summaryrefslogtreecommitdiff
path: root/0f/8fb2c3784431d68c9e8baf0c780e0ee5908bd4
blob: 7504ee2a41e0fc4c59f99449e42a95fea65e71c4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
Return-Path: <roconnor@blockstream.io>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id AC75EA48
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 28 Apr 2017 20:53:27 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-ua0-f173.google.com (mail-ua0-f173.google.com
	[209.85.217.173])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 1A4B2189
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 28 Apr 2017 20:53:26 +0000 (UTC)
Received: by mail-ua0-f173.google.com with SMTP id q26so7344171uaa.1
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 28 Apr 2017 13:53:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=blockstream-io.20150623.gappssmtp.com; s=20150623;
	h=mime-version:from:date:message-id:subject:to;
	bh=vwKtycVukoqc1NKeXYugXwnXvlVDOpK/ROMb/76f9Pw=;
	b=OoeHZArkXMjhS5w5lDPglHsu+TJ6K7k0m4Pu77ovieNTk9VyIOB/dxwYTq0hUng2F/
	8AsS+8Svx5sN91kt4WUBufY1wgja4BMH/XxeMFAqc4mV9aY+Gf/mJ3lyQ7iHtwvna376
	INhy5yE/k8DshFofWjfyMicppjN+yGzADYxoFIpSlGVG/Lyam25DRpWypQUziFrUxx99
	IMWJku6B6FuNoVGFceT/xmiwuYHok6kdwsOroaQivapN67MEWV0Ym2A1rhjmf5dT/rB9
	zgMzHBSXG9ZecXa91FWEjZDxNPH8iaRZkEWzunGx8n3WXeQHSyImMfajUWfmAn+G73aE
	T0RA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
	bh=vwKtycVukoqc1NKeXYugXwnXvlVDOpK/ROMb/76f9Pw=;
	b=EwgQ8adZitGKWF2kedwe/RzPtMGJH5M8aViRdiqDMTWiNleOsBG40TrJJt54UmW1HF
	4fGCEwIE3R8GBOJ1r4ByjpEBJ0pJeuXls7oDZMOMuPh69PgAxeOzlsnl3X7P7Itz3LXr
	BdbFzPFo1rdkr8ud66q3gc1sdcqQLyyC+WMoaq8CAi8h55iXrS7ofZ1LCSbPAf8CbBiF
	7cy5vJFo+WsppI0r6mZtFGogvSnDqW3z2LtgV60QeP9kSJXKHlcI7k+KMhPOralPneON
	B+1iMylYbW1UZPFi6u8qUtdnbQFyLeyWw0EF/Zp8XatjKFUC1shHyMg0xd0kMfYV6bGZ
	7z+w==
X-Gm-Message-State: AN3rC/5DjKyUl+ebSUSSl8lIEj3Ygmx/mwEeD7TVeWk+YraxzWcNXrub
	sBnh1kgpWO0jpbCXlSvb49TSKo7FwxoZHgg=
X-Received: by 10.159.60.38 with SMTP id u38mr7272124uah.152.1493412805924;
	Fri, 28 Apr 2017 13:53:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.81.48 with HTTP; Fri, 28 Apr 2017 13:53:05 -0700 (PDT)
From: "Russell O'Connor" <roconnor@blockstream.io>
Date: Fri, 28 Apr 2017 16:53:05 -0400
Message-ID: <CAMZUoK=FtNjvfO3uBHFy-fO_hqum+UtpJVQ7o5aq=6hYrpn_0A@mail.gmail.com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary=f403043ed1bccd0c53054e404332
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [bitcoin-dev] Quadratic Hashing in BIP 134
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Apr 2017 20:53:27 -0000

--f403043ed1bccd0c53054e404332
Content-Type: text/plain; charset=UTF-8

I noticed that the the latest BIP 134
<https://github.com/bitcoin/bips/blob/959fecc15bdad070afa63455468b1dba54655fa6/bip-0134.mediawiki>
now supports SIGHASH_SINGLE and friends.  However, this support seems to
reintroduce some quadratic hashing behavior because it calls
<https://github.com/zander/bitcoinclassic/blob/9c688c6d3866890f16a36aaea453e8bdd43c1266/src/script/interpreter.cpp#L1186>SerializePartialTransactionv4
per non-SIGHASH_ALL input
<https://github.com/bitcoinclassic/bitcoinclassic/blob/9c688c6d3866890f16a36aaea453e8bdd43c1266/src/script/interpreter.cpp#L1186>.
In particular, if each input in a transaction has one SIGHASH_SINGLE
CHECKSIG operation then the total amount of hashing done for the
transaction will be quadratic in the number of inputs.  While amount of
hashing is not as severe as with the SIGHASH_ALL case, the amount of
hashing done is still non-linear.

--f403043ed1bccd0c53054e404332
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div><div>I noticed that the <a href=3D"https://github.com=
/bitcoin/bips/blob/959fecc15bdad070afa63455468b1dba54655fa6/bip-0134.mediaw=
iki" target=3D"_blank">the latest BIP 134</a> now supports SIGHASH_SINGLE a=
nd friends.=C2=A0 However, this support seems to reintroduce some quadratic=
 hashing behavior because it <a href=3D"https://github.com/zander/bitcoincl=
assic/blob/9c688c6d3866890f16a36aaea453e8bdd43c1266/src/script/interpreter.=
cpp#L1186" target=3D"_blank">calls </a><span class=3D"m_4115989833037037540=
gmail-m_-6187962426531096253m_-301435513863200495gmail-pl-c1"><a href=3D"ht=
tps://github.com/bitcoinclassic/bitcoinclassic/blob/9c688c6d3866890f16a36aa=
ea453e8bdd43c1266/src/script/interpreter.cpp#L1186" target=3D"_blank">Seria=
lizePartialTransactionv4 per non-SIGHASH_ALL input</a></span>.=C2=A0
 In particular, if each input in a transaction has one SIGHASH_SINGLE CHECK=
SIG operation then=20
the total amount of hashing done for the transaction will be quadratic=20
in the number of inputs.=C2=A0 While amount of hashing is not as severe=20
as with the SIGHASH_ALL case, the amount of hashing done is still=20
non-linear.</div></div></div>

--f403043ed1bccd0c53054e404332--