BIP 53: Disallow 64-byte transactions #1760

pull Christewart wants to merge 42 commits into bitcoin:master from Christewart:2024-12-20-64bytetxs changing 5 files +179 −0
  1. Christewart commented at 9:29 pm on February 10, 2025: contributor

    This BIP makes 64 byte bitcoin transactions serialized without the witness consensus invalid

    Mailing list post: https://groups.google.com/g/bitcoindev/c/rf3QOlzg230/m/eOOC8pkOAgAJ

    Delving discussion: https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710

    Side note, wasn’t sure how to best handle the 2-Bitcoin-Merkle.pdf as it isn’t hosted anywhere easily accessible AFAICT? For now I just added it into the git repo. Lmk if you have other suggestions

  2. jonatack added the label New BIP on Feb 10, 2025
  3. murchandamus commented at 7:36 pm on February 11, 2025: contributor
    I am a little surprised at this pull request, given the frequent coverage of Antoine’s ongoing research on reviving the Great Consensus Cleanup that includes a similar fix. It seems better to me to package all four fixes in one soft fork. Was it overlooked that this work is being duplicated, or are you disagreeing with the direction of Antoine’s work and want to put forward an alternative? Could you elaborate why you decided to submit this?
  4. Christewart commented at 8:11 pm on February 11, 2025: contributor

    I am a little surprised at this pull request, given the frequent coverage of Antoine’s ongoing research on reviving the Great Consensus Cleanup that includes a similar fix. It seems better to me to package all four fixes in one soft fork. Was it overlooked that this work is being duplicated, or are you disagreeing with the direction of Antoine’s work and want to put forward an alternative? Could you elaborate why you decided to submit this?

    HI Murch!

    Great Consensus Cleanup

    While the GCC is a great name for a disjoint set of bitcoin protocol security fixes, that doesn’t mean they all need to be bundled into one BIP and deployed at the same time.

    It seems better to me to package all four fixes in one soft fork.

    This document takes no opinion on how this enhancement is deployed.

    Previously we have deployed multiple consensus changes in a single soft fork that contained multiple BIPs. The 2017 Segwit soft fork had BIP141, BIP143. The Taproot soft fork had BIP341 and BIP342.

    Was it overlooked that this work is being duplicated,

    I was recommended that this was a piece of work that was easily to peel off from the rest of GCC and propose a fix for. Its relatively simple and straight forward, and has been known about for a long time.

    Antoine’s on going research.

    I think Antoine’s research is great, but just because he is researching the topic doesn’t mean he gets to monopolize the vulnerabilities. The 64 byte transaction vulnerability has been known since at least 2012 - yet no one has taken the time to write up a BIP to fix it 😬 . I’ve put forth the first BIP draft in the 13 years since this vulnerability has been known. I encourage Antoine to write up his proposal (hopefully sooner rather than later) as he doesn’t seem to be interested in working with me.

    Other vulnerabilities in GCC have also been known about for a long time - such as worse case block validation time. Antoine has done a lot of novel research there and I think his work product has been excellent on delving.

    There is plenty of meat left on the GCC bone, this was a small piece I decided to carve off.

  5. in bip-XXXX.mediawiki:20 in b08c7a116a outdated 
    15+We describe the weaknesses to the merkle tree included in bitcoin block headers, various exploits for those weaknesses.
16+
17+==Motivation==
18+
19+Bitcoin block headers include a commitment to the set of transactions in a given
20+block, which is implemented by constructing a Merkle tree of transaction id’s
    murchandamus commented at 10:16 pm on February 11, 2025: 
    0block, which is implemented by constructing a Merkle tree of transaction ids
  6. in bip-XXXX.mediawiki:29 in b08c7a116a outdated 
    24+transaction. However, Bitcoin’s particular construction of the Merkle tree has
25+several security weaknesses, including at least two forms of block malleability
26+that have an impact on the consensus logic of Bitcoin Core, and an attack on
27+light clients, where an invalid transaction could be ”proven” to appear in a block
28+by doing substantially less work than a SHA256 hash collision would require.
29+This has been prevented by relay policy since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR #11423 disallows 64 byte transactions in bitcoin core relay]</ref>
    murchandamus commented at 10:18 pm on February 11, 2025:

    Bitcoin Core is a proper noun:

    0This has been prevented by relay policy since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR [#11423](/bitcoin-bips/11423/) disallows 64-byte transactions in Bitcoin Core relay]</ref>
  7. in bip-XXXX.mediawiki:33 in b08c7a116a outdated 
    28+by doing substantially less work than a SHA256 hash collision would require.
29+This has been prevented by relay policy since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR #11423 disallows 64 byte transactions in bitcoin core relay]</ref>
30+
31+==Specification==
32+
33+This BIP disallows bitcoin transactions that are serialized to 64 bytes in length without it's witness.
    murchandamus commented at 10:18 pm on February 11, 2025: 
    0This BIP disallows bitcoin transactions that are serialized to 64 bytes in length without its witness.
    murchandamus commented at 11:08 pm on February 11, 2025:

    Could you explain the exact semantics of how and where such transactions are disallowed?

    Do you mean e.g., that a block including a 64-byte transaction must be rejected as invalid?

  8. in bip-XXXX.mediawiki:4 in b08c7a116a outdated 
    0@@ -0,0 +1,140 @@
1+<pre>
2+  BIP: ?
3+  Layer: Consensus (soft fork)
4+  Title: Disallow 64 byte transactions
    murchandamus commented at 10:35 pm on February 11, 2025:

    Here and in the following, when used as an adjective, “64-byte” is commonly hyphenated.

    0  Title: Disallow 64-byte transactions
  9. in bip-XXXX.mediawiki:9 in b08c7a116a outdated 
    0@@ -0,0 +1,140 @@
1+<pre>
2+  BIP: ?
3+  Layer: Consensus (soft fork)
4+  Title: Disallow 64 byte transactions
5+  Author: Chris Stewart <stewart.chris1234@gmail.com>
6+  Status: Draft
7+  Type: Specification
8+  License: BSD-3-Clause
9+  Created: ?
    murchandamus commented at 10:35 pm on February 11, 2025: 
    0  Created: ?
1  License: BSD-3-Clause
  10. in bip-XXXX.mediawiki:7 in b08c7a116a outdated 
    0@@ -0,0 +1,140 @@
1+<pre>
2+  BIP: ?
3+  Layer: Consensus (soft fork)
4+  Title: Disallow 64 byte transactions
5+  Author: Chris Stewart <stewart.chris1234@gmail.com>
6+  Status: Draft
7+  Type: Specification
    murchandamus commented at 10:35 pm on February 11, 2025: 
    0  Type: Standards Track
  11. in bip-XXXX.mediawiki:5 in b08c7a116a outdated 
    0@@ -0,0 +1,140 @@
1+<pre>
2+  BIP: ?
3+  Layer: Consensus (soft fork)
4+  Title: Disallow 64 byte transactions
5+  Author: Chris Stewart <stewart.chris1234@gmail.com>
    murchandamus commented at 10:35 pm on February 11, 2025:

    I’m afraid that BIP 2 is still Active, and BIP 3 is not yet:

    0  Author: Chris Stewart <stewart.chris1234@gmail.com>
1  Comments-URI: https://github.com/bitcoin/bips/wiki/Comments:BIP-?
  12. in bip-XXXX.mediawiki:67 in b08c7a116a outdated 
    62+This attack vector was fixed in 0.6.2<ref>[https://bitcoin.org/en/alert/2012-05-14-dos#risks CVE-2012-2459]</ref>, re-introduced in 0.13.x<ref>[https://github.com/bitcoin/bitcoin/pull/7225 #7225]</ref> and patched again in
63+0.14<ref>[https://github.com/bitcoin/bitcoin/pull/9765 #9765]</ref> of bitcoin core.
64+
65+==== Block malleability with consensus VALID transactions ====
66+
67+Producing a valid bitcoin transaction T<sub>m</sub> that adheres to network consesnsus
    murchandamus commented at 10:46 pm on February 11, 2025: 
    0Producing a valid bitcoin transaction T<sub>m</sub> that adheres to network consensus
  13. in bip-XXXX.mediawiki:90 in b08c7a116a outdated 
    85+with the hash of some other fake, invalid transaction F. The attacker can fool the SPV client into believing that F
86+was included in a bitcoin block rather than T with 81 bits<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/bip-XXXX/2-BitcoinMerkle.pdf An attacker who can do 81 bits of work (followed by another 40 bits of work, to
87+construct the funding transaction whose coins will be spent by this one) is able
88+to fool an SPV client in this way.]</ref> of work. This also reduces implementation complexity of SPV wallets<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/43 The steps needed to make sure a merkle proof for a transaction is secure.]</ref>.
89+
90+This could be mitigated by knowing the depth of the merkle tree. Requiring SPV clients to request both the coinbase transaction could mitigate this attack.
    murchandamus commented at 11:05 pm on February 11, 2025:
    The area around “both the coinbase transaction” seems to be missing something
  14. in bip-XXXX.mediawiki:96 in b08c7a116a outdated 
    91+To produce a valid coinbase transaction at the same depth that our fake transaction F occurs at would require 224 bits of work.
92+As mentioned above, this is computionally and financially expensive, but theoretically possible.
93+
94+==Backward compatibility==
95+
96+There have been 5 64 byte transactions that have occcurred in the bitcoin blockchain as of this
    murchandamus commented at 11:10 pm on February 11, 2025:
    Could you expand on how you are suggesting that implementers should mitigate this incompatibility? What about the potential existence of a pre-signed transaction that serializes to 64 bytes?
  15. in bip-XXXX.mediawiki:35 in b08c7a116a outdated 
    30+
31+==Specification==
32+
33+This BIP disallows bitcoin transactions that are serialized to 64 bytes in length without it's witness.
34+
35+==Rationale==
    murchandamus commented at 11:15 pm on February 11, 2025:
    A lot of the content of this section would maybe fit better under Motivation. Rationale usually explores the design decisions, alternate designs, and related work. For example you could expand on the approach of tracking the height of the Merkle branch to the coinbase transaction in the Rationale.
  16. murchandamus commented at 11:30 pm on February 11, 2025: contributor

    This does seem like a reasonable start for a BIP. A few parts of the content could perhaps be organized a bit differently, and some sections could be expanded. Especially the Specification could be a bit more precise in what an implementation should do to be compliance with this BIP. I left you a few editorial nits that you could perhaps take a look at.

    It seems likely to me that this submission may be duplicating some effort on all of our ends, assuming that the other anticipated BIP gets submitted near-term, but fair enough, we have not received another BIP on this topic. I guess I can’t fault multiple people for being interested in the same topic.

  17. murchandamus added the label PR Author action required on Feb 12, 2025
  18. jonatack removed the label PR Author action required on Feb 27, 2025
  19. Christewart force-pushed on Mar 1, 2025
  20. Christewart requested review from murchandamus on Mar 1, 2025
  21. Christewart force-pushed on Mar 1, 2025
  22. Christewart commented at 4:39 pm on March 1, 2025: contributor
    I believe the CI failure is unrelated to me?
  23. in bip-XXXX.mediawiki:16 in 8a75ee8f38 outdated 
    11+</pre>
12+
13+==Abstract==
14+
15+This BIP describes the rationale for disallowing transactions that are serialized to 64 bytes without the transaction's witness. 
16+We describe the weaknesses to the merkle tree included in bitcoin block headers, various exploits for those weaknesses.
    jonatack commented at 9:06 pm on March 7, 2025: 
    0We describe the weaknesses to the Merkle tree included in bitcoin block headers, and various exploits for those weaknesses.

