Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 1C27A267 for ; Sun, 26 Jul 2015 21:13:51 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qg0-f52.google.com (mail-qg0-f52.google.com [209.85.192.52]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 636ADF7 for ; Sun, 26 Jul 2015 21:13:50 +0000 (UTC) Received: by qgeu79 with SMTP id u79so40409229qge.1 for ; Sun, 26 Jul 2015 14:13:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=klSCYzmswuDW1alpU8bElnB7E4ksCYH3tG/N6RR/sqM=; b=iHa1KTozUQ1pEe9ocWVlj3xiJXWIvNTvuSpi6ZOqzQeAI2hVyIi9WJDh63xbAwm7rh BnYBh7E/44iT5wbN1pAe0DvDxMMyunf7CgotF16qoRp/LawY4K7RZqZvsa8fEH9p1Bd6 RiXJYv8XLMrdbk9G+F8dJuaucTqJbNddq76hJDkWOuA5t5KtTQVNQLAwQOc5s16Jc2H5 VlurH08TSRLY7flyDQ5TrpkojLDURCUe3ZzVX5KgSOnUb+M2u8pPRvaRnMuOhuS5NWWO JwJ5BquWLX74C4NWYFZW4jALIYTIjcSn7ivJhPEcUy/+ygk6scxEsIkjFFcVbAxfin+U PHCw== X-Gm-Message-State: ALoCoQm98+lN8/zXitiACj2pl3ILRD0CA0FvUCrhMO7Jy7WXj00FY6pgo4YRVTL+6PXtaVutfHG5 MIME-Version: 1.0 X-Received: by 10.140.144.9 with SMTP id 9mr32155432qhq.69.1437945229494; Sun, 26 Jul 2015 14:13:49 -0700 (PDT) Received: by 10.96.127.227 with HTTP; Sun, 26 Jul 2015 14:13:49 -0700 (PDT) In-Reply-To: References: Date: Sun, 26 Jul 2015 23:13:49 +0200 Message-ID: From: Kalle Rosenbaum To: =?UTF-8?B?Sm9yZ2UgVGltw7Nu?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev Subject: Re: [bitcoin-dev] [Bitcoin-development] BIP for Proof of Payment X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 21:13:51 -0000 (Resending to the new bitcoin-dev list after sending to the old list) 2015-07-25 21:34 GMT+02:00 Jorge Tim=C3=B3n : > Then why do you assume they have a policy limit that not even bitcoin cor= e > itself maintains (the default limit was moved from 42 to 83 [counting the > op_return and pushes])? > > The policy check is not a consensus rule. Other implementations may have > another default or not have a limit at all. Thank you for pointing this out. That's right. Bitcoin core now support 80 bytes data by default. And yes, I was wrong in assuming 40 bytes policy in all implementations, even if 40 bytes was the limit in bitcoin core at the time of writing the BIP. If there's a need to increase the size of the nonce, for example to 128 bits instead of the 48 bits as designed in BIP 120, then we can of course do that, either now or in a subsequent version of PoP. As noted before though, a longer nonce also means bigger QR codes generated from the BIP 121 URIs. So I think that 48 bits is a good tradeoff right now. And as stated in BIP120, a server generating PoP requests should try to detect brute force attacks, or at least delay the response (containing the nonce) by some 100 ms or so. Do you think we need a bigger nonce? In that case, why? If PoP later becomes an extension of BIP70, then there is no such size constraint on the nonce, since it will be part of some kind of (e.g.) PopRequest message and not contained in a QR encoded URI. /Kalle