[bitcoin-dev] [Lightning-dev] BIP sighash_noinput

fred savage fred_savage2003 at hotmail.co.uk
Wed Jul 4 18:08:43 UTC 2018


you cannot specifically NOT support addrss reuse. on a blockchain where people can send you funds without your permission required to send you funds. so ALWAYS expect multiple payments to the same address

________________________________
From: bitcoin-dev-bounces at lists.linuxfoundation.org <bitcoin-dev-bounces at lists.linuxfoundation.org> on behalf of Luke Dashjr via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
Sent: 03 July 2018 12:13:44
To: lightning-dev at lists.linuxfoundation.org
Cc: Bitcoin Protocol Discussion
Subject: Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput

On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:
> I know it seems kind of silly, but I think it's somewhat important
> that the formal name of this flag is something like
> "SIGHASH_REPLAY_VULNERABLE" or likewise or at least
> "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially
> insecure for traditional applications where a third party might pay to
> an address a second time, and should only be used in special protocols
> which make that kind of mistake unlikely.

I don't agree. Address reuse is undefined behaviour. Nobody should assume it
is safe or works.

I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in
a wallet I am writing, which explicitly does not support address reuse.

Luke
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev at lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180704/a9830de3/attachment.html>


More information about the bitcoin-dev mailing list