public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Andreas Schildbach <andreas@schildbach.de>
To: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] BIP Proposal - Address Paste Improvement
Date: Thu, 8 Nov 2018 16:28:41 +0100	[thread overview]
Message-ID: <ps1kj6$fk5$1@blaine.gmane.org> (raw)
In-Reply-To: <20181108131130.134b2d43@simplexum.com>

On 08/11/2018 09.11, Dmitry Petukhov via bitcoin-dev wrote:

>> Copying addresses to the clipboard should be discouraged, rather than
>> supported.
> 
> Do you know any reasonably convenient mechanism for end user to
> transfer an address from, say, a web page to the wallet address
> input field ?

- QR code scanning of a Bitcoin URI
- On Android: A "bitcoin:" URI intent or a BIP70 payment message intent
- On desktop OSes there are similar mechanisms to launch Apps from the
browser (e.g. for mailto: links)

> The clipboard is just a low-hanging fruit for malware, anyway. It just
> the most easy point to replace an address. If the computer is
> compromized, malware can edit the web page in the memory of the browser
> process, for example. If it shown as QR code, malware can decode,
> detect that it is an address, and replace the image of QR code.

For editing the clipboard your computer doesn't need to be compromised!
*Any* app can do it, without special permission.

> I think that the only way to protect from this is to add some form of
> authentication for an address - 2fa (transfer checksum via second
> channel), visual fingerprints for addresses, that will are hard to
> detect (and hence, replace) for malware, signing the destination address
> with the key of an address that is already known and checking the
> signature, etc.

For cases where the payee is a well-known entity the BIP70 payment
protocol has authentication via certificates. That doesn't work for the
"the person in front of you is the only trust anchor you have" usecase
though.



  reply	other threads:[~2018-11-08 15:28 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-07 14:09 [bitcoin-dev] BIP Proposal - Address Paste Improvement Adam Ficsor
2018-11-07 21:28 ` Andreas Schildbach
2018-11-08  8:11   ` Dmitry Petukhov
2018-11-08 15:28     ` Andreas Schildbach [this message]
2018-11-08 18:00       ` Dmitry Petukhov
2018-11-12  3:23         ` Adam Ficsor
2018-12-01  4:57           ` James MacWhyte
2018-12-01 12:07             ` Adam Ficsor
2018-11-08 17:43     ` Moral Agent
2018-11-08 17:12   ` Jeffrey Paul

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='ps1kj6$fk5$1@blaine.gmane.org' \
    --to=andreas@schildbach.de \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox