Using a bitcoin address repeatedly is something we're trying to move away from. And using a bitcoin address as a persistent identity key feels like the wrong direction to me. Better to use something like client certificates, the FIDO alliance's (new!) specs: http://fidoalliance.org/specifications/download ... or Steve Gibson's proposed SQRL system: https://www.grc.com/sqrl/sqrl.htm If one of those systems gets critical mass and actually starts being successful, then I think it would make sense to specify a standard way of using a HD wallet's deterministic seed to derive a key used for the FIDO or SQRL systems. On Fri, Apr 4, 2014 at 9:22 AM, Eric Larchevêque wrote: > What I'm trying to achieve, is to have a very simple way of authenticating > yourself with one Bitcoin address from your wallet. > For most of the people using Bitcoin, their wallet is on their phone. > > The UX is clear and simple : > 1. click on "connect with Bitcoin" (the audience is normal people) > 2. flash the QRcode with your wallet (blockchain.info, mycelium, ...) > 3. accept the authentication request (same style than OpenID or Facebook > connect) > 4. user is autologged and identified by the chosen Bitcoin public address > > It makes sense only if major wallets are supporting the protocol. If you > need to install a plugin or download a third party software, no one will do > it. > I see only benefits for the entire ecosystem, and if I'm working on such a > proposition it is because I really need this feature. > > Of course, it can be done without a BIP, I just need to convince wallet > developpers one by one to implement the feature. > But I thought it was much better to start the "official" way, so all > wallet could easily find and implement the same authentication mechanism. > > > Bitcoin and website authentication are unrelated problems > > I respectfully disagree. Many services require your Bitcoin address, and > to do that they artificially request an email/password to store it. > This is not about authentication as an identity (as "I'm Eric > Larcheveque"), but as in "I'm proving to you that I control this address". > > Without such a standard protocol, you could never envision a pure Bitcoin > physical locker rental, or booking an hotel room via Bitcoin and opening > the door through the paying address. > > Eric > > > > On Fri, Apr 4, 2014 at 3:08 PM, Mike Hearn wrote: > >> This comes up every few months. I think the problem you are trying to >> solve is already solved by SSL client certificates, and if you want to help >> make them more widespread the programs you need to upgrade are web browsers >> and not Bitcoin wallets. There are certainly bits of infrastructure you >> could reuse here and there, like perhaps a TREZOR with a custom firmware >> extension for really advanced/keen users, but overall Bitcoin and website >> authentication are unrelated problems. >> >> >> On Fri, Apr 4, 2014 at 2:15 PM, Eric Larchevêque wrote: >> >>> Hello, >>> >>> I've written a draft BIP description of an authentication protocol based >>> on Bitcoin public address. >>> >>> By authentication we mean to prove to a service/application that we >>> control a specific Bitcoin address by signing a challenge, and that all >>> related data and settings may securely be linked to our session. >>> >>> The aim is to greatly facilitate sign ups and logins to services and >>> applications, improving the Bitcoin ecosystem as a whole. >>> >>> https://github.com/bitid/bitid/blob/master/BIP_draft.md >>> >>> Demo website : >>> http://bitid-demo.herokuapp.com/ >>> >>> Classical password authentication is an insecure process that could be >>> solved with public key cryptography. The problem is that it theoretically >>> offloads a lot of complexity and responsibility on the user. Managing >>> private keys securely is complex. However this complexity is already being >>> addressed in the Bitcoin ecosystem. So doing public key authentication is >>> practically a free lunch to bitcoiners. >>> >>> I've formatted the protocol description as a BIP because this is the >>> only way to have all major wallets implementing it, and because it >>> completely fits in my opinion the BIP "process" category. >>> >>> Please read it and let me know your thoughts and comments so we can >>> improve on this draft. >>> >>> Eric Larcheveque >>> elarch@gmail.com >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Bitcoin-development mailing list >>> Bitcoin-development@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >>> >>> >> > > > ------------------------------------------------------------------------------ > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > -- -- Gavin Andresen