Bitcoin : Establishing CashShuffle protocol details
Great work CashShuffle team getting this working.
**Address format.** There are different address formats. If clients use different formats they’ll get different results at certain steps, eg when hashing the output list. I propose we standardize on using the [CashAddr](https://github.com/bitcoincashorg/bitcoincash.org/blob/master/spec/cashaddr.md) format for all work involving addresses.
**Wire delimiting.** The current code delimits messages on the wire with the Unicode character [`U+23CE Return Symbol`](https://codepoints.net/U+23CE) in UTF-8. That comes out to the 3 byte sequence `e2 8f 8e`. I don’t think there’s any guarantee this byte sequence will not appear in messages. I’m concerned this will cause broken messages. Proposed change: write the message byte length preceding each message, as [recommended in the protobuf docs](https://developers.google.com/protocol-buffers/docs/techniques#streaming).
**Output list serialization.** The protocol produces a list of output addresses, transferred first encrypted and eventually in plaintext once shuffling is done. The current code packages into multiple packets and seems not to sign the full list. I’m concerned this a security hole. One possible approach here is to define a serialization and store the full list in the single `packet.message.str` field. Proposed format: items delimited with ampersand `&`. That’s a character not in either the Base64 representation used for ciphertexts or the CashAddr format used for addresses.
For anyone interested it’s possible to run a test session with cashshufflejs. It runs a real session through a local mock server (without submitting to the BCH network). Real output addresses, real signatures, etc.
git clone https://github.com/bookmoons/cashshufflejs.git
npm run demo:session
You’ll get something like:
John: Shuffling with 3 participants
Mary: Shuffling with 3 participants
Marduk: Shuffling with 3 participants
John: Broadcasted encryption public key
Mary: Broadcasted encryption public key
Marduk: Broadcasted encryption public key
Marduk: Gathered participant encryption keys
Marduk: Phase 1 Announce complete
Marduk: Generated output address
John: Gathered participant encryption keys
Mary: Gathered participant encryption keys
Marduk: Phase 2 Shuffle complete
John: Phase 1 Announce complete
Mary: Phase 1 Announce complete
John: Generated output address
Mary: Generated output address
John: Sent encrypted output list
John: Phase 2 Shuffle complete
Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority.
FindCrypto scans the web for the latest Bitcoin news, so you can find all the latest and breaking news in one convenient location.
Don’t forget to share the post if you love it !