Author

Topic: Payments wey dey Silent (Read 125 times)

sr. member
Activity: 336
Merit: 365
The Alliance Of Bitcointalk Translators - ENG>PID
July 22, 2024, 10:54:26 AM
#1
Original post: Silent payments

Author: witcher_sense



Intro

for dis post, i go like talk about one correct thing wey Ruben Somsen talk about wey e call "Silent payments," and dis one na way to tay improve privacy matter wey go make payments between two people dem for Blockchain dey less transparent for person wey dey look am from outside. e dey more about "stealth addresses" and "codes wey dem fit reuse tay pay" and still dey try solve d same problem but for another correct way.

watin d idea just dey about

d idea go just dey like dis:user A go post watin dem go tay dey know say na e be dat (normal e go be e public key), and user B go add e private key join d key wey A don post and come create one unique address wey e go be say na only A go fit spend from. User C go fit still send money give user A e go need to add e own private key with one of d address of A come still create another address wey dey unique.User A go know say both d B and C don send am money,but B and C no go know who send and money. so dis one go come make user A fit receive payments with address wey dey completely delinked with only one address wey dey public.


how e tay dey work

make we say for example Bob wan send payment we dey silent give Alice.

1) Alice go first create one identifier wey dem go tay dey know say na she be dat. (e fit public key) wey dey use elliptic curve maths wey dey standard:

 A = a*G, where

A - na Alice public key (one point wey dey elliptic curve),
a - na Alice private key (any random number wey e suppose no tell person),and
G - na e be d generator point (point wey dey predefined for elliptic curve).

2) Alice don post d identifier A for public so dat Bob (and other people dem e.g Carol) go fit know where to send dem payments.

3) Bob go come select one of d inputs wey e dey In control of and still get public key for inside.

B = b*G, where

B - na Bob key wey dey public (one point for elliptic curve),
b - na Bob key we dey private (any number wey dey random but na only Bob go know am), and
G - na e be d generator point.

4) Bob go carry Alice key wey dey public A come create one new key wey dey public with dis formula:

A' = hash(b*A)*G + A, where

A' - na key wey dey public and na e dem go dey tay dey pay Bob

5) Bob go run one payment give Alice, come create one output wey go dey related with public key A' wey dem don first create.

6) as e be say b*A = b*a*G = a*b*G = a*B, Alice go fit recreate d same key A' wey dey public with her own key a wey dey private with dis formula:

A' = (hash(a*B) + a)*G, where

hash(a*B) + a - na d new Alice  private key wey allow Alice fit spend her money from d output wey dey related to d public key A'.


d only problem now be say Alice go need to know Bob key wey dey public B to tay notice say she send payment. na why she go need to come dey rescan d Blockchain to tay know which public key she go fit add join her own private keya to recreate d Bitcoin address wey don first dey.


watin make dis method good well well:

1)d person wey dey send no need to talk with d person wey wan receive payments. if person wan send, he go only need to create one address from d silent public key wey d receiver don give.

2) Silent payment dey use blockspace well well since d transaction sef no need to dey announced like d BIP47. dat one mean say one transaction dey equal to one payment, wey make sense if na once  dem wan use am donate.

3) dem no dey fit differentiate Silent transactions from normal transactions (e.g, OP_RETURN outputs no dey to share ephemeral public key like case of "Stealth addresses"), dat wan means say with dem, e dey possible for people to hide inside crowd. d anonymity set na d whole Blockchain.

4) address wey dem create from d original silent key we dey public dey always dey deterministic and dey unique becos each sender go fit use e own unique key tay tweak d silent public key wey d receiver de use.

5) Silent payments dey motivate d receiver wey get d funds to always run dem own Bitcoin full node, dis one go come make d network dey even more decentralized. 

6) no body apart from d person wey send d funds and d person wey receive am go know say d payment even happen.

7) silent payments dey improve d wey Bitcoin transaction dey fit dey flexible.


why dis method no good:

1) d thing wey make dis technique no good at all na e be d high cost wey dem dey tay approve am. as e be say d person wey dey receive d payment no know d Bitcoin address wey e go fit spend with d private key wey e get, he go need to come dey check all d input for d transaction, even calculate and check for public key wey resemble.


2) if sender go fit use d same address again. As sender get many inputs wey dey share d same public key, each of d inputs go last last make d same address wey dem calculate. to reuse d same address na watin dem dey see as bad practice of privacy and we go need avoid am well well. we fit commot dis one if we add extra information inside d computational process but go come create even more stress especially for light clients. also, d person wey dey send fit spend all d input for one transaction, but dis go come show d ownership and come destroy dem privacy.
 
Reference:

1] https://gist.github.com/RubenSomsen/c43b79517e7cb701ebf77eec6dbb46b8
2] https://github.com/genjix/bips/blob/master/bip-stealth.mediawiki
3] https://github.com/bitcoin/bips/blob/master/bip-0047.mediawiki
4] https://en.m.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman
5] https://bitcoinops.org/en/newsletters/2022/04/06/
6] https://bitcoinmagazine.com/technical/bitcoin-silent-payments-secret-keys
7] https://bitcoinmagazine.com/technical/improving-bitcoin-privacy-with-silent-payments
8] https://gist.github.com/w0xlt/72390ded95dd797594f80baba5d2e6ee





na AOBT na run dis Translation by Dem self

Jump to: