This repository was archived by the owner on Nov 21, 2019. It is now read-only.
Stealth address shared secret, auditability #12
Description
Either participant can agree to allow auditing of the transactions between each other by providing the shared secret to auditor, only one side needs to consent.
However, I think it's unwise to provide the raw ECDH result between two Master Keys to an auditor because it could compromise the security of any other system that relies on the same shared secret.
For this reason the ECDH result should be passed thru a KDF which makes the shared secret specific to the Mobius interraction between the two parties.
e.g.
root_secret = ECDH(As, Bp)
mobius_secret = KDF(root_secret||"mobius")