Hello Everyone!

It was hard to miss the recent implications of the transaction malleability issue, in which context for example nearly all MtGox funds were lost. Now the simple idea was to take the negative value of a part of the signature which also resultet in a valid signature (at least in the bitcoin implementation which falsely accepts this non-standard type of signatures).

I have probably found a way to resign "already signed" messages with perfectly correct signatures. Filtering for these typical "transaction malleability signatures" will therefore be not enough. Now the problem might be huge and not just solved by filtering out these "changed and non-standard signatures".

If you like we can discuss these issues here.