Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1V7BPb-0002az-2z for bitcoin-development@lists.sourceforge.net; Wed, 07 Aug 2013 21:36:55 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.223.182 as permitted sender) client-ip=209.85.223.182; envelope-from=pieter.wuille@gmail.com; helo=mail-ie0-f182.google.com; Received: from mail-ie0-f182.google.com ([209.85.223.182]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1V7BPa-0005LD-DZ for bitcoin-development@lists.sourceforge.net; Wed, 07 Aug 2013 21:36:55 +0000 Received: by mail-ie0-f182.google.com with SMTP id tp5so469361ieb.41 for ; Wed, 07 Aug 2013 14:36:49 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.42.66.200 with SMTP id q8mr698369ici.25.1375911409103; Wed, 07 Aug 2013 14:36:49 -0700 (PDT) Received: by 10.50.73.74 with HTTP; Wed, 7 Aug 2013 14:36:48 -0700 (PDT) In-Reply-To: References: Date: Wed, 7 Aug 2013 23:36:48 +0200 Message-ID: From: Pieter Wuille To: Mike Hearn Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (pieter.wuille[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1V7BPa-0005LD-DZ Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Payment Protocol: BIP 70, 71, 72 X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Aug 2013 21:36:55 -0000 On Wed, Aug 7, 2013 at 11:17 PM, Mike Hearn wrote: > >> I'd like to hear from other wallet implementors. Do you have a notion >> of 'locked inputs' ? The tricky bit in constructing a transaction but >> not broadcasting it right away is the inputs must be locked, so >> they're not accidentally double-spent. > >> bitcoinj separates the concept of committing a tx to the wallet from > broadcasting it. However by default transactions that weren't seen in the > chain yet will be announced when a new peer is connected to. It'd take extra > code to suppress that, and it's unclear to me why that's useful. I agree > with Pieter that it should be the merchants responsibility to get the tx out > there, but having the client do the broadcast as well can't really hurt > (except perhaps some privacy impact). My concerns here are: * Making sure wallet applications can function without supporting the P2P protocol (which drops a huge implementation overhead for simple - perhaps hardware-based - wallets). * Making sure the responsibility of confirming transactions is with the receiver (while the responsibility of creating a confirmable transaction is with the sender), which again simplifies wallet implementation. * Making receiving of metadata reliable, by minimizing cases where a transaction is accidentally broadcast without the receiver being told about it. This is perhaps not possible entirely, but it should be possible to reduce it to a point where the remaining cases can be dealt with manually. This also means indeed being able to give a bitcoin URI (or why not just a URL to a payment descriptor?) that does not contain a static Bitcoin address. I understand the compatibility concern here, but IMHO we should do all effort to get rid of static addresses were possible - the public key should be negotiated be sender and receiver. I worry about the scenario where some evil hotspot owner observes a payment request, and later sees a bitcoin P2P transaction crediting that key, but without payment being sent to the payment_uri (because he blocked it), thus allowing him to construct a payment message himself with the request + transaction, and adding his own refund address or delivery location, or ... To fix problems related to this completely, we'd need transactions that commit to the payment message, instead of the other way around. I believe the pay-to-contract scheme presented by Timo Hanke at the San Jose conference solved this. -- Pieter