The rationale for requiring Items to be canonically ordered by Typecode is that it enables implementations to use an in-memory representation that discards ordering, while retaining the same round-trip serialization of a UA / UVK (provided that unrecognized items are retained).
Showing fewer than 20 characters of a UA/UVK would potentially allow practical attacks in which the adversary constructs another UA/UVK that matches in the characters shown. When a UA/UVK is abridged it is preferable to show a prefix rather than some other part, both for a more consistent user experience across wallets, and because security analysis of the cost of partial UA/UVK matching attacks is more complicated if checksum characters are included in the characters that are compared.
+It is intended that new Receiver Types and Viewing Key Types SHOULD be introduced either by a modification to this ZIP or by a new ZIP, in accordance with the ZIP Process 13.
diff --git a/zip-0316.rst b/zip-0316.rst index 03d5b171..78f85a64 100644 --- a/zip-0316.rst +++ b/zip-0316.rst @@ -513,6 +513,10 @@ Requirements for both Unified Addresses and Unified Viewing Keys * There MUST NOT be additional bytes at the end of the raw encoding that cannot be interpreted as specified above. +* If the encoding of a Unified Address/Viewing Key is shown to a user + in an abridged form due to lack of space, at least the first 20 + characters MUST be included. + Rationale for item ordering ''''''''''''''''''''''''''' @@ -521,6 +525,18 @@ is that it enables implementations to use an in-memory representation that discards ordering, while retaining the same round-trip serialization of a UA / UVK (provided that unrecognized items are retained). +Rationale for showing at least the first 20 characters +'''''''''''''''''''''''''''''''''''''''''''''''''''''' + +Showing fewer than 20 characters of a UA/UVK would potentially allow +practical attacks in which the adversary constructs another UA/UVK that +matches in the characters shown. When a UA/UVK is abridged it is +preferable to show a prefix rather than some other part, both for a +more consistent user experience across wallets, and because security +analysis of the cost of partial UA/UVK matching attacks is more +complicated if checksum characters are included in the characters that +are compared. + Adding new types ----------------