BitcoinTalk

Message Encryption as a built-in feature?

Message Encryption as a built-in feature?

Bitcoin clients should have a built in simple message encryption/decryption system, perhaps based off of your actual Bitcoin addresses themselves.

This would make doing trades on sites like biddingpond much easier, since you don't need to both agree on a separate app like PGP before communicating over email.

Most of the time I bet people don't even bother to use encryption, but I think it's a good idea to use it when doing trades in Bitcoins.

Thoughts?

Re: Message Encryption as a built-in feature?

I like that idea!  Simply integrate an opensource library library like pgp into bitcoin. 

BTW, are the messages attached when sending bitcoins to ip addresses currently clear text or encrypted?

Re: Message Encryption as a built-in feature?

BTW, are the messages attached when sending bitcoins to ip addresses currently clear text or encrypted?

They're not encrypted, and there's no authentication, so you shouldn't send to an IP over the Internet.

Re: Message Encryption as a built-in feature?

You could attach an already encrypted text to it, right?

Re: Message Encryption as a built-in feature?

You could attach an already encrypted text to it, right?

You could, but any MITM could modify it / steal your coins...

Re: Message Encryption as a built-in feature?

There should be a UTF8 text field "memo" attached to each transaction.
  • encrypt by default, with payee's public key
  • limit to 256 chars or so
  • optionally disable encryption (similar to Pecunix feature which makes a single transaction publicly visible)

Re: Message Encryption as a built-in feature?

You could use your Bitcoin keys for authentication, but ECDSA doesn't support encryption.

Re: Message Encryption as a built-in feature?

encrypt by default, with payee's public key
... but a payer typically has only the bitcoin address, and not the payee's full public key.  There'd have to be some way to get the full public key for a bitcoin address.

I like the idea of being able to send encrypted messages to "whoever has bitcoin address BLAH", but I'm not sure that functionality should be piggybacked on the "send BLAH X.YZ bitcoins".

If they were implemented under the covers as separate functions, then a "Send a message along with payment" could easily be implemented as:
  1. Send BLAH X.YZ bitcoins, and note the transaction ID.
  2. Send BLAH an encrypted message:   "txid:{transaction_id}:Please send the sixteen My Little Pony DVDs to..."

Re: Message Encryption as a built-in feature?

I've been wanting something like this since day 1.

A Tale in the Desert V accepts Bitcoins now. Each month, the procedure is:

1. Player clicks an in-game menu item "Pay for my subscription using Bitcoins." A unique address is created.
2. The game says "Send 150BTC to this address: xxxxxxx" (There's a "Copy to Clipboard" button on the dialog.)
3. The player sends the BTC
4. The player clicks "I have sent the Bitcoins." (System then verifies and activates account.)

The procedure only takes 15-30 seconds total - probably quicker than typing in a credit card number. However, with the ability to attach a message, the procedure becomes:

1. Player sends 150BTC to the standard ATITD Bitcoin address with his character name in the message field.
2. Player clicks "I have sent the Bitcoins." (System then verifies and activates account.)

We already have a couple players using Bitcoins to pay for subscriptions. One has generated his BTC, and the other has purchased some on one of the markets.

Re: Message Encryption as a built-in feature?

However, with the ability to attach a message, the procedure becomes:

1. Player sends 150BTC to the standard ATITD Bitcoin address with his character name in the message field.
2. Player clicks "I have sent the Bitcoins." (System then verifies and activates account.)

We already have a couple players using Bitcoins to pay for subscriptions. One has generated his BTC, and the other has purchased some on one of the markets.

If you don't cheat and leave out steps the procedure is:

1. Player finds the standard ATITD Bitcoin address somehow. (and still needs to copy/paste it.)
2. The player enters his username.
3. The player sends the BTC
4. Player clicks "I have sent the Bitcoins." (System then verifies and activates account.)

I don't see how this is an improvement.

(Step 4 in both cases would seem to be redundant if your system is watching bitcoin transactions.)

Edit:
I'm not sure what is so great about having a single Bitcoin address to receive payments from everybody, since you still need a reference ID of some kind. When individual Bitcoin addresses are trivial to generate. (But you are actually running a service that accepts Bitcoins, so you probably know more than I do.)


Re: Message Encryption as a built-in feature?

It's an improvement because payments can be made without running the game software, or made on behalf of other players (which is common in our game at least), or made for several secondary accounts quickly (also which is common in our game.)

