search

olalonde / proof-of-assets

Proof of Assets (PoA) is a scheme designed to let entitites (operators) prove that they control a given amount of Bitcoin or other blockchain based cryptocurrency.
http://olalonde.github.io/proof-of-assets/
MIT License
26 stars 16 forks source link

Asset proof: support HD wallet master key signatures #8

Open olalonde opened 10 years ago

olalonde commented 10 years ago

This would enable exchanges to produce the assets files only once (using HD wallet for example). see https://github.com/olalonde/blind-solvency-proof/issues/3

thallium205 commented 10 years ago

is there any current progress being made on this?

olalonde commented 10 years ago

Sorry, I was really busy in the past weeks. I will try to take a few hours tomorrow and Monday to make some progress on this!

thallium205 commented 10 years ago

Awesome - any progress?

thallium205 commented 10 years ago

This scheme could be compatible for proving assets with a BIP32 wallet

[
   {
      "type":"bip32",
      "message":"I am the very model of a modern major general.",
      "blockhash":"000000000000000033a7e88bdaca0b14b190cced46d0c5667b27bd82d429792f",
      "currency":"XBT",
      "network":"bitcoin",
      "latest_index":8915,
      "required_signatures":2,
      "signatures":[
         {
            "xpub":"xpub6AHA9hZDN11k2ijHMeS5QqHx2KP9aMBRhTDqANMnwVtdyw2TDYRmF8PjpvwUFcL1Et8Hj59S3gTSMcUQ5gAqTz3Wd8EsMTmF3DChhqPQBnU",
            "signature":"20ca3b927905f5a8cd89beb9294d9c77394352ed2176960ad9f238b4aa092379a907eb2b5f488e1770a5aab10979d84cf66ad339e69c1d400ad0498d518373e2c1"
         },
         {
            "xpub":"xpub6BAncmx64zH2wGABVkL51fX9xvvNEJ7sTqJgYUwquhx9XkjNtdN4JrAVqFXw6Kq6dw2uBoXN6eM7yPLSFaPCNZU7wP4Ka1shnt2TdbQeAeL",
            "signature":"1f4cf89a627b5ab664b8d668a04550e051693a3b8e1519b2b279cce93f885af0120d0be2be2217cd755a1b2dc4927cfbdb32cbcbe1c48cd4571a919a55408bb60e"
         },
         {
            "xpub":"xpub6A5aRmrWhFQNVx4vSWob9XRCzdavCFDr6kMW7VSRxMXUab91PWz2tUtc8WHa5Dtv9JixEv8sofXoLzoiTxXC1JQkSD6GoGEmUM7Xf9K45J5",
            "signature":"1f7bb9f77051e69a630aa577eeb3bd825d493e5a018336da36a03dd405009df8284caf023f1757428ec36f3ca80cf2be8e56962f235f7be25fad9c8b607d1b46b5"
         }
      ]
   }
]

The signature of the xpriv is published alongside the corresponding xpub string. All addresses that are generated from these public keys are proven to be owned by the publisher. Any auditor could take the xpubs and their index to verify that they can, in fact, generate that address. The latest_index field represents the total number of addresses the exchange has generated. This lets the auditor verify only the addresses that have been generated/used by the exchange, starting with 0. The getAddresses(obj) function does this for them. The require_signatures field lets the auditor create the redeem script so the addresses can be generated and balances checked.