policy: uncap datacarrier by default #32406

Retains the -datacarrier* args, marks them as deprecated, and does not require another startup argument for multiple OP_RETURN outputs.

If a user has set -datacarriersize the value is “budgeted” across all seen OP_RETURN output scriptPubKeys. In other words the total script bytes stays the same, but can be spread across any number of outputs. This is done to not introduce an additional argument to support multiple outputs.

I do not advise people use the option with custom arguments and it is marked as deprecated to not mislead as a promise to offer it forever. The argument itself can be removed in some future release to clean up the code and minimize footguns for users.

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/32406.

Reviews

See the guideline for information on the review process.

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #29954 (RPC: Return permitbaremultisig and maxdatacarriersize in getmempoolinfo by kristapsk)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

Concept ACK

I think I’d prefer keeping the option until #32401 is addressed. Clearly there seems to be at least some demand for mining on charitable templates. If this is worth the additional code and maintenance is another discussion, and in the meantime I’d also support it being marked for future removal.

@BitcoinMechanic

no incentive

Fee estimation and block propagation to name a few: https://groups.google.com/g/bitcoindev/c/d6ZO7gXGYbQ/m/3WVL60u6EQAJ

@BitcoinMechanic

no incentive

Fee estimation and block propagation to name a few: https://groups.google.com/g/bitcoindev/c/d6ZO7gXGYbQ/m/3WVL60u6EQAJ

It does no harm to fee estimation or block propagation. Nodes can and do cache transactions they reject from their mempools making compact blocks just as quick to verify regardless of if some of their contents was filtered.

As for fee estimation, it does not require knowledge of “the” mempool and there can never be such a thing.

The efforts to design Bitcoin Core around the increased reliance on mempool homogeneity are misguided and a trend in the wrong direction.

More high level - if nodes can configure their own mempool policies it obviously doesn’t break things and demonstrably never has.

Concept ACK. This adds a deprecation step to #32359, which seems fine from a technical point of view, and was requested by regular contributors as well.

It will re-invite the brigading when the actual code is removed, but it will be easier to point to earlier discussion.

Code looks reasonable at first glance, when compared to #32359, but will re-review it.

3ba7449f6c335026b752366c53f9c309f09e6c64 could be split between a commit that allows multiple outputs and one that switches the default.

There’s no need to Concept N(ACK) this if all you’re going to do is repeat comments from #32359. They’re not votes. Any actual reviewer of this PR (including maintainers) can read those arguments there.

Concept NACK.

For the same reasons mentioned in #32359.

Concept NACK

If fee estimation, block propagation etc has issues with mempool diversity specially for defense against spam/DoS then the position of not fixing that or making a future economic judgement based on theoretical assumptions is a fallacy. This broad position of Bitcoin Core can clearly increase spam and centralization regardless of economic incentives of miners which are all speculations and projections to modify how Bitcoin works instead of being realistic about the end goal of Bitcoin network. It’s disappointing where this is headed.

FWIW I will not engage in meta discussion here. I will respond to any deficiencies in the code itself.

https://github.com/bitcoin/bitcoin/commit/3ba7449f6c335026b752366c53f9c309f09e6c64 could be split between a commit that allows multiple outputs and one that switches the default.

Touching tests twice is kind of annoying, but I can do if it makes code history easier and others agree.

@nsvrn this PR specifically enables users to have a divergent mempool. I don’t understand the use case for that

The use case for users maintaining control over their mempools is self evident.

@BitcoinMechanic wrote:

allows users the ability to configure

It briefly retains it, typically deprecation is followed by removal one release later.

So if you’re opposed to direct removal, then everyone will understand that you’re also opposed to deprecation, so there’s nothing new to say.

cACK

I like this approach, is far less problematic than #32359 Not going to add any more argument than the ones given there.

Left two small non-blocking comments

Concept ACK on relaxing the maximum capacity of the OP_RETURN size to the current transaction standardness limit.

1. This change will improve fee estimation in Bitcoin Core, as users will now be able to see the fee pressure from “data-carier” transactions that were previously broadcast out of band.

