Author: Charles Hill 2021-02-19 10:33:45
Published on: 2021-02-19T10:33:45+00:00
Thomas Voegtlin, the creator of Electrum wallet, expressed his dislike for BIP70 protocol due to its complexity and unclear main features. However, he finds one feature useful – the ability to receive signed payment requests when sending Bitcoin to an exchange. He believes that this would provide proof that the exchange requested the transfer and guide users' decision to use that exchange over its competitors. However, he notes that no exchange has implemented this feature due to BIP70 being a terrible standard. Therefore, Thomas is looking for another standard for signed requests, and he would be happy to remove BIP70 support from Electrum if such a standard existed.To address this issue, Chill117 suggested using URL signing scheme with LNURL, which could be repurposed for on-chain payments as well. The scheme involves generating an API key to be shared between a server and an offline device or application. To generate a signature, a random nonce is generated, and a query string is built with various parameters, including custom ones. The payload (the sorted query string) is then signed using HMAC-SHA256 with the API key secret, and the signature is appended to the payload. Chill117 also suggests removing the LNURL-specific parameters and using pub/priv key signing instead of HMAC-SHA256 with a shared secret. This approach is used in the lnurl-auth subprotocol which protects user privacy while allowing verification of signatures.Both Chill117 and Thomas provided links to their respective proposals for more details.
Updated on: 2023-06-14T18:18:15.752228+00:00