[Bitcoin-development] Detecting OP_EVAL scriptPubKeys that are to you

Gregory Maxwell gmaxwell at gmail.com
Tue Oct 25 14:49:45 UTC 2011

On Tue, Oct 25, 2011 at 9:21 AM, Gavin Andresen <gavinandresen at gmail.com> wrote:
> You give the hash to whoever is paying you, and store the hash -->
> script  mapping when you do that (assuming you're not using a
> deterministic wallet; if you are, you probably just increment a
> counter in the wallet).

If anyone finds that solution unsatisfying, consider— It's already the
case that I could take one of your disclosed public keys and create an
infinite series of secondary keys out of it for which only you could
decode, and the only way for you to find them in the blockchain would
be to have performed the same procedure and made a note of the
addresses you're watching for.

... or really, more simply I could generate a private key on your
behalf and send funds there. ("What do you mean you didn't get the
funds? I sent them to the private key defined by the cryptographic
hash of the lyrics of your favorite song!")

So it's already the case that if I didn't get your address from you
(or through a negotiation with you), I can't expect you to receive

More information about the bitcoin-dev mailing list