Adding namecoin "id/" namespace support into bitmessage

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: Adding namecoin "id/" namespace support into bitmessage

Post by moa »

domob: bitmessage just had it's first serious attack ... and it was actually a pretty good one (simple, dirty but somewhat effective).
https://bitmessage.org/forum/index.php/ ... 975.0.html

Anyway, going back to when I first thought about integrating namecoin with bitmessage, for me a big point was the ability for namecoin to provide forward secrecy to bitmessage.

How would it do this?

The namecoin integration means the look up is for a id/name so then the BM-XXX address stored at that location can be cycled regularly from the BM keypool (or even prompting new generation) at little to no extra complication for the users (particularly if it the address cycling is automated). Kind of like how OTR works ;)

It would require some extra code on both the bitmessage and namecoin ends I think, since the namecoin blockchain needs updating in synch with when bitmessage keys are changed up. There are probably several different ways to do this ... but I'll leave that part of the fun up to the next guy.

How hard would it be to add this patch?

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: Adding namecoin "id/" namespace support into bitmessage

Post by domob »

moa wrote:domob: bitmessage just had it's first serious attack ... and it was actually a pretty good one (simple, dirty but somewhat effective).
https://bitmessage.org/forum/index.php/ ... 975.0.html

Anyway, going back to when I first thought about integrating namecoin with bitmessage, for me a big point was the ability for namecoin to provide forward secrecy to bitmessage.

How would it do this?

The namecoin integration means the look up is for a id/name so then the BM-XXX address stored at that location can be cycled regularly from the BM keypool (or even prompting new generation) at little to no extra complication for the users (particularly if it the address cycling is automated). Kind of like how OTR works ;)

It would require some extra code on both the bitmessage and namecoin ends I think, since the namecoin blockchain needs updating in synch with when bitmessage keys are changed up. There are probably several different ways to do this ... but I'll leave that part of the fun up to the next guy.

How hard would it be to add this patch?
Yes, I saw this (and even got the mails myself). You raise a good point - that's an interesting idea. How exactly do you imagine doing that? Automatically generating fresh addresses from within Bitmessage and updating the namecoin identity name to include the new address? That's how I understand your comment, but I'm not sure it is really a good idea (and it would spam the blockchain). I think it might be more interesting to use namecoin only to store some "meta-data" about how to receive and verify current addresses, and get them using some separate channel. Off the top of my head, I can see those possibilities for now:
  • Use something like

    Code: Select all

    bitmessage: {"uri": "http://www.domob.eu/get-bm-address.php"}
    that provides an URI for where my current address can be requested (it could even be a script that creates a one-time address, but I think this is very expensive with BM) - similarly to the idea about Bitcoin addresses on the wiki. The address would be signed by the Namecoin name's private key (or some other key I publish in my identity). This seems like a practical solution, but of course I doubt it would be endorsed by Bitmessage because it would open the users up to spying on their IP addresses when they access the link (if they don't use Tor), just like the recent attack did.
  • Create a chan or mailing list in Bitmessage where you regularly post your new public BM address together with a signature (the post could even be from the new address if you don't want to use an old one anymore for this) and publish the chan's (possibly random) name in your identity. To secure the address, the signature would again be made with your Namecoin private key (or a "signer" key when that proposal is worked out and implemented). This would then be like:

    Code: Select all

    bitmessage: {"chan": "my-random-string-name-of-the-bm-channel"}
What do you think, do these sound like good ideas? I think it would be a bit of tinkering to get this to work, but I also don't think it would be too hard.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Adding namecoin "id/" namespace support into bitmessage

Post by phelix »

moa wrote:domob: bitmessage just had it's first serious attack ... and it was actually a pretty good one (simple, dirty but somewhat effective).
https://bitmessage.org/forum/index.php/ ... 975.0.html

Anyway, going back to when I first thought about integrating namecoin with bitmessage, for me a big point was the ability for namecoin to provide forward secrecy to bitmessage.

How would it do this?

The namecoin integration means the look up is for a id/name so then the BM-XXX address stored at that location can be cycled regularly from the BM keypool (or even prompting new generation) at little to no extra complication for the users (particularly if it the address cycling is automated). Kind of like how OTR works ;)

It would require some extra code on both the bitmessage and namecoin ends I think, since the namecoin blockchain needs updating in synch with when bitmessage keys are changed up. There are probably several different ways to do this ... but I'll leave that part of the fun up to the next guy.

How hard would it be to add this patch?
What is the point of cycling addresses if they are still public and can be connected to each other?
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

Post Reply