public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] Proposed BIP extension to BIP 0070
@ 2016-03-01 18:58 Justin Newton
  2016-03-08 22:34 ` Luke Dashjr
  0 siblings, 1 reply; 4+ messages in thread
From: Justin Newton @ 2016-03-01 18:58 UTC (permalink / raw)
  To: Bitcoin Dev


[-- Attachment #1.1: Type: text/plain, Size: 2007 bytes --]

The following draft BIP proposes an update to the Payment Protocol.

Motivation:

The motivation for defining this extension to the BIP70 Payment Protocol is
to allow 2 parties to exchange payment information in a permissioned and
encrypted way such that wallet address communication can become a more
automated process. Additionally, this extension allows for the requestor of
a PaymentRequest to supply a certificate and signature in order to
facilitate identification for address release. This also allows
for automated creation of off blockchain transaction logs that are human
readable, containing who you transacted with, in addition to the
information that it contains today.

The motivation for this extension to BIP70 is threefold:

1. Ensure that the payment details can only be seen by the participants in
the transaction, and not by any third party.
2. Enhance the Payment Protocol to allow for store and forward servers in
order to allow, for example, mobile wallets to sign and serve
Payment Requests.
3. Allow a sender of funds the option of sharing their identity with the
receiver. This information could then be used to:

        * Make bitcoin logs more human readable
        * Give the user the ability to decide who to release payment
details to
        * Allow an entity such as a political campaign to ensure donors
match regulatory and legal requirements
        * Allow for an open standards based way for regulated financial
entities to meet regulatory requirements
        * Automate the active exchange of payment addresses, so static
addresses and BIP32 X-Pubs can be avoided to maintain privacy
and convenience

In short we wanted to make bitcoin more human, while at the same time
improving transaction privacy.

Full proposal here:

https://github.com/techguy613/bips/blob/master/bip-invoicerequest-extension.mediawiki

We look forward to your thoughts and feedback on this proposal!

Justin


-- 

Justin W. Newton
Founder/CEO
Netki, Inc.

justin@netki.com
+1.818.261.4248

[-- Attachment #1.2: Type: text/html, Size: 3986 bytes --]

[-- Attachment #2: PastedGraphic-1.tiff --]
[-- Type: image/tiff, Size: 10972 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [bitcoin-dev] Proposed BIP extension to BIP 0070
  2016-03-01 18:58 [bitcoin-dev] Proposed BIP extension to BIP 0070 Justin Newton
@ 2016-03-08 22:34 ` Luke Dashjr
  2016-03-08 23:07   ` James MacWhyte
  0 siblings, 1 reply; 4+ messages in thread
From: Luke Dashjr @ 2016-03-08 22:34 UTC (permalink / raw)
  To: bitcoin-dev, Justin Newton

Is there a way for Joe Mobile Wallet User to upload a set of N PaymentRequests 
authenticated by his key to an untrusted server, which encrypts and passes 
them on in response to InvoiceRequests? Or does this necessarily require the 
recipient to be online?

On Tuesday, March 01, 2016 6:58:16 PM Justin Newton via bitcoin-dev wrote:
> The following draft BIP proposes an update to the Payment Protocol.
> 
> Motivation:
> 
> The motivation for defining this extension to the BIP70 Payment Protocol is
> to allow 2 parties to exchange payment information in a permissioned and
> encrypted way such that wallet address communication can become a more
> automated process. Additionally, this extension allows for the requestor of
> a PaymentRequest to supply a certificate and signature in order to
> facilitate identification for address release. This also allows
> for automated creation of off blockchain transaction logs that are human
> readable, containing who you transacted with, in addition to the
> information that it contains today.
> 
> The motivation for this extension to BIP70 is threefold:
> 
> 1. Ensure that the payment details can only be seen by the participants in
> the transaction, and not by any third party.
> 2. Enhance the Payment Protocol to allow for store and forward servers in
> order to allow, for example, mobile wallets to sign and serve
> Payment Requests.
> 3. Allow a sender of funds the option of sharing their identity with the
> receiver. This information could then be used to:
> 
>         * Make bitcoin logs more human readable
>         * Give the user the ability to decide who to release payment
> details to
>         * Allow an entity such as a political campaign to ensure donors
> match regulatory and legal requirements
>         * Allow for an open standards based way for regulated financial
> entities to meet regulatory requirements
>         * Automate the active exchange of payment addresses, so static
> addresses and BIP32 X-Pubs can be avoided to maintain privacy
> and convenience
> 
> In short we wanted to make bitcoin more human, while at the same time
> improving transaction privacy.
> 
> Full proposal here:
> 
> https://github.com/techguy613/bips/blob/master/bip-invoicerequest-extension
> .mediawiki
> 
> We look forward to your thoughts and feedback on this proposal!
> 
> Justin


