Author: ZmnSCPxj 2019-03-20 07:38:22
Published on: 2019-03-20T07:38:22+00:00
In a post to the Lightning-dev mailing list, ZmnSCPxj proposed that the "must have a non-SIGHASH_NOINPUT" rule would address the first reuse scenario (as well as the second) with eltoo watchtowers. However, this raises questions about how the watchtower can create such a non-`SIGHASH_NOINPUT` signature. Rusty Russell responded that future segwit versions may choose to relax the rule but questioned the necessity of safety measures which don't actually help in practical failure scenarios. In addition, Anthony Towns raised concerns about two fundamental ways NOINPUT could cause problems. The first is that the signature gets applied to an unexpectedly different script, and the second is that naive users do silly things with NOINPUT signatures and end up losing funds due to replays. Rusty Russell expressed his inclination to err on the side of putting more safety measures in for NOINPUT, rather than fewer, but also suggested that the "must have a sig that commits to the input tx" rule could be a standardness rule rather than consensus.
Updated on: 2023-06-13T17:41:22.339115+00:00