Return-Path: <roconnor@blockstream.io>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 95AEF94B
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue,  3 Jan 2017 05:05:12 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-qk0-f172.google.com (mail-qk0-f172.google.com
	[209.85.220.172])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0C40BEB
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue,  3 Jan 2017 05:05:11 +0000 (UTC)
Received: by mail-qk0-f172.google.com with SMTP id h201so226204479qke.1
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Mon, 02 Jan 2017 21:05:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=blockstream-io.20150623.gappssmtp.com; s=20150623;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to; 
	bh=Sov0pqp0QXLFjC/dR6yz/OLSuqGnmSadUzVARHLTuQ0=;
	b=AjcZY2teCleyhkiP7WH2YEhlj8xRb3gDp9pJhZMzZ0dLfo/RaEegg79G385L9+xzhe
	6eWL31XLtOhYhR9Jtx5kxWbO8pJgYDWmh2sIGhd/FwhraRMK7ZLWsm9XOYNPUa+cwwDo
	8ZfrAf7XxH+XZs2WaPj/5Iey2GrcBHov/CuOUrZbBYexUxAOItqsAqM+gsGdWhBcT7Eq
	LJD9i5NrEhL6EbxVyXcH3R12+m3O2ePN5to+PJoLIdBScAxcIIs26E/6nv3V7dYTh8BR
	ltCb7S8q89RCk1KqrlE0uGKiYzjcq6MpO88wX/YD+TuxW6G7/CQQKi1F5YtI+bIFwxxg
	TDCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to;
	bh=Sov0pqp0QXLFjC/dR6yz/OLSuqGnmSadUzVARHLTuQ0=;
	b=ph7fQi8tn5fWSvy9EFzOudzh182+yGsdrQ/DUVdsDEfMuy7cK+CyoNaLaHGATPtxCl
	Z8rRWLGftqPLDeEHgNm4Xt/6brK9HAq2W5LToxopw5LAl7Ny4+Na0BK7cMMJ/eX55MMD
	S4+KVJ6JNe65C3dzQG3Yb67A0NzdUzBHEU73BtjAT99PRX4r963F/sQgvmM3TWkiQigZ
	DsEkKrqH+BiHkBIB93BirxPyW84cpeNTBqNGma/lT6fdmSx7/g2mBd+stb0UlpQmteiu
	zshYK1ltcuXMS1Bl/QWXj8VYYYpgBalLpzFyLs/56VMN+BgbeDzk4ZhThToj7jEFJ1pC
	GTtQ==
X-Gm-Message-State: AIkVDXItb9b79JcPAZqNFDkpeSaPNJQX7NCvrgdVpdOgiRE6EhHb2ek5uMiEkFJPQtfFav1km9b2q4HuP3WuHQ88
X-Received: by 10.55.162.86 with SMTP id l83mr58914292qke.17.1483419911097;
	Mon, 02 Jan 2017 21:05:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.130.133 with HTTP; Mon, 2 Jan 2017 21:04:50 -0800 (PST)
In-Reply-To: <6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk>
References: <mailman.11263.1483391161.31141.bitcoin-dev@lists.linuxfoundation.org>
	<400152B9-1838-432A-829E-13E4FC54320C@gmail.com>
	<CAD5xwhjHFzFzKws10TG-XioZoRVZ_oZbMF_xDOy5xNWtzFTsEw@mail.gmail.com>
	<6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk>
From: "Russell O'Connor" <roconnor@blockstream.io>
Date: Tue, 3 Jan 2017 00:04:50 -0500
Message-ID: <CAMZUoKmOSj9+q-QHL==7ATRpP8b-jyjJpdEZbzXk2eFXcY6S4w@mail.gmail.com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary=001a114fe106daa4c90545299cf2
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_LOW,
	RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Script Abuse Potential?
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jan 2017 05:05:12 -0000

--001a114fe106daa4c90545299cf2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

OP_2DUP?  Why not OP_3DUP?

On Mon, Jan 2, 2017 at 10:39 PM, Johnson Lau via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> No, there could only have not more than 201 opcodes in a script. So you
> may have 198 OP_2DUP at most, i.e. 198 * 520 * 2 =3D 206kB
>
> For OP_CAT, just check if the returned item is within the 520 bytes limit=
.
>
> On 3 Jan 2017, at 11:27, Jeremy via bitcoin-dev <bitcoin-dev@lists.
> linuxfoundation.org> wrote:
>
> It is an unfortunate script, but can't actually
> =E2=80=8Bdo
>  that much
> =E2=80=8B it seems=E2=80=8B
> . The MAX_SCRIPT_ELEMENT_SIZE =3D 520 Bytes.
> =E2=80=8B Thus, it would seem the worst you could do with this would be t=
o (10000-520*2)*520*2
> bytes  ~=3D~ 10 MB.
>
> =E2=80=8BMuch more concerning would be the op_dup/op_cat style bug, which=
 under a
> similar script =E2=80=8Bwould certainly cause out of memory errors :)
>
>
>
> --
> @JeremyRubin <https://twitter.com/JeremyRubin>
> <https://twitter.com/JeremyRubin>
>
> On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev <
> bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> Hi all,
>>
>> Suppose someone were to use the following pk_script:
>>
>> [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)...,
>> op_2dup, op_hash160, <addr_hash>, op_equalverify, op_checksig]
>>
>> This still seems to be valid AFAICS, and may be a potential attack vecto=
r?
>>
>> Thanks.
>>
>>
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>
>>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>

--001a114fe106daa4c90545299cf2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">OP_2DUP?=C2=A0 Why not OP_3DUP?<br></div><div class=3D"gma=
il_extra"><br><div class=3D"gmail_quote">On Mon, Jan 2, 2017 at 10:39 PM, J=
ohnson Lau via bitcoin-dev <span dir=3D"ltr">&lt;<a href=3D"mailto:bitcoin-=
dev@lists.linuxfoundation.org" target=3D"_blank">bitcoin-dev@lists.linuxfou=
ndation.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" styl=
e=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div st=
yle=3D"word-wrap:break-word"><div>No, there could only have not more than 2=
01 opcodes in a script. So you may have 198 OP_2DUP at most, i.e. 198 * 520=
 * 2 =3D 206kB</div><div><br></div><div>For OP_CAT, just check if the retur=
ned item is within the 520 bytes limit.</div><div><div class=3D"h5"><br><di=
v><blockquote type=3D"cite"><div>On 3 Jan 2017, at 11:27, Jeremy via bitcoi=
n-dev &lt;<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=
=3D"_blank">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>&gt; wrote:</div>=
<br class=3D"m_4247512162626257208Apple-interchange-newline"><div><div dir=
=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,helvetica,=
sans-serif;font-size:small"><span style=3D"font-family:arial,sans-serif;col=
or:rgb(34,34,34);font-size:12.800000190734863px">It is an unfortunate scrip=
t, but can&#39;t actually=C2=A0</span><div class=3D"gmail_default" style=3D=
"display:inline">=E2=80=8Bdo</div><span style=3D"font-family:arial,sans-ser=
if;color:rgb(34,34,34);font-size:12.800000190734863px">=C2=A0that much</spa=
n><div class=3D"gmail_default" style=3D"display:inline">=E2=80=8B it seems=
=E2=80=8B</div><span style=3D"font-family:arial,sans-serif;color:rgb(34,34,=
34);font-size:12.800000190734863px">. The MAX_SCRIPT_ELEMENT_SIZE =3D 520 B=
ytes.</span><div class=3D"gmail_default" style=3D"font-family:arial,sans-se=
rif;color:rgb(34,34,34);font-size:12.800000190734863px;display:inline"><fon=
t face=3D"arial, helvetica, sans-serif">=E2=80=8B Thus, it would seem the w=
orst you could do with this would be to=C2=A0</font>(10000-520*2)*520*2 byt=
es =C2=A0~=3D~ 10 MB.</div></div><div style=3D"font-size:12.800000190734863=
px"><br></div><div style=3D"font-size:12.800000190734863px"><div class=3D"g=
mail_default" style=3D"font-family:arial,helvetica,sans-serif;font-size:sma=
ll">=E2=80=8BMuch more concerning would be the op_dup/op_cat style bug, whi=
ch under a similar script =E2=80=8Bwould certainly cause out of memory erro=
rs :)</div><div><br></div></div></div><div class=3D"gmail_extra"><br clear=
=3D"all"><div><br clear=3D"all"><div><div class=3D"m_4247512162626257208gma=
il_signature" data-smartmail=3D"gmail_signature"><div dir=3D"ltr">--<br><a =
href=3D"https://twitter.com/JeremyRubin" target=3D"_blank">@JeremyRubin</a>=
<a href=3D"https://twitter.com/JeremyRubin" target=3D"_blank"></a></div></d=
iv></div>
</div>
<br><div class=3D"gmail_quote">On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis =
via bitcoin-dev <span dir=3D"ltr">&lt;<a href=3D"mailto:bitcoin-dev@lists.l=
inuxfoundation.org" target=3D"_blank">bitcoin-dev@lists.<wbr>linuxfoundatio=
n.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"m=
argin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style=3D=
"word-wrap:break-word"><div><div style=3D"color:rgb(34,34,34);font-family:a=
rial,sans-serif;font-size:12.800000190734863px">Hi all,</div><div style=3D"=
color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8000001907348=
63px"><br></div><div style=3D"color:rgb(34,34,34);font-family:arial,sans-se=
rif;font-size:12.800000190734863px">Suppose someone were to use the followi=
ng pk_script:</div><div style=3D"color:rgb(34,34,34);font-family:arial,sans=
-serif;font-size:12.800000190734863px"><br></div><div class=3D"m_4247512162=
626257208m_-8615729711671762748m_8591747901013163489gmail_signature" style=
=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800000190=
734863px"><div dir=3D"ltr">[op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ..=
.(to limit)..., op_2dup,=C2=A0op_hash160, &lt;addr_hash&gt;, op_equalverify=
, op_checksig]</div><div dir=3D"ltr"><br></div><div>This still seems to be =
valid AFAICS, and may be a potential attack vector?</div><div><br></div><di=
v>Thanks.</div></div></div><div><br></div></div><br>_______________________=
_______<wbr>_________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundat<wbr>ion.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org=
/mailman/listinfo/bitcoin-d<wbr>ev</a><br>
<br></blockquote></div><br></div>
______________________________<wbr>_________________<br>bitcoin-dev mailing=
 list<br><a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D=
"_blank">bitcoin-dev@lists.<wbr>linuxfoundation.org</a><br><a href=3D"https=
://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" target=3D"_blank=
">https://lists.linuxfoundation.<wbr>org/mailman/listinfo/bitcoin-<wbr>dev<=
/a><br></div></blockquote></div><br></div></div></div><br>_________________=
_____________<wbr>_________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.=
<wbr>linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org=
/mailman/listinfo/bitcoin-<wbr>dev</a><br>
<br></blockquote></div><br></div>

--001a114fe106daa4c90545299cf2--