[Bitcoin-development] Optional "wallet-linkable" address format - Payment Protocol

Pieter Wuille pieter.wuille at gmail.com
Wed Jun 19 13:54:04 UTC 2013

On Mon, Jun 17, 2013 at 11:48:22PM -0400, Alan Reiner wrote:
> _*Goal*_:  An alternative address format made possible by BIP 32, which
> allows one to specify a "Wallet ID" and "One-time payment" code, instead
> of the standard one-use Base58-Hash160 addresses.   This allows parties
> with a persistent relationship to be able to prove that payment
> addresses they provide each other are linked to a particular wallet,
> reducing exposure to MitM attacks without the need for SSL or a web of
> trust, and without compromising the privacy of either party.    For
> instance, this could be used between businesses that frequently do
> business, by exchanging and verifying public keys beforehand, or could
> be used by an exchange to identify if a customer withdrawal address is
> related to their last deposit address, and if not enforce extra
> authentication measures.

Have you seen Timo Hanke's pay-to-contract presentation at the San Jose
conference? It seems very related:



More information about the bitcoin-dev mailing list