Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 38C2FC002D for ; Tue, 11 Oct 2022 13:07:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 082FE8131A for ; Tue, 11 Oct 2022 13:07:00 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 082FE8131A Authentication-Results: smtp1.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=CtJLXvLK X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.848 X-Spam-Level: X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2St2_yFwI0SC for ; Tue, 11 Oct 2022 13:06:57 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org D28B1812FF Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by smtp1.osuosl.org (Postfix) with ESMTPS id D28B1812FF for ; Tue, 11 Oct 2022 13:06:56 +0000 (UTC) Received: by mail-ej1-x62f.google.com with SMTP id ot12so31289734ejb.1 for ; Tue, 11 Oct 2022 06:06:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=Aqc7io0FTKuL+2uNzlWL+tXVYTiWcrAXQzsl0cPkVCw=; b=CtJLXvLKi/sg8LP3pEO7Ih2dAqIp2aurt3msNvHdoHrgqw9p8XFu4oOWvuOLCsEewC mg/SoLN6od2SJ1ovMZ4WJgSTNE5BT5YoPMHxE6r6ZvKIz4Soasp60tg2Pi6AMwNBxbr1 ph8hVheJ0Bf88srUyAbBNCsLMXGeUhONEMePZa7dSbyGlZKgxUujoRRbpW/IGk7ViIdQ MRkwCMNYKqIXdt0Wa/r/tYZKqhv5F5rFU2QJoce97vScw+8SdB6TR1HJo0ZzAcmC9Wic 9Clwa6oJtGmOm+2cw5kH3xOaV5NfLxtdknTfCFVvRCnDWtXa00khqyxnnIOElRkzqBMp 4iFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Aqc7io0FTKuL+2uNzlWL+tXVYTiWcrAXQzsl0cPkVCw=; b=rf52HuGl1IVDL6sCIWHhVqm7RerPXAUBZ0bePokxJCN6l4T6Ae8figtf1zL34scNtu QcCkl1sIu4oBbB29XzivkXNou/OpGLHPQJObs+QGHQBVBMXfaD2VAfgEev8fIocW/tTZ JFMJo5/k/05iqb2fbpC2oi8cJ+AmIkfaVw4VVMZx1gLt9xNuHtgmEyGceQmpLPdy133E QjuaJiZ2E1JT55hv5zd/lsGCLIp7mVKQRWN8pCIYReV0+r8cUpzzHYJkUwiSh7BKy4o+ Vl2q3GuaW4rRHI+ojpntJHe3ylZuaiNilShqBs08jO9bNKpEy8iMyjy4f/zdAbFzEA25 M7rA== X-Gm-Message-State: ACrzQf31Q0K+r3g8kelpwWcoaRZiKr6O2Mjs6XzDcbK/AwG7dvHv9Olm Tg5XiQf9KrzzxSWKWVvyU9+3nj43lclABh/NdHj20IlV7kA= X-Google-Smtp-Source: AMsMyM4eN9xugI4/mARAZKrfldOo38WAbf7n5/yNBOFZ99qE5KjykH1yejvP0mfUWXRt1NgrB6KED4VNNr+UII90wOk= X-Received: by 2002:a17:907:3f8b:b0:783:2008:e562 with SMTP id hr11-20020a1709073f8b00b007832008e562mr19066413ejc.261.1665493614883; Tue, 11 Oct 2022 06:06:54 -0700 (PDT) MIME-Version: 1.0 References: <6by5pfnBrFYUmFpOtTRyZ0YIxJaKyaJ1tqW3s26_ZHeGZIJssZY0kLvmYqXtoXRK-mMoMbDY-dmKw_mlCUCDYlzolM25ZvkLpr6pvh8t2LY=@cybriq.systems> In-Reply-To: From: Greg Sanders Date: Tue, 11 Oct 2022 09:06:37 -0400 Message-ID: To: Loki Verloren , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="0000000000004a784605eac1f3f8" Subject: Re: [bitcoin-dev] Minor DoS vulnerability in BIP144 lack of tx witness data size limit X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2022 13:07:00 -0000 --0000000000004a784605eac1f3f8 Content-Type: text/plain; charset="UTF-8" There are a number of issues with adding arbitrary size restrictions to consensus(I personally think it's additional complexity for negative gain), but most of all this may resolve in burned coins. On Tue, Oct 11, 2022 at 6:22 AM Loki Verloren via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > > The recent 998 of 999 multisig segwit transaction highlights a problem > with BIP144. As the solution applied for btcd shows, effectively a single > transaction witness can be the same as the maximum block size. > > 11000 bytes may not be so unreasonable but now there is a special case > with a block over 33k worth of witness data. > > A concrete limit should be set on the maximum size of a transaction > witness, and this should be discussed in a more general sense about total > transaction sizes. > > In the absence of a specification, it becomes impossible to properly > implement and the status quo devolves to the actual implementation in the > bitcoin core repository code. > > I think the weight calculation should escalate exponentially to discourage > putting transactions like this on the chain. The price was equivalent to > about $5 to do this. > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --0000000000004a784605eac1f3f8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There = are a number of issues with adding arbitrary size restrictions to consensus= (I personally think it's additional complexity for negative gain), but = most of all this may resolve=C2=A0in burned coins.

<= div class=3D"gmail_quote">
On Tue, Oct= 11, 2022 at 6:22 AM Loki Verloren via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org<= /a>> wrote:
<= div style=3D"font-family:Arial;font-size:14px">
=20
The recen= t 998 of 999 multisig segwit transaction highlights a problem with BIP144. = As the solution applied for btcd shows, effectively a single transaction wi= tness can be the same as the maximum block size.

= 11000 bytes may not be so unreasonable but now there is a special cas= e with a block over 33k worth of witness data.

<= div>A concrete limit should be set on the maximum size of a transacti= on witness, and this should be discussed in a more general sense about tota= l transaction sizes.

In the absence o= f a specification, it becomes impossible to properly implement and the stat= us quo devolves to the actual implementation in the bitcoin core repository= code.

I think the weight calculation shoul= d escalate exponentially to discourage putting transactions like this on th= e chain. The price was equivalent to about $5 to do this.

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--0000000000004a784605eac1f3f8--