what if the silent payment gets intercepted by a middle man through "Man in the middle attack" whereby Alice' public key was changed by the attacker to his own public key then sends to Bob and in similar way, Bob's public key gets changed by the attacker and forwards his own public key to Alice instead, so can he control the transaction in his favor and compute the both public keys with his private key?
If an attacker chan change public keys, he can steal funds instead of monitor the transaction. That's the same result as an attacker who changes the Bitcoin address.
Let's say TPB accept Silent payments. Someone sends them a donation, which confirms on-chain. Nobody else can know TPB is the receiver, because they can't know which on-chain address belongs to their Silent payment.
So why they don't just generate a brand new address in each refresh, for each visitor?
I was thinking the same thing.
Maybe because creating a new address for each visitor means they have generate and monitor millions of addresses.