Malleability goes all the way back to bitcoin. The point is that UTXO IDs are based on the hash of the transaction that creates them. Sometimes you want to know the UTXO IDs that would be created by a given transaction so that you can construct a chain of off-chain transactions that will be signed and settled later (see htlcs or lightning network).
The Transaction IDs need to be based on stripped / simplified transactions, not concrete transactions with witness data filled in.
If you fill in the witness data first, then the hadh and thus the UTXO IDs created are malleable. Imagine an output that needs to be signed by alice. Modern signing algos use randomized initialization vectors, so there are many valid sigantures and thus many hashes.
OTOH if the transaction hash is calculated on the stripped transaction then the has and output ids are deterministic.
Malleability goes all the way back to bitcoin. The point is that UTXO IDs are based on the hash of the transaction that creates them. Sometimes you want to know the UTXO IDs that would be created by a given transaction so that you can construct a chain of off-chain transactions that will be signed and settled later (see htlcs or lightning network).
The Transaction IDs need to be based on stripped / simplified transactions, not concrete transactions with witness data filled in.
If you fill in the witness data first, then the hadh and thus the UTXO IDs created are malleable. Imagine an output that needs to be signed by alice. Modern signing algos use randomized initialization vectors, so there are many valid sigantures and thus many hashes.
OTOH if the transaction hash is calculated on the stripped transaction then the has and output ids are deterministic.