If I perform an HTML transaction on testnet not including OP_CHECKSIG, will the cost of an attacker still be greater (for example) than $ 10 in processing power or storage to subvert? my tests?
Details: I tinker with BIP-0199 htlcs, whose last step is CHECKSIG. At present, bitcoind does not expose (yet) the htlc features via RPC. To tinker, I had to implement BIP-0199 myself via RPC requests. To date, I have implemented everything I need until the last audit. From what I understood from Pieter Wuille, I would have to implement CHECKSIG's signature logic myself, which seems logical. However, the role of CHECKSIG in a htlc does not interest me because I think it's impossible to distinguish it from the same opcode in a standard transaction. I therefore propose not to implement it as long as my DIY remains on testnet.
Obviously, an HTC without CHECKSIG is not secure. For my purposes is it secure enough: Logically,
1. As long as it stays on testnet, a successful attack gets nothing more than testnet pieces;
2. The testable pieces that can be obtained are limited to funds committed for the p2sh address;
3. An attacker who knows that the redemption script that does not contain CHECKSIG should still force a script whose sha256 hash corresponds to that of the redemption script in order to buy funds;
4. An attacker who sees the vendor redemption code must get matches for the digest and the public key (perhaps via hash tables) and again must first obtain a copy of the transaction in order to deceive the seller;
5. An attacker seeing only the transaction of the buyer 'only & # 39; must match the public key, then get his mined copy first to deceive the buyer;
6. An attacker who is too slow to exploit first could still succeed in getting the block containing the orphan transaction.
And so, an attack on a locked hashed testnet contract that does not include CHECKSIG will have again require either more than $ 10 of processing power and / or storage space. Is my reasoning correct? If not, what did I miss?