Dan Gould [ARCHIVE] on Nostr: π Original date posted:2023-08-13 ποΈ Summary of this message: The BIP has ...
π
Original date posted:2023-08-13
ποΈ Summary of this message: The BIP has been updated to use a DH cryptosystem, ensuring that leaked BIP 21 URIs do not pose a risk of funds loss.
π Original message:
Thanks for weighing in Dave,
> On Aug 13, 2023, at 8:00 AM, bitcoin-dev-request at lists.linuxfoundation.org wrote:
>
>
> The way BItcoin users currently use BIP21 URIs and QR-encoded BIP21 URIs, posting them where evesdroppers can see
>
> β¦
>
> I don't think it would be practical to change that expectation, and I think a protocol where evesdropping didn't create a risk of funds loss would be much better than one where that risk was created.
>
> dave at dtrt.org
The BIP has changed to adopt a DH cryptosystem where the receiver only shares a public key in the BIP 21 as part of the pj= endpoint since Adam posted comments. I agree enabling the simplest asynchronous experience while, as I gather youβre thinking, keeping the UX expectation that leaked BIP 21 URIs pose no risk for loss of funds is the right set of tradeoffs.
Dan
ποΈ Summary of this message: The BIP has been updated to use a DH cryptosystem, ensuring that leaked BIP 21 URIs do not pose a risk of funds loss.
π Original message:
Thanks for weighing in Dave,
> On Aug 13, 2023, at 8:00 AM, bitcoin-dev-request at lists.linuxfoundation.org wrote:
>
>
> The way BItcoin users currently use BIP21 URIs and QR-encoded BIP21 URIs, posting them where evesdroppers can see
>
> β¦
>
> I don't think it would be practical to change that expectation, and I think a protocol where evesdropping didn't create a risk of funds loss would be much better than one where that risk was created.
>
> dave at dtrt.org
The BIP has changed to adopt a DH cryptosystem where the receiver only shares a public key in the BIP 21 as part of the pj= endpoint since Adam posted comments. I agree enabling the simplest asynchronous experience while, as I gather youβre thinking, keeping the UX expectation that leaked BIP 21 URIs pose no risk for loss of funds is the right set of tradeoffs.
Dan