From james.chiangwu at gmail.com Fri Jul 13 14:54:18 2018 From: james.chiangwu at gmail.com (James Chiang) Date: Fri, 13 Jul 2018 16:54:18 +0200 Subject: [Lightning-dev] Lightning-dev Digest, Vol 35, Issue 13 (sighash_noinput & watchtowers) Message-ID: Hello everyone, I understand sighash_noinput allows us to reduce the number of stored signatures, as it can spend any uxto with the respective one-use pub key script. In the case of watchtowers, are we not trading off privacy, as we are revealing which states are related, right? I'm trying to catch up my understanding on the various models here. The txid_half + encrypted blob guarantees nothing is learned about each state and how they relate unless a revocation must happen (but doesn't scale, one blob per outsourced state). Once signatures are reused for multiple states with sighash_noinput, how do we minimise information being disclosed to 3rd party? Many thanks in advance! James On Fri, Jul 13, 2018 at 2:00 PM, < lightning-dev-request at lists.linuxfoundation.org> wrote: > Send Lightning-dev mailing list submissions to > lightning-dev at lists.linuxfoundation.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > or, via email, send a message with subject or body 'help' to > lightning-dev-request at lists.linuxfoundation.org > > You can reach the person managing the list at > lightning-dev-owner at lists.linuxfoundation.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Lightning-dev digest..." > > > Today's Topics: > > 1. Re: [bitcoin-dev] BIP sighash_noinput (Rusty Russell) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 13 Jul 2018 09:34:14 +0930 > From: Rusty Russell > To: DING FENG , Luke Dashjr > Cc: Bitcoin Protocol Discussion > , > lightning-dev at lists.linuxfoundation.org, Gregory Maxwell > > Subject: Re: [Lightning-dev] [bitcoin-dev] BIP sighash_noinput > Message-ID: <878t6gxapt.fsf at rustcorp.com.au> > Content-Type: text/plain > > DING FENG writes: > > Hi, > > > > I'm a junior developer and a bitcoin user. > > And I have read this thread carefully. > > > > I'm very worried about "SIGHASH_NOINPUT". > > > > Because "SIGHASH_NOINPUT" looks will be widely used, and it makes reuse > > address more dangerous. > > No. > > A wallet should *never* create a SIGHASH_NOINPUT to spend its own UTXOs. > SIGHASH_NOINPUT is useful for smart contracts which have unique > conditions, such as a pair of peers rotating keys according to an agreed > schedule (eg. lightning). > > Cheers, > Rusty. > > > ------------------------------ > > _______________________________________________ > Lightning-dev mailing list > Lightning-dev at lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > > > End of Lightning-dev Digest, Vol 35, Issue 13 > ********************************************* > -------------- next part -------------- An HTML attachment was scrubbed... URL: