AT the moment, users have to construct their own salt variables to avoid utxo hash collision...
Users most likely wont do it correctly, so it means our UX is still highly vulnerable to replay attacks.
We should take out Salt from the user input, and construct it for the user ourselves.
The new salt with be a hash of the following combo:
transaction encoding: which contains input-utxo hash, which can't be doublespent. The resulting utxo hash will definitely be different than the original-utxo hash, thus 0 chance of future collisions down the line.
output index: to avoid collision among utxo in the same transaction
AT the moment, users have to construct their own salt variables to avoid utxo hash collision... Users most likely wont do it correctly, so it means our UX is still highly vulnerable to replay attacks.
We should take out
Salt
from the user input, and construct it for the user ourselves.The new salt with be a hash of the following combo:
transaction encoding
: which contains input-utxo hash, which can't be doublespent. The resulting utxo hash will definitely be different than the original-utxo hash, thus 0 chance of future collisions down the line.output index
: to avoid collision among utxo in the same transaction