0
Lets say that someone wanted to prove they owned some metadata without revealing who they were. For instance, lets say they needed to prove they had owned a contract but that contract was in an address that had a lot of bitcoin in it, but they didn't want to show that they had that much capital (maybe a bad example) , but FOR WHATEVER REASON they didn't want to reveal their nest egg address or undermine the psuedonominity of previous linked transactions Would it be possible to reveal the existence of the contract, by simply proving that you own an address that was generated by the same seed.
For instance, Electrum generates six addresses after you create a seed. Lets say the contract and a lot of bitcoin was in the first address in that sequence.
Could you prove that you own this by signing the second address in that sequence (or even a change address), and it would irrevocably prove that you own/control something in the other address without linking the two addresses together the result being that you would know that "yes this address in within the same sequence of addresses, one of which contains the information that needs to be proven"
I think this would have perks for privacy of bitcoin and associated technologies
My first instinct is to say "No", because signatures are tied directly to the keys used to create them. Even though the keys might be related to eachoher, the signatures are not, so in order to connect a signature to a non-related key, you would have to connected it through the original key, thus defeating your purpose. – John Henry – 2014-09-12T17:45:32.240
@JohnHenry is there some kind of multisignature way to do this (using multiple existing addresses from the deterministic sequence), without revealing the addresses used? just their private keys are used to create a key that they sign - I guess its similar to a stealth address - but anyway the transaction they sign has the proof of ownership – CQM – 2014-09-12T20:43:30.950
Essentially, I don't think that there is a way to prove ownership of something like a contract by way of signature without exposing the original address corresponding to said signature. Even if the keys are related in some other way, the original address is still needed to verify the signature.
However; have you looked into ZeroCoin and zero knowledge proofs? I'm not exactly sure how these work, but they may offer what you're looking for. – John Henry – 2014-09-13T01:51:05.143
Also, feel free to ignore this, but here's my (somewhat philosophical opinion): bitcoin requires thinking differently in a subtle but important way; you must plan ahead as once data is signed, it's forever tied to a specific address. Have separate addresses for separate purposes. Keep your keys that you use to sign contracts separate from the ones you use to store your nest egg, and you'll never run into this issue. Even if you are able to prove ownership without exposing the address, the record still exists in the blockchain, and anyone with enough resources could eventually find it. – John Henry – 2014-09-13T01:57:57.920
@JohnHenry this is about a theoretical application of blockchain technology. the ability of an end user's pseudonomity to be compromised is an ongoing concern to how practical this theoretical application would be. So I try to ask generic questions, but I can't use specific responses to the generic scenarios I chose to create. This may be more so a problem that is able to be solved via a GUI that simply doesn't show other people the underlying information – CQM – 2014-09-14T23:45:54.137
I think you hit it on the head with the term "pseudonymity", in that bitcoin does not offer true anonymity and thus there will be are some guarantees that the system simply cannot make, and this may be one of them. While it would entirely be possible solve your problem via a GUI that simply does not expose the underlying connections, you must consider that as the blockchain is publicly readable, so even if your GUI hides them, someone else can build an application that completely exposes them. – John Henry – 2014-09-15T05:18:41.630