public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Luke Dashjr <luke@dashjr.org>
To: Christian Decker <decker.christian@gmail.com>
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [BIP] Normalized transaction IDs
Date: Tue, 3 Nov 2015 20:48:17 +0000	[thread overview]
Message-ID: <201511032048.18680.luke@dashjr.org> (raw)
In-Reply-To: <CALxbBHV4JU7TG8QutkX7m9V4n_ANgKAgWO8ZA2KxQk8jP=kF0g@mail.gmail.com>

On Tuesday, November 03, 2015 8:37:44 PM Christian Decker wrote:
> I am still very much intrigued by Luke's idea of having empty scriptsigs
> and ship the signatures in external scripts, however the proposal uses the
> on-the-fly normalization because we have no good way of relaying the
> external scripts. Since we are still in the drafting phase I am open to
> suggestions and if there is a good/working solution I can amend/withdraw
> the proposal.

Changing the network protocol is trivial in comparison to making a permanent 
increase in UTXO set costs.

> As for open venues for malleability, I'm not sure we can fix them at all,
> after all the ability of a single signer to doublespend by
> appending/replacing inputs/outputs in an arbitrary fashion is not fixable
> IMHO and will cause any future transaction building on its outputs to be
> orphaned. What would the perfect properties for such a fix be?

The problem isn't changing inputs/outputs, but that such changes invalidate 
later spends. In particular, note that wallets *should ideally* be actively 
trying to make transfers using multiple malleated versions of the same 
payment.

So the way to make an anti-malleable wallet, would be to strictly enforce the 
no-address-reuse rule on payments received (note this has no effect on 
other/current wallets) and rely only on the hash of that scriptPubKey+value 
for the input in subsequent transactions. This way, no matter what inputs or 
other outputs the transaction paying the address/invoice uses, the subsequent 
transaction ignores them and remains valid. (I am not suggesting this as a 
mandatory change that all wallets must adopt to receive the current semi-
malleability protection you propose - only that it be *possible* for wallets 
to upgrade to or offer in the future.)

Luke


  reply	other threads:[~2015-11-03 20:49 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-19 14:01 [bitcoin-dev] [BIP] Normalized transaction IDs Christian Decker
2015-10-19 15:23 ` Tier Nolan
2015-10-19 19:28   ` Christian Decker
2015-10-19 22:22   ` s7r
2015-10-20 10:30     ` Christian Decker
2015-10-21  6:18 ` Luke Dashjr
2015-10-21  7:39   ` Christian Decker
2015-10-21  7:52     ` Luke Dashjr
2015-10-21  8:31       ` Christian Decker
2015-10-21  8:39         ` Luke Dashjr
2015-10-21  8:44           ` Christian Decker
2015-10-21  8:46             ` Luke Dashjr
2015-10-21 18:22               ` Danny Thorpe
2015-10-21 19:27                 ` Gregory Maxwell
2015-10-21 23:20                 ` Luke Dashjr
2015-10-22  8:26                   ` Christian Decker
2015-10-22  8:57                     ` Gregory Maxwell
2015-10-22 11:54                       ` Christian Decker
2015-10-22  9:05                     ` Luke Dashjr
2015-11-03 20:37                       ` Christian Decker
2015-11-03 20:48                         ` Luke Dashjr [this message]
2015-11-03 21:44                           ` Christian Decker
2015-11-03 22:01                             ` Luke Dashjr
2015-11-05 15:27                               ` Jorge Timón
2015-11-05 19:36                                 ` Luke Dashjr
2015-11-05 20:25                                   ` Jorge Timón
2015-11-05 22:46                                     ` s7r
2015-11-05 22:29                                   ` Adam Back
2015-11-06 14:52                                 ` Christian Decker
2015-11-04  4:00                             ` Peter Todd
2015-11-05  9:38                               ` Christian Decker
2015-10-21  7:48   ` Gregory Maxwell
2015-10-21  8:26     ` Gregory Maxwell
2015-10-21  8:49       ` Christian Decker
2015-10-21  8:50         ` Christian Decker
2015-10-21 10:14         ` Gregory Maxwell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=201511032048.18680.luke@dashjr.org \
    --to=luke@dashjr.org \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=decker.christian@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox