On Fri, May 25, 2018 at 3:14 AM, Johnson Lau <jl2...@xbt.hk> wrote: > A graftroot design like this is a strict subset of existing signature > checking rules. If this is dangerous, the existing signature checking rules > must be dangerous.
While you may be right in this situation, I'm not sure that conclusion follows from your argument. Whether or not a construction is safe does not just depend on the consensus rules, but also on how it is used. Otherwise you could as well argue that since OP_TRUE is possible right now which is obviously insecure, nothing more dangerous can be accomplished through any soft fork. The best argument for why Graftroot does not need to be optional I think was how Greg put it: "since the signer(s) could have signed an arbitrary transaction instead, being able to delegate is strictly less powerful.". Cheers, -- Pieter _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
