📅 Original date posted:2014-01-13
📝 Original message:On Sun, Jan 12, 2014 at 7:20 PM, Jeremy Spilman <jeremy at taplink.co> wrote:
> > I think for displaying the payment in the UI after it's been made via
> PP, we have to fully
> > support sending to a new standard address type anyway.
On Sun, 12 Jan 2014 10:26:18 -0800, Mike Hearn <mike at plan99.net> wrote:
> Why? Showing an address is meaningless, especially if the user didn't
> type it in or see
> it somewhere else. It's just an opaque random number, all putting it in
> the UI can do is
> make it look scarier :)
>
> Part of the point of the payment protocol is it lets merchants provide
> human readable text
> for transactions instead of addresses.
Of course you're right, moving away from addresses is definitely part of
the point of PP.
On Sun, 12 Jan 2014 13:18:33 -0800, Gavin Andresen
<gavinandresen at gmail.com> wrote:
> No, please. Make it easy for non-geeks, extend the payment protocol, or
> we'll spend the next
> two years writing code that tries to ignore linebreaks and spaces and
> changing <input> in HTML
> forms to <textarea>...
Agreed, it's long enough to be even more problematic than usual. If the
general consensus is that there should not even be a standardized address
form, then I can skip that entirely, and go straight to trying to extend
PP.
It's a given this will be implemented for Payment Protocol. The question
is whether it's also usable outside of PP.
I was kind of imagining that we could encourage people to replace all
their static address text that live on Github pages, and README.me, and
forum signatures, etc. with new 'href=bitcoin:xSTL...' URIs. Convention
could be to require only transporting xSTL addresses within a URI, even
going so far as to not support them copy/pasted. 101 characters is not
much longer (and sometimes shorter) than PaymentRequest URIs end up being.
I think there are ways to make stealth addresses easy enough to use that
people actually prefer using them for P2P payments which do not involve a
full-stack merchant. In that case, if it was a PaymentRequest it would
almost certainly not be signed, and would be more easily shared over email
or SMS as a URI than as a file attachment or, even worse, putting the
unsigned PR file up on a third-party server which probably won't do a good
job securing it.
* PP Implementation Overview *
The basic PaymentRequest>PaymentDetails is expecting 'output' containing
one or more TxOuts with script and amount. I believe the general approach
is to put a fallback address into 'output' for backward compatibility, and
put Q and Q2 into an extension field.
So we add a new optional field to PaymentDetails which contains the one or
two PubKeys. Not sure if we want different protobuf tags, or if the
difference in length of the value makes it obvious enough which approach
is being used;
optional bytes stealthOnePubKey = 1000
optional bytes stealthTwoPubKey = 1001
or just
optional bytes stealth = 1000
* User Interaction / Flow *
Lets follow this through from the user perspective, starting with what it
looks like today. I'm having a hard time finding screenshots of what PP
looks like in BitcoinQT, so I built from HEAD and using Gavin's
Handy-Dandy PaymentRequest Generator
(https://bitcoincore.org/~gavin/createpaymentrequest.php):
Screenshots: http://imgur.com/a/k6j9D
Image 1 - 'Send' screen after clicking a PR URI with a small transaction
and auto-calculated fee
Image 2 - System Tray notification after clicking 'Send'
Image 3 - Transaction List showing partially confirmed transaction
Image 4 - Transactions details popup
We see 'Pay To' (Common Name from the cert) and 'Memo' on the Send screen.
The System Tray notification popup and Transaction List shows just the
address string. The 'Transaction details' window shows 'Merchant' which I
think is the same as 'Pay To'. You also have 'Copy address' option in the
right-click menu.
Memo seems not to be saved, or at least not visible in the UI after
sending a payment.
* Transaction Display *
The address string is fairly pervasive, which is why I was originally
thinking it would make sense to implement all the address handling first,
so all those screens would continue to work as specified, without trying
to hack something different in those fields.
Without digging too far into the code, it looks like "address" displayed
is derived from the TxOut -- e.g. script.cpp:ExtractDestination. This
could be a bit problematic depending on what we really want to show to the
user -- the stealth multisig, or the pubkeys?
Part of the point of stealth addresses is actually making them reusable.
So if you're the originator of the payment, you might want the wallet to
tag that transaction somehow with the pubkeys used to generate it.
Also, ideally I think I would want multiple different stealth payments
within a single wallet to the same merchant / pubkeys to be identifiable
as such.
* Sample Code *
Will follow in another email, to be sent shortly!
