> Basic stealth addresses can be implemented fairly quickly today, and could be ...

zaroth · on Jan 23, 2023

There’s no reason for there to be any sharp edges or foot guns.

The “meta-address” published by the receiver has everything in it needed to generate a one time address on the sender side, and it should all “just work” from a sender’s wallet perspective once a standard is reached.

There’s nothing a sender can do wrong really unless the wallet code is broken. On the receiver side the private key will never look like an “address” so it would be hard to confuse the two.

westurner · on Jan 24, 2023

Oh, there's WKD: Web Key Directory https://wiki.gnupg.org/WKD#How_does_an_email_client_use_WKD....

  gpg --homedir "$(mktemp -d)" --verbose --locate-keys your.email@example.org

  https://example.org/.well-known/openpgpkey/hu/0t5sewh54rxz33fwmr8u6dy4bbz8itz2

Is there a pinned certificate for `gpg recv-keys` (that isn't possible with WKD) https://en.wikipedia.org/wiki/Key_server_(cryptographic)#Pro... ?

WKD and HKP depend upon TLS and preshared CA certs (PKI or pinned certificates) in all forms AFAIU:

  # HKP, HTTPS
  gpg --recv-keys an.email@example.org
  # WKD
  gpg --locate-keys your.email@example.org

Who is trusted with read/write to all keys on the HTTP pubkey server?

W3C DIDs are encodable into QR codes, too. And key hierarchy is optional with DIDs.

(Edit)

https://www.w3.org/TR/did-core/#did-controller :

> DID Controller

> A DID controller is an entity that is authorized to make changes to a DID document. The process of authorizing a DID controller is defined by the DID method.

> The controller property is OPTIONAL. If present, the value MUST be a string or a set of strings that conform to the rules in 3.1 DID Syntax. The corresponding DID document(s) SHOULD contain verification relationships that explicitly permit the use of certain verification methods for specific purposes.

> When a controller property is present in a DID document, its value expresses one or more DIDs. Any verification methods contained in the DID documents for those DIDs SHOULD be accepted as authoritative, such that proofs that satisfy those verification methods are to be considered equivalent to proofs provided by the DID subject.

/? "Certificate Transparency" blockchain / dlt ... QKD, ... Web Of Trust and temp keys

What does Interledger Protocol say about these an in-band / in-channel signaling around transactions?

https://westurner.github.io/hnlog/ Ctrl-F "SPSP"

> https://github.com/interledger/rfcs/blob/master/0009-simple-... :

> Relation to Other Protocols: SPSP is used for exchanging connection information before an ILP payment or data transfer is initiated

RFC 8905 specifies "The 'payto:' URI Scheme for Payments" and does support ILP addresses https://www.rfc-editor.org/rfc/rfc8905.html#name-tracking-pa... https://datatracker.ietf.org/doc/rfc8905/ :

> 7. Tracking Payment Target Types

> A registry of "Payto Payment Target Types" is described in Section 10. The registration policy for this registry is "First Come First Served", as described in [RFC8126]. When requesting new entries, careful consideration of the following criteria [...]

DID URIs are probably also already payto: URI-scheme compatible but not yet so registered?

ILP Addresses - v2.0.0 https://interledger.org/rfcs/0015-ilp-addresses/ :

> ILP addresses provide a way to route ILP packets to their intended destination through a series of hops, including any number of ILP Connectors. (This happens after address lookup using a higher-level protocol such as SPSP.) Addresses are not meant to be user-facing, but allow several ASCII characters for easy debugging.