[Bitcoin-development] homomorphic coin value (validatable but encrypted) (Re: smart contracts -- possible use case? yes or no?)
Eugen Leitl
eugen at leitl.org
Tue Oct 1 07:27:33 PDT 2013
----- Forwarded message from Adam Back <adam at cypherspace.org> -----
Date: Tue, 1 Oct 2013 16:26:03 +0200
From: Adam Back <adam at cypherspace.org>
To: Mark Friedenbach <mark at monetize.io>
Cc: Bitcoin Dev <bitcoin-development at lists.sourceforge.net>
Subject: [Bitcoin-development] homomorphic coin value (validatable but encrypted) (Re: smart contracts -- possible use case? yes or no?)
User-Agent: Mutt/1.5.21 (2010-09-15)
On Sun, Sep 29, 2013 at 10:49:00AM -0700, Mark Friedenbach wrote:
>This kind of thing - providing external audits of customer accounts
>without revealing private data - would be generally useful beyond
>taxation. If you have any solutions, I'd be interested to hear them
>(although bitcoin-dev is probably not the right place yet).
Thanks for providing the impetus to write down the current state, the
efficient version of which I only figured out a few days ago :)
I have been researching this for a few months on and off, because it seems
like an interesting construct in its own right, a different aspect of
payment privacy (eg for auditable but commercial sensistive information) but
also that other than its direct use it may enable some features that we have
not thought of yet.
I moved it to bitcointalk:
https://bitcointalk.org/index.php?topic=305791.new#new
Its efficient finally (after many dead ends): approximately 2x cost of
current in terms of coin size and coin verification cost, however it also
gives some perf advantages back in a different way - necessary changes to
schnorr (EC version of Schnorr based proofs) allow n of n multiparty sigs,
or k of n multiparty sigs for the verification cost and signature size of
one pair of ECS signatures, for n > 2 its a space and efficiency improvement
over current bitcoin.
Adam
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
More information about the cypherpunks
mailing list