How do you avoid transaction malleability?
https://en.bitcoin.it/wiki/Transaction_MalleabilityDoes this not mean that even if you have a signed refund transaction, it is possible for the funding transaction to be changed, such that the refund transaction is now invalid?
Or is this just not a concern?
good point. While I'm slightly surprised to read about transaction signing not covering the whole transaction which sounds like a huge design flaw now, changing the hash sounds spooky to me, too.