Author: Mike Hearn 2013-12-13 21:49:23
Published on: 2013-12-13T21:49:23+00:00
The user-signed payment request without iteration count can be enclosed within a payr.com-signed envelope that contains the iteration count. It is unclear, however, how this signature would show up in the user interface. It is also uncertain what actions should be taken if the signature is broken or missing. Nevertheless, a maliciously modified iteration count can only cause funds to be sent beyond the recipient's gap limit, rendering them unable to receive it unless they reconfigure their software and rescan. Nonetheless, money cannot be stolen this way.
Updated on: 2023-06-07T22:25:20.631688+00:00