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [bitcoin-dev] Proposed BIP extension to BIP 0070
  2016-03-08 22:34 ` Luke Dashjr
@ 2016-03-08 23:07   ` James MacWhyte
  2016-03-09  1:17     ` James MacWhyte
  0 siblings, 1 reply; 4+ messages in thread
From: James MacWhyte @ 2016-03-08 23:07 UTC (permalink / raw)
  To: bitcoin-dev

[-- Attachment #1: Type: text/plain, Size: 3688 bytes --]

Our BIP just defines protocol definitions, and doesn't really dictate how
people use them (we're coming up with a new title for the BIP, by the way,
to more accurately convey that). Using our definitions as building blocks,
someone could definitely accomplish what you described. For example, Joe
Mobile Wallet User's wallet could upload a slew of generic PaymentRequest
messages with signatures to prove his identity, and the server could then
create encryptedPaymentRequest messages using the server's key for
encryption and communication with the other party. In this case the server
would essentially be a proxy for the user without having actual access to
the user's private keys.

My personal goal with the protocol was to keep it extremely flexible so
developers could use it to build all different types of schemes while
keeping standard messages that could be forwarded between services if
needed. Does the above make sense?

James

On Tue, Mar 8, 2016 at 2:55 PM Luke Dashjr via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> Is there a way for Joe Mobile Wallet User to upload a set of N
> PaymentRequests
> authenticated by his key to an untrusted server, which encrypts and passes
> them on in response to InvoiceRequests? Or does this necessarily require
> the
> recipient to be online?
>
> On Tuesday, March 01, 2016 6:58:16 PM Justin Newton via bitcoin-dev wrote:
> > The following draft BIP proposes an update to the Payment Protocol.
> >
> > Motivation:
> >
> > The motivation for defining this extension to the BIP70 Payment Protocol
> is
> > to allow 2 parties to exchange payment information in a permissioned and
> > encrypted way such that wallet address communication can become a more
> > automated process. Additionally, this extension allows for the requestor
> of
> > a PaymentRequest to supply a certificate and signature in order to
> > facilitate identification for address release. This also allows
> > for automated creation of off blockchain transaction logs that are human
> > readable, containing who you transacted with, in addition to the
> > information that it contains today.
> >
> > The motivation for this extension to BIP70 is threefold:
> >
> > 1. Ensure that the payment details can only be seen by the participants
> in
> > the transaction, and not by any third party.
> > 2. Enhance the Payment Protocol to allow for store and forward servers in
> > order to allow, for example, mobile wallets to sign and serve
> > Payment Requests.
> > 3. Allow a sender of funds the option of sharing their identity with the
> > receiver. This information could then be used to:
> >
> >         * Make bitcoin logs more human readable
> >         * Give the user the ability to decide who to release payment
> > details to
> >         * Allow an entity such as a political campaign to ensure donors
> > match regulatory and legal requirements
> >         * Allow for an open standards based way for regulated financial
> > entities to meet regulatory requirements
> >         * Automate the active exchange of payment addresses, so static
> > addresses and BIP32 X-Pubs can be avoided to maintain privacy
> > and convenience
> >
> > In short we wanted to make bitcoin more human, while at the same time
> > improving transaction privacy.
> >
> > Full proposal here:
> >
> >
> https://github.com/techguy613/bips/blob/master/bip-invoicerequest-extension
> > .mediawiki
> >
> > We look forward to your thoughts and feedback on this proposal!
> >
> > Justin
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

[-- Attachment #2: Type: text/html, Size: 4900 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [bitcoin-dev] Proposed BIP extension to BIP 0070
  2016-03-08 23:07   ` James MacWhyte
@ 2016-03-09  1:17     ` James MacWhyte
  0 siblings, 0 replies; 4+ messages in thread
From: James MacWhyte @ 2016-03-09  1:17 UTC (permalink / raw)
  To: bitcoin-dev

[-- Attachment #1: Type: text/plain, Size: 4808 bytes --]

I accidentally replied to Luke off-list, and this was his reply to my last
message:

"But wouldn't the server be a trusted third-party in this case?
I'm thinking it's very close to being possible for an untrusted server to do
this..."

