> These 2 bitcoin addresses are valid and all go to Tails:
Thank you for the information. I wanted to confirm this as I was not
sure what address to send a donation to.
> We send bitcoins to both addresses because we use them for different
> things in the end. We control how frequently each address is being
> displayed by some JavaScript on the page so we always have useful
> amounts on both sides.
You should consider that alot of people, particularly the kind that
would donate to Tails, often have javascript disabled. I do not know
what ratio of visitors would have javascript enabled vs disabled, but
just something to keep in mind.
Ideas on addressing javascript possibly being blocked.
Idea 1
Maybe a server side script such as PHP or something else that does not
rely on javascript would mitigate this? Just offering ideas if this is a
concern.
Idea 2
Another idea, maybe it would be possible to have a bitcoin smart contract
or trustless way to have a single bitcoin address which would then split
up payments in a desired ratio to other addresses.
For example, lets say I have two addresses A, and B. I want 50% of
donations to go to A, and 50% to go to B. I craft a bitcoin smart contract
with address D that takes all inputs and sends outputs to A and B.
If you have interest in this option, I could explore this possibility.
> But it's very interesting to learn that you found this suspicious.
I just thought it was suspicious at first, when I had one computer
report a different address than what other computers where showing.
> Do you have any idea on how to make it less suspicious will still
> meeting our goals: have some very rough control on the fraction of
> bitcoins that are sent to both addresses?
Please see my comments above about possibly using a server side script or
something that does not rely on javascript. Or maybe a smart contract
that splits payments on a desired ratio. If you are concerned about
ratios being off as a result of some or most people having javascript
disabled.
> I thought about always displaying both on the donation page but making
> the preferred one appear first and look bigger. See attachment.
>
> Would this have prevented your confusion?
>
> Can you think of other options?
That would probably work if you put a label next to the addresses. But
having two addresses displayed at the same time might just confuse people
of which one they should send to. But no matter what address is posted,
I think it would be valuable to have a way for people to verify that address.
Ideas on more secure address verification
Idea 1
One idea I can think of, maybe have a "verify BTC address" link under the
bitcoin address currenlty shown. This link would lead to a page that lists the
ddress with an attached signature by a trusted PGP key.
Idea 2
There is also an idea of creating human readable "usernames" or aliases for
BTC addresses. Like a secure DNS system but for any information. Namecoin
could make this possible. Maybe grab a Namecoin ID and publish your btc
address into that? Namecoin does have a documented standard for inputting crypto
addresses. See
https://wiki.namecoin.org/index.php?title=Identity#Examples
However currently there are not many bitcoin wallets if any that currently
integrate with namecoin. But there are other tools that can extract data from
namecoin identites. Namecoin is really something that I think will be mainstream
eventually, but why not be a pioneer in namecoin utilization to help make it
mainstream?
Or maybe both of these ideas?
If the TAILS project wants some namecoin to experiment with, just let
me know and I will give you some (If someone from TAILS PGP sign the namecoin
address I should some NMC to and send to and email to me directly).
Namecoin can also be used not just for bitcoin addresses, but also for creating a
.bit domain name that would point to the TAILS website with also containing
information on the site TLS cert.
This would also be valuable to protect TAILS from censorship.
Thank you
- --
Cannon
PGP Fingerprint: 2BB5 15CD 66E7 4E28 45DC 6494 A5A2 2879 3F06 E832
Email: cannon@???
NOTICE: ALL EMAIL CORRESPONDENCE NOT SIGNED/ENCRYPTED WITH PGP SHOULD BE
CONSIDERED POTENTIALLY FORGED, AND NOT PRIVATE.
>
> _______________________________________________
> Tails-project mailing list
> Tails-project@???
> https://www.autistici.org/mailman/listinfo/tails-project
>