1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
Return-Path: <lf-lists@mattcorallo.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id ADAFED10C
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Mar 2019 20:14:06 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail.bluematt.me (mail.bluematt.me [192.241.179.72])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8160412E
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Mar 2019 20:14:05 +0000 (UTC)
Received: from [26.130.103.24] (unknown [208.54.35.203])
by mail.bluematt.me (Postfix) with ESMTPSA id E571612035A;
Fri, 8 Mar 2019 20:14:03 +0000 (UTC)
Content-Type: text/plain;
charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Matt Corallo <lf-lists@mattcorallo.com>
X-Mailer: iPhone Mail (16D57)
In-Reply-To: <D2014BB7-1EFC-4604-ACF6-3C5AC74B6FC0@sprovoost.nl>
Date: Fri, 8 Mar 2019 15:14:02 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <D631175F-0704-4820-BE3C-110E63F9E3FF@mattcorallo.com>
References: <bf96c2fb-2e2e-a47f-e59f-87e56d83eca3@mattcorallo.com>
<CAMZUoK=1kgZLR1YZ+cJgzwmEOwrABYFs=2Ri=xGX=BCr+w=VQw@mail.gmail.com>
<6bb308f5-f478-d5ec-064f-e4972709f29c@mattcorallo.com>
<D2014BB7-1EFC-4604-ACF6-3C5AC74B6FC0@sprovoost.nl>
To: Sjors Provoost <sjors@sprovoost.nl>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,MIME_QP_LONG_LINE
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Sat, 09 Mar 2019 18:27:55 +0000
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] OP_CODESEPARATOR Re: BIP Proposal: The Great
Consensus Cleanup
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 20:14:06 -0000
Aside from the complexity issues here, note that for a user to be adversely a=
ffect, they probably have to have pre-signed lock-timed transactions. Otherw=
ise, in the crazy case that such a user exists, they should have no problem c=
laiming the funds before activation of a soft-fork (and just switching to th=
e swgwit equivalent, or some other equivalent scheme). Thus, adding addition=
al restrictions like tx size limits will equally break txn.
> On Mar 8, 2019, at 14:12, Sjors Provoost <sjors@sprovoost.nl> wrote:
>=20
>=20
>> (1) It has been well documented again and again that there is desire to r=
emove OP_CODESEPARATOR, (2) it is well-documented OP_CODESEPARATOR in non-se=
gwit scripts represents a rather significant vulnerability in Bitcoin today,=
and (3) lots of effort has gone into attempting to find practical use-cases=
for OP_CODESEPARATOR's specific construction, with no successes as of yet. I=
strongly, strongly disagree that the highly-unlikely remote possibility tha=
t someone created something before which could be rendered unspendable is su=
fficient reason to not fix a vulnerability in Bitcoin today.
>>=20
>>> I suggest an alternative whereby the execution of OP_CODESEPARATOR incre=
ases the transactions weight suitably as to temper the vulnerability caused b=
y it. Alternatively there could be some sort of limit (maybe 1) on the maxi=
mum number of OP_CODESEPARATORs allowed to be executed per script, but that w=
ould require an argument as to why exceeding that limit isn't reasonable.
>>=20
>> You could equally argue, however, that any such limit could render some m=
oderately-large transaction unspendable, so I'm somewhat skeptical of this a=
rgument. Note that OP_CODESEPARATOR is non-standard, so getting them mined i=
s rather difficult in any case.
>=20
> Although I'm not a fan of extra complicity, just to explore these two idea=
s a bit further.
>=20
> What if such a transaction:
>=20
> 1. must have one input; and
> 2. must be smaller than 400 vbytes; and
> 3. must spend from a UTXO older than fork activation
>=20
> Adding such a contextual check seems rather painful, perhaps comparable to=
nLockTime. Anything more specific than the above, e.g. counting the number o=
f OP_CODESEPARATOR calls, seems like guess work.
>=20
> Transaction weight currently doesn't consider OP codes, it only considers i=
f bytes are part of the witness. Changing that to something more akin to Eth=
ereums gas pricing sounds too complicated to even consider.
>=20
>=20
> I would also like to believe that whoever went through the trouble of usin=
g OP_CODESEPARATOR reads this list.
>=20
> Sjors
>=20
|
