Please login or register.
This location

How to make a single tx auditable for a 3rd party?

ManfredKarrer posted this 9 years ago

ManfredKarrer | 9 years ago

I would like to support Cryptonote coins and Monero at the Bitsquare P2P currency exchange. We use as security mechanism arbitrators to resolve conflicts: In case of a dispute an selected arbitrator will proof if both traders have done their part correctly (proof of transfer of Fiat/Altcoin). For other altcoins it is easy a lookup in the blockchain to see if a BTC buyer has send the Altcoin to the seller. What would be the best solution for Cryptonote based coins like Monero? The View key give access to all transactions of a wallet so that is not a good solution to use, futhermore it seems it is still not fully supported. The payment ID will not help as well as a 3rd party has no chance to see that on a public ledger.

Replies: 5
dEBRUYNE edited 9 years ago Replies: 1 | Weight: -270 | Link [ - ]

Does this help your case? It's not implemented yet as far as I know though.

https://bitcointalk.org/index.php?topic=753252.msg12083138#msg12083138

Regarding the Payment ID: If the buyer/seller hands you the payment ID he can just look it up at a block explorer like moneroblocks.eu (PS: this is only viable if the Payment ID isn't encrypted).

Reply to: dEBRUYNE
ManfredKarrer posted 9 years ago Replies: 1 | Weight: -268 | Link [ - ]

Ah I was wrong to not see the Payment ID on the explorer, so I can use a Payment ID to solve the above problem.

Reply to: ManfredKarrer dEBRUYNE
luigi1111 edited 9 years ago Replies: 1 | Weight: -264 | Link [ - ]

If/when the new 64-bit payment IDs start seeing use, this won't work any more.

Ideally, you would only want to reveal the stealth addressing for the recipient, not necessarily the rest of a tx's outputs. Luckily, one is as easy as the other.

Unfortunately, it's currently only possible for the recipient, not the sender, as the tx private key (r) is not stored anywhere after a transaction is sent.

A recipient can presently easily reveal that he owns outputs, without compromising his viewkey, by revealing his ECDH key derivation for the transaction that has outputs he wants to prove ownership of. I have code (or could quickly adapt code) that can do this.

A spender would need to start storing r, or deterministically generating it, so it could be reconstructed on demand. He could presently prove a transaction was created by him, but not who it was sent to, so it's not that useful in your scenario.

Reply to: luigi1111 ManfredKarrer dEBRUYNE
ManfredKarrer edited 9 years ago Replies: 1 | Weight: -264 | Link [ - ]

Thanks, I just found out that my above reply was wrong and the payment ID wil not help for what I need. Was asking in IRC and they told me something similar as you did now. Seems that there is no solution out yet to give a 3rd party sufficient information that he can prove a transaction. Unfortunately I cannot add CryptoNote coins then to Bitsquare as that possibility to prove is essential for the security model.

Reply to: ManfredKarrer luigi1111 ManfredKarrer dEBRUYNE
luigi1111 edited 9 years ago Weight: -263 | Link [ - ]

After conversations with a secret entity, simplewallet storing "r" may be coming soon(TM). You'll likely need a page to enter the necessary pieces to prove ownership, but it's fairly straightforward.

Edit: soon (not even TM)! https://github.com/monero-project/bitmonero/pull/380