📅 Original date posted:2015-02-01
📝 Original message:>
> I see how BIP 70 verifies the payment request, however, is there any way
> to verify that the transaction signed by the wallet matches the request
> before it is sent to the blockchain (and how can this support out of band
> verification)?
>
No. It cannot be done in the Bitcoin context. Your wallet MUST be secure.
Otherwise BIP70 is irrelevant - if the attacker can make your wallet sign
some other transaction than what you expect, they can also just steal your
private keys and use them directly. BIP70 is based on the assumption of a
secure signing core that cannot be compromised, with devices like the
TREZOR and 2-factor pairings of desktops and mobiles being an obvious use
case.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150201/dec9b252/attachment.html>;
Mike Hearn [ARCHIVE] /
npub17t…4qgyd
2023-06-07 15:29:15
in reply to nevent1q…pkwv
Author Public Key
npub17ty4mumkv43w8wtt0xsz2jypck0gvw0j8xrcg6tpea25z2nh7meqf4qgydPublished at
2023-06-07 15:29:15Event JSON
{
"id": "9187745dce1cf19418968630d9443d3307b2e544638b4a160e08e71b30dfc2e6",
"pubkey": "f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2",
"created_at": 1686151755,
"kind": 1,
"tags": [
[
"e",
"541657d412739d9d2a5bc263564b0f2ef650e16ac828484a06cbef551e18c76c",
"",
"root"
],
[
"e",
"26d6cc349dbf9ccf4c360ad631d06e409a394599e2f987a055c56fd2676290e1",
"",
"reply"
],
[
"p",
"5f57805600aff24704ce401a57e78ba1631be95f18e62e28fb3168e3be1ea5c5"
]
],
"content": "📅 Original date posted:2015-02-01\n📝 Original message:\u003e\n\u003e I see how BIP 70 verifies the payment request, however, is there any way\n\u003e to verify that the transaction signed by the wallet matches the request\n\u003e before it is sent to the blockchain (and how can this support out of band\n\u003e verification)?\n\u003e\n\nNo. It cannot be done in the Bitcoin context. Your wallet MUST be secure.\nOtherwise BIP70 is irrelevant - if the attacker can make your wallet sign\nsome other transaction than what you expect, they can also just steal your\nprivate keys and use them directly. BIP70 is based on the assumption of a\nsecure signing core that cannot be compromised, with devices like the\nTREZOR and 2-factor pairings of desktops and mobiles being an obvious use\ncase.\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150201/dec9b252/attachment.html\u003e",
"sig": "342b7d2b5d954421a2b7167fef58572cb1b4341dc240cab62483d070a2618f7a10f55ff99e9b1b0a0b35eb2aebe0a6f8f3f505a06a7208ae4092d2cc11284e09"
}