Author: Anthony Towns 2020-05-02 14:26:02
Published on: 2020-05-02T14:26:02+00:00
In the email thread, Russell O'Connor suggested keeping the hashes of the ScriptPubKeys separate from the input values. Andrew's suggestion to add another hash to the signature message for sha_scriptPubKeys achieves this, provided sha_scriptPubKeys inclusion is conditional on hash_type not matching ANYONECANPAY. They could also make the scriptPubKey field dependent on hash_type matching ANYONECANPAY, which would mean committing to each component of the UTXOs being spent. With ANYONECANPAY, it would be the same but just for this input's prevout. However, they would still arguably miss out on whether it was a coinbase output and what the height of the coin was. Russell O'Connor also proposed separating the hashing of the output values from the output ScriptPubKeys in sha_outputs so that applications interested only in summing the values of the outputs (for instance to compute fees) do not have to wade through those arbitrary long ScriptPubKeys in the outputs. However, if one did not verify the output scriptPubKeys, they would only be able to care about fees since they couldn't verify where any of the funds went. There are links provided to prior discussions on this topic.
Updated on: 2023-05-20T23:16:42.036828+00:00