Re: [bitcoin-dev] Safer sighashes and more granular SIGHASH_NOINPUT

author: Peter Todd <pete@petertodd.org> 2018-12-17 23:22:58 -0500
committer: bitcoindev <bitcoindev@gnusha.org> 2018-12-18 04:39:58 +0000
commit: 3ac2619e966f33309e9465e1f6f35aa11e91a0d2 (patch)
tree: 95b976a7b9b73172b4d6247214946556929017a2
parent: b86e0028d13feb136900966e4c9ac1587166f70a (diff)
download: pi-bitcoindev-3ac2619e966f33309e9465e1f6f35aa11e91a0d2.tar.gz
pi-bitcoindev-3ac2619e966f33309e9465e1f6f35aa11e91a0d2.zip
1 files changed, 130 insertions, 0 deletions
diff --git a/02/3b6167e041d698265170e2744e3a622d56574d b/02/3b6167e041d698265170e2744e3a622d56574d
new file mode 100644
index 000000000..54db7d138
--- /dev/null
+++ b/02/3b6167e041d698265170e2744e3a622d56574d
@@ -0,0 +1,130 @@
+Return-Path: <user@petertodd.org>
+Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
+	[172.17.192.35])
+	by mail.linuxfoundation.org (Postfix) with ESMTPS id 086B6BE1
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Tue, 18 Dec 2018 04:39:58 +0000 (UTC)
+X-Greylist: delayed 00:16:53 by SQLgrey-1.7.6
+Received: from outmail148114.authsmtp.net (outmail148114.authsmtp.net
+	[62.13.148.114])
+	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 52F8FA8
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Tue, 18 Dec 2018 04:39:57 +0000 (UTC)
+Received: from punt16.authsmtp.com (punt16.authsmtp.com [62.13.128.205])
+	by punt22.authsmtp.com. (8.15.2/8.15.2) with ESMTP id wBI4N2rY017695
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Tue, 18 Dec 2018 04:23:02 GMT (envelope-from user@petertodd.org)
+Received: from mail-c245.authsmtp.com (mail-c245.authsmtp.com [62.13.128.245])
+	by punt16.authsmtp.com. (8.15.2/8.15.2) with ESMTP id wBI4N1tX016869;
+	Tue, 18 Dec 2018 04:23:01 GMT (envelope-from user@petertodd.org)
+Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
+	[52.5.185.120]) (authenticated bits=0)
+	by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id wBI4Mxur098328
+	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); 
+	Tue, 18 Dec 2018 04:23:00 GMT (envelope-from user@petertodd.org)
+Received: from [127.0.0.1] (localhost [127.0.0.1])
+	by petertodd.org (Postfix) with ESMTPSA id 23EF140100;
+	Tue, 18 Dec 2018 04:22:59 +0000 (UTC)
+Received: by localhost (Postfix, from userid 1000)
+	id 5098720289; Mon, 17 Dec 2018 23:22:58 -0500 (EST)
+Date: Mon, 17 Dec 2018 23:22:58 -0500
+From: Peter Todd <pete@petertodd.org>
+To: Johnson Lau <jl2012@xbt.hk>,
+	Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
+Message-ID: <20181218042258.dfj7n5qmmcbbe2wo@petertodd.org>
+References: <CAPg+sBhuPG-2GXc+Bp0yv5ywry2fk56LPLT4AY0Kcs+YEoz4FA@mail.gmail.com>
+	<87ftv3xerx.fsf@rustcorp.com.au>
+	<DAAB7568-A004-4897-B5B3-0FBBC6895246@xbt.hk>
+	<87pnu6s3v5.fsf@rustcorp.com.au> <87h8fiqn1z.fsf@rustcorp.com.au>
+	<20181214093002.p2nvfrlaycqblww3@erisian.com.au>
+	<8736qyhsej.fsf@rustcorp.com.au>
+	<6DE5291C-629D-4080-9B0C-E18BEFA28B16@xbt.hk>
+MIME-Version: 1.0
+Content-Type: multipart/signed; micalg=pgp-sha256;
+	protocol="application/pgp-signature"; boundary="o7glrtnc4kukvjsi"
+Content-Disposition: inline
+In-Reply-To: <6DE5291C-629D-4080-9B0C-E18BEFA28B16@xbt.hk>
+User-Agent: NeoMutt/20170113 (1.7.2)
+X-Server-Quench: 9ac227dd-027c-11e9-903a-9cb654bb2504
+X-AuthReport-Spam: If SPAM / abuse - report it at:
+	http://www.authsmtp.com/abuse
+X-AuthRoute: OCd2Yg0TA1ZIVwkA IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
+	aQdMdwoUHFAXAgsB Am4bW1BeUl57WWM7 bghPaBtcak9QXgdq
+	T0pMXVMcU3cRBWFJ Q1weWxFxdQ0IcXhw ZghrDyNZXkMuIVt9
+	QEkHCGwHMG59YWAc AV1RJFFSdQcYLB1A alQxNiYHcQ5VPz4z
+	GA41ejw8IwAXEy1b TxtFNlMdQU8QHjMn DxkEEX0qGlcIDyop
+	Jho7LlcGVH0wHWUb CnsWf3U5FScvNmUB 
+X-Authentic-SMTP: 61633532353630.1039:706
+X-AuthFastPath: 0 (Was 255)
+X-AuthVirus-Status: No virus detected - but ensure you scan with your own
+	anti-virus system.
