[bitcoin-dev] BIP draft: HTLC transactions

Peter Todd pete at petertodd.org
Wed Jul 20 05:46:54 UTC 2016

On Tue, Jul 19, 2016 at 10:35:39PM -0600, Sean Bowe via bitcoin-dev wrote:
> I'm requesting feedback for Hash Time-Locked Contract (HTLC) transactions
> in Bitcoin.
> HTLC transactions allow you to pay for the preimage of a hash. CSV/CLTV can
> be used to recover your funds if the other party is not cooperative. These
> scripts take the following general form:
>     [HASHOP] <digest> OP_EQUAL
>     OP_IF
>         <seller pubkey>
>     OP_ELSE
>         <num> [TIMEOUTOP] OP_DROP <buyer pubkey>
>     OP_ENDIF

Note that because you're hashing the top item on the stack regardless
scriptSig's that satisfy HTLC's are malleable: that top stack item can be
changed anything in the digest-not-provided case and the script still passes.

https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160720/87cd5733/attachment.sig>

More information about the bitcoin-dev mailing list