[Lightning-dev] [bitcoin-dev] BIP sighash_noinput
Luke Dashjr
luke at dashjr.org
Tue Jul 3 12:13:44 UTC 2018
On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:
> I know it seems kind of silly, but I think it's somewhat important
> that the formal name of this flag is something like
> "SIGHASH_REPLAY_VULNERABLE" or likewise or at least
> "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially
> insecure for traditional applications where a third party might pay to
> an address a second time, and should only be used in special protocols
> which make that kind of mistake unlikely.
I don't agree. Address reuse is undefined behaviour. Nobody should assume it
is safe or works.
I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in
a wallet I am writing, which explicitly does not support address reuse.
Luke
More information about the Lightning-dev
mailing list