Peter Todd [ARCHIVE] on Nostr: š
Original date posted:2018-07-09 š Original message: On Tue, Jul 03, 2018 at ...
š
Original date posted:2018-07-09
š Original message:
On Tue, Jul 03, 2018 at 11:45:22PM +0000, Gregory Maxwell wrote:
> On Tue, Jul 3, 2018 at 5:21 AM, Peter Todd <pete at petertodd.org> wrote:
> > The problem with that name is `SIGHASH_REUSE_VULNERABLE` tells you nothing
> > about what the flag actually does.
>
> I believe that making the signature replayable is 1:1 with omitting
> the identification of the specific coin being spent from it.
I think you have a good point there. But that's not the only way that reuse
could be a vulnerability: consider hash-based signatures.
I'm happy with adding a suffix or prefix to the term SIGHASH_NOINPUT, e.g.
SIGHASH_NOINPUT_UNSAFE to re-use Rust terminology.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <
http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20180709/28ee2dde/attachment.sig>
Published at
2023-06-09 12:51:06Event JSON
{
"id": "2f363b3afee6ebea9bd8f05ca8afd2ce1883cfcd59a103838b81fa0b54af9f4d",
"pubkey": "daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa",
"created_at": 1686315066,
"kind": 1,
"tags": [
[
"e",
"663916e8f170f60127f6aa3243b92b3d69f1c7433c345d342b16ceac1b085088",
"",
"root"
],
[
"e",
"e95b38c7a6d3568b2acc24d727792055cc1e0a635ac5f5f32272082a01035b6c",
"",
"reply"
],
[
"p",
"4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73"
]
],
"content": "š
Original date posted:2018-07-09\nš Original message:\nOn Tue, Jul 03, 2018 at 11:45:22PM +0000, Gregory Maxwell wrote:\n\u003e On Tue, Jul 3, 2018 at 5:21 AM, Peter Todd \u003cpete at petertodd.org\u003e wrote:\n\u003e \u003e The problem with that name is `SIGHASH_REUSE_VULNERABLE` tells you nothing\n\u003e \u003e about what the flag actually does.\n\u003e \n\u003e I believe that making the signature replayable is 1:1 with omitting\n\u003e the identification of the specific coin being spent from it.\n\nI think you have a good point there. But that's not the only way that reuse\ncould be a vulnerability: consider hash-based signatures.\n\nI'm happy with adding a suffix or prefix to the term SIGHASH_NOINPUT, e.g.\nSIGHASH_NOINPUT_UNSAFE to re-use Rust terminology.\n\n-- \nhttps://petertodd.org 'peter'[:-1]@petertodd.org\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 833 bytes\nDesc: not available\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20180709/28ee2dde/attachment.sig\u003e",
"sig": "027ef473c8b11c6cdf0e05014639078d0bcc9677cd999678d099f0cf96681e7b958254fdd1bb5e99fd6880a9f13577d7d93621bc17b7596cf98d6e8dcb08b94c"
}