From 3a16c24f5e87614ac42173927297f0d013fdc0f2 Mon Sep 17 00:00:00 2001
From: "nicolas.dorier" <nicolas.dorier@gmail.com>
Date: Fri, 19 Jun 2020 13:23:37 +0900
Subject: [PATCH] Additional note for HW

---
 bip-0078.mediawiki | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bip-0078.mediawiki b/bip-0078.mediawiki
index d43249f1..2acee5d2 100644
--- a/bip-0078.mediawiki
+++ b/bip-0078.mediawiki
@@ -382,6 +382,7 @@ The sender's software wallet can verify that the payjoin proposal is legitimate
 However, a hardware wallet can't verify that this is indeed the case. This means that the security guarantee of the hardware wallet is decreased. If the sender's software is compromised, the hardware wallet would sign two valid transactions, thus sending two payments.
 
 Without payjoin, the maximum amount of money that could be lost by a compromised software is equal to one payment (via [[#output-substitution|payment output substitution]]).
+Note that the sender can opt out payment output substitution my using the optional parameter <code>disableoutputsubstitution=true</code>.
 
 With payjoin, the maximum amount of money that can be lost is equal to two payments.