Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WGEQK-0007tl-Gi for bitcoin-development@lists.sourceforge.net; Wed, 19 Feb 2014 21:11:20 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.174 as permitted sender) client-ip=209.85.213.174; envelope-from=pieter.wuille@gmail.com; helo=mail-ig0-f174.google.com; Received: from mail-ig0-f174.google.com ([209.85.213.174]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WGEQJ-00063u-PP for bitcoin-development@lists.sourceforge.net; Wed, 19 Feb 2014 21:11:20 +0000 Received: by mail-ig0-f174.google.com with SMTP id y6so879533igj.1 for ; Wed, 19 Feb 2014 13:11:14 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.50.22.210 with SMTP id g18mr3362671igf.19.1392844274469; Wed, 19 Feb 2014 13:11:14 -0800 (PST) Received: by 10.50.100.10 with HTTP; Wed, 19 Feb 2014 13:11:14 -0800 (PST) In-Reply-To: <601EE159-9022-4ADF-80AC-7E1C39E86A65@mac.com> References: <52FBD948.906@monetize.io> <201402122252.31060.luke@dashjr.org> <601EE159-9022-4ADF-80AC-7E1C39E86A65@mac.com> Date: Wed, 19 Feb 2014 22:11:14 +0100 Message-ID: From: Pieter Wuille To: Michael Gronager Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (pieter.wuille[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WGEQJ-00063u-PP Cc: Bitcoin Development Subject: Re: [Bitcoin-development] [RFC] [BIP proposal] Dealing with malleability X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Feb 2014 21:11:20 -0000 On Wed, Feb 19, 2014 at 9:28 PM, Michael Gronager wrote: > I think that we could guarantee fewer incidents by making version 1 trans= actions unmalleable and then optionally introduce a version 3 that supporte= d the malleability feature. That way most existing problematic implementati= ons would be fixed and no doors were closed for people experimenting with o= ther stuff - tx v 3 would probably then be called experimental transactions= . Just to be clear: this change is not directly intended to avoid "incidents". It will take way too long to deploy this. Software should deal with malleability. This is a longer-term solution intended to provide non-malleability guarantees for clients that a) are upgraded to use them b) willing to restrict their functionality. As there are several intended use cases for malleable transactions (the sighash flags pretty directly are a way to signify what malleabilities are *wanted*), this is not about outlawing malleability. While we could right now make all these rules non-standard, and schedule a soft fork in a year or so to make them illegal, it would mean removing potential functionality that can only be re-enabled through a hard fork. This is significantly harder, so we should think about it very well in advance. About new transaction and block versions: this allows implementing and automatically scheduling a softfork without waiting for wallets to upgrade. The non-DER signature change was discussed for over two years, and implemented almost a year ago, and we still notice wallets that don't support it. We can't expect every wallet to be instantly modified (what about hardware wallets like the Trezor, for example? they may not just be able to be upgraded). Nor is it necessary: if your software only spends confirmed change, and tracks all debits correctly, there is no need. --=20 Pieter