Hello,
I've been thinking about how to solve security problems of the servers
holding huge amounts of bitcoins (exchanges, markets...) and came up
with this idea: https://gist.github.com/Kixunil/2ec79cf40a53fb899ac5
TL;DR: it's extension of BIP70 (but not fully compatible due to security
reasons)
orts it, and the tools mediators need to manage incoming tickets, etc.
> The BIP70 extension is probably the smallest part of the project.
>
>
> On Sat, Jan 31, 2015 at 2:30 AM, Martin Habovštiak
> wrote:
>>
>> Hello,
>>
>> I've been thinking about
I didn't consider that, thank you for feedback! I will try to find
some time for implementing it. I'll write again then.
2015-01-31 23:50 GMT+02:00 Gavin Andresen :
> I agree- standards should be descriptive ("here is how this thing I did
> works") and NOT proscriptive ("here's what I think will w
BIP70 is quite safe agains MitB. If user copies URL belonging to other
merchant, he would see the fact after entering it into his wallet
application. The only problem is, attacker can buy from the same
merchant with user's money. (sending him different URL) This can be
mitigated by merchant setting
ast, that's how I'd do it.
>
> On Sun, Feb 1, 2015 at 12:02 AM, Martin Habovštiak
> wrote:
>>
>> I didn't consider that, thank you for feedback! I will try to find
>> some time for implementing it. I'll write again then.
>>
>> 2015-01-
Good idea. I think this could be even better:
instead of using third party, send partially signed TX from computer
to smartphone. In case, you are paranoid, make 3oo5 address made of
two cold storage keys, one on desktop/laptop, one on smartphone, one
using third party.
If it isn't enough, add req
Do you have anything that is NOT some web application?
2015-02-02 18:59 GMT+01:00 Mike Hearn :
> We're way ahead of you guys ;)
>
> On Mon, Feb 2, 2015 at 6:54 PM, Martin Habovštiak
> wrote:
>>
>> Good idea. I think this could be even better:
>>
>> ins
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I believe, we are still talking about transactions of physical people in
physical world. So yes, it's proximity based - people tell the words by mouth.
:)
In case of RedPhone, you read those words verbally over not-yet-verified
channel relying on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Commit protocol provides both better user experience and better security.
Dňa 6. februára 2015 1:49:12 CET používateľ Paul Puey napísal:
>The trust can be considered bootstrapped by visual verification of the
>address prefix. If we are really conce
9 matches
Mail list logo
