This is a spinoff of stealth addresses called "Extended Addresses"
https://medium.com/p/5ac1b5e01b6cThis gives extra privacy, without requiring the exchange of a nonce.
What if Evan implemented this in Darkcoin 2.0 and call them "Dark Addresses"?
This would allow for denomination of all outputs (including receiving addresses outputs).
A big step forward for good privacy.
Extended address improve privacy in this way:
- Payee generates a BIP32 hardened branch for each payer. The payer can generate any amount of receiving addresses for the payee.
- When Payer wants to send a payment, he grabs X unspent outputs he owns, and generates X receiving addresses. He can then send a tx to Payer where all of his X outputs are spent "in parallel", avoiding merging them. This is great privacy for Payer.
- When Payee loads his wallet, it scans addresses for all the payer branches, until it finds a N-gap. A N-gap is a set of N contiguous unused addresses (addresses with no transactions). In this way, he can always be aware of all incoming payments, and who they correspond to.
- Because each payer knows only his/her own "payer branch", he can't see all the other transactions received by Payee.
Combined with Darksend & the potential of routing everything through masternodes this is unstoppable privacy.
I like the "extended addresses" idea, but I think Stealth Addresses have some advantage. If the nonce can be part of OP_RETURN its probably a better solution.
