Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wallet (console and FFI) should have setting to not choose outputs that reveal the address #4403

Closed
stringhandler opened this issue Aug 5, 2022 · 0 comments
Closed

Wallet (console and FFI) should have setting to not choose outputs that reveal the address #4403

stringhandler opened this issue Aug 5, 2022 · 0 comments
Assignees
@agubarev

Comments

@stringhandler
Copy link
Collaborator

Problem

Wallets currently will choose the best outputs as inputs when spending, however since a lurking base node can generate a transaction graph of inputs to outputs with relative ease, a wallet may reveal its transaction history by including a (non-stealth address) one-sided payment.

For example, an attacker wishing to know the transaction graph of a public key PK_Alice can send a one-sided payment to PK_Alice using the Tariscript Push(PK_Alice). At some point, Alice's wallet spends this transaction without realizing it.

Possible solution

  1. Could change the wallet to have a config setting, to not include one-sided payments by default when spending
@agubarev agubarev self-assigned this Aug 8, 2022
@SWvheerden SWvheerden moved this to In Progress in Tari Esme Testnet Aug 15, 2022
@agubarev agubarev mentioned this issue Aug 22, 2022
Merged
stringhandler pushed a commit that referenced this issue Aug 31, 2022
@agubarev
feat: console and FFI should have setting to not choose outputs that …
17bb64e 
…reveal the address #4403 (#4516)

Description
---
#4403
Wallet (console and FFI) should have setting to not choose outputs that reveal the address #4403

Motivation and Context
---
Problem
Wallets currently will choose the best outputs as inputs when spending, however since a lurking base node can generate a transaction graph of inputs to outputs with relative ease, a wallet may reveal its transaction history by including a (non-stealth address) one-sided payment.

For example, an attacker wishing to know the transaction graph of a public key PK_Alice can send a one-sided payment to PK_Alice using the Tariscript Push(PK_Alice). At some point, Alice's wallet spends this transaction without realizing it.

Possible solution
Could change the wallet to have a config setting, to not include one-sided payments by default when spending

How Has This Been Tested?
---
Repository owner moved this from In Progress to Done in Tari Esme Testnet Aug 31, 2022
jorgeantonio21 pushed a commit to jorgeantonio21/tari that referenced this issue Aug 31, 2022
@agubarev @jorgeantonio21
feat: console and FFI should have setting to not choose outputs that …
ce1a2d8 
…reveal the address tari-project#4403 (tari-project#4516)

Description
---
tari-project#4403
Wallet (console and FFI) should have setting to not choose outputs that reveal the address tari-project#4403

Motivation and Context
---
Problem
Wallets currently will choose the best outputs as inputs when spending, however since a lurking base node can generate a transaction graph of inputs to outputs with relative ease, a wallet may reveal its transaction history by including a (non-stealth address) one-sided payment.

For example, an attacker wishing to know the transaction graph of a public key PK_Alice can send a one-sided payment to PK_Alice using the Tariscript Push(PK_Alice). At some point, Alice's wallet spends this transaction without realizing it.

Possible solution
Could change the wallet to have a config setting, to not include one-sided payments by default when spending

How Has This Been Tested?
---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@agubarev agubarev

Labels
None yet
Projects
Tari Esme Testnet
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@agubarev @stringhandler