From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 086B6BE1 for ; Tue, 18 Dec 2018 04:39:58 +0000 (UTC) X-Greylist: delayed 00:16:53 by SQLgrey-1.7.6 Received: from outmail148114.authsmtp.net (outmail148114.authsmtp.net [62.13.148.114]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 52F8FA8 for ; Tue, 18 Dec 2018 04:39:57 +0000 (UTC) Received: from punt16.authsmtp.com (punt16.authsmtp.com [62.13.128.205]) by punt22.authsmtp.com. (8.15.2/8.15.2) with ESMTP id wBI4N2rY017695 for ; Tue, 18 Dec 2018 04:23:02 GMT (envelope-from user@petertodd.org) Received: from mail-c245.authsmtp.com (mail-c245.authsmtp.com [62.13.128.245]) by punt16.authsmtp.com. (8.15.2/8.15.2) with ESMTP id wBI4N1tX016869; Tue, 18 Dec 2018 04:23:01 GMT (envelope-from user@petertodd.org) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id wBI4Mxur098328 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 18 Dec 2018 04:23:00 GMT (envelope-from user@petertodd.org) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 23EF140100; Tue, 18 Dec 2018 04:22:59 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id 5098720289; Mon, 17 Dec 2018 23:22:58 -0500 (EST) Date: Mon, 17 Dec 2018 23:22:58 -0500 From: Peter Todd To: Johnson Lau , Bitcoin Protocol Discussion Message-ID: <20181218042258.dfj7n5qmmcbbe2wo@petertodd.org> References: <87ftv3xerx.fsf@rustcorp.com.au> <87pnu6s3v5.fsf@rustcorp.com.au> <87h8fiqn1z.fsf@rustcorp.com.au> <20181214093002.p2nvfrlaycqblww3@erisian.com.au> <8736qyhsej.fsf@rustcorp.com.au> <6DE5291C-629D-4080-9B0C-E18BEFA28B16@xbt.hk> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="o7glrtnc4kukvjsi" Content-Disposition: inline In-Reply-To: <6DE5291C-629D-4080-9B0C-E18BEFA28B16@xbt.hk> User-Agent: NeoMutt/20170113 (1.7.2) X-Server-Quench: 9ac227dd-027c-11e9-903a-9cb654bb2504 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZIVwkA IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdwoUHFAXAgsB Am4bW1BeUl57WWM7 bghPaBtcak9QXgdq T0pMXVMcU3cRBWFJ Q1weWxFxdQ0IcXhw ZghrDyNZXkMuIVt9 QEkHCGwHMG59YWAc AV1RJFFSdQcYLB1A alQxNiYHcQ5VPz4z GA41ejw8IwAXEy1b TxtFNlMdQU8QHjMn DxkEEX0qGlcIDyop Jho7LlcGVH0wHWUb CnsWf3U5FScvNmUB X-Authentic-SMTP: 61633532353630.1039:706 X-AuthFastPath: 0 (Was 255) X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Tue, 18 Dec 2018 16:11:00 +0000 Subject: Re: [bitcoin-dev] Safer sighashes and more granular SIGHASH_NOINPUT X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Dec 2018 04:39:58 -0000 --o7glrtnc4kukvjsi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 18, 2018 at 03:08:26AM +0800, Johnson Lau via bitcoin-dev wrote: > >> If it's not safer in practice, we've spent a little extra complexity > >> committing to a subset of the script in each signature to no gain. If > >> it is safer in practice, we've prevented people from losing funds. I'm > >> all for less complexity, but not for that tradeoff. > >=20 > > There are many complexities we could add, each of which would prevent > > loss of funds in some theoretical case. >=20 > Every security measures are overkill, until someone get burnt. If these s= ecurity measures are really effective, no one will get burnt. The inevitabl= e conclusion is: every effective security measures are overkill. This isn't really a security issue, it's a software reliability issue. And you're making a trade-off between complexity of the core protocol and complexity of wallet software. A core protocol failure has high costs for every single Bitcoin user; a wal= let software failure affects a much smaller number of people. So I'd be incline= d to prioritise core protocol simplicity rather than stamping out one of many, m= any, ways that wallet software can screw up and lose money. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --o7glrtnc4kukvjsi Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEFcyURjhyM68BBPYTJIFAPaXwkfsFAlwYdhwACgkQJIFAPaXw kfuZ0wf/UauIq8ePrnqij9vEzBYjgzQpLHboOQ9t3tiS4mFGXMxwfsOD/RkbpQuf VFBm9IIQVRLbHpUh1RkIEBA35Y7cWS3SEbH/8ZdR6d2oCVFCvoQzU5doUbXl02eO 20kPxbrNIrGhMxoXxRax/1IR4qZk0GW4dXENMyiX/62CevpZzCkvL5Ajdjz5TLyn 9Oiqxow89gsu0x+wQ3DBeJaUbvlD30GDMReK7ZdPOLgd2Zsq+InteU0cGzQdN4UR xl0MBPbA8ywnCqVmfYkVnqsPVHFug/Tnu+FYtl+W/nMVT4/6FJkYAbC5cSt56b0p CWLTn8s8mrySLVlayTHxPXAt30l/hA== =ffW3 -----END PGP SIGNATURE----- --o7glrtnc4kukvjsi--