    (Suggest using consistent capitalization of “merkle” in this document, here and for the other instances)

  24. in bip-XXXX.mediawiki:20 in 8a75ee8f38 outdated 
    15+This BIP describes the rationale for disallowing transactions that are serialized to 64 bytes without the transaction's witness. 
16+We describe the weaknesses to the merkle tree included in bitcoin block headers, various exploits for those weaknesses.
17+
18+==Specification==
19+
20+This BIP disallows bitcoin transactions that are serialized to 64 bytes in length without its witness.
    jonatack commented at 9:07 pm on March 7, 2025:

    s/its/their/, or “transaction” in the singular form

    0This BIP disallows bitcoin transactions that are serialized to 64 bytes in length without their witness.
  25. in bip-XXXX.mediawiki:34 in 8a75ee8f38 outdated 
    29+transaction. However, Bitcoin’s particular construction of the Merkle tree has
30+several security weaknesses, including at least two forms of block malleability
31+that have an impact on the consensus logic of Bitcoin Core, and an attack on
32+light clients, where an invalid transaction could be ”proven” to appear in a block
33+by doing substantially less work than a SHA256 hash collision would require.
34+This has been prevented by relay policy and RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR #11423 disallows 64-byte transactions in Bitcoin Core relay and RPC interface]</ref>.
    jonatack commented at 9:08 pm on March 7, 2025: 
    0This has been prevented by relay policy and the RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR [#11423](/bitcoin-bips/11423/) disallows 64-byte transactions in Bitcoin Core relay and RPC interface]</ref>.
  26. in bip-XXXX.mediawiki:52 in 8a75ee8f38 outdated 
    47+==== Block malleability with consensus INVALID transactions ====
48+
49+The peer receiving the malicious block marks the block as invalid as T<sub>m</sub> 
50+is not a valid transaction according to network consensus rules.
51+Other peers on the network receive the valid block containing T<sub>0</sub> and T<sub>1</sub>
52+add the block to their blockchain. Peers that receive the invalid block before the valid block
    jonatack commented at 9:11 pm on March 7, 2025:

    IIUC

    0and add the block to their blockchain. Peers that receive the invalid block before the valid block
  27. in bip-XXXX.mediawiki:54 in 8a75ee8f38 outdated 
    49+The peer receiving the malicious block marks the block as invalid as T<sub>m</sub> 
50+is not a valid transaction according to network consensus rules.
51+Other peers on the network receive the valid block containing T<sub>0</sub> and T<sub>1</sub>
52+add the block to their blockchain. Peers that receive the invalid block before the valid block
53+will never come to consensus with their peers due to the malicious user finding a collision
54+within the block's merkle root. Finding this collision approximately 22 bits worth of work<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/bip-XXXX/2-BitcoinMerkle.pdf to produce a block that has a Merkle
    jonatack commented at 9:15 pm on March 7, 2025:
    “Finding this collision approximately 22 bits worth of work” -> looks like a verb is missing here, or the sentence seems hard to follow
  28. in bip-XXXX.mediawiki:121 in 8a75ee8f38 outdated 
    116+
117+====Segwit 64-byte transactions====
118+
119+This BIP disallows single-input single output segwit transactions that pay to a 2 byte witness program.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73#p-4382-future-segwit-versions-10 BIP141 says witness programs can be 2 bytes in size, which makes the scriptPubKey a total of 4 bytes]</ref>
120+The only known use case<ref>[https://bitcoin.stackexchange.com/a/110664 Why do we have 2 byte witness programs? The original rationale for the lower end of the range of valid witness program lengths is that 2 bytes is enough to guarantee no ambiguity of how the program would be pushed (some 1 byte values can - and according to standardness, must - be pushed with OP_n, and dealing with those would have complicated the matter).]</ref>
121+for this type of transaction is ephemeral anchor outputs<ref>[https://bitcoinops.org/en/topics/ephemeral-anchors/ What are ephemeral anchor outputs? This allows anyone on the network to use that output as the input to a child transaction. This allows anyone to create the fee-paying child, even if they don’t receive any of the other outputs from the parent transaction. This allows ephemeral anchors to function as fee sponsorship but without requiring any consensus changes.]</ref>
    jonatack commented at 9:21 pm on March 7, 2025: 
    0for this type of transaction is ephemeral anchor outputs.<ref>[https://bitcoinops.org/en/topics/ephemeral-anchors/ What are ephemeral anchor outputs? This allows anyone on the network to use that output as the input to a child transaction. This allows anyone to create the fee-paying child, even if they don’t receive any of the other outputs from the parent transaction. This allows ephemeral anchors to function as fee sponsorship but without requiring any consensus changes.]</ref>
  29. in bip-XXXX.mediawiki:113 in 8a75ee8f38 outdated 
    108+The largest scriptSig a 64-byte transaction can have is 4 bytes.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73]</ref>
109+
110+There are 6<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/nonstandard-hashlock-utxos.txt As of block `00000000000000000001194ae6be942619bf61aa70822b9643d01c1a441bf2b7` there exist 6 nonstandard hashlock utxos that could theoretically have a 0-3 byte pre-image. None of them have a 0-3 byte pre-image.]</ref>
111+non standard hashlock utxos in the bitcoin blockchain. None of them have a 0-3 byte pre-image. This means they cannot be spent by a 64-byte transaction.
112+
113+Pre-segwit 64-byte transactions that spend a nonstandard utxo that are inherently malleable<ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#trust-free-unconfirmed-transaction-dependency-chain Details on how to malleate a pre-segwit transaction]</ref>.
    jonatack commented at 9:27 pm on March 7, 2025: 
    0Pre-segwit 64-byte transactions that spend a nonstandard utxo that are inherently malleable.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#trust-free-unconfirmed-transaction-dependency-chain Details on how to malleate a pre-segwit transaction]</ref>
  30. in bip-XXXX.mediawiki:102 in 8a75ee8f38 outdated 
     97+
 98+==Backward compatibility==
 99+
100+There have been 5 64-byte transactions that have occcurred in the bitcoin blockchain as of this
101+writing <ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/64byte-tx-mainnet.txt 64-byte transactions in the bitcoin blockchain]</ref>
102+With the last transaction 7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612<ref>[https://mempool.space/tx/7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612 Last 64-byte transaction in the bitcoin blockchain]</ref>
    jonatack commented at 9:28 pm on March 7, 2025: 
    0with the last transaction 7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612<ref>[https://mempool.space/tx/7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612 Last 64-byte transaction in the bitcoin blockchain]</ref>
  31. in bip-XXXX.mediawiki:129 in 8a75ee8f38 outdated 
    124+
125+<source lang="cpp">
126+/**
127+ * We want to enforce certain rules (specifically the 64-byte transaction check)
128+ * before we call CheckBlock to check the merkle root. This allows us to enforce
129+ * malleability checks which may interact with other CheckBlock checks.
    jonatack commented at 9:29 pm on March 7, 2025: 
    0 * malleability checks that may interact with other CheckBlock checks.
    Christewart commented at 3:52 pm on March 10, 2025:
    I’m going to avoid changing these nits unless they change in the reference implementation unless you have a super strong opinion on this.
    jonatack commented at 6:22 pm on March 10, 2025:
    I see. It wasn’t clear to me that this is extracted from the open pull in bitcoin-inquisition.
  32. in bip-XXXX.mediawiki:132 in 8a75ee8f38 outdated 
    127+ * We want to enforce certain rules (specifically the 64-byte transaction check)
128+ * before we call CheckBlock to check the merkle root. This allows us to enforce
129+ * malleability checks which may interact with other CheckBlock checks.
130+ * This is currently called both in AcceptBlock prior to writing the block to
131+ * disk and in ConnectBlock.
132+ * Note that as this is called before merkle-tree checks so must never return a
    jonatack commented at 9:30 pm on March 7, 2025: 
    0 * Note that this is called before merkle-tree checks and so must never return a
    Christewart commented at 3:52 pm on March 10, 2025:
    #1760 (review)
  33. jonatack commented at 9:36 pm on March 7, 2025: member
    Looks quite good. A few minor suggestions follow. Suggest rebasing to current master for a green CI if you repush.
  34. Christewart force-pushed on Mar 10, 2025
  35. Christewart requested review from jonatack on Mar 10, 2025
  36. in bip-XXXX.mediawiki:149 in c6bcc0019d outdated 
    144+
145+    return true;
146+}
147+</source>
148+
149+https://github.com/bitcoin-inquisition/bitcoin/pull/24/files
    jonatack commented at 6:21 pm on March 10, 2025: 
    0+This sample implementation is currently an open pull request here:
1+
2https://github.com/bitcoin-inquisition/bitcoin/pull/24/files
  37. in bip-XXXX.mediawiki:34 in c6bcc0019d outdated 
    29+transaction. However, Bitcoin’s particular construction of the Merkle tree has
30+several security weaknesses, including at least two forms of block malleability
31+that have an impact on the consensus logic of Bitcoin Core, and an attack on
32+light clients, where an invalid transaction could be ”proven” to appear in a block
33+by doing substantially less work than a SHA256 hash collision would require.
34+This has been prevented by Bitcoin Core's relay policy and the RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR #11423 disallows 64-byte transactions in Bitcoin Core relay and RPC interface]</ref>.
    jonatack commented at 6:28 pm on March 10, 2025:

