Author: Pieter Wuille 2018-07-04 19:09:29
Published on: 2018-07-04T19:09:29+00:00
In an email conversation, some concerns have been raised about the strictness and security properties of BIP. The first issue is regarding choosing from duplicate keys when combining. The proposal is to either change the resolution strategy or explain why picking at random is safe. However, outlawing conflicting values would force all signers to implement fixed deterministic nonce generation, which may result in PSBTs that got copied and signed and combined again failing. So, a better approach would be to choose the keys in such a way that picking arbitrarily is safe. Another issue is regarding signing records with unknown keys. It is suggested to codify the behavior in the standard or mark a field as "optional" so that strict signers know they can safely ignore the unknown field. However, there may not be a situation where this is needed, and signers generally inspect transactions they're signing. Lastly, it is proposed that if a key or value data in a field doesn't match the specified format, the PSBT is invalid, and the Combiner MAY also refuse to combine PSBTs that have inconsistencies in that field.
Updated on: 2023-05-20T17:06:14.470731+00:00