Well, you could always create a transaction with a different signature hash, say, by changing something trivial like nLockTime, or changing the order of inputs or outputs. Is that what you're talking about? Or is there some sophistry I'm ignorant of having to do with the elliptic curve math in the signature itself?
Aaron Voisine breadwallet.com On Fri, Jul 18, 2014 at 6:28 PM, Gregory Maxwell <gmaxw...@gmail.com> wrote: > On Fri, Jul 18, 2014 at 3:03 PM, Aaron Voisine <vois...@gmail.com> wrote: >>> 9. New signatures by the sender >> >> I'm not suggesting it be required, but it would be possible to >> mitigate this one by requiring that all signatures deterministically >> generate k per RFC6979. I'm using this in breadwallet. > > Nope. > > Your homework assignment is to explain why. :) ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
