IETF recently came out with recommendations for best practices for Native Apps using OAuth 2. It got me wondering whether the protocols for those using Native Apps for Bitcoin Wallets should be improved.
Here's the IETF:
https://www.rfc-editor.org/rfc/rfc8252.txt
The short summary is that they recommend adopting a PKCE like exchange. My understanding is that this is not currently in most Wallet API flows:
(e.g. : https://developers.coinbase.com/docs/wallet/coinbase-connect)
Topic: OAuth 2 for Bitcoin Wallets: best practices (Read 273 times)
Jump to: