Is it possible to have a cryptocurrency based on email address?

1

I would like to know if there is any existing cryptocurrency that lets you control the public and private keys generated.

I just don't like the fact that cryptocurrency keys are randomly generated. Even though I know generating such a pair again is almost impossible. I don't like it because it's "almost" impossible.

I have a few ideas that I would like to be used for the generation of these pairs but because I don't have an understanding of how the blockchain works, these ideas might not be practical.

I am still willing to share here if someone is willing to get back on the feasibility.

PS: Please excuse my poor grammar. English isn't my first language. I can only get the spellings right :)

PSS: I am now editing this to include my idea of a blockchain which I think I could trust:

Like I said, I just don't like the randomness that is involved. I would love to see a cryptocurrency where you have control over both the keys or at least one of the keys, preferabbly the public key.

Is it possible to have a currency with the following features?

  1. Public key is an email address
  2. Every transaction made on the blockchain sends a confirmation to the email address with a secret key. Once this is processed by the user, the blockchain verifies the transaction and either adds it to the blockchain or rejects it.

With such a set up, my coins would be as safe as my email address. To steal my coins, you would have to gain access to the associated email address.

VCore

Posted 2017-10-15T12:24:41.967

Reputation: 21

You want another system to email your own secret key to you? 1. Email is pretty simple to compromise. 2 What if the email gets lost / spam-filtered? Either the system has to retain a copy of your secret key to resend it, or your Coin is lost forever. Worst Idea Everabelenky 2017-10-15T16:27:42.160

If you want a database that actually exists, see https://haveibeenpwned.com/ for billions of email accounts that have been exposed in breaches -- and that's only the known ones; criminals undoubtedly have many more that weren't detected.

dave_thompson_085 2017-10-15T16:50:18.903

@abelenky No, I don't want the system to email the private key. Only a key pertaining to the transaction initiated by the owner of the public key. The user creates a transaction using his public key (email address) and private key. The system then generates a unique transaction key and emails the user. This would be a sort of two factor authentication method. The user would then need to check his/her email to approve the transaction. And then it would be added to the chain.VCore 2017-10-15T16:58:13.757

@dave_thompson_085 But in that case, isn't the fault on the people? They either used weak passwords, used the password on a compromised system or their passwords weren't stored in an encrypted form in the database. If a person takes all possible precuations, uses a very strong password and uses an email provider that takes security very seriously, I don't see how this would be an issue.VCore 2017-10-15T16:58:23.903

You wrote, "the blockchain sends a confirmation to the email address with a secret key." I think your words speak for themselves.abelenky 2017-10-15T18:42:24.043

I meant a unique secret key for just that transaction. Read my previous comment again.VCore 2017-10-16T02:42:26.360

The dumps are from breaches of servers, over which users have limited control; other types of compromise by humans (eg phishing and doxing), on user devices (eg keylogger) and in transit (eg SSL intercept) don't show up in the dumps. If you secure your own device(s) and use strong passwords (per service!) it certainly reduces risk, but there's no practical way to be certain a provider is 'serious' about security much less that they are and will remain successful -- even security companies have been breached sometimes.dave_thompson_085 2017-10-17T10:15:48.503

Understood. But what I wrote, is it practically feasible? A system which relies on two things viz. a private key like how things work right now plus an added level of security which requires a transaction to be verified by the owner by clicking on a link they will receive on their email address.

Right now you just need a public key and private key to gain control over an address. Another layer of security would be just awesome.

(continued in next comment) – VCore 2017-10-17T15:58:40.813

Do you prefer to sleep at night knowing someone has an improbable chance of randomly coming across your public and private key pair or would you prefer to sleep knowing after that they will also need to crack your email account?VCore 2017-10-17T15:58:45.880

Now that you have https://lbc.cryptoguru.org/about what is the view on the security of Bitcoin addresses?

VCore 2017-12-27T14:26:52.097

Answers

3

With Bitcoin and its derivatives, you can already generate a private key any way you like and import it using the importprivkey RPC command. You may start with any 256 bits of data (i.e. any number between 0 and 2^256-1), convert it to WIF format as explained at https://en.bitcoin.it/wiki/Wallet_import_format, and import it.

However, don't start getting attached to this idea before you understand things better.

I just don't like the fact that cryptocurrency keys are randomly generated. Even though I know generating such a pair again is almost impossible. I don't like it because it's "almost" impossible.

The solution to this is not to invent something new - the solution is for you to learn more math until you are convinced that it is reasonable. This is the case with everything in cryptography: no attack can ever be made impossible. But making it sufficiently improbable really is close enough.

If you generate a private key some other way besides randomly, it makes it a lot easier for someone to guess it and steal all your money. There used to be a fad called "brain wallets" where you would make up some memorable phrase and use it as a private key. People who did this got their money stolen routinely, because the number of memorable phrases you might come up with is relatively small, and it's very easy for someone with a good computer to just try and guess all of them. But the universe cannot support a computer good enough to try all 2^256 possible random keys.

Nate Eldredge

Posted 2017-10-15T12:24:41.967

Reputation: 21 420

Hi Nate. You are right. My math is worse than my english.

The reason for my distrust is sites like these: http://directory.io/

That site has around 904625697166532776746648320380374280100293470930272690489102837043110636675 * 128 keys.

What is your opinion on a database such as this one? Also I just edited my original post and included my idea of what I might trust.

VCore 2017-10-15T15:48:00.143

2directory.io is a parody specifically to show such a database cannot exist. Those pages are generated on the fly, and if you lived to be a million years old and spent all that time browsing directory.io you would still have essentially no chance of hitting any existing key.dave_thompson_085 2017-10-15T16:41:43.243

Hi Dave. I know its supposed to be a joke. But it just doesn't sound funny. Remember the time when engineers never considered the year 2000 thinking by then the computers would no longer be in use but still they were.

Similarly, you might not be able to upload 904625697166532776746648320380374280100293470930272690489102‌​837043110636675 * 128 pairs on a database which you can search.

But given enough time, would it still be impossible for a future computer to do this?

Are we to assume bitcoin is just going to be used for a few years? (continued in next comment) – VCore 2017-10-17T16:04:13.450

I remember 17 years back a friend of mine bought an 8 GB hard drive over 250 USD and I was like wow! Both for the price he paid and the storage he got. But just a week back I purchased a 2 TB hard drive for 100 USD. Back in that day I only had a hard drive of less than 1 GB. Now I have combined storage of over 4 TB spanning three hard drives. To assume a computer will never be able to take a go on something improbable just isn't satisfying.VCore 2017-10-17T16:04:18.427

Karan Ahuja 2017-12-28T10:35:31.663

Asked: 2017-10-15T12:24:41.967

Viewed: 282 times

Active: 2017-10-15T22:12:42.827