Embed Size (px)
Citation preview
Bitcoin Proof of Payment
Andy OfieshSenior Software EngineerArmory Technologies, Inc.
MIT Bitcoin Expo, March 7 & 8th, 2014
© Armory Technologies, Inc. 2014
Who am I?
Why am I here?
© Armory Technologies, Inc. 2014
What Does Armory Do?• First release in Dec 2011
• Open-source Bitcoin security wallet software
• Featured on Bitcoin.org for free
• Original innovator of cold-storage
• Current leading innovator of cold multi-sig storage
© Armory Technologies, Inc. 2014
• Lots of companies trying to bring Bitcoin to grandma
• Armory is bringing Bitcion to enterprises
• Armory free is for users protecting their own money
• Armory Quorum™ is for enterprises using employees to manage coins
– Distributed security
– Auditable, multi-user key management
– Full API for network/service integration (armoryd)
What is Proof of Payment?
Because Bitcoin converts money into public data, anyone can programmatically answer the question, “Did you pay for that?”
© Armory Technologies, Inc. 2014
By “anyone” I mean that any program can access the block chain to answer this question without using a trusted 3rd party.
How does it work?Proof of payment follows these steps:
1. Payer signs a message requesting something from payee
2. Payee receives the request, verifies the payer’s message was signed, and now has the payer’s bitcoin address.
3. Payee references the payer’s bitcoin address in the block chain to get the amounts paid and when.
4. Payee assesses payment and decides to either respond to the request or show a QR code to pay.
© Armory Technologies, Inc. 2014
Why should I care?
1. Everything that the payer and payee are doing can be done in a program.
2. Both can be anonymous.
3. Both can be program themselves
© Armory Technologies, Inc. 2014
Anonymity
Bitcoin allows anonymity, but it does guarantee it.
Things you can do to improve your anonymity
1. Single use addresses
2. Hold your own private keys
3. Coin Mixing
4. Cleaning Dust
5. Don’t use exchanges
6. Do/sell things for BTC
7. Write a piece of software using proof of payment.
© Armory Technologies, Inc. 2014
Tools
• BitcoinD
• ArmoryD
• Armory Python Scripting Tools– https://bitcoinarmory.com/using-armory-python
• Block Chain Info– https://blockchain.info
• BitcoinJ– http://bitcoinj.github.io
• Peter Todd’s – python-bitcoinlib– https://github.com/petertodd/python-bitcoinlib
© Armory Technologies, Inc. 2014
Lucy Van Pelt
© Armory Technologies, Inc. 2014
Five Cents Please
© Armory Technologies, Inc. 2014
Robot Lucy Van Pelt
© Armory Technologies, Inc. 2014
https://github.com/etotheipi/BitcoinArmory/tree/RobotLVP
Robot LVP Vulnerabilities
• A user could share their private key that paid for the service.
• A user could create a signer that does not reveal the private key to people sharing access.
• Software could be copied and the payment address changed.
© Armory Technologies, Inc. 2014
Robot LVP Contest Requirements
2 BTC will be paid to a program with these requirements
• Verify Payment on the Bitcoin Mainnet Blockchain
• Accept payment for 5 millibits
• Accept a request message if and only if it is signed by the private key that paid the fee
• Payment expires after 1 year
• If no valid payment is found, show the QR code to pay
• Verify that payment address has at least .1 millibits
• Submit your program to [email protected] by April 1st
© Armory Technologies, Inc. 2014
![[Zing-man] Armory Castle](https://img.pdfslide.us/doc/110x75/55cf865b550346484b96d8d8/zing-man-armory-castle.jpg)
