Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: [Megathread] Bitcoin Layer 1 Privacy - concepts, ideas, research, discussion
by
NotATether
on 22/08/2022, 07:26:23 UTC
Quote from: o_e_l_e_o on August 21, 2022, 07:49:06 PM
Alice pays Bob.
Bob denies receiving payment.
Alice publishes a transaction hash which anyone can look up.
Bob denies the receiving address in that transaction belongs to him.

If Alice is really lucky, she has some correspondence from Bob with the address in it which can be independently verified and which Bob cannot deny. On the other hand, there is a good chance the address was a one time address generated by a payment processor plugin on a website and she therefore has no independently verifiable record of the address.

This is going to sound cliche, but BIP322 signed messages solve half of this problem.

- Alice signs a BIP322 message from the UTXO she's about to spend. This proves that she is able to spend it.
- Alice sends the payment to Bob.
- Bob denies receiving payment.
- Everybody knows that Alice sent the money to some address. But still nobody can verify that this is Bob's address without cryptographic proof, which Bob refuses to supply so he can feign non-payment.