Ideally, based on bitcoin principles, a key pair is only used twice — the first time only locally to create the hash that become the address, and one last time when the public key is revealed as part the signature of a transaction moving the funds to a new address.
This in DID:BTCR we should try to approach this ideal. If you use a DDO, you can only use the key pair three times, creating the address, spending the address, and one more time after the transaction is confirmed. All other keys reside in the DDO, which can include things like a PGP key. This does mean any update to these keys or the DDO information does require a bitcoin transaction and pay the fees associated.
In the case of a bare DDO (i.e. no actually DDO object pointed to in op_return) there is only once key that can be used for things like verifiable claims. This violates the bitcoin principles on key reuse. However, a bare DDO is the most censorship resistant, as it can't be identified as being different than any other P2PKH transaction.
In the case of a bare DDO, we may want to recommend that any use of the key for things like verifiable claims be the same day, possibly requiring a chainpoint-style merkle proof of existence in addition to the signature for bare DDO verified claims. This limits key reuse to the day of the transaction.
Copied from original issue: WebOfTrustInfo/btcr-hackathon#13
From @ChristopherA on June 30, 2017 19:10
Ideally, based on bitcoin principles, a key pair is only used twice — the first time only locally to create the hash that become the address, and one last time when the public key is revealed as part the signature of a transaction moving the funds to a new address.
This in DID:BTCR we should try to approach this ideal. If you use a DDO, you can only use the key pair three times, creating the address, spending the address, and one more time after the transaction is confirmed. All other keys reside in the DDO, which can include things like a PGP key. This does mean any update to these keys or the DDO information does require a bitcoin transaction and pay the fees associated.
In the case of a bare DDO (i.e. no actually DDO object pointed to in op_return) there is only once key that can be used for things like verifiable claims. This violates the bitcoin principles on key reuse. However, a bare DDO is the most censorship resistant, as it can't be identified as being different than any other P2PKH transaction.
In the case of a bare DDO, we may want to recommend that any use of the key for things like verifiable claims be the same day, possibly requiring a chainpoint-style merkle proof of existence in addition to the signature for bare DDO verified claims. This limits key reuse to the day of the transaction.
Copied from original issue: WebOfTrustInfo/btcr-hackathon#13