1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <gavinandresen@gmail.com>) id 1RJSaF-00056z-LK
for bitcoin-development@lists.sourceforge.net;
Thu, 27 Oct 2011 16:13:35 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.161.47 as permitted sender)
client-ip=209.85.161.47; envelope-from=gavinandresen@gmail.com;
helo=mail-fx0-f47.google.com;
Received: from mail-fx0-f47.google.com ([209.85.161.47])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1RJSaE-0005j2-U6
for bitcoin-development@lists.sourceforge.net;
Thu, 27 Oct 2011 16:13:35 +0000
Received: by faas16 with SMTP id s16so4391527faa.34
for <bitcoin-development@lists.sourceforge.net>;
Thu, 27 Oct 2011 09:13:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.14.140 with SMTP id g12mr35077481faa.34.1319731984433;
Thu, 27 Oct 2011 09:13:04 -0700 (PDT)
Received: by 10.152.24.229 with HTTP; Thu, 27 Oct 2011 09:13:04 -0700 (PDT)
Date: Thu, 27 Oct 2011 12:13:04 -0400
Message-ID: <CABsx9T2LDL2ii0-Fstg-TKfQXsk57m0ac90fqe3kmVCQ2TTQGQ@mail.gmail.com>
From: Gavin Andresen <gavinandresen@gmail.com>
To: Jan Vornberger <jan@uos.de>
Content-Type: text/plain; charset=ISO-8859-1
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(gavinandresen[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 AWL AWL: From: address is in the auto white-list
X-Headers-End: 1RJSaE-0005j2-U6
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: [Bitcoin-development] Multisignature scriptSigs
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2011 16:13:35 -0000
> However, I ran into the problem that IsStandard() also
> checks that the size of scriptSig is not above 200. Adding an extra
> signature there triggers this limit. I guess there is no way around
> that?
D'oh! I forgot about that check (and should have remembered, I had to
increase it for my 'standard' multisig transactions branch).
Assuming BIPS 11 and 12 are adopted, there will be room in the
scriptSig for more than one signature. Once that happens, implementing
green addresses as an extra signature on the first scriptSig in a
transaction seems like a better way to do it than generating two
separate transactions.
Speaking of more-than-on-signature transactions:
I'm proposing a maximum 3 signatures for an IsStandard() transaction,
which would be a 600-byte scriptSig.
It is tempting to just bump the maximum up to 8 or 10, but I think we
should stay conservative about IsStandard() transaction size until
after two things happen:
1) bitcoin-qt gets smarter about downloading just block headers, and
maybe downloading transactions without scriptSigs (for transactions it
doesn't need/care to validate... need to think about that a little
more, but ByteCoin suggested that if you're not mining then the only
transaction signatures you need to check are not-yet-confirmed
transactions to you).
2) Transaction priority / maximum block size / free-transaction area /
transaction fees is reworked. Miners should be making the policy
decisions on minimum fee per kilobyte or ECDSA signature check, and
how many free transactions (if any) they'll include in the blocks they
create. And bitcoin clients should be smarter about looking at what
transactions are and are not getting into the chain so they can
suggest appropriate fees to users.
--
--
Gavin Andresen
|