--- Log opened Sat Jun 01 00:00:13 2024 00:36 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has joined #silentpayments 01:10 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has quit [Ping timeout: 260 seconds] 03:31 < setavenger> Interesting points. My takeaway here is that ephemeral connections via tor are a good base line to focus on. Currently only doing desktop applications as mobile is on ice. Tor should not be an issue then imo. 03:31 < setavenger> If tor is not running on the system I think for the v0 I will default to the pushtx concept without tor. I would need to build an implmenetation of that proxy first or make users install the proxy, at that point i could also just encourage them to have tor running I guess. 03:48 -!- josie_ is now known as josie 06:51 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has joined #silentpayments 07:11 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has quit [Remote host closed the connection] 07:11 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has joined #silentpayments 07:45 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has quit [Ping timeout: 260 seconds] 08:02 -!- b10c [~quassel@user/b10c] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.] 08:04 -!- b10c [~quassel@static.33.106.217.95.clients.your-server.de] has joined #silentpayments 08:04 -!- b10c [~quassel@user/b10c] has changed host 09:20 < setavenger> A design question popped up, while I was implementing the scanning and spending segregation. Is there already a widely used protocol in place to communicate very private wallet data to light clients. 09:20 < setavenger> An endpoint `/ownedUTXOsByServerOwner` should obviously not be available to everybody. Auth and/or encryption of the data solve the issue. 09:20 < setavenger> Many people access their umbrels and so on via tor over http to simply reach their homeservers. 09:20 < setavenger> Tor does not encrypt the data after exit node termination I think, this makes eavesdropping very easy. 09:20 < setavenger> Using https + auth is probably the most straightforward thing todo. But https for homeservers is kind of a pain from my experience. If we want users to connect from outside with their phones to their scanning servers at home this needs to be addressed. 09:20 < setavenger> Does anybody know how other services/wallets/clients or whatnot address this? 09:20 < setavenger> I would be suprised if there isn't something already used for light clients to communicate with home servers etc. 09:20 < setavenger> I think we have stuff like macaroons in LND but have no idea what they really do. 09:47 < josie> setavenger: regarding auth, i think the most common one is either a) running the server as a tor hidden service and having the client connect over tor (removes the concern of decrypting at an exit node) or b) connecting over SSL (which is what the electrum protocol uses) 09:56 < setavenger> thanks. A hidden service would be the most straightforward I think. IIRC setting up SSL from a homeserver can be tricky? I think mainly bigger public electrum servers use SSL right? 10:55 -!- S3RK [~S3RK@user/s3rk] has joined #silentpayments 10:58 -!- S3RK_ [~S3RK@user/s3rk] has quit [Ping timeout: 268 seconds] 11:11 < josie> setavenger: yes, big electrum servers but also i think some of the node in a box personal servers like umbrel also allow you to connect over ssl? been a while since i played with one, though 11:11 -!- achow101 [~achow101@user/achow101] has quit [Ping timeout: 264 seconds] 11:14 -!- achow101 [~achow101@user/achow101] has joined #silentpayments 20:23 -!- pyth [~pyth@116.110.41.135] has quit [Remote host closed the connection] 20:23 -!- pyth [~pyth@116.110.41.135] has joined #silentpayments --- Log closed Sun Jun 02 00:00:14 2024