    Now that “Bitcoin Core’s” was added.

    0This has been prevented by Bitcoin Core's relay policy and RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR [#11423](/bitcoin-bips/11423/) disallows 64-byte transactions in Bitcoin Core relay and RPC interface]</ref>.
    jonatack commented at 6:39 pm on March 10, 2025:
    Perhaps also mention https://github.com/bitcoin/bitcoin/commit/8c5b3646b5afe8a61f5c66478d8e11f0d2ce5108 that updated this change
  38. in bip-XXXX.mediawiki:15 in c6bcc0019d outdated 
    10+  License: BSD-3-Clause
11+</pre>
12+
13+==Abstract==
14+
15+This BIP describes the rationale for disallowing transactions that are serialized to 64 bytes without the transaction's witness.
    jonatack commented at 6:40 pm on March 10, 2025:

    nit, extra space at EOL

    0This BIP describes the rationale for disallowing transactions that are serialized to 64 bytes without the transaction's witness.
  39. in bip-XXXX.mediawiki:49 in c6bcc0019d outdated 
    44+Next the malicious user relays the block containing the malicious T<sub>m</sub> rather than the
45+valid bitcoin transactions that correspond with T<sub>0</sub> and T<sub>1</sub>.
46+
47+==== Block malleability with consensus INVALID transactions ====
48+
49+The peer receiving the malicious block marks the block as invalid as T<sub>m</sub>
    jonatack commented at 6:40 pm on March 10, 2025:

    nit, extra space at EOL

    0The peer receiving the malicious block marks the block as invalid as T<sub>m</sub>
  40. bitcoin deleted a comment on Mar 11, 2025
  41. jonatack commented at 9:13 pm on March 12, 2025: member
    Would be good to have some more eyes on this, otherwise seems close to ready as a draft for a number assignment.
  42. vostrnad commented at 8:31 pm on March 26, 2025: contributor

    @Christewart Antoine just opened a pull request for the Consensus Cleanup which includes the 64-byte transaction fix: #1800

    If you don’t feel too strongly about this being a separate BIP, I think it would be better to withdraw it, otherwise it’ll just be duplicating effort with no obvious benefit.

  43. Christewart commented at 10:54 am on March 28, 2025: contributor

    Hi @vostrnad,

    As of this commit, PR #1800 does not provide as much detail as this document in defining the problem with 64-byte transactions, explaining the proposed solution, and demonstrating why it does not pose a confiscatory risk.

    I hope the author of #1800 will consider expanding the BIP with more detail or breaking it into separate proposals for each consensus change. However, based on this email, it seems they believe the current content is sufficient and only requires minor edits.

    At this time, I believe my document is of higher quality. I will not be voluntarily closing my BIP until I feel #1800 reaches parity.

