I’m confused by the proposed solution posted in the blog regarding the recent vulnerability https://blog.trezor.io/details-of-firmware-updates-for-trezor-one-version-1-9-1-and-trezor-model-t-version-2-3-1-1eba8f60f2dd?gi=504a17ecca1c
The fix is straightforward — we need to deal with Segwit transactions in the very same manner as we do with non-Segwit transactions. That means we need to require and validate the previous transactions’ UTXO amounts. That is exactly what we are introducing in firmware versions 2.3.1 and 1.9.1.
I thought the value was already required to sign a raw segwit transaction… Since the change to segwit the full value of the input was needed in order to sign the raw transaction whereas before with legacy addresses you can simply sign without the input value amount.
They basically state the same thing in the article:
This is defined in BIP-143 and one of the changes was that the amount
of the UTXO is present in the signed data. This helps significantly;
if the attacker lies about the UTXO’s amount, the signature is simply
not valid in the Bitcoin network.
I guess I need it explained to me like a child because I don’t get it, what are they checking and validating, how are they validating? Are they going back two transactions now?