Taylor Hornby

It currently doesn't. I expect it won't (at least in the near-future) since it won't be needed for the basic light client functionality, and storing the keys creates additional risk....

As part of this research, consider the impact of traffic analysis attacks. If the wallet simply downloads more stuff as a result of receiving a transaction, whatever that stuff is,...

We need to decide on a formal definition of "selective transparency" that would be on par with the definitions of "ledger indistinguishability", "transaction non-malleability", and "balance" from the Zerocash paper....

In the last selective transparency meeting, we noticed (thanks to @daira) that transactions can be hidden from someone with the viewkey. Proof: When Alice sends money to Bob, they can...

There's an another potential problem, which is a sort of "converse" to the one in the previous comment. The problem in the previous comment lets you hide real transactions from...

Here's a reduction which may make implementation simpler: Peggy tells Victor a view key and gives Victor a list T of Peggy's outbound transactions. Victor verifies that all the transactions...

Here's a proposal for a definition of selective transparency. For selective transparency to make sense you have to think in terms of the spend key S and coin commitments that...

The problem of updating note witnesses privately is harder than I first thought. I think that's actually going to be the the most difficult part to scale privately, rather than...

Wouldn't this be a consensus change since nodes will have to validate that the age-based fee is included in transactions that spend an old UTXO? Some more thoughts: 1. When...

I wrote a relevant comment about re-using the key for double HMAC verification and/or using MD5 here: https://github.com/defuse/php-encryption/issues/21#issuecomment-48827719