> You can only modify non-essential pieces of the transaction, but it does change the overall transaction hash.
That's the thing I don't get. If one is going to allow non-essential changes, shouldn't one _not_ include those data in the hash? Alternatively, should one simply not allow changes, period?
I've not read the Bitcoin paper, just summaries (been too busy, and it's outside my area); perhaps there's a good reason for it.
The important bits are signed with an ownership signature, and the whole transaction is hashed to be added to the block chain. As long as you don't trust the transaction hash (which isn't designed to be secure) you won't have an issue.
I think you are mostly correct. That is why some people call it an "issue", while others refer to it as a "vulnerability". I personally don't think it is a real vulnerability, more like a quirk.
That's the thing I don't get. If one is going to allow non-essential changes, shouldn't one _not_ include those data in the hash? Alternatively, should one simply not allow changes, period?
I've not read the Bitcoin paper, just summaries (been too busy, and it's outside my area); perhaps there's a good reason for it.