bip-0141: clarify the sigop count calculation for CHECKMULTISIG #1054
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
cc @sipa |
sipa
reviewed
Jan 10, 2021
bip-0141.mediawiki
Outdated
| @@ -127,7 +127,7 @@ Sigops per block is currently limited to 20,000. We change this restriction as f | |||
| Sigops in the current pubkey script, signature script, and P2SH check script are counted at 4 times their previous value. | |||
| The sigop limit is likewise quadrupled to ≤ 80,000. | |||
|
|
|||
| Each P2WPKH input is counted as 1 sigop. In addition, opcodes within a P2WSH <code>witnessScript</code> are counted identically as previously within the P2SH <code>redeemScript</code>. That is, CHECKSIG is counted as only 1 sigop, and CHECKMULTISIG is counted as 1 to 20 sigops according to the arguments. This rule applies to both native witness program and P2SH witness program. | |||
| Each P2WPKH input is counted as 1 sigop. In addition, opcodes within a P2WSH <code>witnessScript</code> are counted identically as previously within the P2SH <code>redeemScript</code>. That is, CHECKSIG is counted as only 1 sigop. For 1 to 16 total public keys CHECKMULTISIG is counted as 1 to 16 sigops respectively, and for 17 to 20 total public keys it is counted as 20 sigops. This rule applies to both native witness program and P2SH witness program. | |||
There was a problem hiding this comment.
I'd be more specific and say this rule only applies to OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY preceded immediately by OP_1 through OP_16. That implicitly excludes 17-20, but it also makes it clear that if you'd use a direct push for 1-16 (or OP_PUSHDATA, or some other construction) it won't work.
There was a problem hiding this comment.
That's much clea[n/r]er, updated.
Since the sigOpCount calculation was copied from P2SH, and P2SH restricts the use of CHECKMULTISIG with pushed integers the reference implementation would not take into account the number of public keys for 17 to 20 keys (not representable with an OP_N) even for P2WSH. Therefore it fallbacks to accounting for 20 sigops in this case, which this sentence seemed to mismatch with. Btcd and Libbitcoin use the same calculation as in Bitcoin Core. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
darosior
force-pushed
the
bip141_multisig_sigops
branch
from
0fc6b6b
to
644610f
Compare
|
ACK 644610f |
sipa
approved these changes
Jan 19, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This makes the behaviour of the reference implementation clear for this computation, which was implied by the previous sentence but not explicited in the next one.