Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Find a better way to generate salts and secrets #4

Open
AntoineRondelet opened this issue Jul 1, 2018 · 3 comments
Open

Find a better way to generate salts and secrets #4

AntoineRondelet opened this issue Jul 1, 2018 · 3 comments
Assignees

Comments

@AntoineRondelet
Copy link
Owner

AntoineRondelet commented Jul 1, 2018

Rather than generating salts and secrets randomly, if could probably be better for the client to be initialized with a random number, from which to start incrementing each salt for the nullifier (same for the secrets), to keep track/store all nullifiers and secrets more easily.

@AntoineRondelet AntoineRondelet self-assigned this Jul 4, 2018
@HarryR
Copy link

HarryR commented Jul 6, 2018

If the secret and salt are incremented, then providing any secret to anybody else (as required by the protocol) would reveal all future secrets that the person will use, which is... possibly needs some re-thought?

@AntoineRondelet
Copy link
Owner Author

AntoineRondelet commented Jul 6, 2018

Yeah true... I need to put more thinking into it..! This is completely flawed indeed... this ticket reminds me to think about it thought

@barryWhiteHat
Copy link

One thing i want to add here is that if a user sends two deposits with the same nullifier then only a single payment can be withdrawn. This is a little annoying when i want to pay someone else. Its very unlikely it will get blocked but its still possible. So i thought about using an incremental nullifier here. But discarded it because of race conditions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants