Jumping in on this conversation because I've been doing research in this area. Using a list of trusted providers in the payment details will be very limiting and not scalable. I understand the reason for wanting the supports_instant field, but I think that's a bad idea because the list could literally be a million providers. Secondly, some merchants already support instant transactions without any trust signature, so they should also be able to advertise that as well.
I also don't believe that trusted or not trusted is a valid on and off switch. For example, I might trust an instant provider for a 1 btc transaction, but not 1,000,000 btc. Trust is all about the risk involved. We can definitely learn from the current financial system in this realm.
I 100% agree with the In Payment Message portion of the BIP extension. Here's how I think this will practically shake out in an automated way: Anyone can become an instant provider, but nobody will trust them at first. As that particular instant provider processes more and more transactions without any double spends, they essentially build up trust. Based on the past history of a particular instant provider a risk factor could be calculated for a given transaction. This would also factor in the size of the transaction. It would be very similar to a credit file showing the past history of that particular instant provider based on all the transactions they signed.
Andreas Schildbach <andreas <at> schildbach.de> writes:
> Just a quick comment:
>
> The supports_instant field seems redundant to me. First, as per your
> spec, you can derive it from trusted_instant_providers. And second, why
> do you need it at all? Protobuf is designed so it will simply ignore
> fields you don't know. So you can just send the instant_* fields in the
> Payment message without harm.
Agreed, supports_instant is redundant and can/should/will go.
trusted_instant_providers on the other hand I think is needed.
Sometimes the providers will charge fees for instant.
While the software can ignore the fields,
users may not want to pay for instant when the merchant may not accept it or
care (even if it would not break the protocol it would still be a waste of
fees)
Does it make sense?
Not all transactions from GreenAddress provide double spend protection, there
are additional checks on prevout that are normally not done when spending
normally, etc