Create account

2263d · Memcrypt.cash
Who wants to try encrypted messages on Memo.cash with Memcrypt.cash for 25,000 bits?
replied 2263d
e34f3384e5affd6e04b595a5e640a0ded4d5158d37780aae25938c6af1f79d8e5f4f1c308778d7e3678c25ded2520de017106c372f1531c9a8d3c58482fc54dc8af6c2580e2e8aa327d89afc30b7957de7c2c620d309916715510c8f
replied 2263d
Need your public key.
replied 2263d
And therein lies the problem. Crypto is more complicated than simply encrypting from a public key. I’ve been working on this for some time now.
replied 2263d
But whats the issue of giving someone your public key? If we both have each others pubkey we should be able to message back and forth continually.
replied 2263d
Same reason why we don’t publish our public keys to the block chain, and when we do, we abandon them. It’s a complicated topic I can’t fit into 184 chars 😂
replied 2263d
https://crypto.stackexchange.com/questions/48423/is-it-bad-to-expose-the-public-key

Cant think of a reason for not giving out your memo.cash pubkey.
replied 2263d
My pubkey: 04d79bb627daa6ab1496c7106f0c9904828003cba1ae62c2419510c53a640faed3bd9e2c7c5ca59d37681d170bf13318576031986739f91f6c4f54ee7dddf646d1
replied 2263d
But my BCH pubkey for memo.cash is already public and available in these tx. Another rule of crypto: signing/with key is never used encipherment. Ever.
replied 2263d
I couldn't figure out how to get your pubkey from the blockchain in your transactions.
replied 2263d
My original thought was to use that, but it's bad crypto to use the signing key for encipherment (along with every other bad reason). Hope this helps!
replied 2263d
Here's a quick python script to convert that pub key to something you might recognize: https://imgur.com/a/kTr3qkS. So we publish our pub key to the block chain on every tx.
replied 2263d
Look at the scriptSig by clicking the Input Count, then view it by clicking "Sp Signature Hex": https://imgur.com/a/Q4RIYxl
replied 2263d
replied 2263d
When you expose the pub key, it's a privacy issue. But more importantly, if there's a weakness discovered where the priv key can be found with the pub key, your funds are protected.
replied 2263d
A few msgs coming. When you spend money, you have to publish the pub key in the scriptSig of the tx. That's why we have change addresses for EVERY tx: because you expose the pub key.
replied 2263d
It compromises your funds, your account, and every message you’ve ever sent. I was about to publish a spec on this and missed a crucial issue, so I’m re-thinking the design.