22 Dec '12, 11am
Homomorphic Payment Addresses and the Pay-to-Contract Protocol by Ilja Gerhardt and Timo Hanke #bitcoin
We propose an electronic payment protocol for typical customer-merchant relations which does not require a trusted (signed) payment descriptor to be sent from the merchant to the customer. Instead, the destination "account" number for the payment is solely created on the customer side. This eliminates the need for any encrypted or authenticated communication in the protocol and is secure even if the merchant's online infrastructure is compromised. Moreover, the payment transaction itself serves as a timestamped receipt for the customer. It proves what has been paid for and who received the funds, again without relying on any merchant signatures. In particular, funds and receipt are exchanged in a single atomic action. The asymmetric nature of the customer-merchant relation is crucial. The protocol is specifically designed with bitcoin in mind as the underlying payment syst...