Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YEiEe-0007qM-9a for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 17:41:32 +0000 X-ACL-Warn: Received: from mail-ig0-f173.google.com ([209.85.213.173]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YEiEb-0004Fr-ER for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 17:41:30 +0000 Received: by mail-ig0-f173.google.com with SMTP id a13so3136425igq.0 for ; Fri, 23 Jan 2015 09:41:25 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=rTI+uxT1F4CNS+iVAc7xiz5nxsPuqZgLGwBwcKvkQHU=; b=fuq7OGQIZ1iQOe1Mfxg28YDsnpd2R8QOCCTwacnmPqjrSNqXxwHoHnUOVybUSs/WzN bQ8kv94MXo2TO/uLv5YHFyQuJmxo3hCIiUyM2THAgqZ0g39wvcrwW0kAETbcoqa8Ta9C yLO64UuyFuql6U8g2iQWOjWSA7J3/jWnCtdzF0Rzzlf8MWKgR5c9BJRCnKAF5SaNPQ9c qgteSHHpWW8EwZIXqr3WxGMzt7h73t2b/CHnJs+pthVs78tPXXxOIjqEiwb/xyHDWX9c WrTOO2sf6fbcPV6E01Lwf8tlc7Y1s9dcPaVzQ8S/D4kVA6jWA/u/zamclCKb1AfUEmfc Dv7A== X-Gm-Message-State: ALoCoQl5wCMdAIFTzWjJp+p7WqL5slSc8XhfIF1XPuBpJ7kd4zi4r0ytIEl3krXksGFBkKvaXo0J X-Received: by 10.50.83.10 with SMTP id m10mr3147386igy.23.1422034884929; Fri, 23 Jan 2015 09:41:24 -0800 (PST) MIME-Version: 1.0 Sender: marek@palatinus.cz Received: by 10.64.31.138 with HTTP; Fri, 23 Jan 2015 09:40:54 -0800 (PST) In-Reply-To: References: <54C267A1.8090208@gmail.com> From: slush Date: Fri, 23 Jan 2015 18:40:54 +0100 X-Google-Sender-Auth: 3fa-xArn-8B-a5X6IbhZKf-3taI Message-ID: To: Gregory Maxwell Content-Type: multipart/alternative; boundary=089e0122acca2ce45a050d554c6b X-Spam-Score: 1.4 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (slush[at]centrum.cz) 1.0 HTML_MESSAGE BODY: HTML included in message 0.4 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1YEiEb-0004Fr-ER Cc: Bitcoin Development Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2015 17:41:32 -0000 --089e0122acca2ce45a050d554c6b Content-Type: text/plain; charset=ISO-8859-1 Yes, the step you're missing is "and build the table". Dynamic memory allocation is something you want to avoid, as well as any artifical restrictions to number of inputs or outputs. Current solution is slow, but there's really no limitation on tx size. Plus there're significant restrictions to memory in embedded world. Actually TREZOR uses pretty powerful (and expensive) MCU just because it needs to do such validations and calculate such hashes. With SIGHASH_WITHINPUTVALUE or similar we may cut hardware cost significantly. Marek On Fri, Jan 23, 2015 at 5:52 PM, Gregory Maxwell wrote: > I'm not sure where the ^2 is coming from. So what I'd understand that > you'd do is stream in the input txid:vouts which you spend, then you'd > stream the actual inputs which would just be hashed and value > extracted (but no other verification), and you'd build a table of > txid:vout->value, then the actual transaction to be signed. > > This should have O(inputs) hashing and communications overhead. Is > there a step I'm missing? > --089e0122acca2ce45a050d554c6b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Yes, the step you're missing is "and build the ta= ble". Dynamic memory allocation is something you want to avoid, as wel= l as any artifical restrictions to number of inputs or outputs. Current sol= ution is slow, but there's really no limitation on tx size.

Plus there're significant restrictions to memory in embedded wo= rld. Actually TREZOR uses pretty powerful (and expensive) MCU just because = it needs to do such validations and calculate such hashes. With SIGHASH_WIT= HINPUTVALUE or similar we may cut hardware cost significantly.

Marek

On Fri, Jan 23, 2015 at 5:52 PM, Gregory Maxwell <gmaxwe= ll@gmail.com> wrote:
I'= m not sure where the ^2 is coming from.=A0 So what I'd understand that<= br> you'd do is stream in the input txid:vouts which you spend, then you= 9;d
stream the actual inputs which would just be hashed and value
extracted (but no other verification), and you'd build a table of
txid:vout->value, then the actual transaction to be signed.

This should have O(inputs) hashing and communications overhead. Is
there a step I'm missing?

--089e0122acca2ce45a050d554c6b--