This makes using SIGHASH_SINGLE without a matching output non-standard. Signature of this form is insecure, as it commits to no output while users might think it commits to one. It is even worse in non-segwit scripts, which is effectively NOINPUT|NONE, so any UTXO of the same key could be stolen.
This is one of the earliest unintended consensus behavior which could be fixed with a softfork. The first step is to make it non-standard.
You can view, comment on, or merge this pull request online at:
— Commit Summary —
* [Policy] Reject SIGHASH_SINGLE with output out of bound
— File Changes —
M src/script/interpreter.cpp (8)
M src/script/interpreter.h (8)
M src/script/sign.cpp (4)
M src/test/data/tx_invalid.json (16)
M src/test/data/tx_valid.json (4)
M src/test/transaction_tests.cpp (1)
— Patch Links —