bitcoin-dev
BIP Proposal - Address Paste Improvement
Posted on: November 8, 2018 15:28 UTC
In a discussion on bitcoin-dev mailing list, Dmitry Petukhov suggested that copying addresses to the clipboard should be discouraged since it is the easiest way for malware to replace an address.
He asked if there were any convenient mechanisms for transferring an address from a web page to the wallet address input field. Several users suggested using QR code scanning of a Bitcoin URI or a "bitcoin:" URI intent or a BIP70 payment message intent on Android devices. On desktop OSes, similar mechanisms exist to launch apps from the browser.Regarding the issue with the clipboard, users pointed out that any app can edit the clipboard without special permission, even if the computer is not compromised. They suggested adding some form of authentication for an address, such as 2fa or visual fingerprints that are difficult for malware to detect and replace. Some also suggested signing the destination address with the key of an already known address and checking the signature.For cases where the payee is a well-known entity, the BIP70 payment protocol offers authentication via certificates. However, this does not work for scenarios where the person in front of you is the only trust anchor.