Though it doesn't apply to ATITD, it would also strengthen anonymity for those who need it: A website could be set up on a static datastore like Freenet, rather than requiring a live network like Tor.
Anonymous#12

Re: Message Encryption as a built-in feature?

    A secure messaging system could have other benefits. The problem of spam is increased because it costs nothing to send email. A short message service that you needed to pay a few bitcoins for to send a message might revolutionise sms or email for those who are tired of sorting viagra and nigerian scam emails all day long.

 Cheesy

Re: Message Encryption as a built-in feature?

    A secure messaging system could have other benefits. The problem of spam is increased because it costs nothing to send email. A short message service that you needed to pay a few bitcoins for to send a message might revolutionise sms or email for those who are tired of sorting viagra and nigerian scam emails all day long.

 Cheesy

Great point...I've heard something called hashcash does this for email.  But with bitcoin, one can additionally prioritize messages: .g. the message with 10 BTC attached to it is probably more important than the message with .01 BTC attached.

Re: Message Encryption as a built-in feature?

Hey, I just thought about it yesterday! Shocked
Anonymous#15

Re: Message Encryption as a built-in feature?

    A secure messaging system could have other benefits. The problem of spam is increased because it costs nothing to send email. A short message service that you needed to pay a few bitcoins for to send a message might revolutionise sms or email for those who are tired of sorting viagra and nigerian scam emails all day long.

 Cheesy

Great point...I've heard something called hashcash does this for email.  But with bitcoin, one can additionally prioritize messages: .g. the message with 10 BTC attached to it is probably more important than the message with .01 BTC attached.


  People think nothing of sending text messages or mms that costs .50c each.  Shocked

Anonymous#16

Re: Message Encryption as a built-in feature?

Hey, I just thought about it yesterday! Shocked

pwned!

 Cheesy

Anonymous#17

Re: Message Encryption as a built-in feature?

Something like this combined with the pay it forward project http://bitcointalk.org/index.php?topic=922.msg12917#msg12917 would really increase the hardness of the network to attacks? Half your fee would go to the person you sent the message to and the other half would go to 3 randomn people -or split equally to increase anonymity Cheesy


As an extra security measure you could also send 3 dummy messages or however many you decided so the real message was hidden.The fee you sent would then be divided by however many security splits you decided on.  This could mean you might get randomn bitcoin payments all day just for having a bitcoin message address. Think of twitter crossed with hashcash and email. To the outside world there would be no difference from a message to a payment you made.

19tq9NYFsSCMRUkc12v363tHgAeUokoVam just made a peanut butter sandwich!

 Cheesy

Re: Message Encryption as a built-in feature?

Something like this combined with the pay it forward project http://bitcointalk.org/index.php?topic=922.msg12917#msg12917 would really increase the hardness of the network to attacks? Half your fee would go to the person you sent the message to and the other half would go to 3 randomn people -or split equally to increase anonymity Cheesy

As an extra security measure you could also send 3 dummy messages or however many you decided so the real message was hidden.The fee you sent would then be divided by however many security splits you decided on.  This could mean you might get randomn bitcoin payments all day just for having a bitcoin message address. Think of twitter crossed with hashcash and email. To the outside world there would be no difference from a message to a payment you made.

Very clever!!!  I like that idea...  Plus, with bitcoin, you can customize your level of security: pay more bitcoins and you can send more false messages and have more security splits...

    A secure messaging system could have other benefits. The problem of spam is increased because it costs nothing to send email. A short message service that you needed to pay a few bitcoins for to send a message might revolutionise sms or email for those who are tired of sorting viagra and nigerian scam emails all day long.

 Cheesy

Great point...I've heard something called hashcash does this for email.  But with bitcoin, one can additionally prioritize messages: .g. the message with 10 BTC attached to it is probably more important than the message with .01 BTC attached.

  People think nothing of sending text messages or mms that costs .50c each.  Shocked

Haha!  Well, that's partially true.  Ususally they have a fixed amount of pre-paid text messages that they can send each month which if the don't use are simply wasted.  But they tend to forget that I still have to pay 25 cents whenever they send me a lousy spam text message!!!   Angry

A smartphone bitcoin client with options for encrypted messaging would make for a great alternative text/sms system compared to the high fees charged by most wireless carriers for text messaging.  Now, of course, I know of free text messaging apps, but they tend to contain ads.  But with bitcoin, the small transaction fees for passing the message along would work as a great incentive instead...

Re: Message Encryption as a built-in feature?

Theymos already said this...  ECDSA does not support encrypting messages.  Only digital signatures.