Hello everyone, I understand sighash_noinput allows us to reduce the number of stored signatures, as it can spend any uxto with the respective one-use pub key script. In the case of watchtowers, are we not trading off privacy, as we are revealing which states are related, right?
I'm trying to catch up my understanding on the various models here. The txid_half + encrypted blob guarantees nothing is learned about each state and how they relate unless a revocation must happen (but doesn't scale, one blob per outsourced state). Once signatures are reused for multiple states with sighash_noinput, how do we minimise information being disclosed to 3rd party? Many thanks in advance! James On Fri, Jul 13, 2018 at 2:00 PM, < lightning-dev-requ...@lists.linuxfoundation.org> wrote: > Send Lightning-dev mailing list submissions to > lightning-dev@lists.linuxfoundation.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > or, via email, send a message with subject or body 'help' to > lightning-dev-requ...@lists.linuxfoundation.org > > You can reach the person managing the list at > lightning-dev-ow...@lists.linuxfoundation.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Lightning-dev digest..." > > > Today's Topics: > > 1. Re: [bitcoin-dev] BIP sighash_noinput (Rusty Russell) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 13 Jul 2018 09:34:14 +0930 > From: Rusty Russell <ru...@rustcorp.com.au> > To: DING FENG <dingfeng12...@gmail.com>, Luke Dashjr <l...@dashjr.org> > Cc: Bitcoin Protocol Discussion > <bitcoin-...@lists.linuxfoundation.org>, > lightning-dev@lists.linuxfoundation.org, Gregory Maxwell > <g...@xiph.org> > Subject: Re: [Lightning-dev] [bitcoin-dev] BIP sighash_noinput > Message-ID: <878t6gxapt....@rustcorp.com.au> > Content-Type: text/plain > > DING FENG <dingfeng12...@gmail.com> writes: > > Hi, > > > > I'm a junior developer and a bitcoin user. > > And I have read this thread carefully. > > > > I'm very worried about "SIGHASH_NOINPUT". > > > > Because "SIGHASH_NOINPUT" looks will be widely used, and it makes reuse > > address more dangerous. > > No. > > A wallet should *never* create a SIGHASH_NOINPUT to spend its own UTXOs. > SIGHASH_NOINPUT is useful for smart contracts which have unique > conditions, such as a pair of peers rotating keys according to an agreed > schedule (eg. lightning). > > Cheers, > Rusty. > > > ------------------------------ > > _______________________________________________ > Lightning-dev mailing list > Lightning-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > > > End of Lightning-dev Digest, Vol 35, Issue 13 > ********************************************* >
_______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
