Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 0AFA5491 for ; Mon, 1 Jan 2018 18:50:07 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wr0-f175.google.com (mail-wr0-f175.google.com [209.85.128.175]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 87E49581 for ; Mon, 1 Jan 2018 18:50:06 +0000 (UTC) Received: by mail-wr0-f175.google.com with SMTP id y9so4759619wrb.5 for ; Mon, 01 Jan 2018 10:50:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=kV1gK0oGDikBqbGGAzDiOqInSxOxz5MN8N3jIgudp2c=; b=GIzMhg4IOWFYTX2Re2D1sJHglgsbTs1bsgi4NgNJPBr5ISt8FJ3237gafPsKjPqp15 pCtUBCmKcmeKWUOLEogF1A/Fpn2+sEo0y2G4eAXPH58nDEmAln6iUHa1RdsJlDBSJDa8 7xX2Yr+RHfv9MDYbgLlTwxyvLOchslYxXpsyGC0h6NQqVSPSgaKW3B4kRAo9MRbg94l8 DwLBTEbLyA66h5v5ZUXSr0sM/vMCB0BqcK/gxmjBFeCYCRHwT7Nji+lkTGAyTwPZcEhr TEYLMvndWFCy6eDuN+eUIOQ3VDSoISY4dUduBBe3nRzylUKJpdBiMYa5bHJ6vq+HO6fY Pgzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=kV1gK0oGDikBqbGGAzDiOqInSxOxz5MN8N3jIgudp2c=; b=D5kORHD7vL4V2FEcBESNeK7mfGviE6GpVkqB4wCkU0cKFA52UUz/WwCBVfZmx1Dfyh FlsauC7Z+H3SD5c+aB2LKYOyEWc9v2NeHZMKGn0oMuiGUHwWnGSkiDgRq/50d2tSolAw PJ9KXAFN6xE34NISIx3+nGJ/J5eirL8TFPg9QRgQrDIO2ECdYpbc9Rf1uwMLECwvCAjR PS+pJHbA5o6pLtxP2DlPrA6Pm+vOjXmxfErKXuK1c5GrtEJgebGJG54U1DX/wrM4+maq ds/fAmqTqdD3iyFk+b5KJbWV8WYBkHFb9MXfqGMPZJzMBTG/DhsAw5UECWRLGoRW8fiR R7ig== X-Gm-Message-State: AKGB3mI++69WZQYyv2ZRXbDKWRf3LG3lvu/mi+rUBTet1qhLFU1OuT6T Lhrr/0Bwp9p7QTf8rdXhwYudMm4dCgwF8UU2lVbdjhJ2 X-Google-Smtp-Source: ACJfBouz/RSnUaBbht8e79c4GrkUJwClxgPaojhGgi7SJBhKJQnqC46/Ko/gzXKeSSVzALwHvwBAC+L628oUESminxM= X-Received: by 10.223.139.135 with SMTP id o7mr29398481wra.263.1514832604565; Mon, 01 Jan 2018 10:50:04 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.69.199 with HTTP; Mon, 1 Jan 2018 10:50:04 -0800 (PST) From: James Hilliard Date: Mon, 1 Jan 2018 12:50:04 -0600 Message-ID: To: Bitcoin Dev Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [bitcoin-dev] Decoupling BIP70 Payment Protocol from Wallets X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jan 2018 18:50:07 -0000 Recently a large merchant payment processor has decided to drop support for BIP21 payment URI's in favor of accepting exclusively BIP70 payments which has brought to light a number of problems with BIP70: 1. Many wallets do not support BIP70 and have no near term intention of doing so. 2. BIP70 requires large complex PKI dependencies such as X.509 and TLS support(usually via openssl) which have a large attack surface and poor track record when it comes to vulnerabilities. 3. Signing transactions with keys resident in the same application as that which handles TLS greatly increases the possibility of keys being leaked due to vulnerabilities in TLS libraries such as openssl(heartbleed etc). 4. Sending payments first to a BIP70 compatible wallet before sending to the merchant increases fees and uses more block space than sending directly since it is often not feasible for users to fully migrate funds to a BIP70 compatible wallet. 5. Paying a BIP70 invoice with an incompatible wallet currently requires manual non-user-friendly workarounds such as https://github.com/achow101/payment-proto-interface I propose that we move the BIP70 protocol implementation into a browser extension that can communicate with wallets over a simple IPC mechanism such as https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Native_messaging in addition to acting as a translation layer that can convert BIP70 URL's into standard BIP21 URI's for wallets that do not wish to support BIP70 or other custom schemes. This will provide a number of advantages over the current method of implementing BIP70 directly within wallets: 1. It removes complex/risky dependencies from wallets and moves them into the browser which already has to implement full PKI support. 2. It re-enables payment support for wallets that only support BIP21/normal addresses. 3. It makes offline/custom signing schemes easier to use with BIP70.