> Copying addresses to the clipboard should be discouraged, rather than > supported.
Do you know any reasonably convenient mechanism for end user to transfer an address from, say, a web page to the wallet address input field ? The clipboard is just a low-hanging fruit for malware, anyway. It just the most easy point to replace an address. If the computer is compromized, malware can edit the web page in the memory of the browser process, for example. If it shown as QR code, malware can decode, detect that it is an address, and replace the image of QR code. I think that the only way to protect from this is to add some form of authentication for an address - 2fa (transfer checksum via second channel), visual fingerprints for addresses, that will are hard to detect (and hence, replace) for malware, signing the destination address with the key of an address that is already known and checking the signature, etc. The problem will be to come up with an address authentication procedure that will be convenient for users and widely supported, as a result. _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
