Hacker News new | ask | show | jobs
by Xcelerate 4791 days ago
I would think the solution to this problem is to somehow prove to the blockchain that the address was indeed produced by the SHA256 RIPEMD160 process. I would think mathematically there is some way to do this without revealing what it was you hashed.

I mean, you can verify that you are who you say you are simply by using your private key to sign a message; I would think a comparable process would work for this.

EDIT: Facepalm; you're hashing the public key. You don't need to hide that. See my comment below.
3 comments
gizmo686 4791 days ago
Two points. First, crypto is hard. Unless a system is proven to have a certain property, assume the worst case scenario for your system. Second, SHA256, RIPEMD160 are hashes. By definition (of an ideal hashing algorithm), every output can be generated with the same probability, and changing a single bit of the input will have a 50% chance of changing a given output bit.
link
Xcelerate 4791 days ago
I am familiar with how hashes work (I've written a Bitcoin address generator myself). To illustrate what I mean:

The Bitcoin address is just some chain of hashes (and a checksum) applied to the public key. To prove that the address IS actually output from the hash functions [and not spam], simply provide the public key along with it. Of course, you might say that is way too much data for the blockchain to handle. So you only limit the requirement of providing the public key to "suspicious" transactions. What constitutes a suspicious transaction could be a matter of debate, but I imagine it could be done, and it would avoid the problem of a Bitcoin's value depending on its ancestry.

link
drivebyacct2 4790 days ago
Yeah, I think there is actually WIP to do something along the lines of what you worked out.

However, I'm not sure what good identifying "suspicious transactions" is going to do. They're not reversible. You can't really make any attempt to "blacklist" them - you'll almost surely lose.

link
baddox 4791 days ago
http://en.wikipedia.org/wiki/Zero-knowledge_proof
link
Xcelerate 4791 days ago
Clever! I completely forgot that was posted on HN like a week ago.
link
sneak 4791 days ago
> I would think the solution to this problem

I see no problem here. Perhaps you could describe it?

link
Xcelerate 4790 days ago
I'm sorry. I don't understand your post.
link