Currently, there are a few different script size limits in Bitcoin Cash:
- ScriptPubKeys (Output scripts) are limited to 10 KB. There are 'standardness' checks that make it frustrating for normal usage, since transactions with non-standard scriptPubKeys won't be relayed. But, non-standard transactions are perfectly valid.
- ScriptSigs (Input scripts) are also limited to 10 KB.
- P2SH scripts are currently limited to 520 bytes for some technical reasons.
Recently there has been some discussion on whether it is appropriate to add new opcodes like OP_CHECKDATASIG which could in principle be emulated by Script. Ryan X Charles has suggested that the unrolled version of ECDSA algorithm using only Script arithmetic would take around a megabyte of script. This would of course require relaxing the 10 KB limit.
Before this discussion goes much further, I just want to point out that raising script length limits beyond 10 KB opens up new avenues for denial of service (DoS) attacks -- letting malicious actors create blocks that take ages for everyone else to validate, or send a node some transactions that take a long time to invalidate. I have recently found a quadratic scaling problem in OP_CHECKSIG which fortunately does not affect us at the moment due to the 10 KB limit. Basically this would be exploited by using regular OP_CHECKSIG with OP_CODESEPARATORs to create a script whose runtime is quadratic in length.
If the script size limit were raised to 1 MB, then it would be possible to make blocks that take an extreme amount of time to verify (like, several minutes even on a multi-core server).
If some restrictions are put in place (such as removing OP_CODESEPARATOR) then it may be possible to make Script have an asymptotically linear (not quadratic) runtime by having cached checksig digests. Then, it may indeed make sense to remove the limit on Script length.
[link] [comments]
source https://www.reddit.com/r/btc/comments/9qu189/to_prevent_dos_blocks_script_size_limits_should/
No comments:
Post a Comment