Author: Mike Hearn 2014-02-20 14:08:59
Published on: 2014-02-20T14:08:59+00:00
On February 20, 2014, Michael Gronager suggested that a subclass of version 1 transactions should become unmalleable, namely those with sighash=all. This would mean that instead of defining a version 3, only the sender can modify the sighash as it is part of the hash signed. They also acknowledged that they buy the argument of Peter and Gregory that there might exist unpublished transactions out there that do not even conform to the DER rules, so they cannot forbid them from being mined and timestamped. Therefore, they cannot change the consensus rule for version 1 transactions, and only changing the relay rules will not provide a certain guarantee. Gronager supported the BIP but expected the realistic timeline for enforced version 3 transactions to be roughly one year. Pieter Wuille replied to Gronager on February 19, 2014, and stated that the change is not directly intended to avoid incidents. It will take too long to deploy, and software should deal with malleability. This is a longer-term solution intended to provide non-malleability guarantees for clients that are upgraded and willing to restrict their functionality. While they could make all these rules non-standard now and schedule a soft fork in a year or so to make them illegal, it would mean removing potential functionality that can only be re-enabled through a hard fork. This is significantly harder, so they should think about it very well in advance. Wuille also discussed new transaction and block versions, which allow implementing and automatically scheduling a soft fork without waiting for wallets to upgrade. The non-DER signature change was discussed for over two years and implemented almost a year ago, yet they still notice wallets that do not support it. They cannot expect every wallet to be instantly modified, and if software only spends confirmed change and tracks all debits correctly, there is no need.
Updated on: 2023-06-08T02:39:10.948573+00:00