mirrors/bitcoin-bips
1
0
Fork 0
mirror of https://github.com/bitcoin/bips.git synced 2025-01-18 21:35:13 +01:00
Code Issues Projects Releases Wiki Activity

Additional note for HW

Browse Source
This commit is contained in:
nicolas.dorier 2020-06-19 13:23:37 +09:00
parent 7803bf8335
commit 3a16c24f5e
No known key found for this signature in database
GPG Key ID: 6618763EF09186FE
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
bip-0078.mediawiki
View File

@ -382,6 +382,7 @@ The sender's software wallet can verify that the payjoin proposal is legitimate
However, a hardware wallet can't verify that this is indeed the case. This means that the security guarantee of the hardware wallet is decreased. If the sender's software is compromised, the hardware wallet would sign two valid transactions, thus sending two payments. However, a hardware wallet can't verify that this is indeed the case. This means that the security guarantee of the hardware wallet is decreased. If the sender's software is compromised, the hardware wallet would sign two valid transactions, thus sending two payments.
Without payjoin, the maximum amount of money that could be lost by a compromised software is equal to one payment (via [[#output-substitution|payment output substitution]]). Without payjoin, the maximum amount of money that could be lost by a compromised software is equal to one payment (via [[#output-substitution|payment output substitution]]).
Note that the sender can opt out payment output substitution my using the optional parameter <code>disableoutputsubstitution=true</code>.
With payjoin, the maximum amount of money that can be lost is equal to two payments. With payjoin, the maximum amount of money that can be lost is equal to two payments.