On Tue, Jul 19, 2016 at 10:35:39PM -0600, Sean Bowe via bitcoin-dev wrote: > I'm requesting feedback for Hash Time-Locked Contract (HTLC) transactions > in Bitcoin. > > HTLC transactions allow you to pay for the preimage of a hash. CSV/CLTV can > be used to recover your funds if the other party is not cooperative. These > scripts take the following general form: > > [HASHOP] <digest> OP_EQUAL > OP_IF > <seller pubkey> > OP_ELSE > <num> [TIMEOUTOP] OP_DROP <buyer pubkey> > OP_ENDIF > OP_CHECKSIG
Note that because you're hashing the top item on the stack regardless scriptSig's that satisfy HTLC's are malleable: that top stack item can be changed anything in the digest-not-provided case and the script still passes. -- https://petertodd.org 'peter'[:-1]@petertodd.org
signature.asc
Description: Digital signature
_______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