2. It will also improve block propagation time and make mining fairer, as data carrier transactions below standardness limit will now be relayed in nodes’ mempools before being included in block templates. Nodes that already have these transactions can validate new blocks faster and relay them to peers and potentially other miners. If I understand correctly, Bitcoin’s incentives require miners to learn about new blocks as quickly as possible so this is a positive change.

3. This could also potentially reduce the reliance on “out-of-band” services that collect data carrier transactions at high fees and possibly earn more revenue than other miners.

However, I still believe that while Bitcoin Core’s transaction relay policy rules have significant advantages, they leave room for out-of-band services like those in point 3. As long as new innovations seek to utilize create transactions that violate those policies, we may continue to see these services persist.

This leads us to repeat the same process of relaxing rules to address issues 1, 2, and 3.

In my opinion, policy rules are an “easy way out” but limited solution. If we truly want to prevent issues 1, 2, and 3, those rules should be part of the consensus layer.

On Deprecating this feature: I will like to see this option not being deprecated and let’s give users the ability to have a datacarier limit as they see fit; even though it is a footgun; we have a far worst option available i,e -blocksonly mode; in blocks only mode fee estimation is disabled. The work in #30157 allows a node to also detect when it’s mempool is roughly not in sync with miners and prevent serving fee rate estimate.

Concept NACK

I’ve read the justifications but remain unconvinced the timing as well as the decision to altogether remove the option to configure is the right one.

Increasing the default and giving node runners the option to change that is the right way to go. And a few versions layers maybe the discussion to remove it altogether can be restarted. Current PR is way too sudden. It seems we did not learn the lesson from the unintentional effect lifting the witness script size limit had on the quantity of arbitrary data getting stored in the block.

Yes, I am aware it was possible to store data even before that, but it became economically lucrative since that specific change of removing the 10kb limit. Instead of capping that somehow, we are on a path to remove any and all data size configuration option the node runners currently have.

Besides, removing this option doesn’t even help in a major way to remove utxo bloat because segwit discount will still be preferred for data above a certain size threshold.

Earnestly urge the project maintainers to rethink this one and implement it in more gradual changes. Thank you.

Concept ACK.

I believe this is a marginal improvement over #32359. It’s better to err on the side of a normal deprecation path with more knobs rather than fewer, especially since this knob (-datacarriersize) was previously available. Its removal has been a specific point of controversy, explicitly described by some as core compelling speech. However, this conceptual change will likely affect only a small percentage of previous NACKers, since the intent and outcome seem clear and unchanged imo. At best, it provides hypothetical hope that if the option proves beneficial during the deprecation period, it might not ultimately be removed.

Concept ACK with 1 nit

My issue with previous PR was largely due to removal vs deprecation of config options.

ACK c164064c266c518588d9d9175f9b14140ee751b6

Manually tested that the -datacarriersize limit does in fact match on a two OP_Return output transaction of the expected size, and that the resulting transaction was propagated to other nodes as expected.

Of course, I still (weakly) prefer my version. But this is acceptable too.

@moth-oss config options are not removed in this pull request.

This config option is, however, marked for future removal and is being marketed for future removal by the author of the PR by being defined as “DEPRECATED”. I assume this will mean the removal of this toggle eventually when the controversy has died down and people aren’t paying attention.

I believe this “DEPRECATED” definition is up for debate. Marking a toggle that has worked for my mempool policy and will work for my mempool policy in the future as “DEPRECATED” is FALSE & MISLEADING. It still works.

On that basis alone, I’m going to have to concept NACK this PR.

Concept ACK

Leaving the knob in but changing its default is a good approach.

After reading all comments and reviewing code.

utACK https://github.com/bitcoin/bitcoin/pull/32406/commits/3b3fafdb1c7eca8010194d0063579d44d555d546

I believe this “DEPRECATED” definition is up for debate. Marking a toggle that has worked for my mempool policy and will work for my mempool policy in the future as “DEPRECATED” is FALSE & MISLEADING. It still works.

