š
Original date posted:2015-12-29
š Original message:Occured to me that this hasn't been mentioned before...
We can trivially fix the quadratic CHECK(MULTI)SIG execution time issue
by soft-forking in a limitation on just SignatureHash() to only return
true if the tx size is <100KB. (or whatever limit makes sense)
This fix has the advantage over schemes that limit all txs, or try to
count sigops, of being trivial to implement, while still allowing for a
future CHECKSIG2 soft-fork that properly fixes the quadratic hashing
issue; >100KB txs would still be technically allowed, it's just that
(for now) there'd be no way for them to spend coins that are
cryptographically secured.
For example, if we had an issue with a major miner exploiting
slow-to-propagate blocks(1) to harm their competitors, this simple fix
could be deployed as a soft-fork in a matter of days, stopping the
attack quickly.
1) www.mail-archive.com/bitcoin-development at lists.sourceforge.net/msg03200.html
--
'peter'[:-1]@petertodd.org
0000000000000000094afcbbad10aa6c82ddd8aad102020e553d50a60b6c678f
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 650 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20151228/0f5f8fd2/attachment.sig>;
Peter Todd [ARCHIVE] /
npub1m2ā¦a2np2
2023-06-07 17:47:21
in reply to nevent1qā¦5f73
Author Public Key
npub1m230cem2yh3mtdzkg32qhj73uytgkyg5ylxsu083n3tpjnajxx4qqa2np2Seen on
wss://relay.noswhere.comPublished at
2023-06-07 17:47:21Event JSON
{
"id": "d9fd033b4ec44765f9b73d927aefc187017fd07865ec762176c9c418c2c851e7",
"pubkey": "daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa",
"created_at": 1686160041,
"kind": 1,
"tags": [
[
"e",
"0600edb122b23d28de1adba7ca47e2347d6be937da11235e57408ba908190104",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "š
Original date posted:2015-12-29\nš Original message:Occured to me that this hasn't been mentioned before...\n\nWe can trivially fix the quadratic CHECK(MULTI)SIG execution time issue\nby soft-forking in a limitation on just SignatureHash() to only return\ntrue if the tx size is \u003c100KB. (or whatever limit makes sense)\n\nThis fix has the advantage over schemes that limit all txs, or try to\ncount sigops, of being trivial to implement, while still allowing for a\nfuture CHECKSIG2 soft-fork that properly fixes the quadratic hashing\nissue; \u003e100KB txs would still be technically allowed, it's just that\n(for now) there'd be no way for them to spend coins that are\ncryptographically secured.\n\nFor example, if we had an issue with a major miner exploiting\nslow-to-propagate blocks(1) to harm their competitors, this simple fix\ncould be deployed as a soft-fork in a matter of days, stopping the\nattack quickly.\n\n1) www.mail-archive.com/bitcoin-development at lists.sourceforge.net/msg03200.html\n\n-- \n'peter'[:-1]@petertodd.org\n0000000000000000094afcbbad10aa6c82ddd8aad102020e553d50a60b6c678f\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 650 bytes\nDesc: Digital signature\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20151228/0f5f8fd2/attachment.sig\u003e",
"sig": "6b8a9389ca799df3fc1d4fc8a30df74a30ece16f8b08c6f2497eefc4878a2ea9857d451aa706feb0b60e3f78a0cd6e5ddfa13248a7527a2e9f57adad475b6187"
}