Difference between revisions of "TAG explanation"
| Line 1: | Line 1: | ||
| − | On or around June 14, 2018, Matt explained the tag system to us and how it fits in with the WOTS+ addressing scheme that we use | + | On or around June 14, 2018, Matt explained the tag system to us and how it fits in with the WOTS+ addressing scheme that we use. |
__TOC__ | __TOC__ | ||
==Tag Explanation== | ==Tag Explanation== | ||
"Okay, I feel like a jerk for putting tags in and not explaining them to literally anyone. Inside of the WOTS+ address there is a 12-byte field that was originally designed by Andreas Huelsing to be used as a reference pointer to where you could find the WOTS+ address in a XMSS wrapper. Now, that's neither here or there - those 12 bytes allow us to embed information of our choosing in an address and is ultimately why we chose WOTS+ versus SPHINCS (notwithstanding some decreased size considerations). The purpose of the TAG is to allow the block-chain to retain an identity chain for a series of one-time-use addresses that works like this: A tag, when bound to one WOTS+ address in the block chain can never be claimed by anyone else. Additionally, that tag can only be transferred to the Change address of a transaction that is signed by the owner of the source address that is tagged. Now the secret sauce comes when we have a lookup operation that the wallet can perform that goes something like: User A wants to send money to User B. Their wallet asks an node to look in the Blockchain and answer the question: What is the WOTS+ address associated with this 12-byte tag value? The node replies, it's XYZ right now. And the wallet says, "okay, I'll send the transaction to XYZ". Now, once User B (the owner of XYZ) SPENDS that address if they so choose, the tag can migrate to their CHANGE address. Next time someone asks "What is the WOTS+ address associated with this tag", the new one-time use address will be returned. In this way, we can retain the post-quantum security of a one-time use address, but users can also share a tag that never changes where people can always send them money. This is projected to be very helpful in allowing people to use Mochimo for commerce, donations or even person to person transactions, since sharing a 12-byte tag is hella easier than sharing a 2208-byte address that can only ever be spent once." | "Okay, I feel like a jerk for putting tags in and not explaining them to literally anyone. Inside of the WOTS+ address there is a 12-byte field that was originally designed by Andreas Huelsing to be used as a reference pointer to where you could find the WOTS+ address in a XMSS wrapper. Now, that's neither here or there - those 12 bytes allow us to embed information of our choosing in an address and is ultimately why we chose WOTS+ versus SPHINCS (notwithstanding some decreased size considerations). The purpose of the TAG is to allow the block-chain to retain an identity chain for a series of one-time-use addresses that works like this: A tag, when bound to one WOTS+ address in the block chain can never be claimed by anyone else. Additionally, that tag can only be transferred to the Change address of a transaction that is signed by the owner of the source address that is tagged. Now the secret sauce comes when we have a lookup operation that the wallet can perform that goes something like: User A wants to send money to User B. Their wallet asks an node to look in the Blockchain and answer the question: What is the WOTS+ address associated with this 12-byte tag value? The node replies, it's XYZ right now. And the wallet says, "okay, I'll send the transaction to XYZ". Now, once User B (the owner of XYZ) SPENDS that address if they so choose, the tag can migrate to their CHANGE address. Next time someone asks "What is the WOTS+ address associated with this tag", the new one-time use address will be returned. In this way, we can retain the post-quantum security of a one-time use address, but users can also share a tag that never changes where people can always send them money. This is projected to be very helpful in allowing people to use Mochimo for commerce, donations or even person to person transactions, since sharing a 12-byte tag is hella easier than sharing a 2208-byte address that can only ever be spent once." | ||
Revision as of 18:27, 11 January 2019
On or around June 14, 2018, Matt explained the tag system to us and how it fits in with the WOTS+ addressing scheme that we use.
Contents
Tag Explanation
"Okay, I feel like a jerk for putting tags in and not explaining them to literally anyone. Inside of the WOTS+ address there is a 12-byte field that was originally designed by Andreas Huelsing to be used as a reference pointer to where you could find the WOTS+ address in a XMSS wrapper. Now, that's neither here or there - those 12 bytes allow us to embed information of our choosing in an address and is ultimately why we chose WOTS+ versus SPHINCS (notwithstanding some decreased size considerations). The purpose of the TAG is to allow the block-chain to retain an identity chain for a series of one-time-use addresses that works like this: A tag, when bound to one WOTS+ address in the block chain can never be claimed by anyone else. Additionally, that tag can only be transferred to the Change address of a transaction that is signed by the owner of the source address that is tagged. Now the secret sauce comes when we have a lookup operation that the wallet can perform that goes something like: User A wants to send money to User B. Their wallet asks an node to look in the Blockchain and answer the question: What is the WOTS+ address associated with this 12-byte tag value? The node replies, it's XYZ right now. And the wallet says, "okay, I'll send the transaction to XYZ". Now, once User B (the owner of XYZ) SPENDS that address if they so choose, the tag can migrate to their CHANGE address. Next time someone asks "What is the WOTS+ address associated with this tag", the new one-time use address will be returned. In this way, we can retain the post-quantum security of a one-time use address, but users can also share a tag that never changes where people can always send them money. This is projected to be very helpful in allowing people to use Mochimo for commerce, donations or even person to person transactions, since sharing a 12-byte tag is hella easier than sharing a 2208-byte address that can only ever be spent once."
