Author: fred savage 2018-07-13 09:50:47
Published on: 2018-07-13T09:50:47+00:00
The use of SIGHASH_NOINPUT is causing concern for several reasons. Firstly, it allows for address reuse, which cannot be prevented due to the push payment nature of Bitcoin. Secondly, average users who rely on the GUI may not understand the technicalities happening behind the scenes. Additionally, as Lightning Network is not validated by the community, a user could manipulate their own node to require SIGHASH_NOINPUT as a condition of the channel, which poses risks for under-the-hood raw transaction risks where a transaction can be signed, but then allow the outs to alter value using a different opcode. This could be abused by a counterparty just editing it so that one party gets nothing and the other gets everything. Finally, allowing certain things to change after signing brings back malleability for those that use a TXID to identify if a transaction has been confirmed. A wallet should never create a SIGHASH_NOINPUT to spend its own UTXOs; rather, it is useful for smart contracts with unique conditions such as peers rotating keys according to an agreed schedule.
Updated on: 2023-06-13T01:52:17.507631+00:00