From: Mike Hearn <mike@plan99.net>
To: Kalle Rosenbaum <kalle@rosenbaum.se>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proof of Payment
Date: Fri, 13 Mar 2015 14:31:29 -0700 [thread overview]
Message-ID: <CANEZrP0V4wg4X1ASx9_+ONP749s9TD3PcemA_wyjYvgZDxh+WA@mail.gmail.com> (raw)
In-Reply-To: <CAPswA9zzVDxW8_WXg5833r2Z4pxZOppYtNLHMQ=Nw-H72cMz7w@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 855 bytes --]
Hi Kalle,
I think you're thinking along the right lines, but I am skeptical that this
protocol adds much. A saved payment request is meant to be unique per
transaction e.g. because the destination address is unique for that payment
(for privacy reasons). Where would you store the signed payment request?
Probably in the wallet. You could just extract the metadata that's useful
for UI rendering into a separate structure and then encrypt the original
full payment request under the wallet key. At least this is how I imagine
it would work.
So then, if someone can steal a payment request they can probably steal the
wallet signing keys too, and thus signing a challenge with the wallet keys
doesn't add much. It means the wallet doesn't have to store the
PaymentRequest encrypted. But AFAICT that's about all it does.
Do you agree with this analysis?
[-- Attachment #2: Type: text/html, Size: 1000 bytes --]
next prev parent reply other threads:[~2015-03-13 21:31 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-13 19:29 [Bitcoin-development] Proof of Payment Kalle Rosenbaum
2015-03-13 20:30 ` Natanael
2015-03-13 21:31 ` Mike Hearn [this message]
2015-03-13 21:47 ` Kalle Rosenbaum
2015-03-13 22:03 ` Mike Hearn
[not found] ` <CAPswA9y5bDs1urRCmh8Oxeho4As8pBt2rRVP6fjhjJA0cZrvfA@mail.gmail.com>
[not found] ` <CANEZrP35_h_-2c=A-1+M8umSpAC70DJ7sYhPPo_62dm2QKHCEg@mail.gmail.com>
2015-03-14 9:28 ` Kalle Rosenbaum
[not found] ` <A2849710-1069-45A1-89C0-9D8E40C4A8D6@newcastle.ac.uk>
2015-03-14 18:16 ` Kalle Rosenbaum
2015-04-22 20:03 ` Kalle Rosenbaum
[not found] ` <55384AC9.80501@datamagi.no>
2015-04-23 14:39 ` Kalle Rosenbaum
2015-04-27 0:50 ` Tom Harding
2015-04-27 12:35 ` Kalle Rosenbaum
2015-04-27 12:41 ` Kalle Rosenbaum
2015-04-28 7:23 ` Jorge Timón
2015-04-28 12:41 ` Kalle Rosenbaum
2015-04-28 12:53 ` Jorge Timón
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANEZrP0V4wg4X1ASx9_+ONP749s9TD3PcemA_wyjYvgZDxh+WA@mail.gmail.com \
--to=mike@plan99.net \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=kalle@rosenbaum.se \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox