Luke Dashjr [ARCHIVE] on Nostr: 📅 Original date posted:2018-07-03 📝 Original message: On Monday 02 July 2018 ...
📅 Original date posted:2018-07-03
📝 Original message:
On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:
> I know it seems kind of silly, but I think it's somewhat important
> that the formal name of this flag is something like
> "SIGHASH_REPLAY_VULNERABLE" or likewise or at least
> "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially
> insecure for traditional applications where a third party might pay to
> an address a second time, and should only be used in special protocols
> which make that kind of mistake unlikely.
I don't agree. Address reuse is undefined behaviour. Nobody should assume it
is safe or works.
I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in
a wallet I am writing, which explicitly does not support address reuse.
Luke
Published at
2023-06-09 12:51:07Event JSON
{
"id": "0b4bfa525735437aa1add9f014f1bb65956a6444ce687c1d86b63e509df11407",
"pubkey": "5a6d1f44482b67b5b0d30cc1e829b66a251f0dc99448377dbe3c5e0faf6c3803",
"created_at": 1686315067,
"kind": 1,
"tags": [
[
"e",
"663916e8f170f60127f6aa3243b92b3d69f1c7433c345d342b16ceac1b085088",
"",
"root"
],
[
"e",
"c3bfdd21c3956fb7184025d48d2a46374f38eb3f01fd33f24591be37ddec78de",
"",
"reply"
],
[
"p",
"72cd40332ec782dd0a7f63acb03e3b6fdafa6d91bd1b6125cd8b7117a1bb8057"
]
],
"content": "📅 Original date posted:2018-07-03\n📝 Original message:\nOn Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:\n\u003e I know it seems kind of silly, but I think it's somewhat important\n\u003e that the formal name of this flag is something like\n\u003e \"SIGHASH_REPLAY_VULNERABLE\" or likewise or at least\n\u003e \"SIGHASH_WEAK_REPLAYABLE\". This is because noinput is materially\n\u003e insecure for traditional applications where a third party might pay to\n\u003e an address a second time, and should only be used in special protocols\n\u003e which make that kind of mistake unlikely. \n\nI don't agree. Address reuse is undefined behaviour. Nobody should assume it \nis safe or works.\n\nI intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in \na wallet I am writing, which explicitly does not support address reuse.\n\nLuke",
"sig": "c31249cfc1d16130c25d811883cfd01d457caf945dd257f33564580eaa1d27d5e08d2335463b23d2eda5272f64b96d8387dc9fb183a9495e7723172aadf1d148"
}