If you are okay with anyone being able to view your PaymentRequest
messages, then you wouldn't need to encrypt them. Just upload them to the
server and let it give them away--no trust needed as long as you include a
signature. If you want only certain people to be able to see your messages,
then you need to denote those people in some way. In this situation, you
would do that by trading public keys and uploading encryptedPaymentRequest
messages to the server that only those people could read.

Using the encrypted method doesn't require the devices to be online, but it
does require at least one of the parties to know the other party's public
key. Do you have a specific use case in mind?

James

On Tue, Mar 8, 2016 at 3:07 PM James MacWhyte <macwhyte@gmail.com> wrote:

> Our BIP just defines protocol definitions, and doesn't really dictate how
> people use them (we're coming up with a new title for the BIP, by the way,
> to more accurately convey that). Using our definitions as building blocks,
> someone could definitely accomplish what you described. For example, Joe
> Mobile Wallet User's wallet could upload a slew of generic PaymentRequest
> messages with signatures to prove his identity, and the server could then
> create encryptedPaymentRequest messages using the server's key for
> encryption and communication with the other party. In this case the server
> would essentially be a proxy for the user without having actual access to
> the user's private keys.
>
> My personal goal with the protocol was to keep it extremely flexible so
> developers could use it to build all different types of schemes while
> keeping standard messages that could be forwarded between services if
> needed. Does the above make sense?
>
> James
>
> On Tue, Mar 8, 2016 at 2:55 PM Luke Dashjr via bitcoin-dev <
> bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> Is there a way for Joe Mobile Wallet User to upload a set of N
>> PaymentRequests
>> authenticated by his key to an untrusted server, which encrypts and passes
>> them on in response to InvoiceRequests? Or does this necessarily require
>> the
>> recipient to be online?
>>
>> On Tuesday, March 01, 2016 6:58:16 PM Justin Newton via bitcoin-dev wrote:
>> > The following draft BIP proposes an update to the Payment Protocol.
>> >
>> > Motivation:
>> >
>> > The motivation for defining this extension to the BIP70 Payment
>> Protocol is
>> > to allow 2 parties to exchange payment information in a permissioned and
>> > encrypted way such that wallet address communication can become a more
>> > automated process. Additionally, this extension allows for the
>> requestor of
>> > a PaymentRequest to supply a certificate and signature in order to
>> > facilitate identification for address release. This also allows
>> > for automated creation of off blockchain transaction logs that are human
>> > readable, containing who you transacted with, in addition to the
>> > information that it contains today.
>> >
>> > The motivation for this extension to BIP70 is threefold:
>> >
>> > 1. Ensure that the payment details can only be seen by the participants
>> in
>> > the transaction, and not by any third party.
>> > 2. Enhance the Payment Protocol to allow for store and forward servers
>> in
>> > order to allow, for example, mobile wallets to sign and serve
>> > Payment Requests.
>> > 3. Allow a sender of funds the option of sharing their identity with the
>> > receiver. This information could then be used to:
>> >
>> >         * Make bitcoin logs more human readable
>> >         * Give the user the ability to decide who to release payment
>> > details to
>> >         * Allow an entity such as a political campaign to ensure donors
>> > match regulatory and legal requirements
>> >         * Allow for an open standards based way for regulated financial
>> > entities to meet regulatory requirements
>> >         * Automate the active exchange of payment addresses, so static
>> > addresses and BIP32 X-Pubs can be avoided to maintain privacy
>> > and convenience
>> >
>> > In short we wanted to make bitcoin more human, while at the same time
>> > improving transaction privacy.
>> >
>> > Full proposal here:
>> >
>> >
>> https://github.com/techguy613/bips/blob/master/bip-invoicerequest-extension
>> > .mediawiki
>> >
>> > We look forward to your thoughts and feedback on this proposal!
>> >
>> > Justin
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>
>

[-- Attachment #2: Type: text/html, Size: 6630 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2016-03-09  1:17 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-01 18:58 [bitcoin-dev] Proposed BIP extension to BIP 0070 Justin Newton
2016-03-08 22:34 ` Luke Dashjr
2016-03-08 23:07   ` James MacWhyte
2016-03-09  1:17     ` James MacWhyte

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox