Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YtIWk-0002rn-Tj for bitcoin-development@lists.sourceforge.net; Fri, 15 May 2015 16:31:58 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of dashjr.org designates 85.234.147.28 as permitted sender) client-ip=85.234.147.28; envelope-from=luke@dashjr.org; helo=zinan.dashjr.org; Received: from 85-234-147-28.static.as29550.net ([85.234.147.28] helo=zinan.dashjr.org) by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1YtIWj-0004cG-Rc for bitcoin-development@lists.sourceforge.net; Fri, 15 May 2015 16:31:58 +0000 Received: from ishibashi.localnet (unknown [IPv6:2001:470:5:265:61b6:56a6:b03d:28d6]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id BE5EC1083A9E; Fri, 15 May 2015 16:31:49 +0000 (UTC) From: Luke Dashjr To: bitcoin-development@lists.sourceforge.net, s7r@sky-ip.org Date: Fri, 15 May 2015 16:31:47 +0000 User-Agent: KMail/1.13.7 (Linux/3.14.41-gentoo; KDE/4.14.3; x86_64; ; ) References: <5555C26F.7080706@sky-ip.org> In-Reply-To: <5555C26F.7080706@sky-ip.org> X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F X-PGP-Key-ID: BD02942421F4889F X-PGP-Keyserver: hkp://pgp.mit.edu MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201505151631.48765.luke@dashjr.org> X-Spam-Score: -1.0 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 TVD_RCVD_IP Message was received from an IP address -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 0.5 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1YtIWj-0004cG-Rc Subject: Re: [Bitcoin-development] [BIP] Normalized Transaction IDs X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 May 2015 16:31:58 -0000 On Friday, May 15, 2015 9:54:55 AM s7r wrote: > If you strip both the scriptSig of the parent and the txid, nothing can > any longer be mutated but this is not safe against replays. This could > work if we were using only one scriptPubKey per tx. But this is not > enforced, ... Assuming you mean one output per scriptPubKey (and not limiting tx to one output), the alternative is essentially undefined, and creates real problems for Bitcoin today. It's not something we should go out of the way to support or encourage. Therefore, regardless of whatever other options are available, I would like to see a scriptPubKey-only sighash type for strong safety within all malleability situations (including CoinJoin and other sender-respends) that more advanced wallet software could take advantage of in the future (while strictly enforcing no-reuse on its own wallet to avoid known replays). Luke