Spec uses undefined newAddress() in onChanOpenInit and onChanOpenTry and stores it in a map under the channel id. Code uses a deterministic function of the portID and channelID, ie. newAddress(portID, channelID). With crossing-hellos we could have a safety problem according to this spec as we can execute onChanOpenInit (creates escrow address E1), then createOutgoingPacket using E1, then onChanOpenTry we creates a new escrow address E2 that replaces E1, so money is gone. It seems that at code level we don't have this problem as implementation does not follow spec, i.e., it generates escrow account based on portId/channelID. But if someone follows the spec, then we have safety problem.
Fixes one item mentioned in https://github.com/cosmos/ibc-go/issues/65: