Author: Russell O'Connor 2017-10-02 20:38:49
Published on: 2017-10-02T20:38:49+00:00
Mark Friedenbach and Russell O'Connor discussed the difficulty of creating a Bitcoin script that does not allow malleability and requires wasting a lot of bytes. Script validation flags check for these things, but they weren't made consensus rules with Segwit v0 due to concern over scope creep. Script operations are not aware of whether the stack items they are processing are witness malleable items or Script computed values. Signatures are a fine place to aim to restrict witness malleability because if signatures could securely cover all witness data, it would prevent the worst effects of witness malleability without burdening Script development. Additionally, Luke's suggestion of having both SIGHASH_WITNESS_SIZE and SIGHASH_WITNESS_DEPTH flag is better because it is simpler.
Updated on: 2023-06-12T21:29:00.357018+00:00