Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XSOhg-0004Wx-OF for bitcoin-development@lists.sourceforge.net; Fri, 12 Sep 2014 11:07:48 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.3 as permitted sender) client-ip=80.91.229.3; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=plane.gmane.org; Received: from plane.gmane.org ([80.91.229.3]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1XSOhf-0002US-Gt for bitcoin-development@lists.sourceforge.net; Fri, 12 Sep 2014 11:07:48 +0000 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1XSOhY-00053B-4Q for bitcoin-development@lists.sourceforge.net; Fri, 12 Sep 2014 13:07:40 +0200 Received: from f053001030.adsl.alicedsl.de ([78.53.1.30]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 12 Sep 2014 13:07:40 +0200 Received: from andreas by f053001030.adsl.alicedsl.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 12 Sep 2014 13:07:40 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Andreas Schildbach Date: Fri, 12 Sep 2014 13:07:27 +0200 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: f053001030.adsl.alicedsl.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1 In-Reply-To: X-Spam-Score: -2.6 (--) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.1 DKIM_ADSP_ALL No valid author signature, domain signs all mail -0.0 SPF_PASS SPF: sender matches SPF record -2.2 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1XSOhf-0002US-Gt Subject: Re: [Bitcoin-development] BIP72 amendment proposal X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2014 11:07:48 -0000 On 09/12/2014 12:11 PM, Mark van Cuijk wrote: > On 12 Sep 2014, at 11:55 , bitcoin-development-request@lists.sourceforge.net wrote: > >> The hash is meant to link the trust anchor (e.g. the QR code) to the >> payment request message in a secure way. This will solve the problem >> several apps are comparing address+amount fields as a workaround >> instead, preventing some advanced BIP70 usecases. When these apps read a >> matching hash, they need not compare any of the other fields. > > Sounds like a good plan. > > Do you have a list (possibly incomplete) of apps that perform this kind of checking? We’re currently working with some parties in a supply chain to allow a consumer payment on a retail website to automatically pay supply chain parties, the way BIP70 allows with multiple outputs on a transaction. This behaviour would prohibit this use case. Hard to say, but here is my last assertion: - Bitcoin Wallet - Hive Bitcoin Wallet (checked by source) - countless (> 300) forks/clones of Bitcoin Wallet Since you're planning an advanced BIP70 usecase, you'll also have to deal with the many wallets that don't support BIP70 at all.