pull down to refresh
12 sats \ 4 replies \ @Majjin 25 Mar 2022 \ on: Whisper Addresses: Privacy preserving automatic bitcoin address generation in vanilla javascript bitcoin
This reminds me a lot of BIP47 PayNyms with a few tradeoffs. Let me know if I get any of these wrong!
Whisper Addresses:
- Protocol seems more lightweight/simple
- Whisper addresses require an out-of-band message for each transaction, so both parties must be online at the same time
- If you lose a linking key, you lose access to the funds associated with that key
PayNyms:
- More complicated protocol
- A single notification transaction replaces all the out-of-band transactions and allows transactions without both parties being online at the same time
- Recoverable if you do a notification transaction
- Notification transactions may possibly tip onlookers on to the fact that you are doing PayNym transactions if they can link the notification address to your identity.
Both parties don't need to be online at the same time, you can email the whisper key to the recipient whenever you want, including while he's offline. The money will stay in the whisper address until the recipient uses the whisper key to sweep it into his wallet or send the money to someone else. There's no time limit, he can wait as long as he wants to get and use the whisper key.
Other than that you got it right. Another wrinkle with whisper addresses is that it involves a one-way communication and that is not automated at all, at least not in the current state. If the sender of the money refreshes the page or forgets to send the email or does any of the myriad things that people do to make a mistake, he will lose his donation and the intended recipient will never receive it. (That may be easy to mitigate by making the user click a button whenever they generate a whisper address. Then I could use an automatic email or something like nostr to automatically send the newly-generated whisper key to the recipient. But it would also make it easier to spam him with whisper keys that don't hold any value.)
Other issues that people pointed out on telegram include:
-
it doesn't help your privacy if you dox yourself to an exchange
-
the police could do a sting operation by sending you some money, waiting for you to consolidate it with your other funds, and then confiscating the total the next time you send it to an exchange
-
(BTW noobs consolidate their funds all the time. Noob-friendly wallets actually do it automatically on the assumption that it's what a noob would want)
-
if the whisper keys are sent via email then email is the new point of failure. Trudeau can tell google "show us all the emails containing whisper keys" and google will probably be happy to do it. Once they do that, your whisper addresses are doxed, assuming they know your linking key (which is supposed to be public on your website)
reply
Another benefit of using nostr for transferring the whisper key is a recipient web app could be built that filters out keys without a balance and allow for easier/more precise sweeping.
reply
The email vulnerability seems easy to avoid by using encrypted channels of communication (like nostr). The other vulnerabilities seems be present in PayNyms as well. Its probably wise to mix your funds in either case and to avoid consolidating them whenever possible.
reply
This system has a lot of potential and I'm excited to see how it develops!
@space waves