š
Original date posted:2015-03-13
š Original message:> Could you describe what exactly BWS does?
Sure. BWS tasks are:
* Coordinate Transaction proposals in multisignature wallets: provide
an 'always connected' node to distribute pending transaction proposals
and receive the signatures from peers.
* Coordinate and store BIP32 derivation indexes. (If the BWS
disappear, peer can still access the funds by scanning the blockchain,
but having the index in a common accessable point in useful).
* Access the blockchain and provide functions like: `getBalance` and
`getTxHistory` to peers.
* Allow agents to notify incoming funds / or transaction proposals to peers.
BWS is designed to be extremely easy to setup and run. BitPay will
provide a public BWS instance, but companies and individuals can run
their own for privacy and security reasons.
> It sounds like the server doesn't have to actually derive the keys itself for any particular purpose
> beyond knowing the addresses are a part of the wallet. Could the server work if it didn't even
> know that, and was just a bucket of arbitrary addresses with the clients themselves deriving the
> addresses?
We have evaluated BWS not having the extended public keys (and it is
still an open possibility) but the main drawback we found is that BWS
will have no way to verify addresses sent by the peers (*).
A peer could send a fake address to BWS and then functions like
'getBalance' or 'txHistory' will be broken. Of course, the peers could
verify the addresses on getTxHistory or getBalance (by Address) but we
also want to allow thin-clients and agents with lower level of trust
(than the server) that can notify the wallet balance and incoming
transaction to peers using, for example, mobile push notifications.
(*): Gregory Maxwell proposed an schema for doing this with the "not
extended" pubkeys, that we need to evaluate. That could be the best
solution.
Matias Alejo Garcia [ARCHIVE] /
npub1p6ā¦8etde
2023-06-07 15:31:50
in reply to nevent1qā¦h42v
Author Public Key
npub1p6uknnmm7wknvg9cq5wqsf7ulpsrdzd6zt6qw707y5t05fuzvfdsx8etdePublished at
2023-06-07 15:31:50Event JSON
{
"id": "fb34928c3310f49155454d86ebeac0d3b65a965ac9a396e48f47044b33c6745d",
"pubkey": "0eb969cf7bf3ad3620b8051c0827dcf8603689ba12f40779fe2516fa2782625b",
"created_at": 1686151910,
"kind": 1,
"tags": [
[
"e",
"7921da7531460fce56aea5525b2be052cbeea37d43cb58a7b96a9c2f8e13b4bb",
"",
"root"
],
[
"e",
"cfcc8b6708e96146332f0dc7cc09ad826cabf15f1780c39f3836183d1caff7bc",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "š
Original date posted:2015-03-13\nš Original message:\u003e Could you describe what exactly BWS does?\n\nSure. BWS tasks are:\n\n* Coordinate Transaction proposals in multisignature wallets: provide\nan 'always connected' node to distribute pending transaction proposals\n and receive the signatures from peers.\n* Coordinate and store BIP32 derivation indexes. (If the BWS\ndisappear, peer can still access the funds by scanning the blockchain,\nbut having the index in a common accessable point in useful).\n* Access the blockchain and provide functions like: `getBalance` and\n`getTxHistory` to peers.\n* Allow agents to notify incoming funds / or transaction proposals to peers.\n\nBWS is designed to be extremely easy to setup and run. BitPay will\nprovide a public BWS instance, but companies and individuals can run\ntheir own for privacy and security reasons.\n\n\u003e It sounds like the server doesn't have to actually derive the keys itself for any particular purpose\n\u003e beyond knowing the addresses are a part of the wallet. Could the server work if it didn't even\n\u003e know that, and was just a bucket of arbitrary addresses with the clients themselves deriving the\n\u003e addresses?\n\nWe have evaluated BWS not having the extended public keys (and it is\nstill an open possibility) but the main drawback we found is that BWS\nwill have no way to verify addresses sent by the peers (*).\n\nA peer could send a fake address to BWS and then functions like\n'getBalance' or 'txHistory' will be broken. Of course, the peers could\nverify the addresses on getTxHistory or getBalance (by Address) but we\nalso want to allow thin-clients and agents with lower level of trust\n(than the server) that can notify the wallet balance and incoming\ntransaction to peers using, for example, mobile push notifications.\n\n(*): Gregory Maxwell proposed an schema for doing this with the \"not\nextended\" pubkeys, that we need to evaluate. That could be the best\nsolution.",
"sig": "900534b7c011c92d266a0143ff903101073360528b9e536cd159992a877e7d9b053b58a2e238124ef215ddd8919e6d6d2b9920a29a7cae909d07cba788687275"
}