Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Merits 2 from 2 users
Re: BIP-able idea suggestion: Secure IP Transactions
by
darosior
on 09/01/2019, 19:11:57 UTC
⭐ Merited by vapourminer (1) ,ETFbitcoin (1)
Hi,

I think it could be nice but I don't know if it would be very secure. However I don't think this should be a BIP as it doesn't need to be in the reference implementation, it could also be used by some wallets.

Cons : https://bitcointalk.org/index.php?topic=9334.0 (or why it has been removed)
Pros :
Quote from: satoshi on September 19, 2010, 09:49:30 PM
Probably best to disable receiving by IP unless you specifically intend to use it.  This is a lot of surface area that nobody uses that doesn't need to be open by default.

In storefront cases, you would typically only want customers to send payments through your automated system that only hands out bitcoin addresses associated with particular orders and accounts.  Random unidentified payments volunteered to the server's IP address would be unhelpful.

In general, sending by IP has limited useful cases.  If connecting directly without a proxy, the man-in-the-middle risk may be tolerable, but no privacy.  If you use a privacy proxy, man-in-the-middle risk is unacceptably high.  If we went to all the work of implementing SSL, only large storefronts usually go to the trouble of getting a CA cert, but most of those cases would still be better off to use bitcoin addresses.

I uploaded this change to SVN rev 156.  The switch to enable is "-allowreceivebyip".

Senders with this version will get the error "Recipient is not accepting transactions sent by IP address".  Older version senders will get "Transfer was not accepted".

I used a different name for the switch because "-allowiptransactions" sounds like it includes sending.  If there's a better name for the switch, we can change it again.

Quote from: bitcoinex on September 18, 2010, 07:27:18 AM
Incidentally, for this DNS have custom-built records SRV. Theese records for Kerberos, for example:


$ dig _kerberos._tcp.host.com srv

;; QUESTION SECTION:
;_kerberos._tcp.host.com.   IN   SRV

;; ANSWER SECTION:
_kerberos._tcp.host.com. 3550 IN   SRV   10 10 88 kerberos.host.com.


Requesting for any DNS-name SRV-record in this format, you can find the address of Kerberos-server for this domain. Similarly, we can do for Bitcoin by queryng about: "_bitcoin._tcp.host.com" or something.

All this is done covertly, human sees only the right part of the name: host.com

And for domain names with sub-domains Kerberos using TXT records to enable the customer to understand what realm it belongs to:


$ dig _kerberos.grid.host.com txt

;; QUESTION SECTION:
;_kerberos.grid.host.com.   IN   TXT

;; ANSWER SECTION:
_kerberos.grid.host.com. 3587 IN   TXT   "HOST.COM"


Bitcoin can use this for subdomains like www:

_bitcoin.www.host.com. 3587 IN   TXT   "HOST.COM"

i.e., human can send bitcoin to www.host.com, bitcoin client check TXT _bitcoin.www.host.com for DNS-name of bitcoin "realm", than check SRV _bitcoin._tcp.host.com and, finally, sends bitcoins to IP, specified by this SRV-record.

This scheme is really a part of Kerberos standart and used, I think, more than 15 years.

And this DNS trick will be usable in Tor's .onion network