Security implications of removing CHECKSIG in a test
If I conduct an htlc transaction on testnet that does not include OP_CHECKSIG will it still cost an attacker more than (say) $10 in processing power or storage to subvert my tests?
Details: I'm tinkering with BIP-0199 htlcs, the last step of which is CHECKSIG. Now, bitcoind does not (yet) expose htlc functionality through RPC, so in order to tinker I've had to implement BIP-0199 via RPC requests myself. To date I've implemented everything I need up to the final CHECKSIG. I understand of Pieter Wuille here that I would need to implement the signing logic for CHECKSIG myself, which seems logical. However, I'm not interested in the role of CHECKSIG in a htlc as I believe it indistinguishable from the same opcode in any standard transaction so I propose to skip implementing it while my tinkering remains on testnet.
Obviously an htlc without CHECKSIG is not secure. For my purposes is it secure enough: Logically,
1. While it remains on testnet, a successful attack obtains no more than testnet coins;
2. The testnet coins that could be obtained are limited to the funds committed to the p2sh address;
3. An attacker who somehow knew that a redeemscript did not contain CHECKSIG would still have to brute force a script whose sha256 hash matches that of the redeemscript in order to redeem funds;
4. An attacker who sees the seller's redeemscript has to obtain matches for the digest and public key (perhaps through hash tables) and still has to get his copy of the transaction mined first in order to cheat the seller;
5. An attacker seeing the buyer's transaction 'only' has to match on the public key then get his copy mined first to cheat the buyer;
6. An attacker that's too slow to get mined first could nevertheless succeed by getting the block containing the transaction orphaned.
And so, an attack on an testnet hashed time-locked contract that does not include CHECKSIG will still require either processing power and/or storage space well in excess of $10. Is my reasoning sound, and if not, what have I missed?
http://bit.ly/2AphJtJ
Comments
Post a Comment