From: kiminuo <kiminuo@protonmail•com>
To: "bitcoin-dev@lists•linuxfoundation.org"
<bitcoin-dev@lists•linuxfoundation.org>
Subject: [bitcoin-dev] Parameters in BIP21 URIs
Date: Fri, 08 Sep 2023 14:36:16 +0000 [thread overview]
Message-ID: <aqQNYBhbmUz3LRgMxGzzCiToOGl7Ra_gZAhk5xDnZKwkGv16ly2l3BqjQRD7pjaQ_QQ-3bouXBeNjitvPzfbNlP-NnHMkfampmmqiH1UvN8=@protonmail.com> (raw)
In-Reply-To: <VwPEzimSfSX3TndEvhlkap6TFYa5AUI8njvv29ijuMAZOrkLMeSjGVxRloDWbMNBCZbQ9p0jRfIYiLGTheI4wHBjEK5f4qjFOyPoYN5jGZs=@protonmail.com>
[-- Attachment #1: Type: text/plain, Size: 2821 bytes --]
[Formatted version of this post is here: https://gist.github.com/kiminuo/cc2f19a4c5319e439fc7be8cbe5a39f9]
Hi all,
BIP 21 [https://github.com/bitcoin/bips/blob/master/bip-0021.mediawiki] defines a URI scheme for making Bitcoin payments and the purpose of the URI scheme is to enable users to easily make payments by simply clicking links on webpages or scanning QR Codes. An example of a BIP21 URI is:
bitcoin:bc1qd4fxq8y8c7qh76gfnvl7amuhag3z27uw0w9f8p?amount=0.004&label=Kiminuo&message=Donation
Now to make it easier, these URIs are typically clickable. Bitcoin wallets register the "bitcoin" URI scheme so that a BIP21 URI is parsed and data are pre-filled in a form to send your bitcoin to a recipient. Notably, wallets do not send your bitcoin once you click a BIP21 URI, there is still a confirmation step that requires user's attention. Very similar experience is with a QR code that encodes a BIP21 URI where one just scans a QR code and data is, again, pre-filled in a wallet's UI for your convenience.
While working on Wasabi's BIP21 implementation I noticed that based on the BIP21 grammar [https://github.com/bitcoin/bips/blob/master/bip-0021.mediawiki#abnf-grammar], it is actually allowed to specify URI parameters multiple times. This means that the following URI is actually valid:
bitcoin:bc1qd4fxq8y8c7qh76gfnvl7amuhag3z27uw0w9f8p?amount=0.004&label=Kiminuo&message=Donation&amount=1.004 (note that the 'amount' parameter is specified twice)
Bitcoin Core implements "the last value wins" behavior[^3] so amount=1.004 will be taken into account and not "amount=0.004"[^4]. However, in general, the fact that the same parameter can be specified multiple times can lead to a confusion for users and developers[^1][^2]. In the worst case, it might be exploited by some social engineering attempts by attempting to craft a 'clever' BIP21 URI and exploting behavior of a particular wallet software. For the record, I'm not aware that it actually happens, so this is rather a concern.
The main question of this post is: Is it useful to allow specifying BIP21 parameters multiple times or is it rather harmful?
Regards,
K.
[^1]: https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/1510
[^2]: https://github.com/MetacoSA/NBitcoin/blob/93ef4532b9f2ea52b2c910266eeb6684f3bd25de/NBitcoin/Payment/BitcoinUrlBuilder.cs#L74-L78
[^3]: I added a test to that effect in https://github.com/bitcoin/bitcoin/pull/27928/files, see https://github.com/bitcoin/bitcoin/blob/83719146047947e588aa0c7b5eee02f44884553d/src/qt/test/uritests.cpp#L68-L73.[^4]: You can test your wallet's behavior by scanning the last image here https://github.com/zkSNACKs/WalletWasabi/pull/10578#issue-1687564404 (or directly https://user-images.githubusercontent.com/58662979/265389405-16893ce8-7c19-4262-bb60-5fd711336685.png).
[-- Attachment #2: Type: text/html, Size: 4782 bytes --]
next parent reply other threads:[~2023-09-08 14:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <VwPEzimSfSX3TndEvhlkap6TFYa5AUI8njvv29ijuMAZOrkLMeSjGVxRloDWbMNBCZbQ9p0jRfIYiLGTheI4wHBjEK5f4qjFOyPoYN5jGZs=@protonmail.com>
2023-09-08 14:36 ` kiminuo [this message]
2023-09-08 15:07 ` Lucas Ontivero
2023-09-19 9:58 ` Vincenzo Palazzo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='aqQNYBhbmUz3LRgMxGzzCiToOGl7Ra_gZAhk5xDnZKwkGv16ly2l3BqjQRD7pjaQ_QQ-3bouXBeNjitvPzfbNlP-NnHMkfampmmqiH1UvN8=@protonmail.com' \
--to=kiminuo@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox