[Bitcoin-development] Cold Signing Payment Requests
gavinandresen at gmail.com
Tue Apr 30 13:14:53 UTC 2013
RE: Timo's proposal for protecting the refund address:
Seems to me there are two risks:
1) The risk that the merchant's web server will be compromised and the
attacker will redirect refunds
2) The risk that the merchant will miss payments because they miss a POST
to the payment_url (maybe the customer's machine crashes during the HTTPS
If payments are a lot more common than refunds, then (2) will outweigh (1).
I also think an attacker who compromises the front-end web server would
probably just have it start generating plain-old pay-to-bitcoin-address
payment requests, and hope that lots of customers pay them directly before
the attack is discovered.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bitcoin-dev