On 4 March 2014 14:07, Odinn Cyberguerrilla <odinn.cyberguerrilla@riseup.net
> wrote:

> Nothing is safe.
>

This is true. To rephrase, imagine I gave you an ECC public key <ed_pub>,
you gave me back a public key <odinn_pub> of your own devising, then I paid
some money to the address resulting from add_pubkeys(<ed_pub>,<odinn_pub>)
[1]. Can anyone either:

a) Think of a way that Odinn could make an <odinn_pub> such that they could
spend the resulting money without having <ed_priv>.
b) Opine, somewhat knowledgeably, that this probably wouldn't be an easy
thing to do, and they wouldn't be alarmed to see people running software
that did this kind of thing.

[1]
https://github.com/vbuterin/pybitcointools/blob/master/pybitcointools/main.py#L173

-- 
Edmund Edgar
Founder, Social Minds Inc (KK)
Twitter: @edmundedgar
Linked In: edmundedgar
Skype: edmundedgar
http://www.socialminds.jp

Reality Keys
@realitykeys
ed@realitykeys.com
https://www.realitykeys.com