piegamesde
commented
3 years ago I don't think this is possible by the protocol at the moment.
Closed pepa65 closed 3 years ago
piegamesde
commented
3 years ago I don't think this is possible by the protocol at the moment.
pepa65
commented
3 years ago I suspected as much...
psanford
commented
3 years ago piegamesde is correct, there's nothing in the protocol spec to force verification to happen. The verification code is derived from the handshake, but the sender does not indicate it wants verification.
I suspect that very few people ever use the verification code as it adds a lot of manual overhead to the process. Using a longer wormhole code (and one that doesn't use the default wormhole dictionary) is probably a better way for most people to get higher security assurances without the overhead of verification codes.
If possible, it would be great if the receiver never needs to specify -v/--verify, and the verification string would automatically be shown when the sender required it. (And when the sender did not ask for it, the string is never necessary for the receiver, even though he would get one if
wormhole-william recv -vwas given).