Deprecation isn’t a value judgment but a statement that it will be removed in a future version.

ACK 8c360d78b13fa7136db8d6e1e0af5d05f5141a64

The GUI popup can be fixed in a followup (before v30).

Deprecation isn’t a value judgment but a statement that it will be removed in a future version.

Deprecation doesn’t even always mean it will actually be removed in a future version; see #32423 eg.

Code ACK, conceptual NACK purely on option deprecation (comments here and in the mailing list; the justifications for deprecating/removing these options appear faulty to me).

Edit to summarize the points already made, because there’s discussion going on here now, with some claiming arguments they’re making which have been addressed haven’t been, often repeating points they already made elsewhere without adding anything new:

1. Any delay in a miner receiving a compact block because nodes along the shortest (time) path for that compact block to reach them are missing transactions in that block can be entirely removed. Compact block relay doesn’t need to be delayed by mempool filters. See mailing list.
2. Globally consistent mempool policy is not possible, but you don’t need it for transactions with larger-than-80-byte OP_RETURNS to be relayed. You just need enough nodes with more permissive relay policy. Librerelay is already an option you could be pushing people to run, and this change would allow people to achieve the same using Core without deprecating and removing options noderunners have had for years to manage their own resources. Deprecation and removal of these flags achieves absolutely nothing (besides encouraging users to run alternative implementations).
3. Downloading a transaction twice is not the same as downloading it once, and uploading it N times, even where N is 1. Upload bandwidth is not download bandwidth. On many residential networks, and particularly cellular, upload bandwidth is significantly lower. I can download 30x as much as I can upload in any given period. See linked comment.
4. A ’new’ point I’ve only made away from the ML and GitHub: no, missing some transactions from your mempool doesn’t make all that much of a difference when setting fees. You still have a view of what’s getting confirmed, and a view of all the non-filtered transactions at the top of your own mempool. As somebody who has actually run a filtered mempool during periods where those filters were excluding many transactions being included within the next few blocks, it wasn’t difficult to set fees. Made other points in the above linked comment, but not yet relevant to the discussion going on in this PR.

@BitcoinMechanic It does no harm to fee estimation or block propagation. Nodes can and do cache transactions they reject from their mempools making compact blocks just as quick to verify regardless of if some of their contents was filtered.

This is the first I have heard about this caching of non-standard transactions. If this is indeed the case, then the small-block-propagation-performance-degradation argument is largely invalidated, but this requires that the cache be sufficiently large and long-lived that the cache + mempool will effectively match a mempool without the standardness restrictions. What are the characteristics of this caching behavior, and does it actually prevent degradation of small block propagation in practice?

re-ACK c164064c266c518588d9d9175f9b14140ee751b6

Since my last review it adds MAX_SCRIPT_ELEMENT_SIZE to the test and uses a larger payload for it.

ACK c164064c266c518588d9d9175f9b14140ee751b6

I believe this PR makes the following changes:

• allows multiple data carrier outputs in a single transaction (removing multi-op-return standardness failures)
• puts multiple data carrier outputs under the same limit (giving a new datacarrier standardness failure when the limit is exceeded instead of scriptpubkey)
• increases the limit’s default from 83 to 100,000, making the limit irrelevant
• deprecates the two datacarrier settings
• simplifies some tests (that would otherwise fail due to the warning about setting the deprecated option)
• adds some tests for the new multi-datacarrier behaviour

I think I’d slightly favour not deprecating the options, and only increasing the limit to cover the real use cases we know of, so perhaps 160 bytes. I’m not sure I’d even rate those as a nit, though.

I don’t see any issue with allowing multiple op-returns – only using one where possible is already encouraged via it being cheaper in fees, and there’s otherwise no significant impact on nodes that I can see.

I don’t think this PR will have any impact on fee estimation (the only way that would occur is if a large majority of the mempool were transactions with multiple OP_RETURN outputs or an OP_RETURN output larger than 83 bytes, and that’s not the case).

I think the impact of this PR on block relay is likely to also be very small; probably slightly negative in the short term, as more blocks are mined with txs with more/larger OP_RETURNs before many nodes in the network include such txs in their mempool, and slightly positive in the long term, as more nodes in the network do include those txs in their mempools.

Based on citrea’s Clementine design, I think this will slightly lower how much the utxo set gets spammed – trying to get every bit of data published on the blockchain moved to the witness or reduced to a commitment still seems possible to me, but given the complexity of BitVM-style protocols and bridges in general, I suspect it’s unlikely that developers of those protocols will be willing to spend much time shaving off bytes here and there like we might otherwise like. Given that, it seems better to make the easiest solution one that also minimises long term harm, and leave the incentive for shaving off bytes to just be minimising fees.

re-ACK c164064c266c518588d9d9175f9b14140ee751b6

(test-only change since my previous ACK; as per git diff 8c360d78 c164064c, the review comments #32406 (review) ff. were addressed)

reACK https://github.com/bitcoin/bitcoin/commit/c164064c266c518588d9d9175f9b14140ee751b6

Last review: #32406 (comment)

Concept ACK, if this won’t be merged, actors will mine their non-standard transactions by contacting the miners directly and not via the p2p network.

in this way anyone willing to change their own mempool policy is still able to do it

Bitcoin’s success hinges on its decentralization and accessibility.

Moreover, out-of-band services that cater to data-carrier transactions are not inherently harmful to the network. They exist because Bitcoin was intentionally not designed as a general-purpose data storage layer, but rather as a secure payments system. Private markets offering these services reflect a willingness to pay for non-standard transactions, and this market demand does not justify altering Bitcoin’s core design to subsidize these use cases.

These two statements are incongruent with each other, as out-of-band services directly undermine the decentralization and accessibility of the network by eroding the transparency of the fee market as well as miner rewards.

@moth-oss config options are not removed in this pull request.

It is deprecating the option though. I don’t think deprecating it now is the right move. Increase the default (ideally not disabled/max) and see how things go before making the decision to deprecate it.

Reminder that this project’s current moderation guidelines describe what we expect of contributors to this repository.

To keep it productive, especially on threads like these please:

• Stay on-topic: discuss the patch, not Bitcoin in general.
• Critique ideas, not motives.
• Contribute new signal: avoid repeating arguments already made earlier (these will start being marked as duplicate, to make the thread easier to navigate).

Note that this repository is not a general bitcoin discussion board. It’s one step removed from general discussions as contributors here discuss changes via commenting on new revisions of the source code. For protocol-wide chat use the mailing list, Delving Bitcoin, Reddit, X, etc. There are now many conversations taking place on this very topic :)

If you think your comment has been moderated incorrectly, edit your comment (or not) and raise your concern in bitcoin-core/meta.

@moth-oss config options are not removed in this pull request.

It is deprecating the option though. I don’t think deprecating it now is the right move. Increase the default (ideally not disabled/max) and see how things go before making the decision to deprecate it.

Deprecation notice can last for years: #32406 (comment)

Concept NACK.

While appearing to be a compromise, this PR uniquely does not achieve even partial success of the desired outcomes of either faction as stated in #32359 and as such is ineffective.

You might say this is the nature of a compromise, but I find this “splitting the difference” strategy to be uniquely harmful in its result.

This PR achieves none of the stated benefits of #32359 which were:

• better fee estimation/ unification of mempool state
• reduction of harm through the use of OP_RETURN rather than witness storage
• reduction of mining centralization through incentivizing use of “honest” data use case

It also substantially changes mempool filter behavior such that nodes with default configurations will have a significant relay change.

The ultimate result of this particular PR will be:

• further fracturing of the mempool policies
• further mining centralization as a means of reducing cost of non-standard transactions
• fee estimation continuing to be limited in scope
• continued use of witness data field for arbitrary data incentivized by lower cost from witness discount

For these reasons, I think it is unwise to handle these changes piecemeal and would advocate for closing this PR and revisiting mempool transaction standardness policy when transaction consensus cleanup has been successfully achieved. This makes the most sense since proponents of both sides of this argument say they don’t want arbitrary data in the blockchain and that mempool policy should be tightly coupled with consensus policy.

