From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 42ED8955 for ; Tue, 16 Aug 2016 19:43:57 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail148098.authsmtp.com (outmail148098.authsmtp.com [62.13.148.98]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 74384125 for ; Tue, 16 Aug 2016 19:43:56 +0000 (UTC) Received: from mail-c247.authsmtp.com (mail-c247.authsmtp.com [62.13.128.247]) by punt21.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u7GJhpXh082671; Tue, 16 Aug 2016 20:43:51 +0100 (BST) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u7GJho5h074296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 16 Aug 2016 20:43:50 +0100 (BST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 58D7740092; Tue, 16 Aug 2016 19:40:45 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id 39A5E20B3A; Tue, 16 Aug 2016 12:43:32 -0700 (PDT) Date: Tue, 16 Aug 2016 12:43:32 -0700 From: Peter Todd To: Luke Dashjr , Bitcoin Protocol Discussion Message-ID: <20160816194332.GA5888@fedora-21-dvm> References: <1736097121.90204.1471369988809@privateemail.com> <201608161937.20748.luke@dashjr.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline In-Reply-To: <201608161937.20748.luke@dashjr.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: c1e620c6-63e9-11e6-bcde-0015176ca198 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdwQUGUATAgsB AmAbWVReVF57XGI7 bghPaBtcak9QXgdq T0pMXVMcUQIfe0Re A0YeVR1wfgMIcHd5 YQgxXyVdXkQpc1t7 QRtdCGwHMGF9OjNL BV1YdwJRcQRMLU5E Y1gxNiYHcQ5VPz4z GA41ejw8IwAXDilK CissFQBabUsCGj86 SFgdHCkvVWo9cAQd ZxUgJhY7JHE3FXkT HzlpXFscNxIbAAxa Hl1cSC5fb2FbeBEL ZQAA X-Authentic-SMTP: 61633532353630.1038:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] New BIP: Dealing with OP_IF and OP_NOTIF malleability in P2WSH X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Aug 2016 19:43:57 -0000 --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 16, 2016 at 07:37:19PM +0000, Luke Dashjr via bitcoin-dev wrote: > On Tuesday, August 16, 2016 5:53:08 PM Johnson Lau via bitcoin-dev wrote: > > A new BIP is prepared to deal with OP_IF and OP_NOTIF malleability in > > P2WSH: > > https://github.com/jl2012/bips/blob/minimalif/bip-minimalif.mediawiki > > https://github.com/bitcoin/bitcoin/pull/8526 >=20 > I am not sure this makes sense. SegWit transactions are already non-malle= able=20 > due to skipping the witness data in calculating the transaction id. What = is=20 > the benefit to this? SegWit txids aren't malleable, but segwit transactions as a whole still are. For instance, I could mess with a segwit transaction by replacing part of t= he witness that is used as an argument to an OP_IF with a much larger push, potentially making the transaction larger, thus making it not get mined due= to the higher fee. There are also potential legal issues if someone replaces a push with data where posession in your jurisdiction is illegal. Having said that, a better approach may be a separate CHECKBOOLVERIFY opcode that fails unless the top item on the stack is a minimally encoded true or false value, to allow script writers to opt into this behavior; it's not al= ways ideal. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJXs2zhAAoJEGOZARBE6K+yO+gH/AmfamFulci3Qcm/i5d9MffA KoyFjZBKfjO+aq0/nEoAYedPX0pLFsjUqNgZ0e1+OguTPMY2pRdPzdSkdaAoQRHo kP+VY84K/KoEtphrNsOI9E4IefvalrSK4pffhAz023qNoloT5sMCPTiMP9E3/LmG DeCVGjx8jHyxOeXvgS3iSV/aMdtHM50ODhtaJer4mmLOjDiK1irYQY8WOLimyyGZ pSYYeFzQSo05Y8DXe2ztN8xH9kAigU6dQs1MXSX1WoAYKHpAXiWRb/Xd36nSn/+o SlAc1dmJxg4Pv/CtzFoGekr7nmRfpZ/D44zPMZ50imFmBzNOoKO7JSEc5rrNAe8= =3FmG -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--