1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
Return-Path: <d@ngould.dev>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 007A3C0032
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 13 Aug 2023 12:50:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp2.osuosl.org (Postfix) with ESMTP id C834340558
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 13 Aug 2023 12:50:39 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org C834340558
Authentication-Results: smtp2.osuosl.org;
dkim=pass (1024-bit key) header.d=ngould.dev header.i=@ngould.dev
header.a=rsa-sha256 header.s=protonmail header.b=ck/+kjmh
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id OXp2n1iLWUPp
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 13 Aug 2023 12:50:39 +0000 (UTC)
Received: from mail-4022.proton.ch (mail-4022.proton.ch [185.70.40.22])
by smtp2.osuosl.org (Postfix) with ESMTPS id ECB8940124
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 13 Aug 2023 12:50:38 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org ECB8940124
Date: Sun, 13 Aug 2023 12:50:32 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ngould.dev;
s=protonmail; t=1691931035; x=1692190235;
bh=54WAhKcOXv6qUnhS1v1FdStVdXM/qtkuIJTvv3iIUP4=;
h=Date:To:From:Subject:Message-ID:In-Reply-To:References:
Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
Message-ID:BIMI-Selector;
b=ck/+kjmhQcXzSPuT1l8/GwsBO+kOXCKttiqSUJEDoCbNTRTZG0UBw/HlgAU7WNwLg
I9TqB2WrlImyxXfXg7nvmk4HuKrlNs7DyA/aLRafWVO8FQylTHZoUgzZo2quPF6WFL
FELw3tq9VwvDK7o0V5/3NcOfghy5fS02NIVUIr0Y=
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
dave@dtrt.org
From: Dan Gould <d@ngould.dev>
Message-ID: <92588478-9239-4D85-89E5-B6EDE3068FCF@ngould.dev>
In-Reply-To: <mailman.5.1691928003.16386.bitcoin-dev@lists.linuxfoundation.org>
References: <mailman.5.1691928003.16386.bitcoin-dev@lists.linuxfoundation.org>
Feedback-ID: 13175031:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Sun, 13 Aug 2023 12:53:31 +0000
Subject: Re: [bitcoin-dev] BIP for Serverless Payjoin
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Aug 2023 12:50:40 -0000
Thanks for weighing in Dave,
> On Aug 13, 2023, at 8:00 AM, bitcoin-dev-request@lists.linuxfoundation.or=
g wrote:
>=20
>=20
> The way BItcoin users currently use BIP21 URIs and QR-encoded BIP21 URIs,=
posting them where evesdroppers can see
>=20
> =E2=80=A6
>=20
> I don't think it would be practical to change that expectation, and I thi=
nk a protocol where evesdropping didn't create a risk of funds loss would b=
e much better than one where that risk was created.
>=20
> dave@dtrt.org
The BIP has changed to adopt a DH cryptosystem where the receiver only shar=
es a public key in the BIP 21 as part of the pj=3D endpoint since Adam post=
ed comments. I agree enabling the simplest asynchronous experience while, a=
s I gather you=E2=80=99re thinking, keeping the UX expectation that leaked =
BIP 21 URIs pose no risk for loss of funds is the right set of tradeoffs.
Dan
|