BIP 70 payment request signatures not checked #3628

issue jgarzik opened this issue on February 5, 2014
  1. jgarzik commented at 2:38 PM on February 5, 2014: contributor

    getMerchant() appears to check the signature, but getMerchant() caller appears to ignore the result? Testing seems to indicate it makes no matter if payment request signature is invalid or missing.

  2. laanwj commented at 3:13 PM on February 5, 2014: member

    You mean it still shows the payment request in green if the signature is invalid or missing?

  3. jgarzik commented at 3:22 PM on February 5, 2014: contributor

    Zero negative indication back to the user, if the sig is missing or invalid.

  4. laanwj added the label Bug on Feb 5, 2014
  5. laanwj added the label GUI on Feb 5, 2014
  6. laanwj commented at 4:00 PM on February 5, 2014: member

    Sounds like a bug...

  7. Diapolo commented at 6:25 PM on February 16, 2014: none

    @gavinandresen Can you re-work your https://bitcoincore.org/~gavin/createpaymentrequest.php to allow selecting an invalid cert. I'm currently looking into a fix for this. Should IMHO be tagged as medium.

  8. laanwj added the label Priority Medium on Feb 16, 2014
  9. laanwj commented at 11:15 AM on May 18, 2015: member

    The payment protocol has been used successfully for a while, including signed payment requests (for which the merchant name is shown). Should be fixed.

  10. laanwj closed this on May 18, 2015
  11. sidhujag referenced this in commit eaeb8ab95b on Jul 28, 2020
  12. MarcoFalke locked this on Sep 8, 2021
Contributors
jgarziklaanwjDiapolo
Labels
BugGUI
Linked (view graph)
#3684 [Qt] ensure BIP70 certificate problems are shown to user
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-20 00:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me