Author: Allen Piscitello 2013-11-03 00:29:28
Published on: 2013-11-03T00:29:28+00:00
The concern of signing a refund transaction before the original transaction is broadcast is raised in an email thread between Mark Friedenbach and Johnathan Corgan. Initially, a hash was used to sign the transaction but there was no way to ensure that what was being signed wasn't a transaction spending the user's coins. To mitigate this issue, the code was changed to require sending the full transaction instead of just the hash. Another way to address this issue is by not having any unspent outputs from the key. In terms of authentication, a user-generated and server-generated portion could be implemented so that the user signs something that includes data from them, ensuring plausible deniability if the server-data was a hash of $EVIL_DOCUMENT. The email thread also includes a PGP signature and a link to a white paper about secure code signing practices for Android apps.
Updated on: 2023-06-07T18:54:53.327371+00:00