Author: Wladimir 2014-09-12 09:55:01
Published on: 2014-09-12T09:55:01+00:00
A Github discussion post by Andreas Schildbach proposed amending BIP72 with an "h" parameter that contains a hash of the PaymentRequest message fetched via the "r" parameter. The purpose of the hash is to link the trust anchor (e.g., QR code) to the payment request message in a secure way, solving a problem where some apps are comparing address+amount fields as a workaround instead of using advanced BIP70 use cases. Wladimir agreed with this proposal and expressed surprise that some clients were comparing addresses and amounts in the URI with the payment request for security, describing it as a hacky and inflexible approach.
Updated on: 2023-06-09T02:32:21.545369+00:00