forked from ecdsa/electrum-web
-
Notifications
You must be signed in to change notification settings - Fork 1
/
bitcoin_URIs.html
133 lines (114 loc) · 8.18 KB
/
bitcoin_URIs.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
---
layout: default
---
<h2>Bitcoin URIs</h2>
Bitcoin URIs are formed with a Bitcoin address and some optional parameters, such as amount and label.<br/>
Example: <tt><a href="bitcoin:19mP9FKrXqL46Si58pHdhGKow88SUPy1V8?amount=1&message=donation">bitcoin:19mP9FKrXqL46Si58pHdhGKow88SUPy1V8?amount=1&message=donation</a></tt><br/>
<br/>
You can configure your browser to launch your Bitcoin client when you click a Bitcoin URI. <br/>
The following Bitcoin clients currently support Bitcoin URIs: <a href="http://multibit.org">MultiBit</a> and <a href="/electrum">Electrum</a>.<br/>
<br/>
Started with the previous URI, the Electrum client will open its send tab with pre-filled fields [<a href="electrum_uri.png">screenshot</a>]
<h3>How to configure your browser</h3>
<h4>Firefox (version 3.5 and above)</h4>
<ul>
<li>Visit about:config</li>
<li>Create a new boolean (mouse right click -> new -> boolean)</li>
<li>Enter this name: <u>network.protocol-handler.expose.bitcoin</u></li>
<li>Select the value: false</li>
<li>Next time you click on a Bitcoin URI, a dialog will ask you to enter the path of your Bitcoin client. Make sure it is executable</li>
</ul>
<h4>Chrome:</h4>
To configure Chrome on Ubuntu 10.04 or maybe later versions to handle bitcoin URIs, do this first on the command-line:
<pre>
$ gconftool-2 -t string -s /desktop/gnome/url-handlers/bitcoin/command "/path/to/electrum.py %s"
$ gconftool-2 -t bool -s /desktop/gnome/url-handlers/bitcoin/needs_terminal false
$ gconftool-2 -t bool -s /desktop/gnome/url-handlers/bitcoin/enabled true
</pre>
This tells Gnome what to do with bitcoin URLs, and Chrome picks that up from Gnome.
<h2>Improvement proposals</h2>
<i>This section describes improvement proposals that are not supported by the official Bitcoin client at this point.<br/>
They can be tested with Electrum (version 0.38).</i>
<h3>Aliases</h3>
Bitcoin aliases are pointers to Bitcoin addresses.<br/>
<div style="border:1px solid black;background:lightgray;">
<pre>
<b>Update:</b> In order to be used for signatures, Bitcoin aliases need to have the following properties:
1.- cannot be hijacked (redirected to another Bitcoin address) by an attacker
2.- cannot be tampered by their owner (i.e. the owner cannot secretely change their alias and pretend they did not sign something they actually signed).
Aliases stored on a website and secured by their owner might have property 1, but they do not have the second property.
I believe that Bitcoin aliases will need to be stored in a blockchain-based storage such as Namecoin or DIANNA.
The proposal below will be updated in order to reflect this.
</pre>
</div>
Aliases may be server names (e.g. <tt>ecdsa.org</tt>) or email-like addresses (e.g. <tt>[email protected]</tt>)<br/>
The corresponding Bitcoin address is retrieved by the client, using a descriptor located at a canonical url.<br/>
<br/>
Aliases may be entered in the Electrum client, or used in Bitcoin URIs (see below).<br/>
Screenshot:<br/>
<img src="electrum_alias.png"/><br/>
<br/>
In order to prevent hijacking, aliases may be signed by a trusted
authority. <br/>
<br/>
If if the signing key of an alias is unknown, Electrum will ask the
user to add it to its list of trusted keys
[<a href="electrum_self-signed_warning.png">screenshot</a>].<br/> It
will display a warning if the signing key has changed since the
previous visit [<a href="electrum_nasty.png">screenshot</a>].