  44. murchandamus commented at 3:40 am on April 12, 2025: contributor
    Let’s call this BIP 53. Please update the table entry preamble and title correspondingly.
  45. murchandamus renamed this:
    BIP Draft: Disallow 64 byte transactions
    BIP 53: Disallow 64 byte transactions
    on Apr 12, 2025
  46. murchandamus added the label PR Author action required on Apr 15, 2025
  47. Christewart commented at 4:26 pm on April 21, 2025: contributor

    Let’s call this BIP 53. Please update the table entry preamble and title correspondingly.

    Done in 23e01bf

  48. in bip-XXXX.mediawiki:34 in 23e01bf187 outdated 
    29+transaction. However, Bitcoin’s particular construction of the Merkle tree has
30+several security weaknesses, including at least two forms of block malleability
31+that have an impact on the consensus logic of Bitcoin Core, and an attack on
32+light clients, where an invalid transaction could be ”proven” to appear in a block
33+by doing substantially less work than a SHA256 hash collision would require.
34+This has been prevented by Bitcoin Core's relay policy and the RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR #11423 disallows transactions that are less than 82 bytes in size from Bitcoin Core relay and RPC interface]</ref><ref>[https://github.com/bitcoin/bitcoin/commit/8c5b3646b5afe8a61f5c66478d8e11f0d2ce5108 Reduces the minimum transaction size required for a transaction to be considered standard from 82 bytes to 65 bytes]</ref>.
    murchandamus commented at 11:29 pm on April 21, 2025:

    Given that such transaction were still valid, just nonstandard, I’m not sure that “prevented” is the right term. How about mitigated?

