📅 Original date posted:2022-10-18
📝 Original message:On Mon, Oct 17, 2022 at 07:07:07PM -0500, Bryan Bishop via bitcoin-dev wrote:
>
> Isn't this the same problem but now for copy-pasting pubkeys instead of an
> address?
>
No, as I understand the proposal, the "public key" held by the wallet is simply
a signing key used to authenticate addresses, and never leaves the wallet. Yes,
if the wallet's own memory is compromised, it can be tricked into accepting bad
addresses, but this is much much harder than compromising data on the clipboard,
which basically any application can do without any "real" exploits or special
permissions.
As an extreme, this proposal could be run on a hardware wallet which had some
out-of-band way to obtain and authenticate public keys (similar to Signal QR
codes).
--
Andrew Poelstra
Director of Research, Blockstream
Email: apoelstra at wpsoftware.net
Web: https://www.wpsoftware.net/andrew
The sun is always shining in space
-Justin Lewis-Webster
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20221018/4b4311f4/attachment.sig>;
Andrew Poelstra [ARCHIVE] /
npub1ae…z5t04
2023-06-07 23:14:05
in reply to nevent1q…7y80
Author Public Key
npub1ae27kq6z802dkqw4ey4dgdx493szm8dpmcm76d7vt0ma9gf6fj4svz5t04Published at
2023-06-07 23:14:05Event JSON
{
"id": "28812a3d80ccd0f839190ad9e803826b81df9f44f9093334a375635089b16026",
"pubkey": "ee55eb03423bd4db01d5c92ad434d52c602d9da1de37ed37cc5bf7d2a13a4cab",
"created_at": 1686179645,
"kind": 1,
"tags": [
[
"e",
"ea43f2af105feface907b52de43940c36932ecd5ba849c28f38155d42df5d943",
"",
"root"
],
[
"e",
"368af7f1c3188f598c032862ff1aaffb208010f58884edf7436b2d0915dc7a30",
"",
"reply"
],
[
"p",
"c4c73e48c7d7f313938a90d71ff5e4be5d01dd4157f98ed99adf14737bfb78e0"
]
],
"content": "📅 Original date posted:2022-10-18\n📝 Original message:On Mon, Oct 17, 2022 at 07:07:07PM -0500, Bryan Bishop via bitcoin-dev wrote:\n\u003e \n\u003e Isn't this the same problem but now for copy-pasting pubkeys instead of an\n\u003e address?\n\u003e\n\nNo, as I understand the proposal, the \"public key\" held by the wallet is simply\na signing key used to authenticate addresses, and never leaves the wallet. Yes,\nif the wallet's own memory is compromised, it can be tricked into accepting bad\naddresses, but this is much much harder than compromising data on the clipboard,\nwhich basically any application can do without any \"real\" exploits or special\npermissions.\n\nAs an extreme, this proposal could be run on a hardware wallet which had some\nout-of-band way to obtain and authenticate public keys (similar to Signal QR\ncodes).\n\n-- \nAndrew Poelstra\nDirector of Research, Blockstream\nEmail: apoelstra at wpsoftware.net\nWeb: https://www.wpsoftware.net/andrew\n\nThe sun is always shining in space\n -Justin Lewis-Webster\n\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 488 bytes\nDesc: not available\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20221018/4b4311f4/attachment.sig\u003e",
"sig": "7b704cd0c2c595aa84cb4707c813b6406a5df9f8b7f380365f21786f5330e988713303a78348176030a3b3dec6be22c44f2db56d2dd94c5dc1a5e0bac7f4f20e"
}