Re: Transaction malleability is actually a big problem?

Quote from: Peter Todd on February 25, 2014, 09:34:48 AM

Quote from: jl2012 on February 25, 2014, 09:13:09 AM

Well, I just find a way to save it.

Let's have a new SIGHASH type called SIGHASH_ANYUTXO. Signing with this tag means that the signer would allow the redemption of any UTXO of the same address. So the signer don't need to specify the hash of the UTXO. The signature is valid no matter how the txid is changed. As long as the signer is not reusing the address, that would be safe.

Any comment?

That's what I've been saying for ages... though it'll have to be implemented as a new CHECKSIG operator due to Satoshi screwing up upgrade possibilities in CHECKSIG.

The original CHECKSIG is too bulky and we will need to modularize it in the future. We may also want different types of hashing and public key algorithms. This will enhance the long-term security a lot.