Breaking Down The BitPay-BIP70 Controversy
By Petro Wallace on ALTCOIN MAGAZINE
The most important feature of a currency is its ability to be used as an exchange of value. Simply put, you should be able to pay for something or some service by using it. The process used to pay using a particular currency is called its “Payment Protocol.” When it comes to cryptocurrencies like Bitcoin, Ripple, 8PAY, etc., they all have their unique payment protocols. In this article, we will be focusing primarily on Bitcoin’s payment protocol.
BIP21 Vs. BIP70
A BIP is a Bitcoin Improvement Proposal and is a mechanism used by developers to improve Bitcoin.
BIP21
BIP21 is an open standard of payments that have been deployed and enabled by all bitcoin wallets and services since 2012. The Bitcoin QR codes that you usually see in various merchant sites is a direct result of BIP21. One of the rules that the BIP lays out ensures that no matter the wallet software or service used, the QR code and payment request must be created and interpreted in one standard way. What this does is it makes sure that maximum interoperability and compatibility is maintained. After all, if each merchant and wallet used their version of the QR Code, then that will cause needless confusion.
However, many researchers discovered certain flaws in BIP21.
Main In The Middle Attacks
The biggest flaw of BIP21 is that it can be easily spoofed. A savvy attacker can change the BIP21 QR Codes in a subtle way to change the recipient of the payment. This can either be done via a hack or a trojan horse virus. If successfully implemented, this can turn into a “man in the middle” attack (MITM).
In an MITM, the customer thinks that they are interacting with the merchant when they are actually interacting with the attacker who hijacked the QR code. This attacker can then imitate the merchant to get sensitive data such as usernames, passwords, and credit card info of everyone they are interacting with.
BIP 70
BIP70 was proposed by Gavin Andresen and Mike Hearn back in July 2013. It was created specifically for addressing the MITM vulnerability of BIP21. As per their GitHub entry,
“This BIP describes payment protocol messages encoded using Google’s Protocol Buffers, authenticated using X.509 certificates, and communicated over http/https. Future BIPs might extend this payment protocol to other encodings, PKI systems, or transport protocols.”
In simple terms, during a client-merchant interaction, the public address of the merchant is wrapped up in an X.509 certificate. Let’s take the example of a BitPay transaction to see how this BIP70 works. BitPay is a crypto payment service provider.
Image Credit: Leo Weese
As you can see, the address box has a BitPay URL rather than the merchant Bitcoin address. The user’s wallet will use the URL to fetch the Bitcoin address and amount from the BitPay server, together with meta-data such as expiration date of the invoice, invoice number and merchant information. Doing this will make sure that nobody can overwrite and modify the merchant’s address.
All this sounds good, however, as per Andreas Antonopolous, BIP70 has two significant flaws:
- BIP70 gets its security from digital certificate issuance, which is a very centralized market with centralized providers.
- BIP70 implementation can also open up the risk of AML/KYC surveillance and monitoring of on-chain transactions, which the Bitcoin community is not particularly thrilled about.
BitPay And The BIP70 Controversy
As mentioned above, BitPay is the most widely used crypto-payment service provider in the world. Many merchants have entered the cryptospace by opting for the BitPay payment solution, empowering their users to pay for services via select cryptocurrencies. They courted controversy when they completely removed the BIP21 option from their site, allowing only for BIP70.
This was problematic because of several reasons:
- BIP21 is very simple and straightforward to implement. BIP70 has a lot of complications.
- This is a glaring example of a centralized giant (BitPay) bullying wallet providers to support specific payment protocols even if they don’t want to do it. Wallet providers like Samourai Wallet have disabled BitPay QR codes because they didn’t want to support BIP70.
- It leads to a gross violation of privacy. This will require further explanation.
How Can BIP70 Lead To Privacy Violation?
When your wallet makes a call to the merchant’s server, the merchant or the payment processor will be able to see your device’s IP address and easily identify you. Usually, you can mitigate this by using proxy services or Tor. However, using BIP70, the user will have to use a clouded BitPay URL to request for the merchant’s address and other relevant invoice details. If BitPay detects that you are using a VPN or Tor, they will not acknowledge you, making it impossible for you to pay your invoice.
In other words, not only is BitPay exploiting their position to force people to use a particular protocol, but they are also dictating how you can interact with the system itself. As expected, BitPay received heavy criticism because of this.
Decentralization Is The Solution
The BitPay controversy perfectly showcases the problems with centralization. A company which is powerful enough can dictate the flow of the market, even if the decisions that they have taken is largely unpopular. This is the reason why decentralized payment processors like 8PAY are crucial for the ecosystem. Using a decentralized processor will ensure that merchants and users can interact using the method that best works for them instead of using a method that has been decided for them.
