds to 6,7,8,9 so that your wallet would too generate them same addresses to start watching for incoming transactions on 6,7,8,9 even if you did not manually trigger the generation of 6,7,8,9

the issue still remains.. the need of sharing the secret upfront. meaning you have to choose who you get into this relationship with

the silly part is you need to secretly communicate before setting up this relationship to secretly share a secret..
however you might aswell not tell them a secret which they can abuse.. and instead during the private communication. just send them a list of 100 public addresses for them to use. and just give them an upfront list of public addresses as they are used.. thus no need of a shared secret
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
It is a use case for sure. It would be easy to share your Paynym and it wouldn't reveal privacy problems that can occur once you have publicized a Bitcoin address or something. You can't be pointed by firms that study the blockchain etc.

Sorry, I was not clear, let's say you're a content creator that uses their real name and identity and you want to post a donation address on the screen during one of your live streams. Still cool to use the same payment address over and over again?
Hmm if I was a content creator and I don't mind being d0xed, I shouldn't have any problem reusing a BTC address or something. Maybe you can even generate a vanity address for that so they would know it's you.
newbie
Activity: 12
Merit: 0
It is a use case for sure. It would be easy to share your Paynym and it wouldn't reveal privacy problems that can occur once you have publicized a Bitcoin address or something. You can't be pointed by firms that study the blockchain etc.

Sorry, I was not clear, let's say you're a content creator that uses their real name and identity and you want to post a donation address on the screen during one of your live streams. Still cool to use the same payment address over and over again?



flaws:
seems easy upfront to pay someone via different addresses by pre-agreeing a secret to share.

however. if alice send say 1000sats each day to 100 addresses of the secret.. .. eventually bob may want to then spend 100,000sats after a few months. and suddenly all them separate outputs are seen as being spent in the same transaction because its bobs wallet spending his combined balance. thus undoing any initial perceived "privacy"

the only way bob can avoid this is by spending each 1000sat output individually to avoid associations

Ahhh, yes, that makes sense! If one can see all of these UTXOs head out all at once, you can start making more and more accurate inferences. Don't matter if you HODL though.

Though, if you consolidate or spend small amounts at a time it makes it much easier to maintain that privacy.

Okay, so they are deriving these shared secrets via derivation paths I assume. So a wallet needs to be ready to scan them... I assume it's been implemented in such a way that the wallet knows to keep scanning till it hits a zero.

TY!!!


legendary
Activity: 4410
Merit: 4766
dumbing things down

alice and bob need a shared secret to start with.

thus they are later able to agree on a nonce/salt to an agreed address which is funded. thus it looks to the public like funds are moving to random people even though alice and bob are sending funds to each other via known HDwallet(multiple addresses) between them

EG
if they both have the same secret. they can derive the same address lists..  they can then agree "today is salt 28" and so bob knows he will receive coins on HD wallet address number 28 of the secret. and alice knows to pay bob on that derived address because she has the secret and the salt to know where to send funds to ensure it goes to bob


flaws:
seems easy upfront to pay someone via different addresses by pre-agreeing a secret to share.

however. if alice send say 1000sats each day to 100 addresses of the secret.. .. eventually bob may want to then spend 100,000sats after a few months. and suddenly all them separate outputs are seen as being spent in the same transaction because its bobs wallet spending his combined balance. thus undoing any initial perceived "privacy"

the only way bob can avoid this is by spending each 1000sat output individually to avoid associations
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
It is a use case for sure. It would be easy to share your Paynym and it wouldn't reveal privacy problems that can occur once you have publicized a Bitcoin address or something. You can't be pointed by firms that study the blockchain etc.
sr. member
Activity: 966
Merit: 306
newbie
Activity: 12
Merit: 0
It seems like most people are using them with an anonymous identity ( ex: paynym )... But one of the great value propositions seems to be associating it with your real identity.

Let's say you're a content creator that accepts donations. Is that a legitimate use case or am I misunderstanding the point of them?

https://samouraiwallet.com/paynym
Jump to: