From: fred savage <fred_savage2003@hotmail.co.uk>
To: Rusty Russell <rusty@rustcorp.com.au>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput
Date: Fri, 13 Jul 2018 09:50:47 +0000 [thread overview]
Message-ID: <VI1PR1001MB1309AFFE2838D85CBCB77C66DE580@VI1PR1001MB1309.EURPRD10.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <878t6gxapt.fsf@rustcorp.com.au>
[-- Attachment #1: Type: text/plain, Size: 2543 bytes --]
the issues with sighash_noinput is this
1. you cannot prevent address-reuse. because bitcoin is a PUSH payment. meaning other people can send funds to one address without the owner of the key approval/refusal. thus luke cannot control address reuse if many people start spamming him donations.
2. for average users who would just 'autopilot' LN and only see the GUI. they will have no clue what transaction types and technicals are happening under the hood. also with LN being not validated by the community. a user creating a channel could tweak their own LN node to make their counterparty sign a sighash-noinput as a term/condition of the channel
this is also a risk for the under the hood raw tx risks where a tx can be signed but then allow the out's to alter value(using a different opcode). .. you know the premiss of allowing a counterpart to alter the outs value to vary so that they can control the broadcast fee at the time of broadcast to cover being acceptd onchain.. which can be abused by a counter party just editing it so A gets nothing and B gets it all..
3. by allowing certain things to change after signing. is infact bringing back malleability for those that use a TXID to identify a tx has been confirmed. as a TXID would change if values change.. just like how malleation abused old transactions by editing a tx without needing to re-sign a tx
________________________________
From: bitcoin-dev-bounces@lists.linuxfoundation.org <bitcoin-dev-bounces@lists.linuxfoundation.org> on behalf of Rusty Russell via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>
Sent: 13 July 2018 00:04:14
To: DING FENG; Luke Dashjr
Cc: Bitcoin Protocol Discussion; lightning-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput
DING FENG <dingfeng12345@gmail.com> writes:
> Hi,
>
> I'm a junior developer and a bitcoin user.
> And I have read this thread carefully.
>
> I'm very worried about "SIGHASH_NOINPUT".
>
> Because "SIGHASH_NOINPUT" looks will be widely used, and it makes reuse
> address more dangerous.
No.
A wallet should *never* create a SIGHASH_NOINPUT to spend its own UTXOs.
SIGHASH_NOINPUT is useful for smart contracts which have unique
conditions, such as a pair of peers rotating keys according to an agreed
schedule (eg. lightning).
Cheers,
Rusty.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
[-- Attachment #2: Type: text/html, Size: 3650 bytes --]
next prev parent reply other threads:[~2018-07-13 9:50 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-30 16:29 [bitcoin-dev] BIP sighash_noinput Christian Decker
2018-04-30 18:25 ` Dario Sneidermanis
2018-05-01 16:58 ` Russell O'Connor
2018-05-01 17:32 ` Christian Decker
2018-05-04 9:15 ` ZmnSCPxj
2018-05-04 11:09 ` Christian Decker
2018-05-04 14:25 ` ZmnSCPxj
2018-09-26 9:36 ` Jonas Nick
2018-09-26 19:45 ` Johnson Lau
2018-09-26 20:40 ` Jonas Nick
2018-05-07 19:40 ` Christian Decker
2018-05-07 20:51 ` Bram Cohen
2018-07-03 6:58 ` [bitcoin-dev] [Lightning-dev] " ZmnSCPxj
2018-07-03 11:54 ` William Casarin
2018-05-08 14:40 ` [bitcoin-dev] " Anthony Towns
2018-05-09 23:01 ` Olaoluwa Osuntokun
2018-05-09 23:04 ` Rusty Russell
2018-05-14 9:23 ` [bitcoin-dev] [Lightning-dev] " Anthony Towns
2018-05-15 14:28 ` Christian Decker
2018-05-07 23:47 ` [bitcoin-dev] " Olaoluwa Osuntokun
2018-05-10 14:12 ` Christian Decker
2018-07-02 18:11 ` Gregory Maxwell
2018-07-03 4:56 ` Rusty Russell
2018-07-03 5:21 ` Peter Todd
2018-07-03 23:45 ` Gregory Maxwell
2018-07-09 9:41 ` Peter Todd
2018-07-03 12:05 ` Christian Decker
2018-07-03 12:13 ` [bitcoin-dev] [Lightning-dev] " Luke Dashjr
2018-07-04 18:08 ` fred savage
2018-07-05 8:18 ` vv01f
[not found] ` <CAK_c0Xo0G9-YiOGZK_8WsYNkzjQRaH+u7XOUAozKosggXeXTNg@mail.gmail.com>
2018-07-11 7:43 ` ZmnSCPxj
2018-07-13 0:04 ` Rusty Russell
2018-07-13 9:50 ` fred savage [this message]
2018-07-13 11:07 ` Christian Decker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR1001MB1309AFFE2838D85CBCB77C66DE580@VI1PR1001MB1309.EURPRD10.PROD.OUTLOOK.COM \
--to=fred_savage2003@hotmail.co.uk \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox