[Qt] Payment request via Tor and BitPay - a NO go #5204
Comments
|
Even with Bitpay you can get the address/amount and pay manually. But it's kind of stupid that you can't get the payment request through tor. You should file an issue with them. |
|
Done... |
|
It's the cause of CloudFlare IP-based reputation system, which blocks Tor because "plenty of spam and malware uses Tor", so "few bad actors on Tor have made using Tor difficult for legitimate users". IMHO their system is fucked when using Tor and I told em exactly that. It seems they want to improve things, dunno how and when. @laanwj Anything for us that could be done for the users from us!? |
|
@Diapolo From a quick test, cloudflare returns a 403 in this case. I'm not sure how common it is that we would see that. Maybe it's worth adding a msgbox with a hint that this may be the cause for the "tor + 403" case? |
|
@theuni Right, I had the same idea, but I'm unsure how to quickly tell that the set proxy is indeed a Tor proxy (and we not only set derived it from -proxy, which doesn't need to be a Tor one)... |
|
@Diapolo No need to be sure of that. You could add the hint either case, the user will know if he's using Tor or not so whether to regard it or not. |
|
I think this is still an issue? |
|
I've heard reports that this is still an issue, and it became more serious now that bitpay has no way to manually specify address/amount anymore. Even when not using tor, the cloudflare protection might trigger. |
|
I think the appropriate fix is to encourage more wallets to use tor to send payment requests and default to using tor if there is a tor proxy configured ourselves. Not being able to send a payment request over Tor is an issue the provider needs to fix, not us. |
|
They have started using "Payment Protocol" (BIP 70) recently, it's hurting my business, because my customers can't pay without a specific wallet, I'll be switching to another payment processor. BitPay is only getting worse and worse... |
|
They have published an article today, explaining why this issue happens for TOR users, and a possible workaround, worth reading. |
|
New problem: even payments using a supported wallet do not work anymore. Obviously has something to do with the cloudflare DDoS protection, wich prevents wallets from getting the payment details. R.I.P BitPay. |
|
This is still an issue as of a few days ago. As pointed out above made worse by BitPay's BIP-70 enforcement. One solution could be to - if a request fails - offer the user to redo the request without Tor (default "No"). That's arguably better than telling users to turn Tor off. Perhaps the message could clarify that if they alrady use a non-Tor browser to place the order, there's probably not much downside, while at the same time reminding them that combining Tor with non-Tor is problematic in general. |
|
Closing payment protocol specific issues; as that functionality is going to be deprecated in the near future it's not worth working on. |
Most likely this is a no-issue for us, because we can't solve it, but perhaps we can brainstorm some ideas if we can extend error messages or reporting stuff to users.
This is what happened, I tried to pay via BitPay using my Bitcoin Core wallet while connected to the network via Tor. After clicking the payment button on the BitPay site I got this warning displayed to me (this is from my debug.log):
GUI: PaymentServer::netRequestFinished : "Kommunikationsfehler mit https://bitpay.com/i/XYZ: Error downloading https://bitpay.com/i/XYZ - server replied: Forbidden"I know that BitPay is using Cloudflare as hoster or technical base and that Cloudflare is blocking Tor exit nodes! This is "only" annoying if visiting their site via browser, as they offer a (stupid) captcha. But it get's totally stupid if using payment requests on their site, because of not being able to proceed.
I had to reconnect with Tor disabled to do my payment, which sucked! Any ideas, for how we could handle such a case or error situation from a UX view?
The text was updated successfully, but these errors were encountered: