Author: Paul Puey 2015-02-06 02:09:48
Published on: 2015-02-06T02:09:48+00:00
The CEO of Airbitz Inc, Paul Puey, has responded to a suggestion made on a forum for ideas to harden protocol. Eric Voskuil had expressed concern about the security of a bootstrapped trust system for verification of address prefix in Bluetooth transactions. He argued that such a system would not prevent malicious app interference or disruption of business. Puey suggested that manual UI verification could be encouraged, but Voskuil felt that this was not a solution. Voskuil also raised concerns about privacy compromise with BIP-70 signed payment requests and the difficulty of establishing shared secrets over public channels. Martin Hábovštiak suggested encryption with forward secrecy to establish verifiable identity associated with public keys, but Voskuil argued that such a system would still be subject to attack by MITMs.
Updated on: 2023-06-09T16:31:15.765422+00:00