[bitcoin-dev] BIP sighash_noinput

Peter Todd pete at petertodd.org
Mon Jul 9 09:41:39 UTC 2018


On Tue, Jul 03, 2018 at 11:45:22PM +0000, Gregory Maxwell wrote:
> On Tue, Jul 3, 2018 at 5:21 AM, Peter Todd <pete at petertodd.org> wrote:
> > The problem with that name is `SIGHASH_REUSE_VULNERABLE` tells you nothing
> > about what the flag actually does.
> 
> I believe that making the signature replayable is 1:1 with omitting
> the identification of the specific coin being spent from it.

I think you have a good point there. But that's not the only way that reuse
could be a vulnerability: consider hash-based signatures.

I'm happy with adding a suffix or prefix to the term SIGHASH_NOINPUT, e.g.
SIGHASH_NOINPUT_UNSAFE to re-use Rust terminology.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180709/28ee2dde/attachment-0001.sig>


More information about the bitcoin-dev mailing list