Return-Path: <luke@dashjr.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 3619590
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed, 21 Oct 2015 07:52:55 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from zinan.dashjr.org (zinan.dashjr.org [192.3.11.21])
	by smtp1.linuxfoundation.org (Postfix) with ESMTP id B6BB1E3
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed, 21 Oct 2015 07:52:54 +0000 (UTC)
Received: from ishibashi.localnet (unknown
	[IPv6:2001:470:5:265:61b6:56a6:b03d:28d6])
	(Authenticated sender: luke-jr)
	by zinan.dashjr.org (Postfix) with ESMTPSA id 64F6B38A532F;
	Wed, 21 Oct 2015 07:52:18 +0000 (UTC)
X-Hashcash: 1:25:151021:decker.christian@gmail.com::b8FURny1QmUp6v79:KZ9N
X-Hashcash: 1:25:151021:bitcoin-dev@lists.linuxfoundation.org::f9OsRxBJO+TdYbwJ:dRCpZ
From: Luke Dashjr <luke@dashjr.org>
To: Christian Decker <decker.christian@gmail.com>
Date: Wed, 21 Oct 2015 07:52:16 +0000
User-Agent: KMail/1.13.7 (Linux/4.1.9-gentoo-r1; KDE/4.14.8; x86_64; ; )
References: <CALxbBHU+kdEAh_4+B663vknAAr8OKZpUzVTACORPZi47E=Ehkw@mail.gmail.com>
	<201510210618.56159.luke@dashjr.org>
	<CALxbBHVdXrdh6fdSyLdkPP_D4MSbofOr01kc9L9QuQTWZ33N1w@mail.gmail.com>
In-Reply-To: <CALxbBHVdXrdh6fdSyLdkPP_D4MSbofOr01kc9L9QuQTWZ33N1w@mail.gmail.com>
X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F
X-PGP-Key-ID: BD02942421F4889F
X-PGP-Keyserver: hkp://pgp.mit.edu
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Message-Id: <201510210752.17527.luke@dashjr.org>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] [BIP] Normalized transaction IDs
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2015 07:52:55 -0000

On Wednesday, October 21, 2015 7:39:45 AM Christian Decker wrote:
> On Wed, Oct 21, 2015 at 8:19 AM Luke Dashjr <luke@dashjr.org> wrote:
> > This doesn't completely close malleability (which should be documented in
> > the BIP), so I'm not sure it's worth the cost, especially if closing
> > malleability later on would need more. How about specifying flags upfront
> > in the UTXO-creating transaction specifying which parts the signature
> > will cover? This would allow implementation of fully malleability-proof
> > wallets.
> 
> As far as I see it the only remaining venues for malleability are the use
> of sighash flags that are not SIGHASH_ALL, as mentioned in the BIP. Any use
> of non-sighash_all flags is already an explicit permission to modify the
> transactions, by adding and removing inputs and outputs, so I don't see how
> these can be made non-malleable. Am I missing something?

Signer malleability is still a notable concern needing consideration. Ideally, 
wallets should be trying to actively CoinJoin, bump fees on, etc any pending 
transactions in the background. These forms of malleability affect nearly as 
many real use cases as third-party malleability.

Luke