Author: Mike Hearn 2015-01-28 17:14:07
Published on: 2015-01-28T17:14:07+00:00
The conversation is about the implementation of BIP70, a payment protocol for Bitcoin. One person believes that using JSON and HTTPS would be easier and sufficient for today's use case. However, another person argues that BIP70 was designed to support hardware wallets such as TREZOR by keeping the amount of code they need to run as small as possible. Implementing JSON and HTTPS would mean adding complex and bug-prone text parsing logic as well as a full-blown HTTP and SSL stack, which could increase cost, complexity, and decrease security. Additionally, doing things this way means BIP70 requests can be signed by things which are not HTTPS servers, which allows recipients to be identified by more than just a domain name + dynamic session. The embedding of certificates in BIP70 requests also makes them verifiable by third parties. Combining the transactions and merkle branches linking them to the blockchain, what you have is an undeniable proof of purchase that has all kinds of use cases. The conversation also highlights some of the challenges of targeting WinRT and other platforms with a single codebase.
Updated on: 2023-06-09T15:32:51.496817+00:00