diff options
author | Jorge Timón <jtimon@jtimon.cc> | 2017-01-04 15:45:54 +0100 |
---|---|---|
committer | bitcoindev <bitcoindev@gnusha.org> | 2017-01-04 14:45:56 +0000 |
commit | 198c07b25aa9f6616dfc28808e3fb5cdaa3e58f6 (patch) | |
tree | 211846575474acb6e4a284fbf6398d05fd00836e | |
parent | 789e7ccb4ba28913ef526ac274c6dc945bf9b01a (diff) | |
download | pi-bitcoindev-198c07b25aa9f6616dfc28808e3fb5cdaa3e58f6.tar.gz pi-bitcoindev-198c07b25aa9f6616dfc28808e3fb5cdaa3e58f6.zip |
Re: [bitcoin-dev] Script Abuse Potential?
-rw-r--r-- | d3/db9677635bd5353342c18a17bdadb8c65b8b3a | 315 |
1 files changed, 315 insertions, 0 deletions
diff --git a/d3/db9677635bd5353342c18a17bdadb8c65b8b3a b/d3/db9677635bd5353342c18a17bdadb8c65b8b3a new file mode 100644 index 000000000..f4efc9281 --- /dev/null +++ b/d3/db9677635bd5353342c18a17bdadb8c65b8b3a @@ -0,0 +1,315 @@ +Return-Path: <jtimon@jtimon.cc> +Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org + [172.17.192.35]) + by mail.linuxfoundation.org (Postfix) with ESMTPS id D596DB3E + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 4 Jan 2017 14:45:56 +0000 (UTC) +X-Greylist: whitelisted by SQLgrey-1.7.6 +Received: from mail-ua0-f181.google.com (mail-ua0-f181.google.com + [209.85.217.181]) + by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DD1D8108 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 4 Jan 2017 14:45:55 +0000 (UTC) +Received: by mail-ua0-f181.google.com with SMTP id i68so247384687uad.0 + for <bitcoin-dev@lists.linuxfoundation.org>; + Wed, 04 Jan 2017 06:45:55 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=jtimon-cc.20150623.gappssmtp.com; s=20150623; + h=mime-version:in-reply-to:references:from:date:message-id:subject:to + :cc; bh=EomjKsUL6ta0ZOzOWC4/GcdT8VnodX90+CseSxd3UyY=; + b=aUl/Tm3sTc+ZkI7Zjl6bOTF5VdI8CL8fG9jtULi6TwLSshKujO9sIY2mXpnvuM24+v + 3SeOdqnCUtX98bERfLMOiv+mL06QHKWbQuQQoGrU4giqTb+DW5A2VPDouRDar020+SgB + 6xTVHft6BlX+uc8rq+08C3as05/qlDR8GZLaqYhV9OvRgQexy+dtOiiLIMw8FQ92pxpf + TET/TS2QvfKBIIDwdtdUhDkiJR4xapTOpVGsaIzuTgfUPssIfsEOOrTv6clEZ1Y5jZGf + eoBUAHFP2Wwr5cSdiFDyGKd5AOWs64kqLKhD/HlxjxwyD4Ar6D2L1PBDLHB12G0QlNP4 + LWrg== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20161025; + h=x-gm-message-state:mime-version:in-reply-to:references:from:date + :message-id:subject:to:cc; + bh=EomjKsUL6ta0ZOzOWC4/GcdT8VnodX90+CseSxd3UyY=; + b=FbnwnbCnXXqzZMMKJ0zI6d5LuOpVuGputr8tgFiPEfGBLck5yZXMVE5GDcUB+GJZwN + 5yA0Xuwaa7qeKlynKHDWZCyxSvezNn0e2UXBZPBOcj65zFlKWq3Iiz0qzzOqeUZFvJJ4 + SFc5fZXWd/9m9BNHIbMWYSg8yddfMJBaNLmagIwi/nNHJpV+UMyxfRbVpWm8O7TfTKba + QdgFTRMFSbFL7xXR9Q4j1bGsD5+i68SD1uoyTikhiLYFa+/xn6RjUozMNkiJqBOUK95B + 4aEjCL0rOedstJ4H1DNbRH9ctDEIT7nwOWesVBZtFEkMDKq9DxXqQuZxDRvgpqgv+SWw + dG+A== +X-Gm-Message-State: AIkVDXIMZa8zDuJhxnY+J9m7hcIuMWC2IlEo9XwHayVFoRQiBLvc9Ys1rV8kS9qksiJ+E4J4lsyc/8hgvhywMw== +X-Received: by 10.176.84.8 with SMTP id n8mr49944915uaa.29.1483541154889; Wed, + 04 Jan 2017 06:45:54 -0800 (PST) +MIME-Version: 1.0 +Received: by 10.31.216.130 with HTTP; Wed, 4 Jan 2017 06:45:54 -0800 (PST) +Received: by 10.31.216.130 with HTTP; Wed, 4 Jan 2017 06:45:54 -0800 (PST) +In-Reply-To: <CAMZUoK=-3dGapPQTfKdd4oMQukiTyN1v123Yjo4ihO6YOHuBZQ@mail.gmail.com> +References: <mailman.11263.1483391161.31141.bitcoin-dev@lists.linuxfoundation.org> + <400152B9-1838-432A-829E-13E4FC54320C@gmail.com> + <CAD5xwhjHFzFzKws10TG-XioZoRVZ_oZbMF_xDOy5xNWtzFTsEw@mail.gmail.com> + <6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk> + <CAD5xwhg3QeHZF1Oepo3dnCAth0EO3wCqyeT4a21gQ2uxZ5dTfQ@mail.gmail.com> + <CAMZUoK=-3dGapPQTfKdd4oMQukiTyN1v123Yjo4ihO6YOHuBZQ@mail.gmail.com> +From: =?UTF-8?B?Sm9yZ2UgVGltw7Nu?