[bisq-network/bisq] Privacy improvements for manual payout (#4899)

James Cox notifications at github.com
Fri Dec 4 20:57:59 CET 2020


The goal of this PR is to improve privacy, by not requiring mediators to ask for users private keys.

- Redesign the UI
- Add import/export of payout settings
- Mediator does not need private key
- User can sign using own wallet or private key
- Validation of input fields
- Calculate the tx fee based on inputs
- Display of the generated txid & hex so it can be checked

The emergency multisig payout tool has been redesigned so that the unsigned payout transaction can be built, exported to the users for them to sign, and then the two signatures applied by the mediator before broadcasting the payout.

The screen is split into tabs (or a menu) allowing choices for Inputs, Import/Export, Sign and Build.  See screenshots below.

Inputs would be filled out by the mediator.  Most of the info can be obtained from the trade's contract.  The amountInMultisig can be obtained from checking an explorer - amountInMultisig is necessary because this value is part of the hashed signature (in segwit), so the TX will not be valid unless this amount is specified correctly.

The mediator would then export the settings and paste the exported string to both users in mediation chat.  e.g.

    segwit:d407eafc0fe1c38053293e279c3caa11377ace6b0863f68991b81bdfd12f189a:0.0223333:0.016:0.006:bcrt1qp72j2jfmvuaurvhfag42hzxh4kwztwtytagk0u:bcrt1qjdherq7kwr7vrs9wgmlsx4k74r8xcvhw9z8ds4:03f5fb2f9f4d8790138f96654a14753119b8a1141a120876456358302d24f35ee0:02471d7e2d25995ad4c274eada9d497ade835e026eda178c4347cebd21eff40353

Users would open the tool (ctrl+g) click import and paste in the supplied string.  Then they would click sign and press "LOCATE KEY IN WALLET" followed by "GENERATE SIGNATURE".  Then they would paste the signature string back to the mediator.

(The mediator would give the user some guidance on how to open the tool and sign).

The mediator, upon receiving the two signature strings would click "BUILD" and paste the buyer and seller signatures into the fields, followed by "BUILD" and/or "BROADCAST".  The txId and txHex are displayed in a text box (similar to the UI of coinbin), so the txId could by copied into an explorer to check the TX status.

Entering the parameters:
![image](https://user-images.githubusercontent.com/47253594/101208067-3d087e00-3637-11eb-8932-7aa92033dff0.png)

Exporting:
![image](https://user-images.githubusercontent.com/47253594/101208041-3417ac80-3637-11eb-8b6d-08af8428a7b8.png)

Signing (by users):
![image](https://user-images.githubusercontent.com/47253594/101208013-2a8e4480-3637-11eb-9863-1a7db8248842.png)

Building:
![image](https://user-images.githubusercontent.com/47253594/101207953-0a5e8580-3637-11eb-824d-8b817fa35259.png)







Fixes #4061 

@huey735, mediators are invited to review/comment on this proposed solution.

You can view, comment on, or merge this pull request online at:

  https://github.com/bisq-network/bisq/pull/4899

-- Commit Summary --

  * Privacy improvements for manual payout

-- File Changes --

    M core/src/main/java/bisq/core/btc/wallet/TradeWalletService.java (74)
    M desktop/src/main/java/bisq/desktop/main/overlays/windows/ManualPayoutTxWindow.java (533)

-- Patch Links --

https://github.com/bisq-network/bisq/pull/4899.patch
https://github.com/bisq-network/bisq/pull/4899.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/pull/4899
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20201204/b5dc89ec/attachment.htm>


More information about the bisq-github mailing list