That's the preview of the change, the qr image has the bitcoin address label underneath so that when it's saved you can match it:

Haven't looked at the code, but screenshot looks good to me, nice work.

Thanks!

Having a malicious QRCode can probably only happen if you system, Bitcoin-Core or at least libqrencode is compromise.

Your PR would only protect from an attack on libqrencode and only if the user uses a self-compiled Bitcoin-Core (official binaries are static linked). Because, if you could tamper Bitcoin-Core, you could change the address at a core point which would also provide a malicious address below the QRCode.

This change would def. make sense if we would have HD for key derivation.
You could use a smartphone with the same xpub master key and verify the address at given keypath by comparing QRCodes or addresses together with the keypath.

IMO this PR does not hurt, although I don't believe that it increases security.

UtACK.

IMO this PR does not hurt, although I don't believe that is increases security.

If anything at the printer side is compromised, you're out of luck. But what about a malicious QR code reader? I think it could help there, comparing the address before accepting the transaction in your wallet.

Right, I think it makes sense to have a human readable version of the QR code besides it. Concept ACK.

Yes. I just thought people could already do this because they have the address below the QRCode already. But this PR makes it more prominent available.

Testing on OS X. The image is blurred. Original image is OK:

Current master:

This PR:

The Request payment window shows only the top part of the address:

Can you fix these problems?

I removed the anti-aliasing (I should I've imagined that it was bad for qr code scanning) and now it shouldn't have that blurring problem on OSX as it uses the same size as the size it's using to display it (300), anyway I will double-check it in few hours on that OS.

The only thing that's changed now is the export size, the final image is 44 pixel larger for each dimension. The good thing that is now I can reuse the constant EXPORT_IMAGE_SIZE (now changed to QR_IMAGE_SIZE, used only in this file) for the dimensions, also there's no need to re-scale the image again and again anymore.

I can squash the three commits to a single one and force push to this branch when needed.

One new warning generated:

+qt/receiverequestdialog.cpp:184:73: warning: implicit conversion from 'double' to 'int' changes value from 8.5 to 8 [-Wliteral-conversion]
+            painter.setFont(QFont(GUIUtil::fixedPitchFont().toString(), 8.5));
+                            ~~~~~                                       ^~~
+1 warning generated.

So now the window displays the address twice? Maybe just add it to the image when it's being saved...?

@luke-jr If displayed properly, the address is displayed four times! Title bar, image, bitcoin: URL and address. 8)

Hmm... font feels a bit small on my end (HiDPI/retina OSX):

So now the window displays the address twice? Maybe just add it to the image when it's being saved...?

Well at least people can't complain they're missing the address :-)
I don't think this is much of a concern, it's not like the window is short on space.

One thing I do wonder about though: do QR scanners need an empty (white) border around a QR code? If so, how large should it be?

@laanwj: I recently played around with max QR size/bytes, black/white (inverted) and the white-space-border. I could not find any specification about the "quite zone" (white border), but I guess "one square width" as min border size should be more as sufficient. I guess it depends on the QRCode reader implementation. But I could not read the QRCode with common readers if there where no white borders.

Current status:

Still not really readable on retina/HiDPI OSX:

ping @makevoid: I think this PR is almost ready. We just need a way that the font size respects the screen density (HiDPI).

ping @makevoid

We just need a way that the font size respects the screen density (HiDPI).

I'd say no because this is exported to an image file. We don't want the output to be dependent on the user's screen resolution.

@laanwj: check #7636 (comment)
The font size on HiDPI is different then on non-HiDPI.

I can take care about this and finish this PR.

Sorry but I don't have an HiDPI screen to test with yet, is there anything I can do? should I squash the commits?

The font size on HiDPI is different then on non-HiDPI.

Just a matter of misunderstanding / wrong formulation then - what we want here is to use a font size that is fixed in pixel size, just like the QR code itself is.

The QRCode is not rendered HiDPI (not required). Setting the font size in pixel works (because the size of the QImage is fixed in pixels not in points).
The only little downside is the missing HiDPI support for the new address (looks a bit pixled here).

Here's the diff.
@makevoid: Can you apply and squash?

diff --git a/src/qt/receiverequestdialog.cpp b/src/qt/receiverequestdialog.cpp
index 1e104bb..b81a039 100644
--- a/src/qt/receiverequestdialog.cpp
+++ b/src/qt/receiverequestdialog.cpp
@@ -183,7 +183,9 @@ void ReceiveRequestDialog::update()
             qrAddrImage.fill(0xffffff);
             QPainter painter(&qrAddrImage);
             painter.drawImage(0, 0, qrImage.scaled(QR_IMAGE_SIZE, QR_IMAGE_SIZE));
-            painter.setFont(QFont(GUIUtil::fixedPitchFont().toString(), 8));
+            QFont font = QFont(GUIUtil::fixedPitchFont().toString());
+            font.setPixelSize(12);
+            painter.setFont(font);
             QRect paddedRect = qrAddrImage.rect();
             paddedRect.setHeight(QR_IMAGE_SIZE+12);
             painter.drawText(paddedRect, Qt::AlignBottom|Qt::AlignCenter, info.address);

+ QFont font = QFont(GUIUtil::fixedPitchFont().toString());

fixedPitchFont() already returns QFont. Is this odd constructor necessary?

@MarcoFalke: Oh yes.
@makevoid: please use QFont font = GUIUtil::fixedPitchFont();.

@jonasschnelli done: 1c2a1ba#diff-23ecec8032dd36794001112346601b6aR186

utACK 1c2a1ba

Tested ACK 1c2a1ba.

Looks also good on Win(10).
HiDPI issues on windows are unrelated to this PR (we need Qt5.6.1).