📅 Original date posted:2014-06-16
📝 Original message:True, that would work, but still how are you going to bootstrap the trust?
TREZOR is well known, but in a future where there could be 100 different
companies trying to release a similar product to TREZOR it seems like one
company could corner the market by being the only one that is an accepted
instant provider at most vendors. It seems to encourage monopoly unless
there is a standard way to bootstrap trust in your signature.
On Mon, Jun 16, 2014 at 1:32 PM, Mike Hearn <mike at plan99.net> wrote:
> On Mon, Jun 16, 2014 at 10:29 PM, Daniel Rice <drice at greenmangosystems.com
> > wrote:
>
>> I'm trying to think through how to encourage the maximum number of
>> instant signature providers and avoid the VISA monopoly. Ideal case would
>> be that people can even be their own instant provider.
>>
>
> A provider does not have to be an interactive third party. One reason I
> suggested using X.509 is so secure hardware devices like the TREZOR could
> also be instant providers. The hardware would be tamperproof and assert
> using a secret key embedded in it that the tx came from a genuine,
> unflashed TREZOR. The the server can know the device won't double spend.
>
> In this way you have decentralised anti-double spending. Of course, it's
> an old solution. MintChip sort of worked a bit like this.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140616/6b6146b3/attachment.html>;
Daniel Rice [ARCHIVE] /
npub1mn…3vect
2023-06-07 15:22:47
in reply to nevent1q…gpkv
Author Public Key
npub1mn37wn20kd63upafw66dncxceyvfud6ceyjj37st94a9qlnsrweqn3vectPublished at
2023-06-07 15:22:47Event JSON
{
"id": "bf23d35afac67312241786ac5095f77d938caaf7a4311dfa62c1ef8a87932255",
"pubkey": "dce3e74d4fb3751e07a976b4d9e0d8c9189e3758c92528fa0b2d7a507e701bb2",
"created_at": 1686151367,
"kind": 1,
"tags": [
[
"e",
"ed0eede28e160c2ef8ddd5af1ee3069fdb0eb5f4c939c1c09a1a5f338c30c628",
"",
"root"
],
[
"e",
"12bb86f4634a57a3cc81c7ae4b99556efe525630d63393d2253246d1e9e11f83",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2014-06-16\n📝 Original message:True, that would work, but still how are you going to bootstrap the trust?\nTREZOR is well known, but in a future where there could be 100 different\ncompanies trying to release a similar product to TREZOR it seems like one\ncompany could corner the market by being the only one that is an accepted\ninstant provider at most vendors. It seems to encourage monopoly unless\nthere is a standard way to bootstrap trust in your signature.\n\n\nOn Mon, Jun 16, 2014 at 1:32 PM, Mike Hearn \u003cmike at plan99.net\u003e wrote:\n\n\u003e On Mon, Jun 16, 2014 at 10:29 PM, Daniel Rice \u003cdrice at greenmangosystems.com\n\u003e \u003e wrote:\n\u003e\n\u003e\u003e I'm trying to think through how to encourage the maximum number of\n\u003e\u003e instant signature providers and avoid the VISA monopoly. Ideal case would\n\u003e\u003e be that people can even be their own instant provider.\n\u003e\u003e\n\u003e\n\u003e A provider does not have to be an interactive third party. One reason I\n\u003e suggested using X.509 is so secure hardware devices like the TREZOR could\n\u003e also be instant providers. The hardware would be tamperproof and assert\n\u003e using a secret key embedded in it that the tx came from a genuine,\n\u003e unflashed TREZOR. The the server can know the device won't double spend.\n\u003e\n\u003e In this way you have decentralised anti-double spending. Of course, it's\n\u003e an old solution. MintChip sort of worked a bit like this.\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140616/6b6146b3/attachment.html\u003e",
"sig": "a63fa1c72c683b2dbcc0fb9b03a06bc2e726f31e316871af0d3810a1b511d06d81e4fd8091afc820435b36250478f356f4de9eb74707706fa82feda9f11d875a"
}