Author: Mike Hearn 2015-02-05 13:57:03
Published on: 2015-02-05T13:57:03+00:00
The discussion is about whether to use "bitcoin:" URIs or BIP70 payment requests as a standard. It is argued that using partial address schemes may not be secure because a MITM attacker can substitute their own address prefix/partial address through wireless MITM. To avoid MITM attacks, it is suggested that the sender must know who they are sending money to and see a human understandable name that's cryptographically bound to the right public key. Displaying partial addresses to the user is not going to solve this problem unless users manually compare key prefixes across the screens which is even less convenient than a QR code. It is also discussed why broadcasting payment requests is preferred over picking them up via near field radio. This is due to Apple's restrictions on iOS as only iPhone 6 has NFC hardware which is not exposed via any public API. Additionally, NFC would be seen as a non-universal solution in markets where iOS is still popular until Apple catches up and provides an NFC API. However, working radio based broadcast systems are not problematic, but there could be confusion when lots of people are trying to pay for something that has equal cost simultaneously. NFC and QR codes prevent such confusion. In practice, Bitcoin payments are not normally popular enough for this to be a problem outside of Bitcoin community events.
Updated on: 2023-06-09T16:32:07.499251+00:00