    0This has been mitigated by Bitcoin Core's relay policy and the RPC interface since 2018<ref>[https://github.com/bitcoin/bitcoin/pull/11423/commits/7485488e907e236133a016ba7064c89bf9ab6da3 PR [#11423](/bitcoin-bips/11423/) disallows transactions that are less than 82 bytes in size from Bitcoin Core relay and RPC interface]</ref><ref>[https://github.com/bitcoin/bitcoin/commit/8c5b3646b5afe8a61f5c66478d8e11f0d2ce5108 Reduces the minimum transaction size required for a transaction to be considered standard from 82 bytes to 65 bytes]</ref>.
  49. in bip-XXXX.mediawiki:79 in 23e01bf187 outdated 
    74+This is computationally and financially expensive but theoretically possible. This can lead to a persistent chain split on the network.
75+
76+=== Attack on SPV clients ===
77+
78+BIP37<ref>[https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki BIP37]</ref>provides a partial merkle tree format<ref>[https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki#user-content-Partial_Merkle_branch_format Partial Merkle Tree Format]</ref>
79+that allows you to verify your bitcoin transaction is included in a merkle root embedded in a bitcoin block header.
    murchandamus commented at 11:33 pm on April 21, 2025: 
    0that allows you to verify that your bitcoin transaction is included in a merkle root embedded in a bitcoin block header.
  50. in bip-XXXX.mediawiki:87 in 23e01bf187 outdated 
    82+Suppose a (valid) 64-byte transaction T is included in a block with the property that the second 32 bytes (which
83+are less constrained than the first 32 bytes) are constructed so that they collide
84+with the hash of some other fake, invalid transaction F. The attacker can fool the SPV client into believing that F
85+was included in a bitcoin block rather than T with 81 bits<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/bip-XXXX/2-BitcoinMerkle.pdf An attacker who can do 81 bits of work (followed by another 40 bits of work, to
86+construct the funding transaction whose coins will be spent by this one) is able
87+to fool an SPV client in this way.]</ref> of work. This also reduces implementation complexity of SPV wallets<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/43 The steps needed to make sure a merkle proof for a transaction is secure.]</ref>.
    murchandamus commented at 11:35 pm on April 21, 2025: 
    0to fool an SPV client in this way.]</ref> of work. This also reduces implementation complexity for SPV wallets<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/43 The steps needed to make sure a merkle proof for a transaction is secure.]</ref>.
  51. in bip-XXXX.mediawiki:107 in 23e01bf187 outdated 
    102+with the last transaction 7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612<ref>[https://mempool.space/tx/7f2efc6546011ad3227b2da678be0d30c7f4b08e2ce57b5edadd437f9e27a612 Last 64-byte transaction in the bitcoin blockchain]</ref>
103+occurring at block height 419,606<ref>[https://mempool.space/block/000000000000000000308f1efc24419f34a3bafcc2b53c32dd57e4502865fd84 Block 419,606]</ref>.
104+
105+====Pre segwit 64-byte transactions====
106+
107+64-byte transactions cannot spend a utxo protected by a digital signature.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki After BIP66 was activated on the bitcoin network, bitcoin transactions cannot have a digital signature smaller than 9 bytes.]</ref>
    murchandamus commented at 11:38 pm on April 21, 2025: 
    0Pre-segwit 64-byte transactions cannot spend a utxo protected by a digital signature.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki After BIP66 was activated on the bitcoin network, bitcoin transactions cannot have a digital signature smaller than 9 bytes.]</ref>
  52. in bip-XXXX.mediawiki:108 in 23e01bf187 outdated 
    103+occurring at block height 419,606<ref>[https://mempool.space/block/000000000000000000308f1efc24419f34a3bafcc2b53c32dd57e4502865fd84 Block 419,606]</ref>.
104+
105+====Pre segwit 64-byte transactions====
106+
107+64-byte transactions cannot spend a utxo protected by a digital signature.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki After BIP66 was activated on the bitcoin network, bitcoin transactions cannot have a digital signature smaller than 9 bytes.]</ref>
108+The largest scriptSig a 64-byte transaction can have is 4 bytes.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73]</ref>
    murchandamus commented at 11:38 pm on April 21, 2025: 
    0The largest scriptSig a pre-segwit 64-byte transaction can have is 4 bytes.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73]</ref>
  53. in bip-XXXX.mediawiki:9 in 23e01bf187 outdated 
    0@@ -0,0 +1,162 @@
1+<pre>
2+  BIP: 53
3+  Layer: Consensus (soft fork)
4+  Title: Disallow 64-byte transactions
5+  Author: Chris Stewart <stewart.chris1234@gmail.com>
6+  Comments-URI: https://github.com/bitcoin/bips/wiki/Comments:BIP-53
7+  Status: Draft
8+  Type: Standards Track
9+  Created: ?
    murchandamus commented at 11:52 pm on April 21, 2025: 
    0  Created: 2025-04-11
  54. in bip-XXXX.mediawiki:153 in 23e01bf187 outdated 
    148+
149+The sample implementation is currently open here:
150+
151+https://github.com/bitcoin-inquisition/bitcoin/pull/24/files
152+
153+== Rationale ==
    murchandamus commented at 11:54 pm on April 21, 2025:
    This document has two “Rationale” sections.
  55. in bip-XXXX.mediawiki:96 in 23e01bf187 outdated 
    91+===SPV clients===
92+
93+Attacks on SPV clients could be mitigated by knowing the depth of the merkle tree. Requiring SPV clients to request both the coinbase and payment transaction could mitigate this attack.
94+To produce a valid coinbase transaction at the same depth that our fake transaction F occurs at would require 224 bits of work.
95+As mentioned above, this is computionally and financially expensive, but theoretically possible. This design would increase the size
96+of SPV proofs by 70%.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/29?u=chris_stewart_5  Base proof: 80 byte header + 448 byte partial merkle tree = 528 bytes. Proof with coinbase tx, assuming the coinbase tx is in the left half of the tree and the tx to prove is in the right half of the tree: 80 byte header + 416 bytes partial merkle tree for coinbase tx + 416 bytes partial merkle tree for tx = 912 bytes.]</ref>
    murchandamus commented at 11:57 pm on April 21, 2025: 
    0of SPV proofs by 70%.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/29?u=chris_stewart_5  Base proof: 80-byte header + 448-byte partial merkle tree = 528 bytes. Proof with coinbase tx, assuming the coinbase tx is in the left half of the tree and the tx to prove is in the right half of the tree: 80-byte header + 416 bytes partial merkle tree for coinbase tx + 416 bytes partial merkle tree for tx = 912 bytes.]</ref>
  56. in bip-XXXX.mediawiki:119 in 23e01bf187 outdated 
    114+Policy rules such as CLEANSTACK, MINIMALDATA, PUSHONLY are not consensus rules. If a user has a way to confirm an already non-standard
115+64-byte transaction - they can malleate the transaction by violating policy rules to change the size of the transaction to a size other than 64 bytes.
116+
117+====Segwit 64-byte transactions====
118+
119+This BIP disallows single-input single output segwit transactions that pay to a 2 byte witness program.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73#p-4382-future-segwit-versions-10 BIP141 says witness programs can be 2 bytes in size, which makes the scriptPubKey a total of 4 bytes]</ref>
    murchandamus commented at 11:58 pm on April 21, 2025: 
    0This BIP disallows single-input single-output segwit transactions that pay to a 2-byte witness program.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73#p-4382-future-segwit-versions-10 BIP141 says witness programs can be 2 bytes in size, which makes the scriptPubKey a total of 4 bytes]</ref>
  57. in bip-XXXX.mediawiki:120 in 23e01bf187 outdated 
    115+64-byte transaction - they can malleate the transaction by violating policy rules to change the size of the transaction to a size other than 64 bytes.
116+
117+====Segwit 64-byte transactions====
118+
119+This BIP disallows single-input single output segwit transactions that pay to a 2 byte witness program.<ref>[https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/73#p-4382-future-segwit-versions-10 BIP141 says witness programs can be 2 bytes in size, which makes the scriptPubKey a total of 4 bytes]</ref>
120+The only known use case<ref>[https://bitcoin.stackexchange.com/a/110664 Why do we have 2 byte witness programs? The original rationale for the lower end of the range of valid witness program lengths is that 2 bytes is enough to guarantee no ambiguity of how the program would be pushed (some 1 byte values can - and according to standardness, must - be pushed with OP_n, and dealing with those would have complicated the matter).]</ref>
    murchandamus commented at 11:58 pm on April 21, 2025: 
    0The only known use case<ref>[https://bitcoin.stackexchange.com/a/110664 Why do we have 2-byte witness programs? The original rationale for the lower end of the range of valid witness program lengths is that 2 bytes is enough to guarantee no ambiguity of how the program would be pushed (some 1-byte values can — and according to standardness, must — be pushed with OP_n, and dealing with those would have complicated the matter).]</ref>
  58. in bip-XXXX.mediawiki:114 in 23e01bf187 outdated 
    109+
110+There are 6<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/nonstandard-hashlock-utxos.txt As of block `00000000000000000001194ae6be942619bf61aa70822b9643d01c1a441bf2b7` there exist 6 nonstandard hashlock utxos that could theoretically have a 0-3 byte pre-image. None of them have a 0-3 byte pre-image.]</ref>
111+non standard hashlock utxos in the bitcoin blockchain. None of them have a 0-3 byte pre-image. This means they cannot be spent by a 64-byte transaction.
112+
113+Pre-segwit 64-byte transactions that spend a nonstandard utxo that are inherently malleable.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#trust-free-unconfirmed-transaction-dependency-chain Details on how to malleate a pre-segwit transaction]</ref>
114+Policy rules such as CLEANSTACK, MINIMALDATA, PUSHONLY are not consensus rules. If a user has a way to confirm an already non-standard
    murchandamus commented at 0:08 am on April 22, 2025:

    I think “non-standard” is more common in the context of transactions. Could you use either “non-standard” or “nonstandard” throughout the document?

