201 sats \ 1 reply \ @litago 14 Nov 2022 \ on: AMA - Blockstream Jade Team Enables Air-Gapped Transactions bitcoin
How does the wallet protect ageinst qr codes containing malicious payloads in the case where there is a vulnerability in the hardware?
Is there any difference in the way you need to protect ageinst these when using qr compared to other solutions?
write
preview
2 sats \ 0 replies \ @blockstream_official OP 14 Nov 2022
We only accept a very small list of certain UR messages and other specific payload types (eg. SeedQR). We then apply strict checks to the format of that payload to ensure it is valid and is what we think it is (for example our PSBT parser can be quite strict in what it accepts). Then after that, we still have the checks and validations we run on the payload (eg. the txn data) regardless of which transport it was received from.
reply