From: fred savage <fred_savage2003@hotmail.co.uk>
To: Luke Dashjr <luke@dashjr.org>, Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>
Thread-Topic: [bitcoin-dev] [Lightning-dev]  BIP sighash_noinput
Thread-Index: AQHUEselD0WWJh1tD0mLalZbedKWy6R/Xhk1
Date: Wed, 4 Jul 2018 18:08:43 +0000
Message-ID: <DB6PR1001MB1302B5C6237A8A4DBE0CB6A4DE410@DB6PR1001MB1302.EURPRD10.PROD.OUTLOOK.COM>
References: <871sewirni.fsf@gmail.com>
	<CAAS2fgS-_D7aBcDf_nAbuREBxv65zYMr60-1YqCnx-esvRVfEg@mail.gmail.com>,
	<201807031213.51127.luke@dashjr.org>
In-Reply-To: <201807031213.51127.luke@dashjr.org>
Accept-Language: en-GB, en-US
Content-Language: en-GB
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [nFQQujMsO8PLnJ9ixasjK6SH/Teuzf5j9m7yZPwnR+S+5lHStI4SlHyKhXQzJf40]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1EUR02HT038;
	7:piRx6yVEFDsLZIKWlmBbgloXI1M1FnGco6Wz8m7+XcXoyMW4t4DGFwJJ/hry9Ob3bvza9TXfAQ5cvDmEguDW4A6lLD/KBnAo8JzjzHnJRMFJ+vdFli7fOGHJxXOT+guNMGEQEl8iTIRHRSWpSJdR/oikjNhhKQDFukY7FyYVC+pYO7p10aJNl3y/R2aCc5YAAi4PjGeNxEe5Ig3Rocb7Z0grR3Jzw/nTPCvMLMAw53TkCNlwrhstPma92fTiF1f3
x-incomingheadercount: 46
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1601125500)(1603101448)(1701031045);
	SRVR:HE1EUR02HT038; 
x-ms-traffictypediagnostic: HE1EUR02HT038:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031);
	SRVR:HE1EUR02HT038; BCL:0; PCL:0; RULEID:; SRVR:HE1EUR02HT038; 
x-forefront-prvs: 0723A02764
x-forefront-antispam-report: SFV:NSPM;
	SFS:(7070007)(199004)(189003)(19627405001)(97736004)(68736007)(102836004)(104016004)(105586002)(25786009)(74482002)(5660300001)(6506007)(82202002)(6306002)(46003)(9686003)(54896002)(73972006)(86362001)(6436002)(236005)(33656002)(6606003)(486006)(74316002)(110136005)(11346002)(55016002)(6346003)(476003)(446003)(6246003)(8676002)(8936002)(2900100001)(81156014)(76176011)(14454004)(5250100002)(966005)(7696005)(99286004)(606006)(14444005)(106356001)(229853002)(86152003)(256004)(46252003);
	DIR:OUT; SFP:1901; SCL:1; SRVR:HE1EUR02HT038;
	H:DB6PR1001MB1302.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None;
	PTR:InfoNoRecords; A:1; MX:1; LANG:; 
received-spf: None (protection.outlook.com: hotmail.co.uk does not designate
	permitted sender hosts)
authentication-results: spf=none (sender IP is )
	smtp.mailfrom=fred_savage2003@hotmail.co.uk; 
x-microsoft-antispam-message-info: utl7/l/3wd1QXGqbfyAZjC7m99Ses0TEkcQBbMC/MPdwT4zZt/6NjH8UWNjydJ/LmCUc5kFfc0At/r4DYzYl/hKfbPrdq6P3ZFodPEEyF/rBk2nC45a7lCVlVP6J8wrd+JlBDvSUH75v8NwGbVgiKFzEEPs45kKEYIgUt3wDpl1ADlxCfzl4F7zcHWbn+S2Q47dbAh9VYnx336x4XyqwRduoC7Fgxe8QWBCUx2nC2QY=
Content-Type: multipart/alternative;
	boundary="_000_DB6PR1001MB1302B5C6237A8A4DBE0CB6A4DE410DB6PR1001MB1302_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 54485d23-c432-40fe-8436-6091d627118c
X-MS-Exchange-CrossTenant-Network-Message-Id: 17555a80-08df-4a16-3df2-08d5e1d92dad
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 54485d23-c432-40fe-8436-6091d627118c
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2018 18:08:43.2453 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1EUR02HT038
X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,
	FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 05 Jul 2018 07:57:46 +0000
Subject: Re: [bitcoin-dev] [Lightning-dev]  BIP sighash_noinput
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 18:08:46 -0000

