Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A1C50D62C for ; Thu, 7 Mar 2019 15:16:55 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-it1-f174.google.com (mail-it1-f174.google.com [209.85.166.174]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3F756180 for ; Thu, 7 Mar 2019 15:16:55 +0000 (UTC) Received: by mail-it1-f174.google.com with SMTP id 188so16338572itb.0 for ; Thu, 07 Mar 2019 07:16:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blockstream.io; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=zZoVXvO5KbZyY3e5GMrXUopLD1nDcWEihe4EoJcX+NA=; b=AxN7vvZG4AF/WLPXV7PT8JG2zcnaEAFOijV23mQ2ttS5KUML0jlqE8Zllk+sG6qFtP vtQJxwm3mt8iJR4IerPI4vy5xhlw8ltaLgU5coY69pwM+h9hfOIKrhXhbXEKvJ63X+Pp EVo+xbe+UOmK3oX/IBTMHzs5xMmeW5E9dYPSE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=zZoVXvO5KbZyY3e5GMrXUopLD1nDcWEihe4EoJcX+NA=; b=I6PK2uiq8FuWN3CLz+9oEWzoNVp8GNq7Fbe+wvou2gUKrXjIZCAf28sZb7mljUYgdD IU0f1RXtv1iEmzA2ofeMLQhpV0tFIF6gkGziVnh4ODbO0GCMQw65waXiEcfaKykGB3Iw FLKHsIPfSWp9e3zcp7RGGKuvefC4C/qzrvbCYKAOcyVR7FdDgTHPaGcHQipeTzJlI1bj BzR4Lrzz3HJjvgGkh5cr7STdffz4uKc5UFe/R6mAsVQs8NczEYBRdDYDBNCzYs5T7Xa/ AVZmZ8rBdD7i2ToLfW5hU3QZ72Nfxp3aWWp8Wh6PW7AbkGTueRAssRFzRAV/ojdUP3Lx F6ZA== X-Gm-Message-State: APjAAAU9zK4dyYYVwShXAN9V7oE+0CAXW+3gDi24WZb8bMCmpK0oRdTz B2PLxiamjJsLQQPm/SfbySEpGj7gbG1fSYf6MD0OHE9K X-Google-Smtp-Source: APXvYqyPL6lMgn7SoyFMmJh46qTNEJD9atFYATtMSbr8PuqiHP/KSYm3WYj7v45P+W0TdtiLWWhDKNVJuD60TVXusWQ= X-Received: by 2002:a02:13ca:: with SMTP id 193mr7838476jaz.117.1551971814499; Thu, 07 Mar 2019 07:16:54 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: "Russell O'Connor" Date: Thu, 7 Mar 2019 10:16:43 -0500 Message-ID: To: Matt Corallo , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000b489f0058382983e" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Thu, 07 Mar 2019 23:49:26 +0000 Subject: [bitcoin-dev] Sighash Type Byte; Re: BIP Proposal: The Great Consensus Cleanup X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Mar 2019 15:16:55 -0000 --000000000000b489f0058382983e Content-Type: text/plain; charset="UTF-8" > * If the sighash type byte (ie last byte in a signature being evaluated > during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY]) > is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script > execution fails. This does not apply to 0-length signature stack elements. > The sighash type byte is a "great" place to store a few bits of ancillary data when making signatures. Okay it isn't great, but it is good enough that some misguided users may have been using it and have unbroadcast transactions in cold storage (think sweeps) for UTXOs whose private keys may have been lost. I don't think that one's hunch that there isn't much risk in disabling these sighashes is good enough to put people funds at risk, especially given the alternative proposal of caching the just-before-the-last-byte sighash midstate that is available. -- Russell O'Connor --000000000000b489f0058382983e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

* If the sighash type byte (ie last byte in a signature being evaluated during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY]) is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script
execution fails. This does not apply to 0-length signature stack elements.<= br>

The sighash type byte is a "great&= quot; place to store a few bits of ancillary data when making signatures.= =C2=A0 Okay it isn't great, but it is good enough that some misguided u= sers may have been using it and have unbroadcast transactions in cold stora= ge (think sweeps) for UTXOs whose private keys may have been lost.=C2=A0 I = don't think that one's hunch that there isn't much risk in disa= bling these sighashes is good enough to put people funds at risk, especiall= y given the alternative proposal of caching the just-before-the-last-byte s= ighash midstate that is available.

--
Russell O'Connor
--000000000000b489f0058382983e--