Sorry guys have to be quick - back to back meetings today.
Long story short according to the current rules that transaction is
not valid due to ambiguous sequence numbers, this is why masterchest.info throws the transaction out.
19b5BiXWZERFoCNhVKiYDf9i829P1W1wiE has a sequence number of 94
19UjqqjXmQxyyn4xStA7mWXVkzXwVDgu7Z has a sequence number of 93
19feAR37pguLwDyEMc8oiW2WT4esrgR5z6 has a sequence number of 95
If there is a broken sequence (i.e. 3,4,8), then the odd-man-out is the change address (8 in this example)
If there is an ambiguous sequence (i.e. 3,4,4), then the transaction is invalid!
If there is a perfect sequence (i.e. 3,4,5), then the transaction is invalid!
You have a perfect sequence (93, 94, 95) so there is no clear way to identify recipient vs change.
Tachikoma, we (or just I?) removed the requirement for the outputs to be the same and only used sequence numbers for address identification instead. This was discussed a while back when you were designing your original multisig and had to use a different amount for the multisig output due to the higher dust threshold with a bigger size of the output (multisig). I raised the issue of outputs amounts no longer being the same as required by the spec and suggested an amendment that multisig output amounts were specified as exodus output amount*2, but that never got included as it was stated that outputs actually did not need to be the same, it was just a convenience:
Having all the outputs be the same amount is merely a convenience for identifying the change address. I'm fine with a less strict implementation as long as it is still possible to identify the change address.
So I removed the requirement for outputs to be the same amount to allow for multisig outputs no longer meeting said requirement. So as it stands now I no longer evaluate what the value is of each vout, only the sequence numbers matter.
I think we need some further discussion on backwards compatibility for these Class A transactions. Perhaps we need to re-introduce the 'same output amount' rule as a requirement just for Class A transactions as we can then use the amounts to help identify change as per the original spec - at the moment there seems to be some ambiguity around Class A transaction validity between our implementations and we need to clear this up. You can probably understand now why I'm putting so much effort into having these rules explicitly defined and documented
I do concur that random chance of sequence number collisions should not be a factor in transaction validity.
None of this is an issue in multisig as we require change to be from the sender as a method of removing address ambiguity.
This is why I am not a fan of flagging a transaction invalid based sequence. This guy was just trying to create a transaction and he had no way that random chance could make it invalid.
As long as we can safely identify the data address then a perfect sequence number is not a problem. I say we simply peak into each address and see if it contains a known Mastercoin message. Currently only SimpleSends are supported so we can just peak into an address, decode it and see if the transaction type is 0 and the and currency_id is within limits and if the sequence number makes sense. If we can say with a certain certainty that this is most likely a simple send then we have our data address and know which sequence the target address should be. This will work for a broken sequence as well. The only problem is the ambiguous sequence. In this case there is simply no way of finding out the correct address and the transaction should be made invalid. Since the random factor can't be solved here we might need to solve it differently and go back a step.
How about we do the following.
- Only allow Simple Sends to be encoded as addresses. All new messages should use pulic keys.
- All outputs that contain Mastercoin data for Class A transaction should have the same output amount, but it doesn't matter how much this amount is.
- Probe each address to see if it's a Mastercoin encoded address using the checks outlined above.
Checks to see if it's a Mastercoin encoded address
- Transaction type is 0
- Currency ID is an existing Currency ID, for now only 1 and 2 are created but this might chance in the future
If we follow these rules then there should always be three outputs. One you can rule out based on the fact that it's Exodus. One of those is the data package and one the target address. In most cases you can probably know which is which even without the sequence number.
I will make some time today to see if this change would affect any existing transactions but I highly doubt it.