>
> I see how BIP 70 verifies the payment request, however, is there any way
> to verify that the transaction signed by the wallet matches the request
> before it is sent to the blockchain (and how can this support out of band
> verification)?
>
No. It cannot be done in the Bitcoin context. Your wallet MUST be secure.
Otherwise BIP70 is irrelevant - if the attacker can make your wallet sign
some other transaction than what you expect, they can also just steal your
private keys and use them directly. BIP70 is based on the assumption of a
secure signing core that cannot be compromised, with devices like the
TREZOR and 2-factor pairings of desktops and mobiles being an obvious use
case.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
