Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A1B83A5E for ; Sun, 10 Mar 2019 18:24:22 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com [209.85.167.178]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id CB6E82D5 for ; Sun, 10 Mar 2019 18:24:21 +0000 (UTC) Received: by mail-oi1-f178.google.com with SMTP id i8so1912950oib.10 for ; Sun, 10 Mar 2019 11:24:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=xXplJlzebi8UC96L/0TprEjjFRveGLbqEg03j63EtJc=; b=IyfnxkTVF+qZQvM8YvHk4XCZc2w22BTdtZXDzPnCcGwT/Y+sVIbsqcH7cfl7CPebSc nQYVESBklHod0Mk1jPOs2AsNVmdPVqfKAeI1hrKFXfGqf5/3OV6Ekx/Rl0B4CDFsiGCE dE24hJ9zr/qIXlZbFYlZzQmRiEmQJ37PwmWYC6ZrUtkuHQXuiFMAhQe9i0ZsQfkb3ogR S4GjeJJ2RRlOFvrCRs0MiHoRanAaMHyfx3bYbrqiI9fTxKR13gOS5DlhgLjJItpZtonE PpQ5+MlwOIiBd0yFRlDOBQKCxRzzf5oObbCuE6sqPtE8Y6Lgp0MzxPBgS5RBXkueuFEZ SzhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=xXplJlzebi8UC96L/0TprEjjFRveGLbqEg03j63EtJc=; b=fBzrjQhesWIIbw9pAMLNIvFIbR5tldeiCy9xKduWuzB+fpD5sQ1belmT9ChM4VRMuL phVhuGvpymBGuwmzNuLZFx98jrz28L407pU60y0Jh752b3wz9U5F3IT+LMEeoetBtCVt BoTZTP909htyrLQP+j/dxr9H/C7s0ixszb7ZuaSrRhVTuwSlSx5qQnGI7Q7CsovNN08x f0K52r2ZuZk0kn1FSFkXoZ2MV3hbI7ACJeYn7wkg7kgIP4xvtBv3Vb2y2stmVRMcYwhP VI3w3SLmei0E/MBdAejBhvA7xrlHZPkPhF+13v/aohKW7Z805MnhrD/Nx9BnI8L4MbAD AAxw== X-Gm-Message-State: APjAAAWIFSERkpn+J+qNLrQXRYu1XVHcasqK4Qs5WCxpAt0m6Y3Nyhfu WcKtgYtqYTd/OjfxPOaOtzbb7rooqC5mufMgX58= X-Google-Smtp-Source: APXvYqzk4oXrk+arF/+BV0iRAvtsGFYv+aZ0n9kQhZT48s+OKsM4kUidCTEzDa6L4KzuQ7CfQb4ca0iEDkOLzRg8vMg= X-Received: by 2002:aca:4b51:: with SMTP id y78mr14809933oia.88.1552242260924; Sun, 10 Mar 2019 11:24:20 -0700 (PDT) MIME-Version: 1.0 References: <6bb308f5-f478-d5ec-064f-e4972709f29c@mattcorallo.com> In-Reply-To: From: Moral Agent Date: Sun, 10 Mar 2019 14:24:10 -0400 Message-ID: To: LORD HIS EXCELLENCY JAMES HRMH , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000915ba00583c190cd" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,LOTS_OF_MONEY, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Mon, 11 Mar 2019 16:43:23 +0000 Subject: Re: [bitcoin-dev] OP_CODESEPARATOR Re: BIP Proposal: The Great Consensus Cleanup X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Mar 2019 18:24:22 -0000 --000000000000915ba00583c190cd Content-Type: text/plain; charset="UTF-8" >Lock in a blockheight to get rid of it 10 years in the future. And then make UTXOs containing OP_CODESEAPRATOR (etc.) and mined prior to the soft fork activation standard, with weight penalties as appropriate, so there would be no difficulty spending them before the cutoff? On Sun, Mar 10, 2019 at 10:55 AM LORD HIS EXCELLENCY JAMES HRMH via bitcoin-dev wrote: > > Opinion: Lock in a blockheight to get rid of it 10 years in the future. > Use it as press that Bitcoin is going to lose $1,000,000 if some mystery > person does not put their transaction through by then, try for global > presses. Use the opportunity to get rid of it while you are able. Once > gazetted anything is public knowledge. > > Regards, > LORD HIS EXCELLENCY JAMES HRMH > > ------------------------------ > *From:* bitcoin-dev-bounces@lists.linuxfoundation.org < > bitcoin-dev-bounces@lists.linuxfoundation.org> on behalf of Matt Corallo > via bitcoin-dev > *Sent:* Saturday, 9 March 2019 7:14 AM > *To:* Sjors Provoost > *Cc:* Bitcoin Protocol Discussion > *Subject:* Re: [bitcoin-dev] OP_CODESEPARATOR Re: BIP Proposal: The Great > Consensus Cleanup > > Aside from the complexity issues here, note that for a user to be > adversely affect, they probably have to have pre-signed lock-timed > transactions. Otherwise, in the crazy case that such a user exists, they > should have no problem claiming the funds before activation of a soft-fork > (and just switching to the swgwit equivalent, or some other equivalent > scheme). Thus, adding additional restrictions like tx size limits will > equally break txn. > > > On Mar 8, 2019, at 14:12, Sjors Provoost wrote: > > > > > >> (1) It has been well documented again and again that there is desire to > remove OP_CODESEPARATOR, (2) it is well-documented OP_CODESEPARATOR in > non-segwit scripts represents a rather significant vulnerability in Bitcoin > today, and (3) lots of effort has gone into attempting to find practical > use-cases for OP_CODESEPARATOR's specific construction, with no successes > as of yet. I strongly, strongly disagree that the highly-unlikely remote > possibility that someone created something before which could be rendered > unspendable is sufficient reason to not fix a vulnerability in Bitcoin > today. > >> > >>> I suggest an alternative whereby the execution of OP_CODESEPARATOR > increases the transactions weight suitably as to temper the vulnerability > caused by it. Alternatively there could be some sort of limit (maybe 1) on > the maximum number of OP_CODESEPARATORs allowed to be executed per script, > but that would require an argument as to why exceeding that limit isn't > reasonable. > >> > >> You could equally argue, however, that any such limit could render some > moderately-large transaction unspendable, so I'm somewhat skeptical of this > argument. Note that OP_CODESEPARATOR is non-standard, so getting them mined > is rather difficult in any case. > > > > Although I'm not a fan of extra complicity, just to explore these two > ideas a bit further. > > > > What if such a transaction: > > > > 1. must have one input; and > > 2. must be smaller than 400 vbytes; and > > 3. must spend from a UTXO older than fork activation > > > > Adding such a contextual check seems rather painful, perhaps comparable > to nLockTime. Anything more specific than the above, e.g. counting the > number of OP_CODESEPARATOR calls, seems like guess work. > > > > Transaction weight currently doesn't consider OP codes, it only > considers if bytes are part of the witness. Changing that to something more > akin to Ethereums gas pricing sounds too complicated to even consider. > > > > > > I would also like to believe that whoever went through the trouble of > using OP_CODESEPARATOR reads this list. > > > > Sjors > > > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --000000000000915ba00583c190cd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
>Lock in a blockheight to= get rid of it 10 years in the future.

