From d975de1ba5d3e8aca586154ae0cae8f1b3181495 Mon Sep 17 00:00:00 2001 From: Ken Sedgwick Date: Mon, 31 Jan 2022 12:05:20 -0800 Subject: [PATCH] Clarify the sighash types for HTLC Success and Timeout transactions (#954) --- 03-transactions.md | 2 +- 05-onchain.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/03-transactions.md b/03-transactions.md index 2825332..0ad86e2 100644 --- a/03-transactions.md +++ b/03-transactions.md @@ -328,7 +328,7 @@ These HTLC transactions are almost identical, except the HTLC-timeout transactio * txout count: 1 * `txout[0]` amount: the HTLC amount minus fees (see [Fee Calculation](#fee-calculation)) * `txout[0]` script: version-0 P2WSH with witness script as shown below -* if `option_anchors` applies to this commitment transaction, `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used. +* if `option_anchors` applies to this commitment transaction, `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used as described in [BOLT #5](05-onchain.md#generation-of-htlc-transactions). The witness script for the output is: diff --git a/05-onchain.md b/05-onchain.md index 2cf87d6..934ab4f 100644 --- a/05-onchain.md +++ b/05-onchain.md @@ -594,8 +594,8 @@ If `option_anchors` does not apply to the commitment transaction, then HTLC-timeout and HTLC-success transactions are complete transactions with (hopefully!) reasonable fees and must be used directly. -Otherwise, the use of `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` on the HTLC -signatures received from the peer allows HTLC transactions to be combined with +Otherwise, `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` MUST be used on the +HTLC signatures received from the peer, as this allows HTLC transactions to be combined with other transactions. The local signature MUST use `SIGHASH_ALL`, otherwise anyone can attach additional inputs and outputs to the tx.