1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 178EDC11
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Nov 2019 03:16:02 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com
[209.85.214.173])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 816A2710
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Nov 2019 03:16:01 +0000 (UTC)
Received: by mail-pl1-f173.google.com with SMTP id y24so3052378plr.12
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 07 Nov 2019 19:16:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=voskuil-org.20150623.gappssmtp.com; s=20150623;
h=content-transfer-encoding:from:mime-version:date:subject:message-id
:references:in-reply-to:to;
bh=n/abpFNkzJc9niAtao+R9gyNFdigQC0AjcyZHGci+Q0=;
b=B6UgcCDroMuzMkuf0pyadSf3qUK+kOQT6ntAa1uQ2HNDztVZ9l8ByzhQy3e68n89Wt
1n0Gr1PBHpKCeInph9gTvyJL1873DCBowPnwxEQsZoLH1EFlNf9ogEDOZNJw2LarpdTR
GG5KakURTW74kqjzYFH3IBpY8TorT2iUwyuV9Yl9m9g3QuRuFhRlBU6QFMgFalpVIqzO
SafGJ7m0aykAs2748AjQhZZllF/QCK4cM8RTI/7jv/gAzfjeauliCFpVoLAJ8+mEJ8xw
VaLaA9Xxb/0rjdVS8K+E8eOE6VDwMYEUljMcM5YEgYh2hBMMgZsqbBdPIEKsfjsxtQYx
2YMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:content-transfer-encoding:from:mime-version:date
:subject:message-id:references:in-reply-to:to;
bh=n/abpFNkzJc9niAtao+R9gyNFdigQC0AjcyZHGci+Q0=;
b=NwUMsfRm/5CUy8E8GUzKh901eJukAGo9qJvAGVRUSkx2on1FHEedL6s+Aq7B75VC4m
GNsoxZC2z+dXIuOmLXMJaG0QJD5ONZa8fxwafD8tlkbqXk/6T4IWvPFn9EsR82bnsMle
LDuqRxoaI2cAKOLOSypNN11AGXnbHpycRBAS/bfVX+sr3VkXLuCvhyswMLU5W2rWK/XU
LxoXrnHP8c9somv3B/emEzvuJ7YQxTnnj0p9bs1FIcmqh4jPmGxxBUxKs8oxNzJXvlXc
8ZGw4XWr2eb7Nl/WgzPRI1zqK7sw2VasDwnwp/lxNLTeEaX38KE9BxI7hlyp5M4zkOrW
isoA==
X-Gm-Message-State: APjAAAU69YoWsWHnzpTfrOj6d1x6sLWY8MlnuNxeFa451sJ+E0XByZII
woz/X+KCZyUKFJQZkfEpfGpvrvvXhOs=
X-Google-Smtp-Source: APXvYqzq/++quG/30ncFlv/RnI/MT16ZN8uDtSK5P8oUfXkuK8PzfxlVlWyaCn3yMId9TVIB27DraQ==
X-Received: by 2002:a17:90a:3522:: with SMTP id
q31mr10175621pjb.18.1573182960591;
Thu, 07 Nov 2019 19:16:00 -0800 (PST)
Received: from [172.19.248.34] ([38.98.37.142])
by smtp.gmail.com with ESMTPSA id
y24sm5059304pfr.116.2019.11.07.19.15.58
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Thu, 07 Nov 2019 19:15:59 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Eric Voskuil <eric@voskuil.org>
Mime-Version: 1.0 (1.0)
Date: Fri, 8 Nov 2019 12:15:53 +0900
Message-Id: <FB218E84-0F03-4BDB-BB48-1EF45B44FDB9@voskuil.org>
References: <20191108021541.n3jk54vucplryrbl@ganymede>
In-Reply-To: <20191108021541.n3jk54vucplryrbl@ganymede>
To: "David A. Harding" <dave@dtrt.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
X-Mailer: iPhone Mail (17A878)
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, MIME_QP_LONG_LINE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Fri, 08 Nov 2019 03:40:55 +0000
Subject: Re: [bitcoin-dev] Bech32 weakness and impact on bip-taproot
addresses
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2019 03:16:02 -0000
> On Nov 8, 2019, at 11:16, David A. Harding via bitcoin-dev <bitcoin-dev@li=
sts.linuxfoundation.org> wrote:
>=20
> =EF=BB=BFOn Thu, Nov 07, 2019 at 02:35:42PM -0800, Pieter Wuille via bitco=
in-dev wrote:
>> In the current draft, witness v1 outputs of length other
>> than 32 remain unencumbered, which means that for now such an
>> insertion or erasure would result in an output that can be spent by
>> anyone. If that is considered unacceptable, it could be prevented by
>> for example outlawing v1 witness outputs of length 31 and 33.
>=20
> Either a consensus rule or a standardness rule[1] would require anyone
> using a bech32 library supporting v1+ segwit to upgrade their library.
> Otherwise, users of old libraries will still attempt to pay v1 witness
> outputs of length 31 or 33, causing their transactions to get rejected
> by newer nodes or get stuck on older nodes. This is basically the
> problem #15846[2] was meant to prevent.
>=20
> If we're going to need everyone to upgrade their bech32 libraries
> anyway, I think it's probably best that the problem is fixed in the
> bech32 algorithm rather than at the consensus/standardness layer.
As an implementer of both the address encoding and script validation, I agre=
e.
e
> -Dave
>=20
> [1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-November/=
017444.html
> [2] https://github.com/bitcoin/bitcoin/pull/15846
>=20
> P.S. My thanks as well to the people who asked the question during
> review that lead to this discussion:
>=20
> http://www.erisian.com.au/meetbot/taproot-bip-review/2019/taproot-bip-=
review.2019-11-05-19.00.log.html#l-88
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
|