<h4>Unsigned aliases</h4>
The descriptor of an unsigned alias contains the target address:
<pre>
<target_address>
</pre>
Examples:
<ul>
<li><tt><a href="bitcoin:[email protected]">bitcoin:[email protected]</a></tt>. Descriptor: <tt><a href="https://ecdsa.org/bitcoin.id/roger">https://ecdsa.org/bitcoin.id/roger</a></tt></li>
<li><tt><a href="bitcoin:[email protected]?amount=1&message=donation">bitcoin:[email protected]?amount=1&message=donation</a></tt>. Descriptor: <tt><a href="https://ecdsa.org/bitcoin.id/roger">https://ecdsa.org/bitcoin.id/roger</a></tt></li>
</ul>
<h4>Signed aliases</h4>
A trusted authority (<tt>auth_name, auth_signing_key</tt>) signs a string that contains its name, the alias and the address.<br/>
The alias descriptor contains the target address, the authority's name and address, and the signature:<br/>
<pre>
<target_address>:<auth_name>:<btc_address(auth_signing_key)>:<signature(auth_signing_key, auth_name:alias:address)>
</pre>
Example: <tt><a href="bitcoin:[email protected]?amount=1&message=donation">bitcoin:[email protected]?amount=1&message=donation</a></tt>. Descriptor: <tt><a href="https://ecdsa.org/bitcoin.id/bart.simpson">https://ecdsa.org/bitcoin.id/bart.simpson</a></tt>
<h4>Updating an alias</h4>
The target of an alias can be updated without owning the signing key. <br/>
The descriptor should include the full history of the target.<br/>
Each modification must be signed with the key corresponding to the previous target.<br/>
<pre>
<target_address1>
<target_address2>:signature(key_of_address1, alias:address2)>
<target_address3>:signature(key_of_address2, alias:address3)>
</pre>
Example: <tt><a href="bitcoin:[email protected]?amount=1&message=donation">bitcoin:[email protected]?amount=1&message=donation</a></tt>. Descriptor: <tt><a href="https://ecdsa.org/bitcoin.id/john.doe">https://ecdsa.org/bitcoin.id/john.doe</a></tt>
<h3>Signed URIs:</h3>
<b>NOTE: the purpose of this proposal is not to protect merchants against attackers, but to protect customers against malicious merchants pretending they have not been paid.</b><br/>
<br/>
Merchants typically use various receiving addresses to keep track of incoming orders. This has a drawback for customers: customers cannot prove that they are sending funds to the right person. <br/>
Signed URIs are bitcoin URIs that are signed with a key associated to the online reputation of the merchant. After payment, a signed URI is a proof that the owner of the signing key has been paid. <br/>
<br/>
Syntax: <tt>bitcoin:<address>?<list_of_parameters>&signature=<identity:signature></tt><br/>
The <tt>identity</tt> parameter can be an address or an alias. <br/>
<br/>
To generate the signature, bitcoind's <tt>signmessage</tt> command is used.<br/>
Example:<br/>
<pre>
$ bitcoind signmessage 19mP9FKrXqL46Si58pHdhGKow88SUPy1V8 "bitcoin:15kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=1&message=donation"
Gy8cnYtUohz3wiUZFg4zqbWGulKWSMU0ady3Cbpvo6qZPFgtX5EJ8aNvnE/Sus51nMadDVbTDqDAmR/2prZGJko=
</pre>
The signature is url-encoded and added to the URI:<br/>
<tt><a href="bitcoin:15kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=1&message=donation&signature=19mP9FKrXqL46Si58pHdhGKow88SUPy1V8:Gy8cnYtUohz3wiUZFg4zqbWGulKWSMU0ady3Cbpvo6qZPFgtX5EJ8aNvnE%2FSus51nMadDVbTDqDAmR%2F2prZGJko%3D">bitcoin:15kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=1&message=donation&signature=19mP9FKrXqL46Si58pHdhGKow88SUPy1V8:Gy8cnYtUohz3wiUZFg4zqbWGulKWSMU0ady3Cbpvo6qZPFgtX5EJ8aNvnE%2FSus51nMadDVbTDqDAmR%2F2prZGJko%3D</a></tt><br/>
<br/>
When the user clicks on a signed URI, the Electrum client will display a 'send' tab with fields that are not editable, and it will show the signing address
[<a href="electrum_signed_uri.png">screenshot]</a><br/>
If the user proceeds with the transaction, the client will archive the signed URI as a proof of payment.<br/>
The signature will be visible in the details of the transaction [<a href="electrum_receipt.png">screenshot</a>].<br/>
<br/>
If the signature verification fails, the client should display a warning. <br/>
Example (tampered signature): <a href="bitcoin:16kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=50&message=how%20are%20you&signature=19mP9FKrXqL46Si58pHdhGKow88SUPy1V8:HHMNlNJYbc6ppJ1UUT1PMXuHdG2e54RZNh3vamrSpDfh442jOwb%2BJHyfSQNRhQt0dB0uf8kJxNbO4lA95byKhx4%3D">Pay here!</a><br/>
<br/>
The signing identity can be an alias.<br/>
Example: <tt><a href="bitcoin:15kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=50&message=how%20are%20you&signature=ecdsa.org:HHMNlNJYbc6ppJ1UUT1PMXuHdG2e54RZNh3vamrSpDfh442jOwb%2BJHyfSQNRhQt0dB0uf8kJxNbO4lA95byKhx4%3D">bitcoin:15kfzDMX2Gr7hXrwRQQGkxrd5eBveKH777?amount=50&message=how%20are%20you&signature=ecdsa.org:HHMNlNJYbc6ppJ1UUT1PMXuHdG2e54RZNh3vamrSpDfh442jOwb%2BJHyfSQNRhQt0dB0uf8kJxNbO4lA95byKhx4%3D</a></tt><br/>
In that case the Electrum client will display the alias instead of the key [<a href="electrum_signed_uri_alias.png">screenshot</a>]