Add ref for why sighash_all is required

bitcoin · Jan 13, 2025 · 651ffdd · 651ffdd
1 parent 9952599
commit 651ffdd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/bip-PSBT-SP.mediawiki b/bip-PSBT-SP.mediawiki
@@ -144,7 +144,7 @@ If any output does not have PSBT_OUT_SCRIPT set, the Signer must not yet add a s
 The Signer should additionally compute the silent payment addresses, optionally showing this data to the user instead of the computed segwit v1 addresses.
 
 If a sighash type is provided and there are silent payment outputs present, the signer must fail if the sighash type is not SIGHASH_ALL.
-If a sighash type is not provided and there are silent payment outputs present, the signer must sign using SIGHASH_ALL.
+If a sighash type is not provided and there are silent payment outputs present, the signer must sign using SIGHASH_ALL.<ref name="why_use_sighash_all"> ''' Why use only SIGHASH_ALL?''' BIP352 allows signing with SIGHASH_NONE and SIGHASH_SINGLE. However, silent payment capable PSBTs compute the output scripts deterministically based on the number and position of silent payment codes with the same scan key. SIGHASH_NONE and SIGHASH_SINGLE allow changing the amount or position of silent payment codes with the same scan and spend keys, which would invalidate computed output scripts.</ref>
 
 ====Computing the DLEQ Proof====