Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Lending
Re: CoinLenders :: Get bitcoin loans, and earn interest on your deposits!
by
siliclone
on 01/07/2013, 03:48:12 UTC
Quote from: shawshankinmate37927 on June 30, 2013, 12:18:26 AM
Quote from: siliclone on June 29, 2013, 08:16:18 PM
Quote from: wolverine.ks on June 29, 2013, 08:04:40 PM
So newb question to break up all the drama a bit....

what is all this verification to prevent MITM stuff?

ive seen it, but what do I do with it?

thanks
It's there for your peace of mind. It's an optional step that you can use to verify the authenticity of the deposit address prior to sending funds. My guess as to the reasoning is that if a MITM attack was taking place, the attacker would not posses certain information found in the message and therefore the generated signature from the injected address would not match.

The attacker would not possess the private key associated with that deposit address.  Only someone with the private key that corresponds to that deposit address would be able to generate that signature with that message.

I'm assuming that an attacker that injects a deposit address would also possess the private key for that address. Therefore, the only discernible asset not possessed would be something found in the message itself. Unless MITM in this scenario has nothing to do with injecting a fraudulent address.