📅 Original date posted:2014-02-19
📝 Original message:On Wed, Feb 19, 2014 at 9:28 PM, Michael Gronager <gronager at mac.com> wrote:
> I think that we could guarantee fewer incidents by making version 1 transactions unmalleable and then optionally introduce a version 3 that supported the malleability feature. That way most existing problematic implementations would be fixed and no doors were closed for people experimenting with other stuff - tx v 3 would probably then be called experimental transactions.
Just to be clear: this change is not directly intended to avoid
"incidents". It will take way too long to deploy this. Software should
deal with malleability. This is a longer-term solution intended to
provide non-malleability guarantees for clients that a) are upgraded
to use them b) willing to restrict their functionality. As there are
several intended use cases for malleable transactions (the sighash
flags pretty directly are a way to signify what malleabilities are
*wanted*), this is not about outlawing malleability.
While we could right now make all these rules non-standard, and
schedule a soft fork in a year or so to make them illegal, it would
mean removing potential functionality that can only be re-enabled
through a hard fork. This is significantly harder, so we should think
about it very well in advance.
About new transaction and block versions: this allows implementing and
automatically scheduling a softfork without waiting for wallets to
upgrade. The non-DER signature change was discussed for over two
years, and implemented almost a year ago, and we still notice wallets
that don't support it. We can't expect every wallet to be instantly
modified (what about hardware wallets like the Trezor, for example?
they may not just be able to be upgraded). Nor is it necessary: if
your software only spends confirmed change, and tracks all debits
correctly, there is no need.
--
Pieter
Pieter Wuille [ARCHIVE] /
npub1tj…jtl6r
2023-06-07 15:13:26
in reply to nevent1q…mh7q
Author Public Key
npub1tjephawh7fdf6358jufuh5eyxwauzrjqa7qn50pglee4tayc2ntqcjtl6rPublished at
2023-06-07 15:13:26Event JSON
{
"id": "80fca7f6553b86644bf347d9e0ff12d7260a84c8f1e3696a37aa6879b44fa9ea",
"pubkey": "5cb21bf5d7f25a9d46879713cbd32433bbc10e40ef813a3c28fe7355f49854d6",
"created_at": 1686150806,
"kind": 1,
"tags": [
[
"e",
"76969a008b621e54c247029127aebdfbea1794fb79dd58e07b32a76157512d29",
"",
"root"
],
[
"e",
"38bd2afbb3688206f619bfc2e7348e0510255a3bbd31457256fbb2313aab7f96",
"",
"reply"
],
[
"p",
"4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73"
]
],
"content": "📅 Original date posted:2014-02-19\n📝 Original message:On Wed, Feb 19, 2014 at 9:28 PM, Michael Gronager \u003cgronager at mac.com\u003e wrote:\n\u003e I think that we could guarantee fewer incidents by making version 1 transactions unmalleable and then optionally introduce a version 3 that supported the malleability feature. That way most existing problematic implementations would be fixed and no doors were closed for people experimenting with other stuff - tx v 3 would probably then be called experimental transactions.\n\nJust to be clear: this change is not directly intended to avoid\n\"incidents\". It will take way too long to deploy this. Software should\ndeal with malleability. This is a longer-term solution intended to\nprovide non-malleability guarantees for clients that a) are upgraded\nto use them b) willing to restrict their functionality. As there are\nseveral intended use cases for malleable transactions (the sighash\nflags pretty directly are a way to signify what malleabilities are\n*wanted*), this is not about outlawing malleability.\n\nWhile we could right now make all these rules non-standard, and\nschedule a soft fork in a year or so to make them illegal, it would\nmean removing potential functionality that can only be re-enabled\nthrough a hard fork. This is significantly harder, so we should think\nabout it very well in advance.\n\nAbout new transaction and block versions: this allows implementing and\nautomatically scheduling a softfork without waiting for wallets to\nupgrade. The non-DER signature change was discussed for over two\nyears, and implemented almost a year ago, and we still notice wallets\nthat don't support it. We can't expect every wallet to be instantly\nmodified (what about hardware wallets like the Trezor, for example?\nthey may not just be able to be upgraded). Nor is it necessary: if\nyour software only spends confirmed change, and tracks all debits\ncorrectly, there is no need.\n\n-- \nPieter",
"sig": "c683c7568a7b18ca6318eff0ca8015a0878530f23debc0118fe2d47502ffaf507653f737d7de91d3e2e5b6f78c53955dc094d203f2168ce5e7b9ab4a675f080e"
}