On Fri, Feb 26, 2016 at 1:07 AM, Joseph Poon via bitcoin-dev <[email protected]> wrote: > I'm interested in input and in the level of receptiveness to this. If > there is interest, I'll write up a draft BIP in the next couple days.
The design of segwit was carefully constructed to make it maximally easy and safe to soft-fork in future script enhancements after its deployment with the specific goal of avoiding indefinite delays in its deployment from inevitable scope creep from additional things that are "easy" to deploy as part of segwit. I think to be successful we must be absolutely ruthless about changes that go in there beyond the absolute minimum needed for the safe deployment of segwit... so I think this should probably be constructed as a new segwit script type, and not a base feature. The exact construction you're thinking of there isn't clear to me... one thing that comes to mind is that I think it is imperative that we do not deploy a without-inputs SIGHASH flag without also deploying at least a fee-committing sighash-all. The reason for this is that if hardware wallets are forced to continue transferring input transactions to check fees or to use without-inputs, they may choose the latter and leave the users needlessly exposed to replay attacks. When you do write a BIP for this its imperative that the vulnerability to replay is called out in bold blinking flaming text, along with the necessary description of how to use it safely. The fact that without input commitments transactions are replayable is highly surprising to many developers... Personally, I'd even go so far as to name the flag SIGHASH_REPLAY_VULNERABLE. :) _______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
