mirror of
https://github.com/bitcoinbook/bitcoinbook
synced 2025-03-26 04:15:44 +00:00
Edited ch04_keys.adoc with Atlas code editor
This commit is contained in:
rgordon
parent
12790ac979
commit
543c4aaecc
@ -887,7 +887,7 @@ Then they'll replace it on the stack with its deserialized value:
|
||||
The script is executed and, if it passes and all of the other
|
||||
transaction details are correct, the transaction is valid.
|
||||
|
||||
Addresses for Pay-to-Script-Hash (P2SH) are also created with
|
||||
Addresses for P2SH are also created with
|
||||
base58check. The version prefix is set to 5, which results in an
|
||||
encoded address starting with a +3+. An example of a P2SH address is
|
||||
+3F6i6kwkevjR7AsAd4te2YB2zZyASEm1HM+.
|
||||
@ -906,7 +906,7 @@ common over time.
|
||||
Legacy addresses were supplanted by the bech32 family of addresses.
|
||||
|
||||
[[p2sh_collision_attacks]]
|
||||
.P2SH collision attacks
|
||||
.P2SH Collision Attacks
|
||||
****
|
||||
All addresses based on hash functions are theoretically vulnerable to an
|
||||
attacker independently finding the same input that produced the hash
|
||||
@ -916,18 +916,17 @@ key and be able to spend that user's bitcoins. The chance of an attacker
|
||||
independently generating the input for an existing commitment is
|
||||
proportional to the strength of the hash algorithm. For a secure
|
||||
160-bit algorithm like HASH160, the probability is 1-in-2^160^. This is
|
||||
a _pre-image attack_.
|
||||
a _preimage attack_.
|
||||
|
||||
An attacker can also try to generate two different inputs (e.g. redeem
|
||||
An attacker can also try to generate two different inputs (e.g., redeem
|
||||
scripts) that produce the same commitment. For addresses created
|
||||
entirely by a single party, the chance of an attacker generating a
|
||||
different input for an existing commitment is also about 1-in-2^160^ for
|
||||
the HASH160 algoritm. This is a _second pre-image attack_.
|
||||
the HASH160 algorithm. This is a _second preimage attack_.
|
||||
|
||||
However, this changes when an attacker is able to influence the original input
|
||||
value. For example, an attacker participates in the creation of a
|
||||
multisignature script where the attacker doesn't need to submit his
|
||||
public key until after he learns all of the other party's public keys.
|
||||
multisignature script where tthey don't need to submit their public key until after he learns all of the other party's public keys.
|
||||
In that case, the strength of hash algorithm is reduced to its square
|
||||
root. For HASH160, the probability becomes 1-in-2^80^. This is a
|
||||
_collision attack_.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user