= <jtimon@jtimon.cc> +Date: Wed, 4 Jan 2017 15:45:54 +0100 +Message-ID: <CABm2gDr-8h6EszsKRpJq6OCNnTUjmPvN_K3pYzyeNT3z2Lu94w@mail.gmail.com> +To: "Russell O'Connor" <roconnor@blockstream.io>, + Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org> +Content-Type: multipart/alternative; boundary=94eb2c1b2d7e8c6e61054545d70e +X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, + RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on + smtp1.linux-foundation.org +Cc: Steve Davis <steven.charles.davis@gmail.com> +Subject: Re: [bitcoin-dev] Script Abuse Potential? +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Wed, 04 Jan 2017 14:45:57 -0000 + +--94eb2c1b2d7e8c6e61054545d70e +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +I would assume that the controversial part of op_cat comes from the fact +that it enables covenants. Are there more concerns than that? + +On 4 Jan 2017 04:14, "Russell O'Connor via bitcoin-dev" < +bitcoin-dev@lists.linuxfoundation.org> wrote: + +> For the record, the OP_CAT limit of 520 bytes was added by Satoshi +> <https://github.com/bitcoin/bitcoin/commit/4bd188c4383d6e614e18f79dc337fb= +abe8464c82#diff-8458adcedc17d046942185cb709ff5c3R425> +> on the famous August 15, 2010 "misc" commit, at the same time that OP_CAT +> was disabled. +> The previous limit was 5000 bytes. +> +> On Tue, Jan 3, 2017 at 7:13 PM, Jeremy via bitcoin-dev <bitcoin-dev@lists= +. +> linuxfoundation.org> wrote: +> +>> Sure, was just upper bounding it anyways. Even less of a problem! +>> +>> +>> RE: OP_CAT, not as OP_CAT was specified, which is why it was disabled. A= +s +>> far as I know, the elements alpha proposal to reenable a limited op_cat = +to +>> 520 bytes is somewhat controversial... +>> +>> +>> +>> -- +>> @JeremyRubin <https://twitter.com/JeremyRubin> +>> <https://twitter.com/JeremyRubin> +>> +>> On Mon, Jan 2, 2017 at 10:39 PM, Johnson Lau <jl2012@xbt.hk> wrote: +>> +>>> No, there could only have not more than 201 opcodes in a script. So you +>>> may have 198 OP_2DUP at most, i.e. 198 * 520 * 2 =3D 206kB +>>> +>>> For OP_CAT, just check if the returned item is within the 520 bytes +>>> limit. +>>> +>>> On 3 Jan 2017, at 11:27, Jeremy via bitcoin-dev < +>>> bitcoin-dev@lists.linuxfoundation.org> wrote: +>>> +>>> It is an unfortunate script, but can't actually +>>> =E2=80=8Bdo +>>> that much +>>> =E2=80=8B it seems=E2=80=8B +>>> . The MAX_SCRIPT_ELEMENT_SIZE =3D 520 Bytes. +>>> =E2=80=8B Thus, it would seem the worst you could do with this would be= + to (10000-520*2)*520*2 +>>> bytes ~=3D~ 10 MB. +>>> +>>> =E2=80=8BMuch more concerning would be the op_dup/op_cat style bug, whi= +ch under +>>> a similar script =E2=80=8Bwould certainly cause out of memory errors :) +>>> +>>> +>>> +>>> -- +>>> @JeremyRubin <https://twitter.com/JeremyRubin> +>>> <https://twitter.com/JeremyRubin> +>>> +>>> On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev < +>>> bitcoin-dev@lists.linuxfoundation.org> wrote: +>>> +>>>> Hi all, +>>>> +>>>> Suppose someone were to use the following pk_script: +>>>> +>>>> [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)..., +>>>> op_2dup, op_hash160, <addr_hash>, op_equalverify, op_checksig] +>>>> +>>>> This still seems to be valid AFAICS, and may be a potential attack +>>>> vector? +>>>> +>>>> Thanks. +>>>> +>>>> +>>>> _______________________________________________ +>>>> bitcoin-dev mailing list +>>>> bitcoin-dev@lists.linuxfoundation.org +>>>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +>>>> +>>>> +>>> _______________________________________________ +>>> bitcoin-dev mailing list +>>> bitcoin-dev@lists.linuxfoundation.org +>>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +>>> +>>> +>>> +>> +>> _______________________________________________ +>> bitcoin-dev mailing list +>> bitcoin-dev@lists.linuxfoundation.org +>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +>> +>> +> +> _______________________________________________ +> bitcoin-dev mailing list +> bitcoin-dev@lists.linuxfoundation.org +> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +> +> + +--94eb2c1b2d7e8c6e61054545d70e +Content-Type: text/html; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"auto">I would assume that the controversial part of op_cat come= +s from the fact that it enables covenants. Are there more concerns than tha= +t?</div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On 4 Jan = +2017 04:14, "Russell O'Connor via bitcoin-dev" <<a href=3D= +"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.linuxfound= +ation.org</a>> wrote:<br type=3D"attribution"><blockquote class=3D"gmail= +_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:= +1ex"><div dir=3D"ltr"><div>For the record, the OP_CAT limit of 520 bytes wa= +s <a href=3D"https://github.com/bitcoin/bitcoin/commit/4bd188c4383d6e614e18= +f79dc337fbabe8464c82#diff-8458adcedc17d046942185cb709ff5c3R425" target=3D"_= +blank">added by Satoshi</a> on the famous August 15, 2010 "misc" = +commit, at the same time that OP_CAT was disabled.<br></div>The previous li= +mit was 5000 bytes.<br><div><div class=3D"gmail_extra"><br><div class=3D"gm= +ail_quote">On Tue, Jan 3, 2017 at 7:13 PM, Jeremy via bitcoin-dev <span dir= +=3D"ltr"><<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" targe= +t=3D"_blank">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>></span> wrot= +e:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-l= +eft:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div style=3D"font-fa= +mily:arial,helvetica,sans-serif;font-size:small;color:#000000">Sure, was ju= +st upper bounding it anyways. Even less of a problem!</div><div style=3D"fo= +nt-family:arial,helvetica,sans-serif;font-size:small;color:#000000"><br></d= +iv><div style=3D"font-family:arial,helvetica,sans-serif;font-size:small;col= +or:#000000"><br></div><div style=3D"font-family:arial,helvetica,sans-serif;= +font-size:small;color:#000000">RE: OP_CAT, not as OP_CAT was specified, whi= +ch is why it was disabled. As far as I know, the elements alpha proposal to= + reenable a limited op_cat to 520 bytes is somewhat controversial...