📅 Original date posted:2018-07-03
📝 Original message:On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:
> I know it seems kind of silly, but I think it's somewhat important
> that the formal name of this flag is something like
> "SIGHASH_REPLAY_VULNERABLE" or likewise or at least
> "SIGHASH_WEAK_REPLAYABLE". This is because noinput is materially
> insecure for traditional applications where a third party might pay to
> an address a second time, and should only be used in special protocols
> which make that kind of mistake unlikely.
I don't agree. Address reuse is undefined behaviour. Nobody should assume it
is safe or works.
I intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in
a wallet I am writing, which explicitly does not support address reuse.
Luke
Luke Dashjr [ARCHIVE] /
npub1tf…rfq0n
2023-06-07 18:13:26
in reply to nevent1q…cezd
Author Public Key
npub1tfk373zg9dnmtvxnpnq7s2dkdgj37rwfj3yrwld7830qltmv8qps8rfq0nPublished at
2023-06-07 18:13:26Event JSON
{
"id": "39f13e173977af080256c2b683555f73d4e9a499b11ac25c04675cc7544d4594",
"pubkey": "5a6d1f44482b67b5b0d30cc1e829b66a251f0dc99448377dbe3c5e0faf6c3803",
"created_at": 1686161606,
"kind": 1,
"tags": [
[
"e",
"9cfe46432c0fa07c164110c1acad44ea6d9df7a15d9bc858d6a0b516a4683320",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2018-07-03\n📝 Original message:On Monday 02 July 2018 18:11:54 Gregory Maxwell wrote:\n\u003e I know it seems kind of silly, but I think it's somewhat important\n\u003e that the formal name of this flag is something like\n\u003e \"SIGHASH_REPLAY_VULNERABLE\" or likewise or at least\n\u003e \"SIGHASH_WEAK_REPLAYABLE\". This is because noinput is materially\n\u003e insecure for traditional applications where a third party might pay to\n\u003e an address a second time, and should only be used in special protocols\n\u003e which make that kind of mistake unlikely. \n\nI don't agree. Address reuse is undefined behaviour. Nobody should assume it \nis safe or works.\n\nI intend to possibly use SIGHASH_NOINPUT for ordinary Bitcoin transactions in \na wallet I am writing, which explicitly does not support address reuse.\n\nLuke",
"sig": "877227578c7794ebfd0ecbade3706045cffc666ab897aa9dbaa0d722354491c64859995029a78e24cfa7ae1869a77a72960dfb792e960debde3b3a8d3ed68773"
}