[Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address

slush slush at centrum.cz
Fri Apr 4 15:28:27 UTC 2014


On Fri, Apr 4, 2014 at 5:09 PM, Eric Larchevêque <elarch at gmail.com> wrote:

> On Fri, Apr 4, 2014 at 4:56 PM, slush <slush at centrum.cz> wrote:
>
>> I'm cracking my head for many months with the idea of using TREZOR for
>> web auth purposes. Unfortunately I'm far from any usable solution yet.
>>
>> My main comments to your BIP: Don't use bitcoin addresses directly and
>> don't encourage services to use this "login" for financial purposes. Mike
>> is right, mixing authentication and financial services is wrong. Use some
>> function to generate other private/public key from bitcoin's seed/private
>> key to not leak bitcoin-related data to website.
>>
>>
> I'm probably very naive, but the fact that the authentication key is your
> Bitcoin address was for me a great feature :)
> What are the risks associated of id yourself with a bitcoin address you
> plan to use on the website for transaction ?
>
>
Ideally you should not reuse the address, so the website will need more
addresses or bip32 xpub anyway.

By using wallet address and accidentally using such address in some
transaction, you may be leaking your identity with with other business -
think about Silkroad (sorry Mike :-).

 By using derived key, you can be sure your identity won't be linked with
any other activity on the internet.

I mean, what is the difference between doing that, and id with a login/pass
> and add your bitcoin address in a settings field ? (knowing you could
> always find a mechanism to transfer the account to another bitcoin address
> if needed)
>
> *) You can change address in settings field. It's not so easy when address
== your identity.
*)  There's plenty of websites which do need authentication but don't need
to know your bank account / bitcoin address at all. Facebook, Gmail,
Twitter ...

Ideally, the user should not care about "what address do I use for this
service", because in the future user should not care about addresses at all
(handling of private keys is already eliminated by bip32, handling of raw
addresses may be eliminated soon by bip70 or similar solutions).

I can imagine that the private/public data will be derived automatically
from some secret master key (ideally derived from bip32 seed, which is
already secured well by the user) and the URL of the service.

Marek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140404/5c5b14cb/attachment.html>


More information about the bitcoin-dev mailing list