Add checksum (and maybe chain id) in the Libra address to avoid potential loss by mistake.
Libra addresses are arbitrary 256 bits number without checksum or chain id embedded according to from_public_key and from_hex_literal.
The lack of such information may cause user to loss money by mistake. Checksum can help user to detect typos when sending money, and chain id can avoid sending to an account in a wrong blockchain.
Bitcoin's base58 address encoding has a 4-byte checksum by the end of the address data. Any reasonable hash function can be used to generate such checksum.
Chain id is usually the hash of the genesis block. However in Libra as we don't have "block" explicitly, an alternative could be the sparse merkle root of the chain database (with the commitment of the initial validator set and maybe more metadata that can distinguish different networks).
Are you willing to open a pull request? (See CONTRIBUTING)
Sure, if the address format is standardized.
Bitcoin base58 address format: https://en.bitcoin.it/wiki/Bitcoin_address
see also PR #301
@h4x3rotab thanks for the recommendation and related links. We're still exploring our options here as adding a checksum is closely linked to our account creation strategy. Atm, similarly to Bitcoin, an account is auto-created when we send funds to a non-existing address.
However, if Libra's final design won't allow account auto-creation, then the checksum is redundant because it's computationally difficult to generate similar addresses by hash(pub_key). The latter means that a typo will send funds to a non-existing account and the transaction will normally fail, thus money will bounce back. I'll keep updating this thread with design decisions.
we did this!
Most helpful comment
@h4x3rotab thanks for the recommendation and related links. We're still exploring our options here as adding a checksum is closely linked to our account creation strategy. Atm, similarly to Bitcoin, an account is auto-created when we send funds to a non-existing address.
However, if Libra's final design won't allow account auto-creation, then the checksum is redundant because it's computationally difficult to generate similar addresses by
hash(pub_key). The latter means that a typo will send funds to a non-existing account and the transaction will normally fail, thus money will bounce back. I'll keep updating this thread with design decisions.