[bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by third-parties, not just repo maintainers

Steve Davis steven.charles.davis at gmail.com
Sun Feb 26 06:26:45 UTC 2017

Hi Pieter,

> On Feb 25, 2017, at 4:14 PM, Pieter Wuille <pieter.wuille at gmail.com> wrote:
> Any alternative to move us away from RIPEMD160 would require:

> <snipped>

“Any alternative”? What about reverting to:

[<public_key>, OP_CHECKSIG]

or perhaps later

[<“compressed” public_key>, OP_CHECKSIG]

This appears to get away from the issue without introducing a lot of other concerns?

(IIRC the RIPEMD thing was justified on convenience and compactness).

Could that be the alternative?


More information about the bitcoin-dev mailing list