Author: Gavin Andresen 2013-04-30 13:14:53
Published on: 2013-04-30T13:14:53+00:00
In a discussion about Timo's proposal for protecting refund addresses, Gavin Andresen outlined two risks. The first is the possibility of a merchant's web server being compromised, allowing an attacker to redirect refunds. The second risk is that merchants may miss payments because they miss a POST to the payment_url. If payments are more common than refunds, the second risk will outweigh the first. Andresen also noted that if an attacker were to compromise the front-end web server, they would probably just generate plain-old pay-to-bitcoin-address payment requests and hope for customers to pay them directly before discovery.
Updated on: 2023-06-06T15:34:00.274508+00:00