Library does not contain any code to correctly validate cashaddr with length greater than 160 #5
Comments
|
I have noticed that you for forked the repo do you plan to fix it yourself? (I would welcome the PR and help you if needed) or will you leave that to me? |
|
I was going to work on fixing it, but I realized I didn't have a ton of
time to do all the necessary testing. I can put my suggested patch in if
you are willing to test it
…On Wed, May 16, 2018 at 2:36 PM, oskyk ***@***.***> wrote:
I have noticed that you for forked the repo do you plan to fix it
yourself? (I would welcome the PR and help you if needed) or will you leave
that to me?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#5 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA1kMDU6SAJlb6dIqf6ncdvE9lH7f72Fks5tzHHCgaJpZM4UAkGB>
.
|
|
Put it in I will test it :) |
|
can you provide me with some valid addresses longer than 160bit? |
|
bitcoincashorg/bitcoincash.org#24 I'd take a look at my implementation here https://github.com/Steve132/wallet_standard/blob/master/python/coffer/coins/_cashaddr.py |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As seen in the cashaddr spec, cashaddr is supposed to have the bottom 3 bits of the version byte be an indicator of the size of the address. This means that valid version bytes can be like, 0x04 (indicating a 320 bit hash, for example).
This means if someone tries to use your lib to parse avalid larger cashaddress with lower version bits set, the lib will silently and strangely fail.
The text was updated successfully, but these errors were encountered: