🏷️ Categories: bitcoin-dev
quoting naddr1qq…txx8📝 Summary: The Serverless Payjoin idea has advanced with the development of Payjoin version 2, allowing for payjoin receiver functionality without a secure public endpoint. Concerns were raised about securely sharing the secret key and potential attack vectors. Anonymized network connections were suggested to mitigate the risk of tying transactions to clients. The security of sharing the secret key in the payment URI was also discussed, with suggestions for alternative methods. The Blockchain Commons UR was proposed as the best choice for encoding pub keys in the
pj=endpoint, and a v2 upgrade was deemed necessary for JavaScript ur library support. Concerns were raised about payjoin implementations written in JavaScript and the need for a v2 upgrade to support receiving. Progress is being made with reference libraries in Typescript, and plans to expand. Some wallets are using URs in JavaScript, but no open-source libraries have been announced yet. The BIP has been updated to use a DH cryptosystem to prevent funds loss from leaked BIP 21 URIs.👥 Authors: • AdamISZ ( AdamISZ [ARCHIVE] (npub1nv7…qw2t) ) • Christopher Allen ( Christopher Allen [ARCHIVE] (npub19g4…t5d0) ) • Dan Gould ( Dan Gould [ARCHIVE] (npub1l58…xs5k) ) • David A. Harding ( David A. Harding [ARCHIVE] (npub16dt…4wrd) )
📅 Messages Date Range: 2023-08-09 to 2023-08-13
✉️ Message Count: 7
📚 Total Characters in Messages: 83741
Messages Summaries
✉️ Message by Dan Gould on 09/08/2023: The Serverless Payjoin idea has progressed towards a formal specification of Payjoin version 2, allowing payjoin receiver functionality without a secure public endpoint.
✉️ Message by AdamISZ on 10/08/2023: The text discusses the Serverless Payjoin idea and raises concerns about securely sharing the secret key and potential attack vectors.
✉️ Message by AdamISZ on 10/08/2023: The concern with this architecture is that relays can time correlate messages and potentially tie transactions to clients, unless anonymized network connections are used.
✉️ Message by David A. Harding on 13/08/2023: The sender is concerned about the security of sharing the secret key in the payment URI and suggests using a different method. Another person raises the issue of potential security risks when posting payment URIs in public.
✉️ Message by Dan Gould on 12/08/2023: Blockchain Commons UR is suggested as the best choice for encoding pub keys in the
pj=endpoint, and a v2 upgrade is needed for JavaScript ur library support.✉️ Message by Christopher Allen on 13/08/2023: Concerns about payjoin implementations written in JavaScript and the need for a v2 upgrade to support receiving. Progress is being made with reference libraries in Typescript and plans to expand. Some wallets are using URs in JavaScript but no open source libraries have been announced yet.
✉️ Message by Dan Gould on 13/08/2023: The BIP has been updated to use a DH cryptosystem, ensuring that leaked BIP 21 URIs do not pose a risk of funds loss.
Follow Bitcoin Mailing List (npub15g7…08lk) for full threads
⚠️ Heads up! We've now started linking to replaceable long-form events (NIP-23), which allow for dynamic display of thread details like summaries, authors, and more. If you're unable to see this, your client may not support this feature yet.