[bitcoin-dev] BIP Proposal - Address Paste Improvement
andreas at schildbach.de
Thu Nov 8 15:28:41 UTC 2018
On 08/11/2018 09.11, Dmitry Petukhov via bitcoin-dev wrote:
>> Copying addresses to the clipboard should be discouraged, rather than
> Do you know any reasonably convenient mechanism for end user to
> transfer an address from, say, a web page to the wallet address
> input field ?
- QR code scanning of a Bitcoin URI
- On Android: A "bitcoin:" URI intent or a BIP70 payment message intent
- On desktop OSes there are similar mechanisms to launch Apps from the
browser (e.g. for mailto: links)
> The clipboard is just a low-hanging fruit for malware, anyway. It just
> the most easy point to replace an address. If the computer is
> compromized, malware can edit the web page in the memory of the browser
> process, for example. If it shown as QR code, malware can decode,
> detect that it is an address, and replace the image of QR code.
For editing the clipboard your computer doesn't need to be compromised!
*Any* app can do it, without special permission.
> I think that the only way to protect from this is to add some form of
> authentication for an address - 2fa (transfer checksum via second
> channel), visual fingerprints for addresses, that will are hard to
> detect (and hence, replace) for malware, signing the destination address
> with the key of an address that is already known and checking the
> signature, etc.
For cases where the payee is a well-known entity the BIP70 payment
protocol has authentication via certificates. That doesn't work for the
"the person in front of you is the only trust anchor you have" usecase
More information about the bitcoin-dev