Author: MⒶrtin HⒶboⓋštiak 2015-02-05 23:36:11
Published on: 2015-02-05T23:36:11+00:00
The use of a BIP-70 signed payment request during initial broadcast can address integrity issues. However, the public nature of the broadcast and strong public identity creates significant privacy concerns. Transactions are cryptographically tainted as a result. The problem is further compounded when using BIP-70 over the web. Despite TLS and other security measures, an interloper can capture payment requests and automatically correlate transactions to identities. Maintaining privacy between parties becomes challenging.One potential solution suggested is using encryption with forward secrecy. The merchant would generate a signed request containing a public ECDH part, while the buyer would send back a transaction encrypted with ECDH and their public ECDH part. If the receiving address or amount needs to be kept private, a commit protocol (such as ZRTP/RedPhone) and short authentication phrase could be used. The commit protocol makes it difficult to spoof the authentication phrase.
Updated on: 2023-06-09T16:35:58.300937+00:00