    0There are 6<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/nonstandard-hashlock-utxos.txt As of block `00000000000000000001194ae6be942619bf61aa70822b9643d01c1a441bf2b7` there exist 6 non-standard hashlock utxos that could theoretically have a 0-3 byte pre-image. None of them have a 0-3 byte pre-image.]</ref>
1non-standard hashlock utxos in the bitcoin blockchain. None of them have a 0-3 byte pre-image. This means they cannot be spent by a 64-byte transaction.
2
3Pre-segwit 64-byte transactions that spend a non-standard utxo that are inherently malleable.<ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#trust-free-unconfirmed-transaction-dependency-chain Details on how to malleate a pre-segwit transaction]</ref>
4Policy rules such as CLEANSTACK, MINIMALDATA, PUSHONLY are not consensus rules. If a user has a way to confirm an already non-standard
  59. in bip-XXXX.mediawiki:58 in 23e01bf187 outdated 
    53+will never come to consensus with their peers due to the malicious user finding a collision
54+within the block's merkle root. Finding this collision is approximately 22 bits worth of work.<ref>[https://github.com/Christewart/bips/blob/2024-12-20-64bytetxs/bip-XXXX/2-BitcoinMerkle.pdf to produce a block that has a Merkle
55+root which is a hash of a 64-byte quantity that deserializes validly, it’s enough
56+to just do 8 bits of work to find a workable coinbase (which will hash to the first
57+32 bytes), plus another ≈22 bits of work ((1/5) ∗224, so slightly less) to find
58+a workable second transaction which will hash to the second 32 bytes) – a very
    murchandamus commented at 0:09 am on April 22, 2025: 
    0a workable second transaction which will hash to the second 32 bytes)—a very
  60. in bip-XXXX.mediawiki:78 in 23e01bf187 outdated 
    73+only 16 bytes or so are constrained, so approximately 128 bits of work to find a collision). Of course, any of the rows in the Merkle tree could be used, but it nevertheless seems clear that this should be computationally infeasible.]</ref>.
74+This is computationally and financially expensive but theoretically possible. This can lead to a persistent chain split on the network.
75+
76+=== Attack on SPV clients ===
77+
78+BIP37<ref>[https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki BIP37]</ref>provides a partial merkle tree format<ref>[https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki#user-content-Partial_Merkle_branch_format Partial Merkle Tree Format]</ref>
    murchandamus commented at 0:14 am on April 22, 2025:
    Consistency-nit: Please stick either to “Merkle” or to “merkle” throughout the document.
  61. murchandamus commented at 0:27 am on April 22, 2025: contributor

    The document seems fairly complete content-wise, but the presentation could use more attention. Capitalization is a bit random: some acronyms are capitalized (“SPV”), but others are uncapitalized (e.g. “utxos”) and proper nouns are sometimes capitalized (Merkle, Bitcoin Core), sometimes not (merkle, bitcoin). Please either retitle one of the two Rationale sections or combine them.

    It would be good if the proposal got more commentary or review from other contributors, but otherwise seems close to ready for a merge.

  62. murchandamus renamed this:
    BIP 53: Disallow 64 byte transactions
    BIP 53: Disallow 64-byte transactions
    on Apr 22, 2025
  63. murchandamus commented at 0:35 am on April 22, 2025: contributor
    Please also add the table entry to the README.
  64. in bip-0053.mediawiki:9 in 13c98f84c4 outdated 
     5@@ -6,7 +6,7 @@
 6   Comments-URI: https://github.com/bitcoin/bips/wiki/Comments:BIP-0053
 7   Status: Draft
 8   Type: Standards Track
 9-  Created: ?
10+  Created: 2024-12-20
    murchandamus commented at 5:08 pm on April 22, 2025:

    According to BIP2, the “Created” header records the date a proposal was assigned a number, which is why I suggested 2025-04-11.

    image

  65. murchandamus commented at 5:11 pm on April 22, 2025: contributor
    I assume you are still working on my other suggestions, so I’ll take another look later.
  66. Christewart commented at 5:14 pm on April 22, 2025: contributor

    Yes I am. Child nap time only allows for so many things to get done at 1 time 😅. I’ll try to address the rest later today

    On Tue, Apr 22, 2025 at 12:12 PM murchandamus @.***> wrote:

    @.**** commented on this pull request.

    I assume you are still working on my other suggestions, so I’ll take another look later.

    In bip-0053.mediawiki https://github.com/bitcoin/bips/pull/1760#discussion_r2054517864:

    @@ -6,7 +6,7 @@ Comments-URI: https://github.com/bitcoin/bips/wiki/Comments:BIP-0053 Status: Draft Type: Standards Track

    • Created: ?
    • Created: 2024-12-20

    According to BIP2 https://github.com/bitcoin/bips/blob/master/bip-0002.mediawiki#bip-header-preamble, the “Created” header records the date a proposal was assigned a number, which is why I suggested 2025-04-11.

    image.png (view on web) https://github.com/user-attachments/assets/5ac62de5-00b6-455e-940f-f22c88d228e1

    — Reply to this email directly, view it on GitHub https://github.com/bitcoin/bips/pull/1760#pullrequestreview-2784772967, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA22ETNRE5UYZ32HHFCPFTD22ZZ6DAVCNFSM6AAAAABW3SF3JSVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDOOBUG43TEOJWG4 . You are receiving this because you were mentioned.Message ID: @.***>

  67. Christewart commented at 7:15 pm on April 22, 2025: contributor

    The document seems fairly complete content-wise, but the presentation could use more attention. Capitalization is a bit random: some acronyms are capitalized (“SPV”), but others are uncapitalized (e.g. “utxos”) and proper nouns are sometimes capitalized (Merkle, Bitcoin Core), sometimes not (merkle, bitcoin).

    Ok think this is addressed in f797b9f, bd815e9, acda401

    Please either retitle one of the two Rationale sections or combine them.

    Sorry this was a bit unclear could you be more specific of what you would like to see?

    Apologies, I see what you are talking about now and this is fixed in 5a89036.

    Also I missed some code review due to github.com collapsing some comments, hopefully everything is addressed now with 5a89036

  68. murchandamus commented at 8:28 pm on April 22, 2025: contributor

    Also I missed some code review due to github.com collapsing some comments, hopefully everything is addressed now with 5a89036

    Yeah, I think I see what happened: when you started by moving the file, it marked all of my review comments as outdated, because they had been left on the old file. ;)

  69. murchandamus commented at 1:13 am on April 23, 2025: contributor

    Reviewed the changes, looks much better, thanks. :)

    What’s your plan for this proposal? Do you see it as a standalone soft fork that can be merged as is on its own, or are you working on additional parts? What is the intended deployment strategy?

