[bitcoin-dev] SIGHASH_NOINPUT in Segregated Witness

Luke Dashjr luke at dashjr.org
Fri Feb 26 02:35:23 UTC 2016


On Friday, February 26, 2016 1:07:46 AM Joseph Poon via bitcoin-dev wrote:
> This would be achieved using a SIGHASH flag, termed SIGHASH_NOINPUT. It
> does not include as part of the signature, the outpoint being spent
> (txid and index), nor the amount. It however, would include the spent
> outpoint's script as part of the signature. Note that this is just a
> SIGHASH flag, and the outpoints are still being included as part of the
> txins (if they are mutated, the new txids can be updated by the wallet
> without resigning). This allows for a signature to apply to anything
> with that pubkey (therefore pubkeys with this flag should not be
> reused). 

I'd like this regardless of Lightning, as it makes it possible to write fully 
malleability-proof wallet software also.

> For safety, this only applies in SegWit transactions, as segwit
> provides a sufficient malleability solution, there is no incentive to
> improperly use this sighash flag as a roundabout way to resolve
> malleability.

SegWit's malleability solution is not really sufficient in comparison, but I 
don't think there's a need to make this available to pre-SegWit transactions 
anyway (and doing so would probably complicate it).

Luke


More information about the bitcoin-dev mailing list