1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
Return-Path: <roconnor@blockstream.io>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id A1C50D62C
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 7 Mar 2019 15:16:55 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-it1-f174.google.com (mail-it1-f174.google.com
[209.85.166.174])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3F756180
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 7 Mar 2019 15:16:55 +0000 (UTC)
Received: by mail-it1-f174.google.com with SMTP id 188so16338572itb.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 07 Mar 2019 07:16:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=blockstream.io; s=google;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
bh=zZoVXvO5KbZyY3e5GMrXUopLD1nDcWEihe4EoJcX+NA=;
b=AxN7vvZG4AF/WLPXV7PT8JG2zcnaEAFOijV23mQ2ttS5KUML0jlqE8Zllk+sG6qFtP
vtQJxwm3mt8iJR4IerPI4vy5xhlw8ltaLgU5coY69pwM+h9hfOIKrhXhbXEKvJ63X+Pp
EVo+xbe+UOmK3oX/IBTMHzs5xMmeW5E9dYPSE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to;
bh=zZoVXvO5KbZyY3e5GMrXUopLD1nDcWEihe4EoJcX+NA=;
b=I6PK2uiq8FuWN3CLz+9oEWzoNVp8GNq7Fbe+wvou2gUKrXjIZCAf28sZb7mljUYgdD
IU0f1RXtv1iEmzA2ofeMLQhpV0tFIF6gkGziVnh4ODbO0GCMQw65waXiEcfaKykGB3Iw
FLKHsIPfSWp9e3zcp7RGGKuvefC4C/qzrvbCYKAOcyVR7FdDgTHPaGcHQipeTzJlI1bj
BzR4Lrzz3HJjvgGkh5cr7STdffz4uKc5UFe/R6mAsVQs8NczEYBRdDYDBNCzYs5T7Xa/
AVZmZ8rBdD7i2ToLfW5hU3QZ72Nfxp3aWWp8Wh6PW7AbkGTueRAssRFzRAV/ojdUP3Lx
F6ZA==
X-Gm-Message-State: APjAAAU9zK4dyYYVwShXAN9V7oE+0CAXW+3gDi24WZb8bMCmpK0oRdTz
B2PLxiamjJsLQQPm/SfbySEpGj7gbG1fSYf6MD0OHE9K
X-Google-Smtp-Source: APXvYqyPL6lMgn7SoyFMmJh46qTNEJD9atFYATtMSbr8PuqiHP/KSYm3WYj7v45P+W0TdtiLWWhDKNVJuD60TVXusWQ=
X-Received: by 2002:a02:13ca:: with SMTP id 193mr7838476jaz.117.1551971814499;
Thu, 07 Mar 2019 07:16:54 -0800 (PST)
MIME-Version: 1.0
References: <bf96c2fb-2e2e-a47f-e59f-87e56d83eca3@mattcorallo.com>
In-Reply-To: <bf96c2fb-2e2e-a47f-e59f-87e56d83eca3@mattcorallo.com>
From: "Russell O'Connor" <roconnor@blockstream.io>
Date: Thu, 7 Mar 2019 10:16:43 -0500
Message-ID: <CAMZUoKneArC+YZ36YFwxNTKsDtJhEz5P2cosXKxJS8Rf_3Nyuw@mail.gmail.com>
To: Matt Corallo <lf-lists@mattcorallo.com>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="000000000000b489f0058382983e"
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 07 Mar 2019 23:49:26 +0000
Subject: [bitcoin-dev] Sighash Type Byte;
Re: BIP Proposal: The Great Consensus Cleanup
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Mar 2019 15:16:55 -0000
--000000000000b489f0058382983e
Content-Type: text/plain; charset="UTF-8"
> * If the sighash type byte (ie last byte in a signature being evaluated
> during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY])
> is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script
> execution fails. This does not apply to 0-length signature stack elements.
>
The sighash type byte is a "great" place to store a few bits of ancillary
data when making signatures. Okay it isn't great, but it is good enough
that some misguided users may have been using it and have unbroadcast
transactions in cold storage (think sweeps) for UTXOs whose private keys
may have been lost. I don't think that one's hunch that there isn't much
risk in disabling these sighashes is good enough to put people funds at
risk, especially given the alternative proposal of caching the
just-before-the-last-byte sighash midstate that is available.
--
Russell O'Connor
--000000000000b489f0058382983e
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_quote"><blockquote class=3D"gmail_=
quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,=
204);padding-left:1ex">
* If the sighash type byte (ie last byte in a signature being evaluated <br=
>
during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY]) <b=
r>
is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script <br>
execution fails. This does not apply to 0-length signature stack elements.<=
br></blockquote><div><br></div><div>The sighash type byte is a "great&=
quot; place to store a few bits of ancillary data when making signatures.=
=C2=A0 Okay it isn't great, but it is good enough that some misguided u=
sers may have been using it and have unbroadcast transactions in cold stora=
ge (think sweeps) for UTXOs whose private keys may have been lost.=C2=A0 I =
don't think that one's hunch that there isn't much risk in disa=
bling these sighashes is good enough to put people funds at risk, especiall=
y given the alternative proposal of caching the just-before-the-last-byte s=
ighash midstate that is available.</div><div><br></div><div>-- <br></div><d=
iv>Russell O'Connor<br></div></div></div>
--000000000000b489f0058382983e--
|
