[Bitcoin-development] Stealth Addresses
Gregory Maxwell
gmaxwell at gmail.com
Mon Jan 13 20:10:56 UTC 2014
On Mon, Jan 13, 2014 at 11:59 AM, Alan Reiner <etotheipi at gmail.com> wrote:
> Then when someone
> wants to pay you, you simply give them the multiplier and root key (they
> already have the root key, but should verify).
[...]
> What
> advantages does "stealth addresses" have over this scheme? You could extend
> it using some kind of deterministic sub-branching and/or ECDH to create
> multiple payment addresses without querying the payee.
The stealth address stuff is the ECDH to create multiple payment
addresses without querying the payee.
Uh while I'm responding again, what I'd discussed with Peter Todd in
IRC used two EC points in the stealth address. One for the payment and
one for the ECDH. The reason to use two is that it makes delegating
detection possible and so you don't have to have you spending keys
online to even detect these payments. Why'd that get dropped?
I don't think this is a good idea if you have to constantly keep your
spending key(s) online even to detect payments, even with the limited
use-cases envisioned.
More information about the bitcoin-dev
mailing list