📅 Original date posted:2019-03-07
📝 Original message:> * If the sighash type byte (ie last byte in a signature being evaluated
> during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY])
> is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script
> execution fails. This does not apply to 0-length signature stack elements.
>
The sighash type byte is a "great" place to store a few bits of ancillary
data when making signatures. Okay it isn't great, but it is good enough
that some misguided users may have been using it and have unbroadcast
transactions in cold storage (think sweeps) for UTXOs whose private keys
may have been lost. I don't think that one's hunch that there isn't much
risk in disabling these sighashes is good enough to put people funds at
risk, especially given the alternative proposal of caching the
just-before-the-last-byte sighash midstate that is available.
--
Russell O'Connor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190307/147c2ccd/attachment.html>;
Russell O'Connor [ARCHIVE] /
npub1dw…8plrw
2023-06-07 18:16:53
in reply to nevent1q…c366
Author Public Key
npub1dw88wd5gqsqn6ufxhf9h03uk8087l7gfzdtez5csjlt6pupu4pwsj8plrwSeen on
wss://relay.nostr.bandPublished at
2023-06-07 18:16:53Event JSON
{
"id": "f4bdebd804e6bf8e620ae1cb0ea41bc56ac5d7ad64e07a2f7648a053d0e8fd27",
"pubkey": "6b8e77368804013d7126ba4b77c7963bcfeff909135791531097d7a0f03ca85d",
"created_at": 1686161813,
"kind": 1,
"tags": [
[
"e",
"2143f249ef40bc25f11c5b0400632be46488d3edd45da9192505bf2da32bb977",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2019-03-07\n📝 Original message:\u003e * If the sighash type byte (ie last byte in a signature being evaluated\n\u003e during the execution of OP_CHECKSIG[VERIFY] or OP_CHECKMULTISIG[VERIFY])\n\u003e is anything other than 1, 2, 3, 0x81, 0x82, or 0x83, the script\n\u003e execution fails. This does not apply to 0-length signature stack elements.\n\u003e\n\nThe sighash type byte is a \"great\" place to store a few bits of ancillary\ndata when making signatures. Okay it isn't great, but it is good enough\nthat some misguided users may have been using it and have unbroadcast\ntransactions in cold storage (think sweeps) for UTXOs whose private keys\nmay have been lost. I don't think that one's hunch that there isn't much\nrisk in disabling these sighashes is good enough to put people funds at\nrisk, especially given the alternative proposal of caching the\njust-before-the-last-byte sighash midstate that is available.\n\n-- \nRussell O'Connor\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190307/147c2ccd/attachment.html\u003e",
"sig": "936b5c545a95a1ca815895e4f8bd67c6425f148ff7a09b321f1c88eda69ffc3038a4e692f8194c6e52588cc63c2ee00cf2b125a43539e34741ead2dd96fd4149"
}