[ad_1]

TL;DR: Yes, once a transaction is confirmed, unless a chain reorganization makes it unconfirmed again, no forms of malleability are possible. SegWit specifically fixed TXID malleability of unconfirmed transactions, but other forms of malleability are possible.


Transaction malleability in general refers to the possibility of a third party changing some parts of a transaction without making it invalid. For example, with ECDSA it’s possible to change a valid signature into a different signature that is still valid for the same message. This isn’t a problem in most cryptosystems, but because in pre-SegWit transactions the TXID depends on the transaction signatures and transaction inputs reference the TXID of a transaction whose outputs they’re spending, this makes it unsafe to rely on chains of unconfirmed transactions (required by off-chain protocols such as Lightning).

While there were proposals to limit the ECDSA scheme to remove this vulnerability (see BIP62 which also covers other malleability vectors), SegWit took a more general approach by introducing the “witness”, a new transaction component where signatures and other data needed to satisfy scripts go, that isn’t depended on by the TXID. This was a superior solution in that it’s now possible to create chains of unsigned or partially signed transactions and know that no matter what signatures and other data will be included in the witness, the TXIDs will stay the same and the chain remains valid.

However, TXID malleability isn’t the only type of malleability to look out for. Some scripts can be satisfied in multiple ways, and if a third party can come up with a solution that takes more space in the witness, they can reduce the fee rate of your transaction. As another example, it was recently discussed that if a Taproot script tree includes the same script multiple times on different levels, a third party that knows the tree structure can change the witness to spend the script at a deeper level, which again increases the witness size and lowers your fee rate. These sources of malleability can generally be avoided.

[ad_2]

Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *