From: Gregory Maxwell <greg@xiph•org>
To: Peter Todd <pete@petertodd•org>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Address expiration times should be added to BIP-173
Date: Fri, 29 Sep 2017 02:06:54 +0000 [thread overview]
Message-ID: <CAAS2fgSZnaUvxC1ErfyKADvEocF1pAk=9VU55hQWwNbNyAho4w@mail.gmail.com> (raw)
In-Reply-To: <20170929015048.GC11956@savin.petertodd.org>
On Fri, Sep 29, 2017 at 1:50 AM, Peter Todd <pete@petertodd•org> wrote:
> What do you mean by "an embedded amount"?
I ask you to pay 1 Bitcoin to bc1blahblah.
...you make a typo, or a poorly placed cosmic ray switches it in your
ram to bc1blohblahbah. No problem, it'll get rejected. (even if the
cosmic ray happens just before signing... if the software is robust
it'll reencode from the signed transaction and check against the
original input.
But if instead the typo converts it to 2 Bitcoins or the cosmic ray
converts it to 2.34217728... the payment will happily go through,
assuming your wallet had enough, and you're stuck asking me to refund
you the excess.
Sure, you can put amounts in URIs and whatnot, but they're not error
protected... so there will always be unprotected poritons where a
glitch can radically change the amount.
In many cases you know exactly what amount you're asking for when you
generate an address. There isn't any reason the amount couldn't be
covered by the addresses checksum in those cases.
There are a couple ways of doing that... e.g. adding it explicitly,
where the checksum includes it but not the address itself; so it
errors out if you get it wrong. But this is unfortunate because it
can't tell you the expected amount when its wrong. Another way would
be to embed the amount in the address, and then the software can tell
you the amount the address was expecting and not let you proceed until
they match.
next prev parent reply other threads:[~2017-09-29 2:06 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-27 16:06 Peter Todd
2017-09-27 18:15 ` CryptAxe
2017-09-27 19:03 ` Mark Friedenbach
2017-09-27 21:20 ` Peter Todd
2017-09-27 19:35 ` Chris Priest
2017-09-27 20:11 ` CryptAxe
2017-09-27 20:23 ` Nick Pudar
2017-09-27 20:19 ` CryptAxe
2017-09-27 21:09 ` Mark Friedenbach
2017-09-27 21:15 ` Peter Todd
2017-09-28 0:22 ` Gregory Maxwell
2017-09-27 21:33 ` Peter Todd
2017-09-28 0:58 ` Gregory Maxwell
2017-09-29 1:50 ` Peter Todd
2017-09-29 2:06 ` Gregory Maxwell [this message]
2017-09-28 10:09 ` Andreas Schildbach
2017-09-28 12:43 ` Sjors Provoost
2017-09-28 14:13 ` Andreas Schildbach
2017-09-28 14:41 ` Sjors Provoost
2017-09-28 15:06 ` Andreas Schildbach
2017-09-28 15:45 ` Sjors Provoost
2017-09-28 16:59 ` Luke Dashjr
2017-09-29 2:18 ` Peter Todd
2017-09-29 7:18 ` Sjors Provoost
2017-09-29 2:55 ` [bitcoin-dev] Why the BIP-72 Payment Protocol URI Standard is Insecure Against MITM Attacks Peter Todd
2017-09-29 4:21 ` Omar Shibli
2017-09-29 13:14 ` Tomas
2017-09-29 17:40 ` Aymeric Vitte
2017-09-30 15:33 ` Andreas Schildbach
2017-09-29 1:45 ` [bitcoin-dev] Address expiration times should be added to BIP-173 Peter Todd
2017-09-29 8:44 ` Andreas Schildbach
2017-09-29 9:55 ` Peter Todd
2017-09-29 12:45 ` Andreas Schildbach
2017-09-29 13:52 ` Peter Todd
2017-09-29 17:25 ` Gregory Maxwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAS2fgSZnaUvxC1ErfyKADvEocF1pAk=9VU55hQWwNbNyAho4w@mail.gmail.com' \
--to=greg@xiph$(echo .)org \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=pete@petertodd$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox