Woo, huzzah :-)

Now the BIP draft is available and we know it all hangs together, I'm hoping to (re)start implementation work in bitcoinj in the next month or two. I'm currently trying to figure out which is more important, deterministic wallets or payment protocol, but I think right now the payment protocol would be easier to do and would benefit more from a second implementation. HD wallets have already been shown interoperable.

Comments on BIP 70:

   "PaymentRequest messages larger than 50,000 bytes should be rejected by the merchant's server, to mitigate denial-of-service attacks."

Do you mean "users wallet" here?

You could note in the motivation section two more motivations:

1) That the protocol can be a foundation on which other features are built
2) That it is required to assist hardware wallets when there is a virus on the system

Perhaps note in the BIP that the merchant should not assume the merchant_data field is trustworthy - malicious buyers could rewrite it as they see fit. Point out that a good way to use this is to serialize server state, signed by a merchant-only key, in the same way one might use an HTTP cookie.

   "PaymentDetails.payment_url must be secure against man-in-the-middle attacks that might alter Payment.refund_to (if using HTTP, it must be TLS-protected).

This says "must", but what should a client do here if the payment URL is not HTTPS? I suggest weakening this to "should", as sometimes TLS is redundant (e.g. if you're sending to a Tor hidden service).

The PaymentACK message contains a copy of Payment, but the BIP doesn't say what to do with it. I assume this means a client is free to ignore it and rely on TCP state to figure out the payment/ack connection instead? It may be worth noting that explicitly.

In the certificates section, you could observe that "validation" means "verification that it correctly chains to a trusted root authority, where trusted roots may be obtained from the operating system. If there is no operating system, the Mozilla root store is recommended".

All the rest LGTM.

[edit]



On Wed, Jul 31, 2013 at 8:28 AM, Gavin Andresen <gavinandresen@gmail.com> wrote:
I've turned the preliminary payment protocol spec into three BIPs:

https://en.bitcoin.it/wiki/BIP_0070 : Network protocol / messages
https://en.bitcoin.it/wiki/BIP_0071 : MIME types for the messages
https://en.bitcoin.it/wiki/BIP_0072 : bitcoin: URI extension

I expect the wallet-side implementation to be pulled into Bitcoin-Qt Real Soon:
  https://github.com/bitcoin/bitcoin/pull/2539

There is also a reference implementation of server-side code for generating payment requests in php and C++ :
  https://github.com/gavinandresen/paymentrequest

-- 
--
Gavin Andresen


------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development