There’s a broad belief that bitcoin might just be the virtual currency that takes off in a big way. To do that, it will need to become a lot easier to use.
But developers within the Bitcoin community are close to finishing a new layer of code for bitcoin software clients that makes using it more practical for shoppers and merchants.
“This payment protocol represents a major advance in security and usability,” said Jeff Garzik, senior software engineer at BitPay, an Atlanta-based company that builds Bitcoin software tools.
The protocol will be open source, and it will be up to other developers to implement it in Bitcoin wallets, or software clients used to hold and spend the virtual currency.
A bitcoin is essentially a secret number that is transferred from one software client to another using a 32-character alpha-numeric address. Although many entrepreneurs are developing merchant tools and software for bitcoin, overall, the system can be clunky and lack a seamless grace.
For example, merchants can’t describe what an invoice payable in bitcoin is for. People also can’t give merchants a bitcoin address for refunds. The payment protocol allows for a user-friendly description of a payment request as well as where refunds should be sent.
Shoppers also need to know the payment request is legitimate. For example, a hacker executing a man-in-the-middle attack could intervene in a transaction, swapping the company’s legitimate bitcoin address with his own and irreversibly taking a person’s bitcoins.
To solve that problem, payment requests will use digital certificates, the same kind of security technology indicated by a padlock in a web browser. Specifically, the payment requests will use X.509 certificates, which underpin SSL (Secure Sockets Layer), which encrypts data traffic between two parties.
While there are many weaknesses in SSL, “it’s better than nothing,” said Gavin Andresen, chief scientist for The Bitcoin Foundation and lead developer for the Bitcoin-QT client. If a better public key encryption scheme comes along, it can be swapped out in the payment protocol, he said.
“With Bitcoin, we are trying to get things right from the beginning so the payment process is as simple as it possibly can be and still completely secure,” Andresen said.
The communication between a customer and company will be performed over SSL and will not be part of the so-called “blockchain,” the public ledger that shows bitcoin transactions, Andresen said. The payment protocol will not touch the core code that drives Bitcoin’s network.
Andresen and other developers are working on a payment protocol implementation for the forthcoming 0.9 version of Bitcoin-QT, the first Bitcoin software client.
Future development efforts will rely on the foundation set by the protocol, said Mike Hearn, a software developer who has worked on it. “The real potential will start to become apparent as we add features to it,” he said.
The protocol could eventually be developed to support payment scenarios such as recurring subscriptions, tipping for services-related transactions and authorization and hold situations, used by hotels and rental car companies to verify funds are available.
“It’s really the keystone for many future efforts,” Hearn said.