On Wed, Aug 7, 2013 at 11:17 PM, Mike Hearn <m...@plan99.net> wrote: > >> I'd like to hear from other wallet implementors. Do you have a notion >> of 'locked inputs' ? The tricky bit in constructing a transaction but >> not broadcasting it right away is the inputs must be locked, so >> they're not accidentally double-spent. > >> bitcoinj separates the concept of committing a tx to the wallet from > broadcasting it. However by default transactions that weren't seen in the > chain yet will be announced when a new peer is connected to. It'd take extra > code to suppress that, and it's unclear to me why that's useful. I agree > with Pieter that it should be the merchants responsibility to get the tx out > there, but having the client do the broadcast as well can't really hurt > (except perhaps some privacy impact).
My concerns here are: * Making sure wallet applications can function without supporting the P2P protocol (which drops a huge implementation overhead for simple - perhaps hardware-based - wallets). * Making sure the responsibility of confirming transactions is with the receiver (while the responsibility of creating a confirmable transaction is with the sender), which again simplifies wallet implementation. * Making receiving of metadata reliable, by minimizing cases where a transaction is accidentally broadcast without the receiver being told about it. This is perhaps not possible entirely, but it should be possible to reduce it to a point where the remaining cases can be dealt with manually. This also means indeed being able to give a bitcoin URI (or why not just a URL to a payment descriptor?) that does not contain a static Bitcoin address. I understand the compatibility concern here, but IMHO we should do all effort to get rid of static addresses were possible - the public key should be negotiated be sender and receiver. I worry about the scenario where some evil hotspot owner observes a payment request, and later sees a bitcoin P2P transaction crediting that key, but without payment being sent to the payment_uri (because he blocked it), thus allowing him to construct a payment message himself with the request + transaction, and adding his own refund address or delivery location, or ... To fix problems related to this completely, we'd need transactions that commit to the payment message, instead of the other way around. I believe the pay-to-contract scheme presented by Timo Hanke at the San Jose conference solved this. -- Pieter ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development