Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bounty] Implement sending to Silent Payment addresses - 0.01 BTC #1251

Closed
sethforprivacy opened this issue Jul 12, 2024 · 9 comments
Closed

[Bounty] Implement sending to Silent Payment addresses - 0.01 BTC #1251

sethforprivacy opened this issue Jul 12, 2024 · 9 comments

Comments

@sethforprivacy
Copy link

A bounty has been opened on silentpayments.xyz from a trusted, anonymous source to implement sending support in BitBox firmware to Silent Payment addresses.

I wanted to open an issue here to raise awareness and ensure that prospective contributors are aware of open bounties for BitBox from outside sources.

You can learn more about the bounty at https://silentpayments.xyz/docs/bounties/ and find more development resources focused on Silent Payments at https://silentpayments.xyz/docs/developers/.
@benma
Copy link
Collaborator

benma commented Jul 12, 2024
edited
Loading

Can I call dibs? 😁

#1220

The PR basically adds support, but I have a remaining worry about bit-flips that could corrupt the generated output. I posted about this problem here:

https://x.com/_benma_/status/1800910808505000435

DLEQ proofs would solve this, but I could not find a suitable implementation of DLEQ for secp256k1, so that solution could be quite a while out (cc @josibake, please correct me if I am wrong).

I might work on some other mitigations to this problem in the meantime.

@BitBoxSwiss BitBoxSwiss deleted a comment from Evrilek Jul 12, 2024
@josibake
Copy link

DLEQ proofs would solve this, but I could not find a suitable implementation of DLEQ for secp256k1, so that solution could be quite a while out (cc @josibake, please correct me if I am wrong).

I also haven't found a good implementation for secp256k1, but if it helps there is a draft proposal here which fully specifies the algorithm: https://gist.github.com/andrewtoth/df97c3260cc8d12f09d3855ee61322ea

@benma
Copy link
Collaborator

benma commented Jul 17, 2024
edited
Loading

@josibake the thread you linked points to an implementation in secp256k1-zpk: 🤯

https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/src/modules/ecdsa_adaptor/dleq_impl.h

@josibake
Copy link

ah nice! i hadn’t seen that comment

@benma
Copy link
Collaborator

benma commented Sep 19, 2024
edited
Loading

Support for this is now merged:

#1220

With support in the BitBoxApp also merged: BitBoxSwiss/bitbox-wallet-app#2922

The output verification on the host using DLEQ proofs mentioned above was implemented in BitBoxSwiss/bitbox02-api-go#105.

This is projected to be released in BitBoxApp v4.45 and firmware v9.21.

@benma benma closed this as completed Sep 19, 2024
@benma
Copy link
Collaborator

benma commented Sep 19, 2024

@sethforprivacy how do I claim the bounty? 😀

@josibake
Copy link

amazing work, @benma !

@sethforprivacy
Copy link
Author

@sethforprivacy how do I claim the bounty? 😀

Can you share a Signal username, or can I send you a SimpleX address to connect to for coordinating payment? I'll connect you with the bounty provider :)

@benma
Copy link
Collaborator

benma commented Sep 20, 2024

I decided to not claim the bounty, and asked them to send it to https://brink.dev/donate instead, which they did.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benma @josibake @sethforprivacy