Author: Gavin Andresen 2013-07-31 11:19:05
Published on: 2013-07-31T11:19:05+00:00
The context includes a series of suggested modifications to the Bitcoin Improvement Proposal (BIP) for Payment Protocol. These modifications involve clarifying language in various sections of the proposal and adding additional information. The first modification involves rejecting PaymentRequest messages larger than 50,000 bytes to prevent denial-of-service attacks. Another modification notes that the protocol can serve as a foundation for future features but avoids making predictions about the future. The BIP is also modified to add information about how it can assist hardware wallets in the presence of viruses. The merchant_data field is noted as potentially untrustworthy due to the possibility of malicious clients modifying it.Additional modifications include strengthening language around securing payment URLs against man-in-the-middle attacks, while also acknowledging exceptions such as Tor hidden services. The PaymentACK message is discussed, with the suggestion that clients may ignore it if they have another way to associate payments with PaymentACKs. Finally, the certificates section is modified to clarify the meaning of "validation" and recommend obtaining trusted root certificates from the operating system or the Mozilla root store. Overall, these modifications aim to improve the clarity and security of the Payment Protocol.
Updated on: 2023-06-07T14:56:10.266519+00:00