Solution 09 is susceptable to replay attacks

[aral]

At the state we have the bank at the end of 09, it is open to replay attacks as long as someone has access to the log to alter it. All they need to do is to copy an existing command to the end of the log (with a valid hash, which they can easily calculate) and reuse the signature.

As far as I can see, we can mitigate this by signing not the value but the hash. As the hash for each entry is unique, this should thwart replay attacks.

Would you like a PR to the text with these changes?

[aral]

Ah, I was confused by the wording, it does say to sign the hash, not the transaction but it can be misinterpreted:

When you generate a new hash for a transaction, sign it using the secret key

The it in “sign it” could refer to the hash (which it should) or to the transaction. Given that the latter implementation has a security implication, I feel we should be explicit here:

When you generate a new hash for a transaction, sign the hash using the secret key

I’ll issue a PR for that if that’s cool.

[emilbayes]

Please do, this was the intention! :)