Hello everyone, I understand sighash_noinput allows us to reduce the number of stored signatures, as it can spend any uxto with the respective one-use pub key script. In the case of watchtowers, are we not trading off privacy, as we are revealing which states are related, right?
I'm trying to catch up my understanding on the various models here. The txid_half + encrypted blob guarantees nothing is learned about each state and how they relate unless a revocation must happen (but doesn't scale, one blob per outsourced state). Once signatures are reused for multiple states with sighash_noinput, how do we minimise information being disclosed to 3rd party? Many thanks in advance! James On Fri, Jul 13, 2018 at 2:00 PM, < [email protected]> wrote: > Send Lightning-dev mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Lightning-dev digest..." > > > Today's Topics: > > 1. Re: [bitcoin-dev] BIP sighash_noinput (Rusty Russell) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 13 Jul 2018 09:34:14 +0930 > From: Rusty Russell <[email protected]> > To: DING FENG <[email protected]>, Luke Dashjr <[email protected]> > Cc: Bitcoin Protocol Discussion > <[email protected]>, > [email protected], Gregory Maxwell > <[email protected]> > Subject: Re: [Lightning-dev] [bitcoin-dev] BIP sighash_noinput > Message-ID: <[email protected]> > Content-Type: text/plain > > DING FENG <[email protected]> writes: > > Hi, > > > > I'm a junior developer and a bitcoin user. > > And I have read this thread carefully. > > > > I'm very worried about "SIGHASH_NOINPUT". > > > > Because "SIGHASH_NOINPUT" looks will be widely used, and it makes reuse > > address more dangerous. > > No. > > A wallet should *never* create a SIGHASH_NOINPUT to spend its own UTXOs. > SIGHASH_NOINPUT is useful for smart contracts which have unique > conditions, such as a pair of peers rotating keys according to an agreed > schedule (eg. lightning). > > Cheers, > Rusty. > > > ------------------------------ > > _______________________________________________ > Lightning-dev mailing list > [email protected] > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev > > > End of Lightning-dev Digest, Vol 35, Issue 13 > ********************************************* >
_______________________________________________ Lightning-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
