Bao Identities? #2
SachinMeier
started this conversation in
Ideas
Replies: 1 comment
-
|
Conclusion: yes. Bao servers should sign the Event Point. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Should Bao servers publish their pubkey somewhere and sign Event Points? Otherwise, there is no real way to guarantee you've received the correct Event Point from a Bao. However, users only ever sign Event Hashes (for now, see #1).
One attack scenario is that an attacker commits to an Event with a victim. Then the attack MITM's the Victim's connection with the Bao server and swaps out the Event Point for one they can solve. Now, when the Victim does whatever they're going to do (create an adaptor signature most likely), the attacker can decrypt it immediately since they have the private key.
Beta Was this translation helpful? Give feedback.
All reactions