-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
verify sighash type from the signed tx #3
Comments
https://github.com/Ademan/bdk-reserves/blob/wip-bip-0127/src/reserves.rs#L268 this is where my head is at currently. I think it might be better than verifying the sighash type because it's instantly more flexible¹ bip-0127 says "** MUST have signatures that commit to the commitment input (e.g. using SIGHASH_ALL)." I interpret this to mean the real requirement, is that the commitment input is committed to by every other input, validating sighash type is only one method (and only part of that method, too). ¹ on the other hand, a future softfork might render certain proofs invalid that are currently recognized as valid by libbitcoinconsensus, so even though it's fairly attractive to handle every type of transaction, maybe restricting to a set of known cases is safer² ² on the other, other hand, a future softfork could affect even known standard transactions like with BIP-0066, and maybe the onus is properly on verifiers to keep their verification code up-to-date? |
At the moment we only verify the sighash type from the PSBT part. We should verify it from the signed transaction part.
Especially for multisig wallets, it prooved to be more difficult to do so than expected.
The text was updated successfully, but these errors were encountered: