-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Library does not contain any code to correctly validate cashaddr with length greater than 160 #5
Comments
I have noticed that you for forked the repo do you plan to fix it yourself? (I would welcome the PR and help you if needed) or will you leave that to me? |
I was going to work on fixing it, but I realized I didn't have a ton of
time to do all the necessary testing. I can put my suggested patch in if
you are willing to test it
…On Wed, May 16, 2018 at 2:36 PM, oskyk ***@***.***> wrote:
I have noticed that you for forked the repo do you plan to fix it
yourself? (I would welcome the PR and help you if needed) or will you leave
that to me?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#5 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA1kMDU6SAJlb6dIqf6ncdvE9lH7f72Fks5tzHHCgaJpZM4UAkGB>
.
|
Put it in I will test it :) |
can you provide me with some valid addresses longer than 160bit? |
bitcoincashorg/bitcoincash.org#24 I'd take a look at my implementation here https://github.com/Steve132/wallet_standard/blob/master/python/coffer/coins/_cashaddr.py |
As seen in the cashaddr spec, cashaddr is supposed to have the bottom 3 bits of the version byte be an indicator of the size of the address. This means that valid version bytes can be like, 0x04 (indicating a 320 bit hash, for example).
This means if someone tries to use your lib to parse avalid larger cashaddress with lower version bits set, the lib will silently and strangely fail.
The text was updated successfully, but these errors were encountered: