1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
Return-Path: <user@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id E8DD0CDB;
Mon, 9 Jul 2018 09:41:45 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from outmail149075.authsmtp.net (outmail149075.authsmtp.net
[62.13.149.75])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 496AF76E;
Mon, 9 Jul 2018 09:41:44 +0000 (UTC)
Received: from mail-c247.authsmtp.com (mail-c247.authsmtp.com [62.13.128.247])
by punt20.authsmtp.com. (8.15.2/8.15.2) with ESMTP id w699fgr2048171;
Mon, 9 Jul 2018 10:41:42 +0100 (BST)
(envelope-from user@petertodd.org)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
[52.5.185.120]) (authenticated bits=0)
by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id w699feHk077082
(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
Mon, 9 Jul 2018 10:41:41 +0100 (BST)
(envelope-from user@petertodd.org)
Received: from [127.0.0.1] (localhost [127.0.0.1])
by petertodd.org (Postfix) with ESMTPSA id ECD0640009;
Mon, 9 Jul 2018 09:41:39 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
id DDB2E2117B; Mon, 9 Jul 2018 05:41:39 -0400 (EDT)
Date: Mon, 9 Jul 2018 05:41:39 -0400
From: Peter Todd <pete@petertodd.org>
To: Gregory Maxwell <greg@xiph.org>
Message-ID: <20180709094139.wip4xqecjdjkqmjn@petertodd.org>
References: <871sewirni.fsf@gmail.com>
<CAAS2fgS-_D7aBcDf_nAbuREBxv65zYMr60-1YqCnx-esvRVfEg@mail.gmail.com>
<87y3esvrvu.fsf@rustcorp.com.au>
<20180703052100.gtjdverh5irfokrp@petertodd.org>
<CAAS2fgTUHFpzW54A2_johHVfa=bwdo3CpG2or5Z1Qg4hC-B+rA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="3alkjvtgidj35tem"
Content-Disposition: inline
In-Reply-To: <CAAS2fgTUHFpzW54A2_johHVfa=bwdo3CpG2or5Z1Qg4hC-B+rA@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
X-Server-Quench: 48f93327-835c-11e8-9efd-0015176ca198
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZIVwkA IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
bwdMdgsUEkAYAgsB Am4bWlReVFx7XWI7 bghPaBtcak9QXgdq
T0pMXVMcUwNhCEpU fkUeVR5yfwcIeXtw Z0MsWngNVUd5d0Fg
Sk1RRnAHZDJodWlK BhRFdwNVdQJNeEwU a1l3GhFYa3VsNCMk
FAgyOXU9MCtqYA50 ekkWLF0SSF0LKTg7 RhYaAClH
X-Authentic-SMTP: 61633532353630.1038:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
lightning-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] BIP sighash_noinput
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 09:41:46 -0000
--3alkjvtgidj35tem
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jul 03, 2018 at 11:45:22PM +0000, Gregory Maxwell wrote:
> On Tue, Jul 3, 2018 at 5:21 AM, Peter Todd <pete@petertodd.org> wrote:
> > The problem with that name is `SIGHASH_REUSE_VULNERABLE` tells you noth=
ing
> > about what the flag actually does.
>=20
> I believe that making the signature replayable is 1:1 with omitting
> the identification of the specific coin being spent from it.
I think you have a good point there. But that's not the only way that reuse
could be a vulnerability: consider hash-based signatures.
I'm happy with adding a suffix or prefix to the term SIGHASH_NOINPUT, e.g.
SIGHASH_NOINPUT_UNSAFE to re-use Rust terminology.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--3alkjvtgidj35tem
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAltDLcwACgkQLly11TVR
Lzfs8xAAkiB5Gx5Ug4klCmGcQTQHCAx4Pd/17XK8Grn8hE9z/zA1BjewWRpACwfJ
iuT8YMe6havY1oQQ0qf7wxn3hbvXip0cGTXXxuY0+hshM+o1khbYWUMUG7E+D1K7
LIpJ0fVm7shmPwXwTnJtvuAEqbjbWIh4p32KNSIIR/wu3k2xbK8DvFLibtApOeGt
YR/FEqOcfVHjGVEPwXKlz5DG5xVPAr5+zfrdydnehELcJx+hZWgwlUS5VGaz+VH9
S5liZX+G9iK92sEq2vws4GcDcteAkhf4lq+Dc9aci3PgkcZcrXxZsrKjS6jvslQh
Pf+jfgwvWYgnX9i6KnAs3rdyXs/OVvhy3pt+1iyGJAAFI93llPViL1GLaMXjvJ26
6mwH/fH4ZSHR/ILeROnJV5aNE2EfUPxcukGYD8/YJ1Hd3uhGHOiUzYckPMVbhmr8
2WcatAssb3rv4CgIft8oZ8NcEIHFYcQKLJ8odDItXXZn3CjuhWR6N8x95ZUTYKZq
MUCPvMcYsdmIjDQYz8SF3ok2MhSiqZkTqtFMOgUV4fy43POXOntSvY3oyArdnx4f
z+vQke+rabiWqtzFm5UaFnSiDEgG7i/LONRcciEo2+UENRKq/zf2aYhtGbACK5cR
wNcoyUrp2gG1MF5vISDp2MiQyWZ2NhUcqiB0AwYXWzflqhWWa1o=
=2TVe
-----END PGP SIGNATURE-----
--3alkjvtgidj35tem--
|
