Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 6429FF2E; Tue, 3 Jul 2018 12:14:52 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from zinan.dashjr.org (zinan.dashjr.org [192.3.11.21]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id D698C6AB; Tue, 3 Jul 2018 12:14:51 +0000 (UTC) Received: from [2001:470:5:265:a45d:823b:2d27:961c] (unknown [IPv6:2001:470:5:265:a45d:823b:2d27:961c]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id 3C02338ABD1B; Tue, 3 Jul 2018 12:13:53 +0000 (UTC) X-Hashcash: 1:25:180703:lightning-dev@lists.linuxfoundation.org::MvqdbirqTpcoywZK:4kqD X-Hashcash: 1:25:180703:greg@xiph.org::u2Oz174vatchQ6b+:cmRDJ X-Hashcash: 1:25:180703:decker.christian@gmail.com::EIVJSO2aLwRdC5aw:aqikZ X-Hashcash: 1:25:180703:bitcoin-dev@lists.linuxfoundation.org::1QwZBY8mydta5i0Q:bTq+Z From: Luke Dashjr To: lightning-dev@lists.linuxfoundation.org Date: Tue, 3 Jul 2018 12:13:44 +0000 User-Agent: KMail/1.9.10 (enterprise35 0.20100827.1168748) References: <871sewirni.fsf@gmail.com> In-Reply-To: X-KMail-QuotePrefix: > MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <201807031213.51127.luke@dashjr.org> X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jul 2018 12:14:52 -0000 On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote: > I know it seems kind of silly, but I think it's somewhat important > that the formal name of this flag is something like > "SIGHASH_REPLAY_VULNERABLE" or likewise or at least > "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially > insecure for traditional applications where a third party might pay to > an address a second time, and should only be used in special protocols > which make that kind of mistake unlikely. I don't agree. Address reuse is undefined behaviour. Nobody should assume it is safe or works. I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in a wallet I am writing, which explicitly does not support address reuse. Luke