W3C home > Mailing lists > Public > public-webpayments@w3.org > December 2014

Re: Zero Click Bitcoin Micropayments using HTTP 402

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Mon, 22 Dec 2014 19:21:41 +0100
Message-ID: <CAKaEYhKYmpzdL2175s8=Q_1uErTr=qPPOE1xCedrLZAs2sFPow@mail.gmail.com>
To: Steven rowat <sn0281@uniserve.com>
Cc: Web Payments <public-webpayments@w3.org>
On 20 December 2014 at 17:32, Steven rowat <sn0281@uniserve.com> wrote:

> On 2014-12-20, at 7:36 AM, Anders Rundgren <anders.rundgren.net@gmail.com>
> wrote:
>
> > On 2014-12-20 15:36, Melvin Carvalho wrote:
> >> http://challengepost.com/software/zero-click-bitcoin-micropayments
> >
> > Hi Melvin,
> > You mentioned the HTTP 402 thing before and I didn't got it.
> > Now I do, but this solution is really a service dealing with HTTP 402.
> >
> > They didn't provide much details on how it works but I guess that's
> obvious for you bitconiers :-)
> > The question is if their protocol would stand a security review, my
> guess is that it would not.
>
> Looks so beautiful and simple. There must be a problem -- security,
> browser buy-in, wait times for bitcoin confirmation. If not, I'm ready to
> start using it anytime. :-)
>
> Here's a discussion by bitcoin people of this idea from two years ago,
> including some detail about all those issues, especially security. It's not
> exhaustive but for me at least it was good background.
>
> https://bitcointalk.org/index.php?topic=3895.0
>

Which security issues do you think are relevant?

I could imagine a flow:

1. Client: I would like to read some content

2. Server: 402 -- you must pay 1mBTC to <address> to read content

** User authorizes with 1 click -- or user has already set a limit for Zero
click **

3. Client: I would like to read some content.  I have sent 1mBTC to
<address> with <txid>

4. Server: 200 -- you are authorized -- here is the content



>
>
> Steven Rowat
>
>
>
>
>
Received on Monday, 22 December 2014 18:22:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:37 UTC