Why Nostr? What is Njump?
2023-09-11 21:42:42

Lucas Ontivero [ARCHIVE] on Nostr: ๐Ÿ“… Original date posted:2023-09-08 ๐Ÿ—’๏ธ Summary of this message: The post ...

๐Ÿ“… Original date posted:2023-09-08
๐Ÿ—’๏ธ Summary of this message: The post discusses the BIP21 URI scheme for Bitcoin payments and the potential confusion and exploitation that can arise from allowing multiple parameter specifications.
๐Ÿ“ Original message:
Kiminuo, this was discussed here: https://github.com/bitcoin/bips/pull/49


On Fri, Sep 8, 2023 at 2:39โ€ฏPM kiminuo via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:

> [Formatted version of this post is here:
> https://gist.github.com/kiminuo/cc2f19a4c5319e439fc7be8cbe5a39f9]
>
> Hi all,
>
> BIP 21 [https://github.com/bitcoin/bips/blob/master/bip-0021.mediawiki]
> defines a URI scheme for making Bitcoin payments and the purpose of the URI
> scheme is to enable users to easily make payments by simply clicking links
> on webpages or scanning QR Codes. An example of a BIP21 URI is:
>
>
> bitcoin:bc1qd4fxq8y8c7qh76gfnvl7amuhag3z27uw0w9f8p?amount=0.004&label=Kiminuo&message=Donation
>
> Now to make it easier, these URIs are typically clickable. Bitcoin wallets
> register the "bitcoin" URI scheme so that a BIP21 URI is parsed and data
> are pre-filled in a form to send your bitcoin to a recipient. Notably,
> wallets do not send your bitcoin once you click a BIP21 URI, there is still
> a confirmation step that requires user's attention. Very similar experience
> is with a QR code that encodes a BIP21 URI where one just scans a QR code
> and data is, again, pre-filled in a wallet's UI for your convenience.
>
> While working on Wasabi's BIP21 implementation I noticed that based on the
> BIP21 grammar [
> https://github.com/bitcoin/bips/blob/master/bip-0021.mediawiki#abnf-grammar],
> it is actually allowed to specify URI parameters multiple times. This means
> that the following URI is actually valid:
>
> bitcoin:bc1qd4fxq8y8c7qh76gfnvl7amuhag3z27uw0w9f8p?amount=0.004&label=Kiminuo&message=Donation&amount=1.004
> (note that the 'amount' parameter is specified twice)
>
> Bitcoin Core implements "the last value wins" behavior[^3] so amount=1.004
> will be taken into account and not "amount=0.004"[^4]. However, in general,
> the fact that the same parameter can be specified multiple times can lead
> to a confusion for users and developers[^1][^2]. In the worst case, it
> might be exploited by some social engineering attempts by attempting to
> craft a 'clever' BIP21 URI and exploting behavior of a particular wallet
> software. For the record, I'm not aware that it actually happens, so this
> is rather a concern.
>
> The main question of this post is: Is it useful to allow specifying BIP21
> parameters multiple times or is it rather harmful?
>
> Regards,
> K.
>
> [^1]: https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/1510
> [^2]:
> https://github.com/MetacoSA/NBitcoin/blob/93ef4532b9f2ea52b2c910266eeb6684f3bd25de/NBitcoin/Payment/BitcoinUrlBuilder.cs#L74-L78
> [^3]: I added a test to that effect in
> https://github.com/bitcoin/bitcoin/pull/27928/files, see
> https://github.com/bitcoin/bitcoin/blob/83719146047947e588aa0c7b5eee02f44884553d/src/qt/test/uritests.cpp#L68-L73
> .
> [^4]: You can test your wallet's behavior by scanning the last image here
> https://github.com/zkSNACKs/WalletWasabi/pull/10578#issue-1687564404 (or
> directly
>
> ).
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230908/0e44a479/attachment-0001.html>;
Author Public Key
npub16q9ngejhxtupvrmnmcrhdqag5dcgfyxvc5mhequv4w7637xvp3ss7gqufk