Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 4AA2D90 for ; Wed, 21 Oct 2015 18:22:27 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qg0-f52.google.com (mail-qg0-f52.google.com [209.85.192.52]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 9204EA9 for ; Wed, 21 Oct 2015 18:22:26 +0000 (UTC) Received: by qgad10 with SMTP id d10so35007744qga.3 for ; Wed, 21 Oct 2015 11:22:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=m/36zq8DhdM5XIkcR6nzazlBqwz2MIO1KTSjzv71zWk=; b=GGKtxF4RM0AwR1UUmqwt0lwdBGBMi1JX5P5cxEAsl1l1ILZOlfbbvbYguHOjjPcbbm u1rSn1bi2y8KmCL9/D+mPJMCuEHvT7J8s97X4TshRLgyuVfEPf6tTgQ3sFwuBZM5+UFa Q8ixpDy6qGNC22bj1QHdn3+kNMJHs+3h3y/UmN7rEItjyZAT1Bf3UxVy0nApZZTrO98T 125BTM2I7rY9Wo95M7goxpS0GygL4YAxiIf2Q/8hDTSDnREWgV/HqZBSmRtgqd2EG9a2 IVwUNjD1i7mfgUTYBR3SVAiALpR9uYBfHz4KYuy+jcupizpcm7MDpVtZejx8mr8xvLgT vzPw== MIME-Version: 1.0 X-Received: by 10.140.98.54 with SMTP id n51mr12908592qge.75.1445451745744; Wed, 21 Oct 2015 11:22:25 -0700 (PDT) Received: by 10.55.22.69 with HTTP; Wed, 21 Oct 2015 11:22:25 -0700 (PDT) In-Reply-To: <201510210846.43988.luke@dashjr.org> References: <201510210839.42420.luke@dashjr.org> <201510210846.43988.luke@dashjr.org> Date: Wed, 21 Oct 2015 11:22:25 -0700 Message-ID: From: Danny Thorpe To: Luke Dashjr Content-Type: multipart/alternative; boundary=001a113ac2aed85f300522a17595 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] [BIP] Normalized transaction IDs X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Oct 2015 18:22:27 -0000 --001a113ac2aed85f300522a17595 Content-Type: text/plain; charset=UTF-8 A signer modifying the order of inputs or changing outputs when "re-signing" a transaction (which already has dependent child transactions spending its outputs) seems like quite a different hazard than a malicious third party modifying a transaction in the mempool by twiddling opcodes in the signature scripts. The former seems like more a matter of keeping your own house in order (an internal affair) while the latter is an external threat beyond the transaction writer's control. While I agree that having a canonical ordering for inputs and outputs might be useful in some cases, there are also use cases where the relative positions of inputs and outputs are significant, where reordering would change the semantics of the transaction. SIGHASH_SINGLE, for example, makes an association between an input index and an output index. Open Asset colored coins are identified by the order of inputs and outputs. Let's keep canonical ordering separate from the normalized transaction ID proposal. Baby steps. Normalized transaction IDs provide an immediate benefit against the hazard of third party manipulation of transactions in the mempool, even without canonical ordering. -Danny On Wed, Oct 21, 2015 at 1:46 AM, Luke Dashjr via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > On Wednesday, October 21, 2015 8:44:53 AM Christian Decker wrote: > > Hm, that is true as long as the signer is the only signer of the > > transaction, otherwise he'd be invalidating the signatures of the other > > signers. > > Or he can just have the other signers re-sign with the modified version. > Even if it only worked with a single signer, it's still a form of > malleability > that your BIP does not presently solve, but would be desirable to solve... > > Luke > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --001a113ac2aed85f300522a17595 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
A signer modifying the order of inputs or changing outputs= when "re-signing" a transaction (which already has dependent chi= ld transactions spending its outputs) seems like quite a different hazard t= han a malicious third party modifying a transaction in the mempool by twidd= ling opcodes in the signature scripts.=C2=A0 The former seems like more a m= atter of keeping your own house in order (an internal affair) while the lat= ter is an external threat beyond the transaction writer's control.
=
While I agree that having a canonical ordering for inputs an= d outputs might be useful in some cases, there are also use cases where the= relative positions of inputs and outputs are significant, where reordering= would change the semantics of the transaction.=C2=A0 SIGHASH_SINGLE, for e= xample, makes an association between an input index and an output index. Op= en Asset colored coins are identified by the order of inputs and outputs.

Let's keep canonical ordering separate from the= normalized transaction ID proposal. Baby steps. Normalized transaction IDs= provide an immediate benefit against the hazard of third party manipulatio= n of transactions in the mempool, even without canonical ordering. =C2=A0

-Danny



=


On Wed, Oct 21, 2015 at 1:46 AM, Luke Dashjr via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrot= e:
On Wednesday, October= 21, 2015 8:44:53 AM Christian Decker wrote:
> Hm, that is true as long as the signer is the only signer of the
> transaction, otherwise he'd be invalidating the signatures of the = other
> signers.

Or he can just have the other signers re-sign with the modified vers= ion.
Even if it only worked with a single signer, it's still a form of malle= ability
that your BIP does not presently solve, but would be desirable to solve...<= br>

Luke
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.= linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev

--001a113ac2aed85f300522a17595--