Mike Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2014-03-28 📝 Original message:On Fri, Mar 28, 2014 at ...
📅 Original date posted:2014-03-28
📝 Original message:On Fri, Mar 28, 2014 at 12:25 PM, Andreas Schildbach
<andreas at schildbach.de>wrote:
> However, I don't see how PaymentDetails can be an answer. None of the
> fields (other than outputs and network) can be known in advance (at the
> time of the initial payment).
>
You don't need all the fields indeed, but they're mostly optional (except
time). So for the refund you'd fill out:
outputs (same as today)
time
expiry_time
You're probably aiming for an expires field? How would you refund a
> payment after expiry?
>
It'd have to be ad-hoc at that point. OK, you don't get the nice UI that
the refund field provides. Oh well. It should be rare to get refunds very
very late after the purchase.
> Btw. another problem is that the refund address is currently unprotected.
>
Yes indeed as is the rest of the Payment structure. We talked about signing
it with one of the keys that's signing the Bitcoin transaction as well. But
it seems like a bit overkill. Usually it'll be submitted over HTTPS or a
(secured!) Bluetooth channel though so tampering with it should not be
possible.
However this does raise the question of whether a refund should be a full
blown PaymentRequest with optional PKI signing. Normally, I think, a seller
does not know or care about the identity of a buyer for refunds, outside of
their own tracking system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140328/e3ec4be5/attachment.html>;
📝 Original message:On Fri, Mar 28, 2014 at 12:25 PM, Andreas Schildbach
<andreas at schildbach.de>wrote:
> However, I don't see how PaymentDetails can be an answer. None of the
> fields (other than outputs and network) can be known in advance (at the
> time of the initial payment).
>
You don't need all the fields indeed, but they're mostly optional (except
time). So for the refund you'd fill out:
outputs (same as today)
time
expiry_time
You're probably aiming for an expires field? How would you refund a
> payment after expiry?
>
It'd have to be ad-hoc at that point. OK, you don't get the nice UI that
the refund field provides. Oh well. It should be rare to get refunds very
very late after the purchase.
> Btw. another problem is that the refund address is currently unprotected.
>
Yes indeed as is the rest of the Payment structure. We talked about signing
it with one of the keys that's signing the Bitcoin transaction as well. But
it seems like a bit overkill. Usually it'll be submitted over HTTPS or a
(secured!) Bluetooth channel though so tampering with it should not be
possible.
However this does raise the question of whether a refund should be a full
blown PaymentRequest with optional PKI signing. Normally, I think, a seller
does not know or care about the identity of a buyer for refunds, outside of
their own tracking system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140328/e3ec4be5/attachment.html>;