Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 007A3C0032 for ; Sun, 13 Aug 2023 12:50:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id C834340558 for ; Sun, 13 Aug 2023 12:50:39 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org C834340558 Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key) header.d=ngould.dev header.i=@ngould.dev header.a=rsa-sha256 header.s=protonmail header.b=ck/+kjmh X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.102 X-Spam-Level: X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OXp2n1iLWUPp for ; Sun, 13 Aug 2023 12:50:39 +0000 (UTC) Received: from mail-4022.proton.ch (mail-4022.proton.ch [185.70.40.22]) by smtp2.osuosl.org (Postfix) with ESMTPS id ECB8940124 for ; Sun, 13 Aug 2023 12:50:38 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org ECB8940124 Date: Sun, 13 Aug 2023 12:50:32 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ngould.dev; s=protonmail; t=1691931035; x=1692190235; bh=54WAhKcOXv6qUnhS1v1FdStVdXM/qtkuIJTvv3iIUP4=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=ck/+kjmhQcXzSPuT1l8/GwsBO+kOXCKttiqSUJEDoCbNTRTZG0UBw/HlgAU7WNwLg I9TqB2WrlImyxXfXg7nvmk4HuKrlNs7DyA/aLRafWVO8FQylTHZoUgzZo2quPF6WFL FELw3tq9VwvDK7o0V5/3NcOfghy5fS02NIVUIr0Y= To: Bitcoin Protocol Discussion , dave@dtrt.org From: Dan Gould Message-ID: <92588478-9239-4D85-89E5-B6EDE3068FCF@ngould.dev> In-Reply-To: References: Feedback-ID: 13175031:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Sun, 13 Aug 2023 12:53:31 +0000 Subject: Re: [bitcoin-dev] BIP for Serverless Payjoin X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Aug 2023 12:50:40 -0000 Thanks for weighing in Dave, > On Aug 13, 2023, at 8:00 AM, bitcoin-dev-request@lists.linuxfoundation.or= g wrote: >=20 >=20 > The way BItcoin users currently use BIP21 URIs and QR-encoded BIP21 URIs,= posting them where evesdroppers can see >=20 > =E2=80=A6 >=20 > I don't think it would be practical to change that expectation, and I thi= nk a protocol where evesdropping didn't create a risk of funds loss would b= e much better than one where that risk was created. >=20 > dave@dtrt.org The BIP has changed to adopt a DH cryptosystem where the receiver only shar= es a public key in the BIP 21 as part of the pj=3D endpoint since Adam post= ed comments. I agree enabling the simplest asynchronous experience while, a= s I gather you=E2=80=99re thinking, keeping the UX expectation that leaked = BIP 21 URIs pose no risk for loss of funds is the right set of tradeoffs. Dan