+X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
+	autolearn=ham version=3.3.1
+X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
+	smtp1.linux-foundation.org
+X-Mailman-Approved-At: Tue, 18 Dec 2018 16:11:00 +0000
+Subject: Re: [bitcoin-dev] Safer sighashes and more granular SIGHASH_NOINPUT
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.12
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Tue, 18 Dec 2018 04:39:58 -0000
+
+
+--o7glrtnc4kukvjsi
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: inline
+Content-Transfer-Encoding: quoted-printable
+
+On Tue, Dec 18, 2018 at 03:08:26AM +0800, Johnson Lau via bitcoin-dev wrote:
+> >> If it's not safer in practice, we've spent a little extra complexity
+> >> committing to a subset of the script in each signature to no gain. If
+> >> it is safer in practice, we've prevented people from losing funds. I'm
+> >> all for less complexity, but not for that tradeoff.
+> >=20
+> > There are many complexities we could add, each of which would prevent
+> > loss of funds in some theoretical case.
+>=20
+> Every security measures are overkill, until someone get burnt. If these s=
+ecurity measures are really effective, no one will get burnt. The inevitabl=
+e conclusion is: every effective security measures are overkill.
+
+This isn't really a security issue, it's a software reliability issue. And
+you're making a trade-off between complexity of the core protocol and
+complexity of wallet software.
+
+A core protocol failure has high costs for every single Bitcoin user; a wal=
+let
+software failure affects a much smaller number of people. So I'd be incline=
+d to
+prioritise core protocol simplicity rather than stamping out one of many, m=
+any,
+ways that wallet software can screw up and lose money.
+
+--=20
+https://petertodd.org 'peter'[:-1]@petertodd.org
+
+--o7glrtnc4kukvjsi
+Content-Type: application/pgp-signature; name="signature.asc"
+
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAEBCAAdFiEEFcyURjhyM68BBPYTJIFAPaXwkfsFAlwYdhwACgkQJIFAPaXw
+kfuZ0wf/UauIq8ePrnqij9vEzBYjgzQpLHboOQ9t3tiS4mFGXMxwfsOD/RkbpQuf
+VFBm9IIQVRLbHpUh1RkIEBA35Y7cWS3SEbH/8ZdR6d2oCVFCvoQzU5doUbXl02eO
+20kPxbrNIrGhMxoXxRax/1IR4qZk0GW4dXENMyiX/62CevpZzCkvL5Ajdjz5TLyn
+9Oiqxow89gsu0x+wQ3DBeJaUbvlD30GDMReK7ZdPOLgd2Zsq+InteU0cGzQdN4UR
+xl0MBPbA8ywnCqVmfYkVnqsPVHFug/Tnu+FYtl+W/nMVT4/6FJkYAbC5cSt56b0p
+CWLTn8s8mrySLVlayTHxPXAt30l/hA==
+=ffW3
+-----END PGP SIGNATURE-----
+
+--o7glrtnc4kukvjsi--
+
author	Peter Todd <pete@petertodd.org>	2018-12-17 23:22:58 -0500
committer	bitcoindev <bitcoindev@gnusha.org>	2018-12-18 04:39:58 +0000
commit	3ac2619e966f33309e9465e1f6f35aa11e91a0d2 (patch)
tree	95b976a7b9b73172b4d6247214946556929017a2
parent	b86e0028d13feb136900966e4c9ac1587166f70a (diff)
download	pi-bitcoindev-3ac2619e966f33309e9465e1f6f35aa11e91a0d2.tar.gz pi-bitcoindev-3ac2619e966f33309e9465e1f6f35aa11e91a0d2.zip