--_000_DB6PR1001MB1302B5C6237A8A4DBE0CB6A4DE410DB6PR1001MB1302_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

you cannot specifically NOT support addrss reuse. on a blockchain where peo=
ple can send you funds without your permission required to send you funds. =
so ALWAYS expect multiple payments to the same address

________________________________
From: bitcoin-dev-bounces@lists.linuxfoundation.org <bitcoin-dev-bounces@li=
sts.linuxfoundation.org> on behalf of Luke Dashjr via bitcoin-dev <bitcoin-=
dev@lists.linuxfoundation.org>
Sent: 03 July 2018 12:13:44
To: lightning-dev@lists.linuxfoundation.org
Cc: Bitcoin Protocol Discussion
Subject: Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput

On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:
> I know it seems kind of silly, but I think it's somewhat important
> that the formal name of this flag is something like
> "SIGHASH_REPLAY_VULNERABLE" or likewise or at least
> "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially
> insecure for traditional applications where a third party might pay to
> an address a second time, and should only be used in special protocols
> which make that kind of mistake unlikely.

I don't agree. Address reuse is undefined behaviour. Nobody should assume i=
t
is safe or works.

I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions =
in
a wallet I am writing, which explicitly does not support address reuse.

Luke
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

--_000_DB6PR1001MB1302B5C6237A8A4DBE0CB6A4DE410DB6PR1001MB1302_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<style type=3D"text/css" style=3D"display:none;"><!-- P {margin-top:0;margi=
n-bottom:0;} --></style>
</head>
<body dir=3D"ltr">
<div id=3D"divtagdefaultwrapper" style=3D"font-size:12pt;color:#000000;font=
-family:Calibri,Helvetica,sans-serif;" dir=3D"ltr">
<p style=3D"margin-top:0;margin-bottom:0">you cannot specifically NOT suppo=
rt addrss reuse. on a blockchain where people can send you funds without yo=
ur permission required to send you funds. so ALWAYS expect multiple payment=
s to the same address<br>
</p>
</div>
<hr style=3D"display:inline-block;width:98%" tabindex=3D"-1">
<div id=3D"divRplyFwdMsg" dir=3D"ltr"><font face=3D"Calibri, sans-serif" st=
yle=3D"font-size:11pt" color=3D"#000000"><b>From:</b> bitcoin-dev-bounces@l=
ists.linuxfoundation.org &lt;bitcoin-dev-bounces@lists.linuxfoundation.org&=
gt; on behalf of Luke Dashjr via bitcoin-dev &lt;bitcoin-dev@lists.linuxfou=
ndation.org&gt;<br>
<b>Sent:</b> 03 July 2018 12:13:44<br>
<b>To:</b> lightning-dev@lists.linuxfoundation.org<br>
<b>Cc:</b> Bitcoin Protocol Discussion<br>
<b>Subject:</b> Re: [bitcoin-dev] [Lightning-dev] BIP sighash_noinput</font=
>
<div>&nbsp;</div>
</div>
<div class=3D"BodyFragment"><font size=3D"2"><span style=3D"font-size:11pt;=
">
<div class=3D"PlainText">On Monday 02 July 2018 18:11:54 Gregory Maxwell wr=
ote:<br>
&gt; I know it seems kind of silly, but I think it's somewhat important<br>
&gt; that the formal name of this flag is something like<br>
&gt; &quot;SIGHASH_REPLAY_VULNERABLE&quot; or likewise or at least<br>
&gt; &quot;SIGHASH_WEAK_REPLAYABLE&quot;. This is because noinput is materi=
ally<br>
&gt; insecure for traditional applications where a third party might pay to=
<br>
&gt; an address a second time, and should only be used in special protocols=
<br>
&gt; which make that kind of mistake unlikely. <br>
<br>
I don't agree. Address reuse is undefined behaviour. Nobody should assume i=
t <br>
is safe or works.<br>
<br>
I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions =
in <br>
a wallet I am writing, which explicitly does not support address reuse.<br>
<br>
Luke<br>
_______________________________________________<br>
bitcoin-dev mailing list<br>
bitcoin-dev@lists.linuxfoundation.org<br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev">=
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev</a><br>
</div>
</span></font></div>
</body>
</html>

--_000_DB6PR1001MB1302B5C6237A8A4DBE0CB6A4DE410DB6PR1001MB1302_--