Author: Matt Corallo 2019-11-08 00:41:54
Published on: 2019-11-08T00:41:54+00:00
A vulnerability has been discovered in the bech32 address format, where inserting or erasing "q"s before a final "p" does not invalidate it. While this issue was not by design and may influence design decisions around bip-taproot, it has little effect on the security of P2WPKH/P2WSH addresses as those are only valid for specific lengths. If unencumbered witness v1 outputs of length other than 32 are outlawed, this could prevent such an insertion or erasure from resulting in an output that can be spent by anyone. However, rather than addressing this issue with a consensus/standardness fix, it is suggested to redefine bech32 to not allow such addresses. Alternatively, making them non-standard could be a softer approach in preparation for a future accepted softfork.
Updated on: 2023-05-20T21:04:30.657161+00:00