Jeremy Spilman [ARCHIVE] /
npub10e…jc727
2023-06-07 15:11:37
in reply to nevent1q…ms9d
Author Public Key
npub10etkvm8l0jr0jsgdx02dxnhnu5g989dnca90guj5rklwkaplnh3sgjc727Published at
2023-06-07 15:11:37Event JSON
{
"id": "6da5ff3a258380f9f91709ed6fe7da3963d541fe32c179e12c7cbce3b8d68b9a",
"pubkey": "7e57666cff7c86f9410d33d4d34ef3e5105395b3c74af472541dbeeb743f9de3",
"created_at": 1686150697,
"kind": 1,
"tags": [
[
"e",
"6b79d8c7bec3dc6952db91cc68d0510d9897c37dcf58a24d8e2f4288fe42525c",
"",
"root"
],
[
"e",
"b7aa313f2445fd5ea8b79cae67a8b2aa85b4eed3c01433ea066a0f8fea48ff9a",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2014-01-13\n📝 Original message:On Sun, Jan 12, 2014 at 7:20 PM, Jeremy Spilman \u003cjeremy at taplink.co\u003e wrote:\n\u003e \u003e I think for displaying the payment in the UI after it's been made via \n\u003e PP, we have to fully\n\u003e \u003e support sending to a new standard address type anyway.\n\nOn Sun, 12 Jan 2014 10:26:18 -0800, Mike Hearn \u003cmike at plan99.net\u003e wrote:\n\u003e Why? Showing an address is meaningless, especially if the user didn't \n\u003e type it in or see\n\u003e it somewhere else. It's just an opaque random number, all putting it in \n\u003e the UI can do is\n\u003e make it look scarier :)\n\u003e\n\u003e Part of the point of the payment protocol is it lets merchants provide \n\u003e human readable text\n\u003e for transactions instead of addresses.\n\nOf course you're right, moving away from addresses is definitely part of \nthe point of PP.\n\nOn Sun, 12 Jan 2014 13:18:33 -0800, Gavin Andresen \n\u003cgavinandresen at gmail.com\u003e wrote:\n\u003e No, please. Make it easy for non-geeks, extend the payment protocol, or \n\u003e we'll spend the next\n\u003e two years writing code that tries to ignore linebreaks and spaces and \n\u003e changing \u003cinput\u003e in HTML\n\u003e forms to \u003ctextarea\u003e...\n\nAgreed, it's long enough to be even more problematic than usual. If the \ngeneral consensus is that there should not even be a standardized address \nform, then I can skip that entirely, and go straight to trying to extend \nPP.\n\nIt's a given this will be implemented for Payment Protocol. The question \nis whether it's also usable outside of PP.\n\nI was kind of imagining that we could encourage people to replace all \ntheir static address text that live on Github pages, and README.me, and \nforum signatures, etc. with new 'href=bitcoin:xSTL...' URIs. Convention \ncould be to require only transporting xSTL addresses within a URI, even \ngoing so far as to not support them copy/pasted. 101 characters is not \nmuch longer (and sometimes shorter) than PaymentRequest URIs end up being.\n\nI think there are ways to make stealth addresses easy enough to use that \npeople actually prefer using them for P2P payments which do not involve a \nfull-stack merchant. In that case, if it was a PaymentRequest it would \nalmost certainly not be signed, and would be more easily shared over email \nor SMS as a URI than as a file attachment or, even worse, putting the \nunsigned PR file up on a third-party server which probably won't do a good \njob securing it.\n\n* PP Implementation Overview *\n\nThe basic PaymentRequest\u003ePaymentDetails is expecting 'output' containing \none or more TxOuts with script and amount. I believe the general approach \nis to put a fallback address into 'output' for backward compatibility, and \nput Q and Q2 into an extension field.\n\nSo we add a new optional field to PaymentDetails which contains the one or \ntwo PubKeys. Not sure if we want different protobuf tags, or if the \ndifference in length of the value makes it obvious enough which approach \nis being used;\n\n optional bytes stealthOnePubKey = 1000\n optional bytes stealthTwoPubKey = 1001\n\nor just\n\n optional bytes stealth = 1000\n\n* User Interaction / Flow *\n\nLets follow this through from the user perspective, starting with what it \nlooks like today. I'm having a hard time finding screenshots of what PP \nlooks like in BitcoinQT, so I built from HEAD and using Gavin's \nHandy-Dandy PaymentRequest Generator \n(https://bitcoincore.org/~gavin/createpaymentrequest.php):\n\nScreenshots: http://imgur.com/a/k6j9D\n\nImage 1 - 'Send' screen after clicking a PR URI with a small transaction \nand auto-calculated fee\nImage 2 - System Tray notification after clicking 'Send'\nImage 3 - Transaction List showing partially confirmed transaction\nImage 4 - Transactions details popup\n\nWe see 'Pay To' (Common Name from the cert) and 'Memo' on the Send screen. \nThe System Tray notification popup and Transaction List shows just the \naddress string. The 'Transaction details' window shows 'Merchant' which I \nthink is the same as 'Pay To'. You also have 'Copy address' option in the \nright-click menu.\n\nMemo seems not to be saved, or at least not visible in the UI after \nsending a payment.\n\n* Transaction Display *\n\nThe address string is fairly pervasive, which is why I was originally \nthinking it would make sense to implement all the address handling first, \nso all those screens would continue to work as specified, without trying \nto hack something different in those fields.\n\nWithout digging too far into the code, it looks like \"address\" displayed \nis derived from the TxOut -- e.g. script.cpp:ExtractDestination. This \ncould be a bit problematic depending on what we really want to show to the \nuser -- the stealth multisig, or the pubkeys?\n\nPart of the point of stealth addresses is actually making them reusable. \nSo if you're the originator of the payment, you might want the wallet to \ntag that transaction somehow with the pubkeys used to generate it.\n\nAlso, ideally I think I would want multiple different stealth payments \nwithin a single wallet to the same merchant / pubkeys to be identifiable \nas such.\n\n* Sample Code *\n\nWill follow in another email, to be sent shortly!",
"sig": "28d5ee45e7b8526d06a09498fc04839fe973af99bf2fcaf5066669950b3eec5c21f7db15087b1a19829f4f73733668494e845def35becdff4dcc5b87ff7f41da"
}