Skip to content

Create EncryptedMultisigDescriptor.java #1788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Create EncryptedMultisigDescriptor.java #1788

wants to merge 3 commits into from

Conversation

PeterMcBTC
Copy link

This enhances multisig privacy by encrypting the descriptor with public-key-derived symmetric keys, preventing balance exposure. Advantages: Simplifies setup for individuals without private keys or Shamir sharing; enables wallet access via any two zpubs; maintains security as decryption requires matching pairs; avoids revealing full setup to single parties.

@PeterMcBTC
Create EncryptedMultisigDescriptor.java
d8b3672 
This enhances multisig privacy by encrypting the descriptor with public-key-derived symmetric keys, preventing balance exposure. Advantages: Simplifies setup for individuals without private keys or Shamir sharing; enables wallet access via any two zpubs; maintains security as decryption requires matching pairs; avoids revealing full setup to single parties.
@PeterMcBTC
Update EncryptedMultisigDescriptor.java
7fae9d7 
Replaced broken code relying on non-existent Java methods (getAuthenticationTag() and setAuthenticationTag()), causing compilation errors.
Correctly implemented AES-GCM encryption and decryption:
Removed manual extraction/injection of authentication tags.
Encrypted blobs now properly combine IV and ciphertext (with embedded tag).
Decryption validates integrity via Cipher.doFinal().
Ensured secure key derivation using SHA-256 on sorted zpubs.
@PeterMcBTC
Update EncryptedMultisigDescriptor.java
d90172b 
Added support for 2-of-3 multisig by generating all key pairs (zpub1/zpub2, zpub1/zpub3, zpub2/zpub3).
Encryption now creates one encrypted blob per pair (3 blobs total).
Decryption tries all pairs and returns the first valid result.
Added input validation and made the system easily extensible for N-of-M setups.
@craigraw
Copy link
Collaborator

In my opinion, for any kind of output descriptor encoding scheme to be adopted for long term storage, it must be backed by a proper specification. There have been many schemes proposed recently, but none have yet been formalized into BIPs or similar.

@PeterMcBTC
Copy link
Author

Apparently, Liana has just proposed a BIP draft with that vision in mind: bitcoin/bips#1951."

@craigraw
Copy link
Collaborator

Yes - if this gets finalized I'll strongly consider implementing it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@kmk142789 kmk142789 kmk142789 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PeterMcBTC @craigraw @kmk142789