Deploy & document a secure payjoin-relay subdirectory naming scheme #130
Labels
Milestone
Comments
DanGould
changed the title
DanGould
changed the title
|
This is closed by #386 Please ack @nothingmuch |
|
I think so, the analysis of the collision resistance properties is completed. That said #389 will still likely affect this in one more way, if the short ID is also encoded using the bech32 character set. Posting the details there, not sure if this means this issue should still be open, as the behavior is already merged (the directory already decodes the path component and recovers the 8 bytes of unique ID and uses them in their entirety as the underlying key) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now payjoin-relay assigns per-session subdirectories by taking the first few characters of an arbitrary receiver specified base64 encoded pubkey. I'm not sure if these are as unique as the characters if for example base64 or the underlying pubkey has a header. Ensure we have unique keys and few collisions, which would be an annoying DoS. Perhaps a hash of the pubkey would be suitable.
The text was updated successfully, but these errors were encountered: