public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Jonathan Underwood <junderwood@bitcoinbank.co.jp>
To: Bitcoin development mailing list <bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] BIP174 amendment proposal (Important Signer Check should be mentioned)
Date: Wed, 10 Jul 2019 00:58:56 +0900	[thread overview]
Message-ID: <CAMpN3mLtKXoFerZnpM_qs-CS6fjJFzmPS5+Ri0j27YwRmqam-A@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 1239 bytes --]

Hi all,

Just to be brief, I'll kick off with an attack scenario.

1. I am a signer, I get a PSBT that is ready to sign. I parse. I sign
according to the PSBT as-is.
2. I notice my UTXO was stolen by a hacker because they changed my PSBT
input's sighashtype to SIGHASH_ANYONECANPAY | SIGHASH_NONE and after the
fact they changed the outputs to send to themselves, and added an input
they signed with SIGHASH_ALL.
3. I lose the BTC in my UTXO.

So we should definitely add to the signer checks "ensure the sighash type
given is the type of sighash you want to sign." etc.

My proposal for a wording change would be addition to the bullet list:

- If a sighash type is provided, the signer MUST check that the sighash
type is acceptable to them, and fail signing if unacceptable.
- If a sighash type is not provided, the signer SHOULD sign using
SIGHASH_ALL, but may sign with any sighash type they wish.

Any thoughts?

Thanks,
Jon

-- 
-----------------
Jonathan Underwood
ビットバンク社 チーフビットコインオフィサー
-----------------

暗号化したメッセージをお送りの方は下記の公開鍵をご利用下さい。

指紋: 0xCE5EA9476DE7D3E45EBC3FDAD998682F3590FEA3

[-- Attachment #2: Type: text/html, Size: 1723 bytes --]

             reply	other threads:[~2019-07-09 15:59 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-09 15:58 Jonathan Underwood [this message]
2019-07-09 20:26 ` [bitcoin-dev] BIP174 amendment proposal (Important Signer Check should be mentioned) Andrew Chow
2019-07-09 22:21   ` Jonathan Underwood

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAMpN3mLtKXoFerZnpM_qs-CS6fjJFzmPS5+Ri0j27YwRmqam-A@mail.gmail.com \
    --to=junderwood@bitcoinbank.co.jp \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox