Author: Aymeric Vitte 2017-09-29 17:40:00
Published on: 2017-09-29T17:40:00+00:00
The current https principles are considered outdated and obsolete, particularly the concept of certificates tied to a domain. This is because there are no domains in Bitcoin, as well as other systems such as webrtc, Tor, bittorrent, and p2p systems. The author suggests that it should evolve into something like certificates tied to an entityID managed by a blockchain system, rather than the current domain or CA. The author believes that specifying things for Bitcoin like the web is not a good idea, as browsers can do far better than standard/usual web. Furthermore, HTTPS is secured under the assumption that certificates are secure. The BIP-70 payment protocol used via BIP-72 URI's is insecure, as payment qr codes don't cryptographically commit to the identity of the merchant. This means a MITM attacker can redirect the payment if they can obtain an SSL cert that the wallet accepts. However, using the payment protocol simply means paying to a secure endpoint instead of an address. Currently, it is widely used by merchants but not yet for light clients receiving money. If it becomes more widespread, it offers a range of advantages, including no more address reuse being possible. Moreover, it drops the need for mempool synchronization among non-miners, solely as a "notification" mechanism. In addition, it means light clients know exactly when a transaction is coming in, so they can efficiently rely on client-side filtering a small set of blocks, improving their privacy. In the author's opinion, the payment protocol is key to scaling. As-is BIP-72 is very dangerous and should be depreciated, with a new BIP made to replace it. Finally, the author provides some links to Github pages and websites related to Zcash wallets, Bitcoin wallets, and dynamic blocklists.
Updated on: 2023-06-12T19:20:31.032148+00:00