  70. Christewart commented at 3:32 pm on April 23, 2025: contributor

    Do you see it as a standalone soft fork that can be merged as is on its own

    This is possible if the community wants to do this.

    or are you working on additional parts?

    I am not at this time.

    What is the intended deployment strategy?

    I don’t have one at this time. Recent precedent with BIP148 and BIP343 details activating the last 2 soft forks that contained a variety of BIPs.

    These activation BIPs were written by a different set of people than the BIP authors for taproot and segwit. I assume something like this will have to happen again as it seems like there isn’t really another realistic path to deploying soft forks IMO.

  71. in bip-0053.mediawiki:160 in 5a890366db outdated 
    155+==Copyright==
156+This BIP is licensed under the [https://opensource.org/license/BSD-3-Clause BSD-3-Clause License].
157+
158+==Acknowledgements==
159+
160+Suhas Daftuar, AJ Towns, Sergio Demian Lerner, Greg Maxwell, Matt Corallo, Antoine Poinsont, Dave Harding and Erik Voskuil
    murchandamus commented at 6:10 pm on April 23, 2025: 
    0Suhas Daftuar, AJ Towns, Sergio Demian Lerner, Greg Maxwell, Matt Corallo, Antoine Poinsot, Dave Harding and Eric Voskuil
  72. murchandamus commented at 6:17 pm on April 23, 2025: contributor
    Okay, is there anything else that is missing from your perspective before this can be merged?
  73. Christewart commented at 6:31 pm on April 23, 2025: contributor

    Okay, is there anything else that is missing from your perspective before this can be merged?

    I thought about this a bit more, there are 2 things that could potentially be addressed. I would like to hear your opinion.

    How BIP3 defines the Rationale section:

    The rationale should record relevant objections or important concerns that were raised and addressed as this proposal was developed.

    One concern that was raised on the mailing list by Jeremy Rubin and agreed by Eric Voskuil was that disallowing 64 byte transaction

    “might integrate very poorly with this kind of edge condition”

    Do you think this is adequately addressed by this section of the BIP? I’m on the fence.

    One other concern shared on the delving thread by Antoine Poinsot was sidechains may be vulnerable to the same merkle tree weakeness that SPV clients are. I haven’t investigated this further, but it could potentially merit a section the Motivation.

    This currently isn’t at the top of my bitcoin research priorities, so if you think these things should be done I’ll address them next week.

  74. jonatack removed the label PR Author action required on Apr 23, 2025
  75. jonatack assigned jonatack on Apr 29, 2025
  76. murchandamus commented at 5:04 pm on May 7, 2025: contributor
    If you feel that they are open points that came up in the evaluation of the idea this proposal is based on, then it would be appropriate to cover them here. If you don’t have the bandwidth to do so now, we can also merge this PR as a draft and you can continue to iterate on it as you move it toward “Proposed”.
  77. Disallow 64 byte transactions fb3f6163d8
  78. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    2787f860a9
  79. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    a7856f77ae
  80. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    0cc56ac81b
  81. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    7faedc8cc0
  82. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    a18be53b7c
  83. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    5952d9d444
  84. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    54abfc7be2
  85. Update bip-XXXX.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    f1c210b729
  86. Use hyphen 669fb8a4df
  87. Add note about 64 byte transactions not being allowed by the RPC interface, fix typo d1a944e2ce
  88. Move content in rationale section into motivation section 6fe89f8797
  89. Address more feedback 296607e024
  90. fix formatting d178e6f706
  91. fixes 1d89b67a34
  92. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    fd402acb3d
  93. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    0ea1e03fdd
  94. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    06a525fc1c
  95. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    cbdaa8bda6
  96. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    a5815ae152
  97. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    320ae6929e
  98. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    4f2d2f983b
  99. typo 83a845dac5
  100. more rewording / cleanup b9f9818d7e
  101. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    5cf3b0f6ca
  102. Update bip-XXXX.mediawiki 
    Co-authored-by: Jon Atack <jon@atack.com>
    f1d787d7ce
  103. Add reference to the bitcoin core commit relaxing tx standard size from 82 bytes -> 65 bytes e0cf6fb703
  104. Fix missing </ref> tag 67318c9437
  105. Add assigned BIP number to preamble f4b6c746c8
  106. Add BIP53 entry to README, rename BIP-XXXX.mediawiki -> bip-0053.mediawiki c0db51dfe3
  107. Actually add rename bip-0053.mediawiki doc 6cf483792b
  108. fix comments uri 54a5dc81b4
  109. Add valid date a71cfa4ecf
  110. Fix date e83dbe4ed4
  111. Be consistent with Merkle capitalization bbf50b88c9
  112. consistently use 'non-standard' throughout the doc 656af01622
  113. Rename folder from bip-XXXXX/ -> bip-0053/ b8cc9e9cfc
  114. Addres more Murch review 71c115aa82
  115. consistently use 'Bitcoin' rather than 'bitcoin' 2e20fa26b2
  116. fix acronym capitalization: utxo -> UTXO 90e0c880f3
  117. Remove extra 'Rationale' section, addressed missed code review from Murch e5635f0611
  118. Update bip-0053.mediawiki 
    Co-authored-by: Mark "Murch" Erhardt <murch@murch.one>
    d938c295c3
  119. Christewart force-pushed on May 9, 2025
  120. Christewart commented at 0:23 am on May 9, 2025: contributor

    we can also merge this PR as a draft and you can continue to iterate on it as you move it toward “Proposed”.

    Lets do that. I rebased the PR to get rid of conflicts. Would you like me to squash everything into 1 commit as well?


Christewart murchandamus jonatack vostrnad

Labels
New BIP

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-05-09 07:10 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me