Author: Andreas Schildbach 2014-09-15 07:12:03
Published on: 2014-09-15T07:12:03+00:00
The email thread discusses a more efficient approach to adding another field to PaymentRequest that contains an ECC signature calculated using the public key that hashes to the address in the URI. This would involve adding another marker param like &s to the end of the URL. However, there are several downsides to this approach. Firstly, it's more complicated than just hashing and touches more BIPs. Secondly, disclosing the public key you're going to receive coins on may be discouraged. Thirdly, unlike an hash, we cannot easily re-assign a signature to different objects. Fourthly, the idea of re-purposing the BIP21 address raises concerns as someone might send money to it although it isn't meant to receive money anymore. Lastly, a hash can be checked without knowing a secret, but with a signature, this may exclude stateless devices such as proxies or smartwatches. In terms of the URL length discussion, currently, there is address, amount, and r, which works well. In the future, there will be h and r. The goal is to make sure h is not longer than address+amount. It is suggested that the untruncated SHA256 hashes already meet this requirement, but truncating to perhaps 192 bits could save a few characters.
Updated on: 2023-06-09T02:31:41.538200+00:00