Use stealth addresses or similar #73
Comments
|
Thank you very much for your proposal and for considering our service! To be precise, users using grinbox today leak some metadata, i.e. which grinbox address transacts with which, and when. And from what IPs these requests come in from. We don’t like this, and are thinking actively about how to avoid this from happening. As a mitigation, privacy-minded users can rotate between 2^32 different grinbox addresses, but this does not solve the problem fully as IPs are still exposed. Your proposal is one approach, but comes at a performance and scalability cost. Once there are many transactions, users would have to download a lot of data in order to find their message. Other potential approaches could be to introduce full TOR support, or simply encourage privacy-minded users to either run their own relay (the protocol supports federation), or connect to a relay they trust. What do you think about those approaches? |
jaspervdm
added
help wanted
A lot of sites want to reuse grinbox addresses, but this potentially leaks a lot of information to the server. It'd be better if you used stealth addresses. So:
A | B, with A and B being pubkeys.As a bandwidth optimization, you could generate a "key ID" as
hash(days_since_epoch | address)(so it changes every day), and the server would require that you provide/subscribe-to the first few bits of this key ID in order to filter out a large percentage of the keys.Since you're allowing for centralization anyway, there might be a more clever solution than just using stealth addresses, but I wasn't able to immediately think of one.
The text was updated successfully, but these errors were encountered: