BIP141: Add 520 bytes witness stack limit #303

pull jl2012 wants to merge 1 commits into bitcoin:master from jl2012:patch-10 changing 1 files +5 −5
  1. jl2012 commented at 3:48 AM on January 26, 2016: contributor

    @sipa

  2. BIP141: Add 520 bytes witness stack limit
    @sipa
    4bf562569e
  3. luke-jr commented at 4:00 AM on January 26, 2016: member

    ??? Why a limit?

  4. sipa commented at 4:09 AM on January 26, 2016: member

    Why a limit? Because DoS potential. I don't like things that allow arbitrary size data in consensus code.

    Script already can't deal with stack items larger than 73 bytes anyway, and I don't think we should support more, but with 520 bytes we're certain that it doesn't remove any former functionality.

  5. luke-jr commented at 4:23 AM on January 26, 2016: member

    The script itself should be longer than 520 bytes or we get the P2SH regression again...

  6. sipa commented at 4:24 AM on January 26, 2016: member

    The restriction does not apply to the script itself, only to the input stack fed to it.

  7. jl2012 commented at 4:49 AM on January 26, 2016: contributor

    @luke-jr @sipa The script limit for P2WSH is 10000 bytes, right?

  8. luke-jr commented at 5:06 AM on January 26, 2016: member

    @sipa This is unclear, as the witnessScript is popped off the witness stack...

  9. in bip-0141.mediawiki:None in 4bf562569e 
      94 |  * It is interpreted as a pay-to-witness-script-hash (P2WSH) program.
  95 |  * The witness must consist of an input stack to feed to the script, followed by a serialized script ("witnessScript").
  96 | -* The witnessScript is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program.
  97 | -* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack.
  98 | +* The witnessScript (≤ 10,000 bytes) is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program.
  99 | +* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack (≤ 520 bytes for each stack item).
    jl2012 commented at 5:08 AM on January 26, 2016:

    @luke-jr re: witnessScript size and witness stack size

    NicolasDorier commented at 11:51 AM on January 26, 2016:

    I would say "witness redeem" instead of witnessScript. WitnessScript are the pushes for a particular input.

  10. in bip-0141.mediawiki:None in 4bf562569e 
     100 |  * The script must not fail, and result in exactly a single TRUE on the stack.
 101 |  
 102 |  If the version byte is 0, but the witness program is neither 20 nor 32 bytes, the script must fail.
 103 |  
 104 | -If the version byte is 1 to 16, no further interpretation of the witness program or witness happens.
 105 | +If the version byte is 1 to 16, no further interpretation of the witness program or witness happens, and there is no size restriction for the witness. These versions are reserved for future extensions.
    luke-jr commented at 5:12 AM on January 26, 2016:

    This seems to leave a valid infinite-sized data?

    sipa commented at 5:15 AM on January 26, 2016:

    That's still subject to normal Script validation rules.

    luke-jr commented at 5:25 AM on January 26, 2016:

    I do not understand your response.

    sipa commented at 5:30 AM on January 26, 2016:

    This text describes data that goes into the scriptPubKey or the P2SH redeemscript.

    It gets executed as normal when spent (with an empty or redeemscript-only scriptSig), before witness execution takes place. During that first execution, it is subject to the normal script evaluation rules, which for example limit the size of pushes. Thus, it is not unlimited.

    luke-jr commented at 5:47 AM on January 26, 2016:

    Aha, got it.

    jl2012 commented at 5:50 AM on January 26, 2016:

    @sipa, I am talking about the witness stack here, not scriptPubKey nor scriptSig. There is no size limit for the witness stack if the witness program is v1 or above

    jl2012 commented at 5:51 AM on January 26, 2016:

    @luke-jr yes, I think leave a valid infinite-sized data, but v1-v16 witness program is non-standard, so only miners can do it.

    luke-jr commented at 5:56 AM on January 26, 2016:

    Hmm, I suppose as long as the costlimit is in place that isn't too bad.

  11. jl2012 commented at 8:11 AM on January 26, 2016: contributor

    Testing with witnessScript of 10000 and 10001 bytes: https://www.irccloud.com/pastebin/xAEd96Yk/ https://www.irccloud.com/pastebin/k6yfZjTa/

  12. andre-amorim commented at 12:26 PM on January 26, 2016: none

    @jl2012 From left to right top to bottom coordinates of meaning.. is the first link to 10000 and the 10001 to 2nd link ?

  13. jl2012 commented at 1:50 PM on January 26, 2016: contributor

    @andre-amorim yes, you can find it by clicking the links

  14. andre-amorim commented at 3:25 PM on January 26, 2016: none

    Thanks @jl2012 it's 212k on my lp0, yep I printed it out.

  15. luke-jr referenced this in commit e7f28d88ec on Jan 29, 2016
  16. luke-jr merged this on Jan 29, 2016
  17. luke-jr closed this on Jan 29, 2016
Contributors
jl2012luke-jrsipaNicolasDorierandre-amorim
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-27 12:10 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me