- Add memo to InvoiceRequest message

- Add ephemeral_public_key and requires_payment_message fields to EncryptedPaymentRequest + updated descriptions
- Update EncryptedPayment and EncryptedPaymentACK message descriptions to use ECDH-derived key for signature instead of each side's public key
- Slim down message content-types
- Add EncryptedPayment and EncryptedPaymentACK creation detail steps
- Add updated paymentrequest.proto to bip-ir/ directory
- Add additional flow diagrams for various mobile-to-mobile / Store & Forward scenarios

bip-ir/paymentrequest.proto

@@ -0,0 +1,84 @@
+//
+// Simple Bitcoin Payment Protocol messages
+//
+// Use fields 1000+ for extensions;
+// to avoid conflicts, register extensions via pull-req at
+// https://github.com/bitcoin/bips/bip-0070/extensions.mediawiki
+//
+
+package payments;
+option java_package = "org.bitcoin.protocols.payments";
+option java_outer_classname = "Protos";
+
+// Generalized form of "send payment to this/these bitcoin addresses"
+message Output {
+        optional uint64 amount = 1 [default = 0]; // amount is integer-number-of-satoshis
+        required bytes script = 2; // usually one of the standard Script forms
+}
+message PaymentDetails {
+        optional string network = 1 [default = "main"]; // "main" or "test"
+        repeated Output outputs = 2;        // Where payment should be sent
+        required uint64 time = 3;           // Timestamp; when payment request created
+        optional uint64 expires = 4;        // Timestamp; when this request should be considered invalid
+        optional string memo = 5;           // Human-readable description of request for the customer
+        optional string payment_url = 6;    // URL to send Payment and get PaymentACK
+        optional bytes merchant_data = 7;   // Arbitrary data to include in the Payment message
+}
+message PaymentRequest {
+        optional uint32 payment_details_version = 1 [default = 1];
+        optional string pki_type = 2 [default = "none"];  // none / x509+sha256 / x509+sha1
+        optional bytes pki_data = 3;                      // depends on pki_type
+        required bytes serialized_payment_details = 4;    // PaymentDetails
+        optional bytes signature = 5;                     // pki-dependent signature
+}
+message X509Certificates {
+        repeated bytes certificate = 1;    // DER-encoded X.509 certificate chain
+}
+message Payment {
+        optional bytes merchant_data = 1;  // From PaymentDetails.merchant_data
+        repeated bytes transactions = 2;   // Signed transactions that satisfy PaymentDetails.outputs
+        repeated Output refund_to = 3;     // Where to send refunds, if a refund is necessary
+        optional string memo = 4;          // Human-readable message for the merchant
+}
+message PaymentACK {
+        required Payment payment = 1;      // Payment message that triggered this ACK
+        optional string memo = 2;          // human-readable message for customer
+}
+
+// BIP-IR Extensions
+message EncryptedInvoiceRequest {
+        required bytes encrypted_invoice_request = 1;   // AES-256-CBC Encrypted InvoiceRequest as defined in InvoiceRequest Spec
+        required bytes sender_public_key = 2;           // Sender's EC Public Key
+        required bytes invoice_request_hash = 3;        // SHA256 Hash of Non-Encrypted, Serialized InvoiceRequest (used for authentication)
+}
+
+message InvoiceRequest {
+        required bytes  sender_public_key = 1;              // Sender's EC Public Key
+        required uint64 nonce = 2;                          // Microseconds since epoch
+        optional uint64 amount = 3 [default = 0];           // amount is integer-number-of-satoshis
+        optional string pki_type = 4 [default = "none"];    // none / x509+sha256
+        optional bytes  pki_data = 5;                       // Depends on pki_type
+        optional string memo = 6;                           // Human-readable description of invoice request for the receiver
+        optional string notification_url = 7;               // URL to notify on EncryptedPaymentRequest ready
+        optional bytes  signature = 8;                      // PKI-dependent signature
+}
+
+message EncryptedPaymentRequest {
+        required bytes encrypted_payment_request = 1;                   // AES-256-CBC Encrypted PaymentRequest as defined in InvoiceRequest Spec
+        required bytes receiver_public_key = 2;                         // Receiver's EC Public Key
+        required bytes ephemeral_public_key = 3;                        // Public Key of ECDH-derived keypair
+        required bytes payment_request_hash = 4;                        // SHA256 Hash of Non-Encrypted, Serialized PaymentRequest (used for authentication)
+        required bool  requires_payment_message = 5 [default = false];  // Requires Payment/PaymentACK message exchange
+}
+
+message EncryptedPayment {
+        required bytes encrypted_payment = 1;           // AES-256-CBC Encrypted Payment as defined in InvoiceRequest Spec
+        required bytes payment_request_hash = 2;        // SHA256 Hash of Non-Encrypted, Serialized PaymentRequest returned in the transaction's EncryptedPaymentRequest message
+        required bytes signature = 3;                   // Signature over EncryptedPayment with original Sender's EC Private Key
+}
+
+message EncryptedPaymentACK {
+        required bytes encrypted_payment_ack = 1;       // AES-256-CBC Encrypted Payment as defined in InvoiceRequest Spec
+        required bytes payment_request_hash = 2;        // SHA256 Hash of Non-Encrypted, Serialized PaymentRequest returned in the transaction's EncryptedPaymentRequest message
+        required bytes signature = 3;                   // Signature over EncryptedPaymentACK with the Receiver's EC Private key.
+}