|
Title: OAuth 2 for Bitcoin Wallets: best practices Post by: dragons_are_secure on October 28, 2017, 04:00:28 PM IETF recently came out with recommendations for best practices for Native Apps using OAuth 2. It got me wondering whether the protocols for those using Native Apps for Bitcoin Wallets should be improved.
Here's the IETF: https://www.rfc-editor.org/rfc/rfc8252.txt The short summary is that they recommend adopting a PKCE like exchange. My understanding is that this is not currently in most Wallet API flows: (e.g. : https://developers.coinbase.com/docs/wallet/coinbase-connect) |