</div><= +div style=3D"font-family:arial,helvetica,sans-serif;font-size:small;color:#= +000000"><br></div><div style=3D"font-family:arial,helvetica,sans-serif;font= +-size:small;color:#000000"><br></div><div class=3D"gmail_extra"><br clear= +=3D"all"><div><div class=3D"m_7822325097514973326m_6723432281491834920m_-62= +03106839964574959gmail_signature" data-smartmail=3D"gmail_signature"><div d= +ir=3D"ltr">--<br><a href=3D"https://twitter.com/JeremyRubin" target=3D"_bla= +nk">@JeremyRubin</a><a href=3D"https://twitter.com/JeremyRubin" target=3D"_= +blank"></a></div></div></div><div><div class=3D"m_7822325097514973326h5"> +<br><div class=3D"gmail_quote">On Mon, Jan 2, 2017 at 10:39 PM, Johnson Lau= + <span dir=3D"ltr"><<a href=3D"mailto:jl2012@xbt.hk" target=3D"_blank">j= +l2012@xbt.hk</a>></span> wrote:<br><blockquote class=3D"gmail_quote" sty= +le=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div s= +tyle=3D"word-wrap:break-word"><div>No, there could only have not more than = +201 opcodes in a script. So you may have 198 OP_2DUP at most, i.e. 198 * 52= +0 * 2 =3D 206kB</div><div><br></div><div>For OP_CAT, just check if the retu= +rned item is within the 520 bytes limit.</div><div><div class=3D"m_78223250= +97514973326m_6723432281491834920m_-6203106839964574959h5"><br><div><blockqu= +ote type=3D"cite"><div>On 3 Jan 2017, at 11:27, Jeremy via bitcoin-dev <= +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">= +bitcoin-dev@lists.linuxfounda<wbr>tion.org</a>> wrote:</div><br class=3D= +"m_7822325097514973326m_6723432281491834920m_-6203106839964574959m_65987160= +0986875938Apple-interchange-newline"><div><div dir=3D"ltr"><div style=3D"fo= +nt-family:arial,helvetica,sans-serif;font-size:small"><span style=3D"font-f= +amily:arial,sans-serif;color:rgb(34,34,34);font-size:12.800000190734863px">= +It is an unfortunate script, but can't actually=C2=A0</span><div style= +=3D"display:inline">=E2=80=8Bdo</div><span style=3D"font-family:arial,sans-= +serif;color:rgb(34,34,34);font-size:12.800000190734863px">=C2=A0that much</= +span><div style=3D"display:inline">=E2=80=8B it seems=E2=80=8B</div><span s= +tyle=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.80000= +0190734863px">. The MAX_SCRIPT_ELEMENT_SIZE =3D 520 Bytes.</span><div style= +=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.800000190= +734863px;display:inline"><font face=3D"arial, helvetica, sans-serif">=E2=80= +=8B Thus, it would seem the worst you could do with this would be to=C2=A0<= +/font>(10000-520*2)*520*2 bytes =C2=A0~=3D~ 10 MB.</div></div><div style=3D= +"font-size:12.800000190734863px"><br></div><div style=3D"font-size:12.80000= +0190734863px"><div style=3D"font-family:arial,helvetica,sans-serif;font-siz= +e:small">=E2=80=8BMuch more concerning would be the op_dup/op_cat style bug= +, which under a similar script =E2=80=8Bwould certainly cause out of memory= + errors :)</div><div><br></div></div></div><div class=3D"gmail_extra"><br c= +lear=3D"all"><div><br clear=3D"all"><div><div class=3D"m_782232509751497332= +6m_6723432281491834920m_-6203106839964574959m_659871600986875938gmail_signa= +ture" data-smartmail=3D"gmail_signature"><div dir=3D"ltr">--<br><a href=3D"= +https://twitter.com/JeremyRubin" target=3D"_blank">@JeremyRubin</a><a