Drew Fisher on Farcaster

Content pfp

https://warpcast.com/~/channel/fluidkey

0 reply

0 recast

0 reaction

Drew Fisher pfp

Haven't seen any public conversation on it yet, but who's been thinking about privacy preserving receiver address generation/indexing? Would building bloom filters of receiver addresses over block ranges make sense, as these could be stored in ORAM and have a TEE provide privacy on queries?

1 reply

1 recast

1 reaction

MeTony 💧🔑 pfp

MeTony 💧🔑

Great point. This has been a debate we had, and a crucial point around even better privacy. So far we favor UX (with ENS returning a different address each time). The big question is: how to keep the same UX with a decentralized ENS Offchain resolver, bringing even better privacy?

1 reply

0 recast

1 reaction

Drew Fisher pfp

Are name resolution and indexing coupled out of necessity, or only because it means 1 external party holding a view key rather than 2? Name resolution can be stateless, but has to be fast. Indexing can trade off some liveness by batching, which could increase the anonymity set of recipients as viewed by the indexer.

1 reply

0 recast

1 reaction

MeTony 💧🔑 pfp

MeTony 💧🔑

If we don't want to generate sudo-random addresses like we're doing, then we need to store the ephemeral public key associated to a generated address, necessary to retrieve the associated private key. Unless we set up an L2 where secrets are published, we need to coordinate that in a decentralized ENS Offchian resolver

2 replies

0 recast

1 reaction

Drew Fisher pfp

I guess stateless is the wrong word, the state is linear in the amount of meta addresses the server knows. The resolver could point to many URLs, and those which a user doesn't trust can return a 5XX (502?) error that says to look at other gateways. Responding to these requests in a TEE is pretty simple, right?

1 reply

0 recast

1 reaction

MeTony 💧🔑 pfp

MeTony 💧🔑

yes, correct. The crucial point is the TEE, currently we act as TEE, but a more decentralized one can be included. So TEE can collect randomness generated by other parties (one or more), then generate the Stealth Address and then store / publish the ephemeral public key on some decentralized storage. Wdyt?

1 reply

0 recast

0 reaction