Author: ts 2021-08-31 02:16:00
Published on: 2021-08-31T02:16:00+00:00
A proposal was made to create a simple technical assistance that makes it more user-friendly and less error-prone to verify the entered address for all types of users, including those who are less tech-savvy. It is not about random typos but rather copy & paste errors (both technical or user-caused). Pieter Wuille suggested that comparing any few characters of the address is just as good as any other, and looking at the last N characters, or the middle N, or anything except the first few will do, and is just as good as an external checksum added at the end. However, ADDITIONALLY to looking at N characters, a quick check of a 3 or 4 digit code in bigger font next to the address would make for a better user experience. Christopher Allen proposed to use LifeHash as an alternative to visual checksums. The advantage of the digit verification code is that it can be spoken in a call or written in a message. No changes are needed, only an agreement or recommendation on which algorithm for the code generation should be used. Once this is done, it is up to the developers of wallets and exchanges to implement this feature as they see fit. The proposal is not concerned about maliciously constructed addresses, which are designed to look similar in specific places. If the attacker only focuses on the verification code, he will only be successful with users that ONLY look at this code. But if the attacker intends to be more successful, he now needs to create a valid address that is both similar in specific places AND produces the same verification code, which is way more difficult to achieve.
Updated on: 2023-06-15T01:06:39.243554+00:00