href= +=3D"https://twitter.com/JeremyRubin" target=3D"_blank"></a></div></div></di= +v> +</div> +<br><div class=3D"gmail_quote">On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis = +via bitcoin-dev <span dir=3D"ltr"><<a href=3D"mailto:bitcoin-dev@lists.l= +inuxfoundation.org" target=3D"_blank">bitcoin-dev@lists.linuxfounda<wbr>tio= +n.org</a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"m= +argin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style=3D= +"word-wrap:break-word"><div><div style=3D"color:rgb(34,34,34);font-family:a= +rial,sans-serif;font-size:12.800000190734863px">Hi all,</div><div style=3D"= +color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8000001907348= +63px"><br></div><div style=3D"color:rgb(34,34,34);font-family:arial,sans-se= +rif;font-size:12.800000190734863px">Suppose someone were to use the followi= +ng pk_script:</div><div style=3D"color:rgb(34,34,34);font-family:arial,sans= +-serif;font-size:12.800000190734863px"><br></div><div class=3D"m_7822325097= +514973326m_6723432281491834920m_-6203106839964574959m_659871600986875938m_-= +8615729711671762748m_8591747901013163489gmail_signature" style=3D"color:rgb= +(34,34,34);font-family:arial,sans-serif;font-size:12.800000190734863px"><di= +v dir=3D"ltr">[op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)..= +., op_2dup,=C2=A0op_hash160, <addr_hash>, op_equalverify, op_checksig= +]</div><div dir=3D"ltr"><br></div><div>This still seems to be valid AFAICS,= + and may be a potential attack vector?</div><div><br></div><div>Thanks.</di= +v></div></div><div><br></div></div><br>______________________________<wbr>_= +________________<br> +bitcoin-dev mailing list<br> +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">= +bitcoin-dev@lists.linuxfoundat<wbr>ion.org</a><br> +<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" = +rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org= +/mailman/listinfo/bitcoin-d<wbr>ev</a><br> +<br></blockquote></div><br></div> +______________________________<wbr>_________________<br>bitcoin-dev mailing= + list<br><a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D= +"_blank">bitcoin-dev@lists.linuxfoundat<wbr>ion.org</a><br><a href=3D"https= +://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" target=3D"_blank= +">https://lists.linuxfoundation.<wbr>org/mailman/listinfo/bitcoin-d<wbr>ev<= +/a><br></div></blockquote></div><br></div></div></div></blockquote></div><b= +r></div></div></div></div> +<br>______________________________<wbr>_________________<br> +bitcoin-dev mailing list<br> +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">= +bitcoin-dev@lists.linuxfoundat<wbr>ion.org</a><br> +<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" = +rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org= +/mailman/listinfo/bitcoin-d<wbr>ev</a><br> +<br></blockquote></div><br></div></div></div> +<br>______________________________<wbr>_________________<br> +bitcoin-dev mailing list<br> +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.= +<wbr>linuxfoundation.org</a><br> +<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" = +rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org= +/mailman/listinfo/bitcoin-<wbr>dev</a><br> +<br></blockquote></div></div> + +--94eb2c1b2d7e8c6e61054545d70e-- + |