Published on: 2015-02-06T19:06:07+00:00
The Bitcoin community is seeking a person-to-person payment protocol for Bluetooth Low Energy (BLE) that is resistant to spoofing and vandalism. The author proposes using EC signing of nonces to develop a rock-solid P2P protocol. They suggest modifying the "commit protocol" based on RedPhone, using a 6-digit decimal confirmation code for easier display on vending machines and small screens.The verification of bitcoin payments on the breadwallet app for Apple devices is faster than on Android, possibly due to a more optimized signature verification algorithm. The slower verification process on Android may be because it is being verified in Java instead of C++, but this can potentially be fixed. X.509 cert chains are mentioned as bloated, but even with their size, the transfer time should not take several seconds over Bluetooth.Bluetooth Low Energy (BLE) is designed for always-on broadcast "beacons" with low power requirements. It is commonly used to trigger other mechanisms like classical Bluetooth or HTTPS connections. BLE can be used in Bitcoin payments to download payment requests and upload payment messages, while actual data transfer occurs over Bluetooth, Wifi, or the internet. The challenge lies in how the wallet can download the right payment request, which is a tough UI problem to solve.In an email exchange, Andreas Schildbach and Eric Voskuil discuss the advantages of Bluetooth Low Energy (BLE) over Bluetooth. BLE uses less power and has lower bandwidth but greater range and lower connection latency, making it suitable for payment purposes. However, the transfer of larger files may reduce the benefits of BLE. The size of signed payment requests can be significant, so speed is important.Andy Schroder raises concerns about discussing certain issues on the mailing list and suggests finding a more appropriate place for discussion.The proposed Bluetooth payment protocol implementation could be more secure with a lower range. BLE offers lower power usage and lower bandwidth, making it suitable for payment purposes. However, the connection may be slow when including the whole certificate chain. The author suggests improvements to the Bluetooth communication scheme and the general payment protocol.Andy Schroder introduces two proposed BIPs for implementing the payment protocol using Bluetooth connections. These proposals are modeled after Andreas Schildbach's Android Bitcoin Wallet's Bluetooth capability, which uses BLE technology. The author highlights the need for further discussion on various aspects of Bluetooth implementation. They also mention known issues that can be improved, such as inconsistency in connection header messages, unauthenticated Bluetooth connection, and lack of acknowledgement failure message in the payment protocol.The discussion explores whether BIPs should document how things should work or how they actually work. The need for informational BIPs and an efficient process for them is emphasized.SSL encryption on Bluetooth connections is suggested but considered complicated. Alternative PKIs and the issue of HTTP base failure signal are discussed. Merge avoidance and the trustworthiness of HTTPS are mentioned. The possibility of providing a full-fledged WiFi connection for customers is explored, requiring a sophisticated proxy server to allow access only to Bitcoin nodes. The dedicated blockchain radio is also discussed.In an email exchange between Mike Hearn and Andy Schroder, the issues with the existing Bluetooth payment protocol are discussed. They highlight the use of an unauthenticated Bluetooth connection and the lack of acknowledgement failure message. The conversation also touches on data storage in QR codes and the limit of offline transactions. The need for a lightweight library for ECDH key agreement and AES+HMAC encryption is mentioned. The discussion further explores the need for dedicated blockchain access and the challenges of providing a full-fledged WiFi connection.The author of this email discusses the implementation of the payment protocol using Bluetooth connections and introduces two proposed BIPs. The use of Bluetooth is important because it allows for payments to be made in areas with limited or no internet access. The proposed BIPs are based on Andreas Schildbach's Android Bitcoin Wallet's Bluetooth capability and include an additional parameter in the bitcoin: URI scheme for including a hash of the payment request.The author seeks feedback from wallet developers and others on these proposals, as widespread Bluetooth support among wallets is crucial. They provide links to copies of the proposed BIPs and a video demonstration showcasing the features using Schildbach's wallet and a fuel pump.There are known issues with the Bluetooth communication scheme and general payment protocol that the author and Andreas would like feedback on. These issues include inconsistencies in connection header messages, unauthenticated Bluetooth connections that are vulnerable to man-in-the-middle attacks, lack of acknowledgement failure message in the payment protocol, and the increasing size of QR codes when using a backwards compatible URL.Possible alternatives to the proposed solution are suggested, such as reversing the order of parameter numbers in the payment_url or creating a new payment_url_multi field for future use. The author concludes by inviting comments and suggestions from readers.
Updated on: 2023-08-01T10:27:34.037467+00:00