On Monday, March 06, 2017 5:37:24 AM Tim Ruffing via bitcoin-dev wrote: > But ignoring this, the server should be authenticated at a > minimum. Otherwise manipulating exchange rates seems to be a nice > way for the attacker on the wire to make money...
HTTPS would be used for that. It's not something that needs to be at a higher layer. > Apart from that, my feeling is that it could be simplified. Is > longpolling useful? I would think so, at least for Bitcoin since rates can change significantly in a short period of time (or can they anymore? I haven't really watched lately.) > And is the historical rate thing really necessary for typical applications? When displaying historical transactions, it doesn't really make sense to use the current market rate, but rather the market rate at the time the payment was made. While wallets might simply cache it with the transaction, it would be perhaps nicer if it could be automatically restored for seed-only recoveries. In any case, if a service/wallet doesn't want to provide/use historical information, it can simply not implement that part. > If yes, the client should be allowed to decide on which time scale the > data should be. (tick, min, hour, day, ...) That goes together with > clearly defining the type field (something like low, high, open, close, > but without flexibility). Think of a candle-stick chart basically. How is the current draft insufficient for this? > Also, pushing may be more appropriate for "current" rates than polling. > Then no polling interval is necessary. On the other hand, this adds > complexity in other places, e.g., state. Pushing is what longpolling does. Luke _______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
