Mark Friedenbach [ARCHIVE] on Nostr: π Original date posted:2017-09-30 π Original message:10s of seconds if no ...
π
Original date posted:2017-09-30
π Original message:10s of seconds if no further restrictions are placed. It would be trivial to include a new per input rule that reduces it to ~1s without cutting off any non-attack script (require sigops per input to be limited to witness/sig size). secp256k1 is now fast enough that we donβt need a separate sigop limit.
> On Sep 30, 2017, at 4:23 PM, Luke Dashjr <luke at dashjr.org> wrote:
>
> On Thursday 07 September 2017 12:38:55 AM Mark Friedenbach via bitcoin-dev
> wrote:
>> Tail-call execution semantics
>> BIP: https://gist.github.com/maaku/f7b2e710c53f601279549aa74eeb5368
>> Code: https://github.com/maaku/bitcoin/tree/tail-call-semantics
>
> Just noticed this doesn't count sigops toward the block sigop limit.
> Is that really safe? How long would it take, to verify a malicious block with
> only inputs such that there is nearly 4 MB of sigops?
>
> (I do already understand the difficulty in supporting the sigop limit.)
>
> Luke
π Original message:10s of seconds if no further restrictions are placed. It would be trivial to include a new per input rule that reduces it to ~1s without cutting off any non-attack script (require sigops per input to be limited to witness/sig size). secp256k1 is now fast enough that we donβt need a separate sigop limit.
> On Sep 30, 2017, at 4:23 PM, Luke Dashjr <luke at dashjr.org> wrote:
>
> On Thursday 07 September 2017 12:38:55 AM Mark Friedenbach via bitcoin-dev
> wrote:
>> Tail-call execution semantics
>> BIP: https://gist.github.com/maaku/f7b2e710c53f601279549aa74eeb5368
>> Code: https://github.com/maaku/bitcoin/tree/tail-call-semantics
>
> Just noticed this doesn't count sigops toward the block sigop limit.
> Is that really safe? How long would it take, to verify a malicious block with
> only inputs such that there is nearly 4 MB of sigops?
>
> (I do already understand the difficulty in supporting the sigop limit.)
>
> Luke