📅 Original date posted:2013-07-23
📝 Original message:On 07/23/2013 11:37 AM, Pieter Wuille wrote:
>> Is it planned to expose the UXTO set of a given address? That would be
>> useful for SPV wallets to be able to swipe a previously unknown private
>> key (e.g. paper wallet).
>
> Depends what you mean by expose.
>
> Maintaining an address/script-indexed UTXO is generally useful, in
> particular for things like sweeping addresses. I certainly have
> less problems with 'exposing' this than exposing a fully-indexed
> block chain history.
>
> However, and I expect that's what your question is about, this isn't
> really useful for SPV (or less) nodes, as there is no way to
> authenticate this data. If you can fake a UTXO entry, you can make
> a peer believe anything about their balance, potentially resulting
> in creating a valid transaction that sends change it didn't know
> was there as fee to miners. Other than for normal block chain data,
> there is no way to detect this without at least partial validation.
>
> The only way to do this safely at an SPV security assumption, is by
> having an address-indexed committed merkle UTXO-set tree, like the
> one proposed by Alan Reiner, and being implemented by Mark
> Friedenback. I know Michael Gronager has something similar implemented,
> but I don't know whether it is script-indexed. To be actually useful,
> it likely needs to be enforced by miners - putting a significant
> burden on validation nodes. Still, if it can be done efficiently,
> I think this would be worth it, but more research is needed first in
> any case.
>
> Regarding sweeping keys in the first place - I think using those,
> and relying on address-indexed UTXO sets or blockchains to import
> them, is an idea that doesn't scale very well in the first place.
> If it is for things like scratch card or physical coins, with a
> pre-set value, the obvious solution IMHO is storing the crediting
> transaction with its merkle path together with the key. If that's
> not possible, just the txid:vout of the credit output can suffice.
> Yes, that's more data than is necessary now, but it's so much more
> trivial to use.
I certainly don't want to push ideas that won't work for whatever
reason. So I fully respect whatever you decide regarding that feature.
Personally I have never felt any need for being able to sweep paper
wallets, I am more or less just relaying the need of users.
Let me just say this:
Sweeping paper wallets is a common feature request. People switch to
centralized services just for getting that.
It is my understanding that for the usecase, an address-indexed UXTO is
enough. So you probably don't need to worry about script-indexed for now.
Security issues could be mitigated by applying trust to the REST server,
e.g. because its your own or the one of your apps vendor. Of course,
link-level security would be needed for this (e.g. SSL).
Paper wallets that include the necessary additional information is
something I have been thinking about. I see some issues:
- Paper wallets are already quite widespread. You still won't be able to
sweep those.
- Some people like to "top up" a paper wallet or even just sweep a
portion of it. That would not be possible, and in some cases even lead
to loss of coins because of the "involuntary fee" you described.
- Does the necessary info fit into a QR code?
Andreas Schildbach [ARCHIVE] /
npub1xg…adsv7
2023-06-07 15:04:56
in reply to nevent1q…d7dg
Author Public Key
npub1xg2m84malu0cfm4444r0kysx4rgk27e75aj6sz6538kw8fcz627qeadsv7Seen on
wss://relay.noswhere.comPublished at
2023-06-07 15:04:56Event JSON
{
"id": "c021c793c1e9ffad803d33a81db8781e51718356d5edf1f2eb31a1ba6b5d308c",
"pubkey": "3215b3d77dff1f84eeb5ad46fb1206a8d1657b3ea765a80b5489ece3a702d2bc",
"created_at": 1686150296,
"kind": 1,
"tags": [
[
"e",
"2548e3bbd5806f0a91f1440e5be19b1893f723d052860cba20b98f557d042316",
"",
"root"
],
[
"e",
"cb7c456ef97fd917d231da9331231296142e6cd4b3d36ed17e20c1d62ebbe575",
"",
"reply"
],
[
"p",
"9e3c76fd7eb862ca37f150391debc7baa4f8423eaa3f894c476a7d4360de9a02"
]
],
"content": "📅 Original date posted:2013-07-23\n📝 Original message:On 07/23/2013 11:37 AM, Pieter Wuille wrote:\n\n\u003e\u003e Is it planned to expose the UXTO set of a given address? That would be\n\u003e\u003e useful for SPV wallets to be able to swipe a previously unknown private\n\u003e\u003e key (e.g. paper wallet).\n\u003e\n\u003e Depends what you mean by expose.\n\u003e\n\u003e Maintaining an address/script-indexed UTXO is generally useful, in\n\u003e particular for things like sweeping addresses. I certainly have\n\u003e less problems with 'exposing' this than exposing a fully-indexed\n\u003e block chain history.\n\u003e\n\u003e However, and I expect that's what your question is about, this isn't\n\u003e really useful for SPV (or less) nodes, as there is no way to\n\u003e authenticate this data. If you can fake a UTXO entry, you can make\n\u003e a peer believe anything about their balance, potentially resulting\n\u003e in creating a valid transaction that sends change it didn't know\n\u003e was there as fee to miners. Other than for normal block chain data,\n\u003e there is no way to detect this without at least partial validation.\n\u003e\n\u003e The only way to do this safely at an SPV security assumption, is by\n\u003e having an address-indexed committed merkle UTXO-set tree, like the\n\u003e one proposed by Alan Reiner, and being implemented by Mark\n\u003e Friedenback. I know Michael Gronager has something similar implemented,\n\u003e but I don't know whether it is script-indexed. To be actually useful,\n\u003e it likely needs to be enforced by miners - putting a significant\n\u003e burden on validation nodes. Still, if it can be done efficiently,\n\u003e I think this would be worth it, but more research is needed first in\n\u003e any case.\n\u003e\n\u003e Regarding sweeping keys in the first place - I think using those,\n\u003e and relying on address-indexed UTXO sets or blockchains to import\n\u003e them, is an idea that doesn't scale very well in the first place.\n\u003e If it is for things like scratch card or physical coins, with a\n\u003e pre-set value, the obvious solution IMHO is storing the crediting\n\u003e transaction with its merkle path together with the key. If that's\n\u003e not possible, just the txid:vout of the credit output can suffice.\n\u003e Yes, that's more data than is necessary now, but it's so much more\n\u003e trivial to use.\n\nI certainly don't want to push ideas that won't work for whatever\nreason. So I fully respect whatever you decide regarding that feature.\nPersonally I have never felt any need for being able to sweep paper\nwallets, I am more or less just relaying the need of users.\n\nLet me just say this:\n\nSweeping paper wallets is a common feature request. People switch to\ncentralized services just for getting that.\n\nIt is my understanding that for the usecase, an address-indexed UXTO is\nenough. So you probably don't need to worry about script-indexed for now.\n\nSecurity issues could be mitigated by applying trust to the REST server,\ne.g. because its your own or the one of your apps vendor. Of course,\nlink-level security would be needed for this (e.g. SSL).\n\nPaper wallets that include the necessary additional information is\nsomething I have been thinking about. I see some issues:\n\n- Paper wallets are already quite widespread. You still won't be able to\nsweep those.\n- Some people like to \"top up\" a paper wallet or even just sweep a\nportion of it. That would not be possible, and in some cases even lead\nto loss of coins because of the \"involuntary fee\" you described.\n- Does the necessary info fit into a QR code?",
"sig": "113ae4d261b1a45a91724ffe5f2cc540b510db3de9b89ab2c8b1bfd142a50d0d4577734889c20326fdaf0c6730a5df9a372ca823b77652444005875e5d0596ff"
}