And th= en make UTXOs containing OP_CODESEAPRATOR (etc.) and mined prior to the sof= t fork activation standard, with weight penalties as appropriate, so there = would be no difficulty spending them before the cutoff?

On Sun, Mar 10= , 2019 at 10:55 AM LORD HIS EXCELLENCY JAMES HRMH via bitcoin-dev <bitcoin-dev@lists.linux= foundation.org> wrote:

Opi= nion: Lock in a blockheight to get rid of it 10 years in the future. Use it= as press that Bitcoin is going to lose $1,000,000 if some mystery person d= oes not put their transaction through by then, try for global presses. Use the opportunity to get rid of it whil= e you are able. Once gazetted anything is public knowledge.
Reg= ards,
LOR= D HIS EXCELLENCY JAMES HRMH

From= : bitcoin-dev-bounces@lists.linuxfoundation.org <bitcoin-dev-bounces@lists.linuxfoundation.org> on behalf of Matt Co= rallo via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>
Sent: Saturday, 9 March 2019 7:14 AM
To: Sjors Provoost
Cc: Bitcoin Protocol Discussion
Subject: Re: [bitcoin-dev] OP_CODESEPARATOR Re: BIP Proposal: The Gr= eat Consensus Cleanup
=C2=A0
Aside from the complexi= ty issues here, note that for a user to be adversely affect, they probably = have to have pre-signed lock-timed transactions. Otherwise, in the crazy ca= se that such a user exists, they should have no problem claiming the funds before activation of a soft-fork (and just switching to the swgw= it equivalent, or some other equivalent scheme). Thus, adding additional re= strictions like tx size limits will equally break txn.

> On Mar 8, 2019, at 14:12, Sjors Provoost <sjors@sprovoost.nl> wrote:
>
>
>> (1) It has been well documented again and again that there is desi= re to remove OP_CODESEPARATOR, (2) it is well-documented OP_CODESEPARATOR i= n non-segwit scripts represents a rather significant vulnerability in Bitco= in today, and (3) lots of effort has gone into attempting to find practical use-cases for OP_CODESEPARATOR's spe= cific construction, with no successes as of yet. I strongly, strongly disag= ree that the highly-unlikely remote possibility that someone created someth= ing before which could be rendered unspendable is sufficient reason to not fix a vulnerability in Bitcoin today.
>>
>>> I suggest an alternative whereby the execution of OP_CODESEPAR= ATOR increases the transactions weight suitably as to temper the vulnerabil= ity caused by it.=C2=A0 Alternatively there could be some sort of limit (ma= ybe 1) on the maximum number of OP_CODESEPARATORs allowed to be executed per script, but that would require an argument as t= o why exceeding that limit isn't reasonable.
>>
>> You could equally argue, however, that any such limit could render= some moderately-large transaction unspendable, so I'm somewhat skeptic= al of this argument. Note that OP_CODESEPARATOR is non-standard, so getting= them mined is rather difficult in any case.
>
> Although I'm not a fan of extra complicity, just to explore these = two ideas a bit further.
>
> What if such a transaction:
>
> 1. must have one input; and
> 2. must be smaller than 400 vbytes; and
> 3. must spend from a UTXO older than fork activation
>
> Adding such a contextual check seems rather painful, perhaps comparabl= e to nLockTime. Anything more specific than the above, e.g. counting the nu= mber of OP_CODESEPARATOR calls, seems like guess work.
>
> Transaction weight currently doesn't consider OP codes, it only co= nsiders if bytes are part of the witness. Changing that to something more a= kin to Ethereums gas pricing sounds too complicated to even consider.
>
>
> I would also like to believe that whoever went through the trouble of = using OP_CODESEPARATOR reads this list.
>
> Sjors
>

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoi= n-dev
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000915ba00583c190cd--