[bitcoin-dev] Sighash Type Byte; Re: BIP Proposal: The Great Consensus Cleanup

Russell O'Connor roconnor at blockstream.io
Thu Mar 7 15:16:43 UTC 2019

> * If the sighash type byte (ie last byte in a signature being evaluated
> during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY])
> is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script
> execution fails. This does not apply to 0-length signature stack elements.

The sighash type byte is a "great" place to store a few bits of ancillary
data when making signatures.  Okay it isn't great, but it is good enough
that some misguided users may have been using it and have unbroadcast
transactions in cold storage (think sweeps) for UTXOs whose private keys
may have been lost.  I don't think that one's hunch that there isn't much
risk in disabling these sighashes is good enough to put people funds at
risk, especially given the alternative proposal of caching the
just-before-the-last-byte sighash midstate that is available.

Russell O'Connor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190307/147c2ccd/attachment.html>

More information about the bitcoin-dev mailing list