[Bitcoin-development] Merge avoidance and P2P connection encryption
mike at plan99.net
Fri Dec 13 21:49:23 UTC 2013
> Or alternatively, the user-signed payment request without iteration
> count is enclosed within a payr.com-signed envelope that contains the
> iteration count.
But how does that show up in the user interface? I don't know how you would
explain what the signature means or implies, or what you do if the
signature is broken/missing.
The only thing that a maliciously modified iteration count can do is cause
money to be sent to an address that's beyond the recipients gap limit,
meaning they won't receive it (unless they reconfigure their software and
rescan). But you can't steal money that way.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bitcoin-dev