Author: Kalle Rosenbaum 2015-06-06 14:35:17
Published on: 2015-06-06T14:35:17+00:00
Kalle Rosenbaum has proposed a new BIP (Bitcoin Improvement Proposal) called Proof of Payment. This BIP is intended to allow a wallet to prove to a server that it has the ability to sign a certain transaction. There are several scenarios in which this would be useful, such as pre-paid hotel rooms where the PoP functions as a key to the door and online video rental services where you pay for a video and watch it on any device. Additionally, PoP can be used to log in to a pay site without any personal information being involved and for parking lots where a car authenticates itself using PoP. The BIP describes how PoP can be generated on demand and only used once to avoid issues due to theft. It should be able to create a PoP for any payment, regardless of script type (P2SH, P2PKH, etc.). The BIP specifies a data structure for PoP that has the exact same structure as a bitcoin transaction with the same inputs and outputs as the transaction it is proving. A proof of payment request is sent from the server to the wallet, containing a random nonce, a destination where to send the PoP, and data hinting the wallet which transaction to create a proof for. The wallet identifies a transaction T and creates an unsigned PoP (UPoP) for T, and asks the user to sign it. Once the UPoP(T) is signed by the user, the PoP is sent to the destination specified in the request. The server receiving the PoP validates it and responds with “valid” or “invalid”. Security considerations are discussed, including the potential for someone to intercept the PoP-request and change the PoP destination or transaction ID, or steal a PoP and attempt to use the service hoping to get a matching nonce. A reference implementation of PoP is provided on GitHub.
Updated on: 2023-06-09T22:27:52.787766+00:00