Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id C1DD3C000E for ; Mon, 16 Aug 2021 10:34:49 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id AAA874023C for ; Mon, 16 Aug 2021 10:34:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: 1.099 X-Spam-Level: * X-Spam-Status: No, score=1.099 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=protonmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gwx-UMrZBjsK for ; Mon, 16 Aug 2021 10:34:45 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail-4319.protonmail.ch (mail-4319.protonmail.ch [185.70.43.19]) by smtp4.osuosl.org (Postfix) with ESMTPS id 783C64022C for ; Mon, 16 Aug 2021 10:34:45 +0000 (UTC) Date: Mon, 16 Aug 2021 10:34:36 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1629110082; bh=50nxUz33LA9H3gYj3dGY8tO+1dUYralaL41xq+dl3xg=; h=Date:To:From:Reply-To:Subject:In-Reply-To:References:From; b=Y1Pv0spgkhrEYP//+LjdFvTFpXvS+6RYGCx8GxsEpbtEuOK0dnJJcf9shQSGNtq7t iFX1SNh0q8L2kh+L+UeZH66GZcDJVVPCeH/N237vx9pXKy1Iq58kfvkMyOpcH95yTY SiQU4yNRpe27dk+Ve/6fI+YT+A+cUt4mynA1lgyA= To: ts , Bitcoin Protocol Discussion From: ZmnSCPxj Reply-To: ZmnSCPxj Message-ID: In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [bitcoin-dev] Human readable checksum (verification code) to avoid errors on BTC public addresses X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Aug 2021 10:34:49 -0000 Good morning TS, > Entering a BTC address for a transaction can pose a risk of error (human = or technical). While > there is a checksum integrated in BTC addresses already, this is used onl= y at a technical > level and does not avoid entering a valid but otherwise wrong address. Mo= reover, it does not > improve the overall user experience. > > In case this hasn't been discussed before, I propose to implement a 3 or = 4 digit code (lets > call it 4DC for this text), generated as checksum from the address. This = 4DC should be shown > in all wallets next to the receiving address. When entering a new address= to send BTC, the > sending wallet should also show the 4DC next to the entered address. This= way, the sending > person can easily verify that the resulting 4DC matches the one from the = receiving address. > > This would mean that a receiver would not only send his public address to= the sender, but also > the 4DC. A minor disadvantage since a) it is not mandatory and b) it is v= ery easy to do. > However, it would greatly reduce the probability of performing transactio= ns to a wrong address. > > Technically, this is very easy to implement. The only effort needed is ag= reeing on a checksum > standard to generate the code. Once the standard is established, all wall= et and exchange > developers can start implementing this. I think the "only" effort here is going to be the main bulk of the effort, = and it will still take years of agreement (or sipa doing it, because every = review is "either sipa made it, or we have to check *everything* in detail = for several months to make sure it is correct"). In any case --- the last 5 characters of a bech32 string are already a huma= n-readable 5-digit code, with fairly good properties, why is it not usable = for this case? On the other side of the coin, if you say "the existing bech32 checksum is = automatically checked by the software", why is forcing something to be manu= ally checked by a human better than leaving the checking to software? Regards, ZmnSCPxj