Author: rot13maxi 2022-10-18 22:46:13
Published on: 2022-10-18T22:46:13+00:00
In a thread on the bitcoin-dev mailing list, Bryan Bishop raised concern over whether the proposed Signet scheme would solve the problem of copy-pasting public keys. Andrew Poelstra responded that the public key held by the wallet in Signet is simply a signing key used to authenticate addresses and never leaves the wallet. He explained that if the wallet's own memory is compromised, it can be tricked into accepting bad addresses, but this is much harder than compromising data on the clipboard. Poelstra also suggested that the proposal could be run on a hardware wallet which had some out-of-band way to obtain and authenticate public keys, similar to Signal QR codes. Rijndael expressed his agreement with Poelstra's opinion. The proposal aims to import a legitimate/authentic public key, which is a one-time process per recipient, instead of doing it every time you need to transact with them. This could be solved through UI or other metadata.
Updated on: 2023-06-16T00:41:16.323751+00:00