BIP141: Add 520 bytes witness stack limit #303
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -52,7 +52,7 @@ The <code>marker</code> MUST be <code>0x00</code>. | |
|
|
||
| The <code>flag</code> MUST be a 1-byte non-zero value. Currently, <code>0x01</code> MUST be used. | ||
|
|
||
| The <code>witness</code> is a serialization of all witness data of the transaction. Each txin is associated with a witness field. A witness field starts with a <code>var_int</code> to indicate the number of stack items for the txin. It is followed by stack items, with each item starts with a <code>var_int</code> to indicate the length. Witness data is NOT script. | ||
|
|
||
| A non-witness program (defined hereinafter) txin MUST be associated with an empty witness field, represented by a <code>0x00</code>. If all txins are not witness program, a transaction's <code>wtxid</code> is equal to its <code>txid</code>. | ||
|
|
||
|
|
@@ -85,20 +85,20 @@ There are two cases in which witness validation logic are triggered. Each case d | |
|
|
||
| If the version byte is 0, and the witness program is 20 bytes: | ||
| * It is interpreted as a pay-to-witness-public-key-hash (P2WPKH) program. | ||
| * The witness must consist of exactly 2 items (≤ 520 bytes each). The first one a signature, and the second one a public key. | ||
| * The HASH160 of the public key must match the 20-byte witness program. | ||
| * After normal script evaluation, the signature is verified against the public key with CHECKSIG operation. The verification must result in a single TRUE on the stack. | ||
|
|
||
| If the version byte is 0, and the witness program is 32 bytes: | ||
| * It is interpreted as a pay-to-witness-script-hash (P2WSH) program. | ||
| * The witness must consist of an input stack to feed to the script, followed by a serialized script ("witnessScript"). | ||
| * The witnessScript (≤ 10,000 bytes) is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program. | ||
| * The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack (≤ 520 bytes for each stack item). | ||
| * The script must not fail, and result in exactly a single TRUE on the stack. | ||
|
|
||
| If the version byte is 0, but the witness program is neither 20 nor 32 bytes, the script must fail. | ||
|
|
||
| If the version byte is 1 to 16, no further interpretation of the witness program or witness happens, and there is no size restriction for the witness. These versions are reserved for future extensions. | ||
|
Member
There was a problem hiding this comment. This seems to leave a valid infinite-sized data?
Member
There was a problem hiding this comment. That's still subject to normal Script validation rules.
Member
There was a problem hiding this comment. I do not understand your response.
Member
There was a problem hiding this comment. This text describes data that goes into the scriptPubKey or the P2SH
redeemscript.
It gets executed as normal when spent (with an empty or redeemscript-only
scriptSig), before witness execution takes place. During that first
execution, it is subject to the normal script evaluation rules, which for
example limit the size of pushes. Thus, it is not unlimited.
Contributor
Author
There was a problem hiding this comment. @sipa, I am talking about the witness stack here, not scriptPubKey nor scriptSig. There is no size limit for the witness stack if the witness program is v1 or above
Contributor
Author
There was a problem hiding this comment. @luke-jr yes, I think leave a valid infinite-sized data, but v1-v16 witness program is non-standard, so only miners can do it.
Member
There was a problem hiding this comment. Hmm, I suppose as long as the costlimit is in place that isn't too bad. |
||
|
|
||
| === Other consensus critical limits === | ||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@luke-jr re: witnessScript size and witness stack size
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would say "witness redeem" instead of witnessScript.
WitnessScript are the pushes for a particular input.