@moth-oss config options are not removed in this pull request.

It is deprecating the option though. I don’t think deprecating it now is the right move. Increase the default (ideally not disabled/max) and see how things go before making the decision to deprecate it.

Deprecation notice can last for years: #32406 (comment)

Deprecation is a clear signal that a feature will be removed in the future. Having an unspecified timeline till deprecation isn’t not an argument against OP’s point.

if the intention is that a feature may or may not be removed in the future, than deprecating it now is incorrect.

Concept NACK.

There clearly is no consensus, moving forward now will completely destroy the core reputation.

@BootsStribling

This PR achieves none of the stated benefits of #32359 which were:

• reduction of harm through the use of OP_RETURN rather than witness storage

The ultimate result of this particular PR will be:

• continued use of witness data field for arbitrary data incentivized by lower cost from witness discount

The harm reduction argument is that OP_RETURN use allows L2 users an alternative to stuffing arbitrary data into non-provably unspendable outputs that bloat the UTXO set. The witness data bloat was the focus of a PR from several years ago by luke-jr that added additional data-carrier filters, not this or the related PR by petertodd. The origin of this is an L2/sidechain use case that requires 144 bytes of ZKP data in transaction outputs – they cannot rely upon stuffing it into witness data because so many nodes already filter out such transactions. The argument is that the current OP_RETURN filter incentivizes more harmful UTXO bloat compared to larger OP_RETURN outputs which can be dropped from the UTXO set.

I find that argument somewhat persuasive; however, after reading more arguments and giving it a bit more thought, concept NACK for deprecating the option instead of just changing the default configuration to fit the specific use case that started this whole controversy. From a UX design perspective, software should have sane defaults but not prevent power users from tuning, experimenting, and/or breaking their own systems.

Concept NACK

Deprecating the feature is an indication that the feature could be removed in the future without discussion. It is not different enough to just removing the feature entirely today, thus is isn’t a compromise. Some are saying that features can stay deprecated for years but that’s a false equivalence because those features are not as controversial as the OP_RETURN limit.

Increasing the default OP_RETURN limit to 100,000 is also contentious and should not be merged without further discussion on the mailing list. Forcing node runners to do extra setup work to limit data carrier transactions is against the preference of a significant group of node runners. Increasing the default limit still incentivizes them to migrate to alternative node implementations that don’t require extra setup steps. Keeping the default OP_RETURN limit at 80 bytes or a somewhat sensible 144 bytes is a better compromise. Data usage above 144 bytes is less expensive in witness data anyway because of the discount so no reason to raise the default limit above 144 bytes.

utACK while I’m doubtful my comment should carry much weight, I’m wary of the public presentation weight up vacuous opposition, which ought count for nothing, against an absence of positive comments (because the choice is obvious enough that little need be said)… and the most effective thing I can do on that point is to get counted.

I have a slight preference for the closed PR that removes it completely. This is primarily because removing it completely avoids some predictable meta-abuse (e.g. the same people who deceived others about this PR existing, claiming they narrowly saved the day when no great doom happens). Also I have some small concern that if/when the contributors decide total removal would be best that they’ll refrain from doing so out of a justified fear of another public abuse campaign, which could be avoided by just doing it now. That said, since these aren’t points that go to the substance of the change itself, the other PR is currently closed, I don’t think they matter much and I wouldn’t fault someone for saying such reasoning should be completely disregarded. I’ll refrain for further meta-points, though I think they are worth at least some consideration because they are akin to technical debt created by the proposal (but they are political rather than technical). As far as actually when the settings are removed after this PR, if ever, I think that is mostly just the judgement of the maintainers in terms of combinatorics testing cost and codebase cleanliness.

I am November Alpha Charlie Kilo (drat bot!) on suggestions that leave the limit slightly increased for some user or another (as mentioned by @ariel-lore @ajtowns and the later @k98kurz comment) unless they come with a credible argument that ~all the hashpower will enforce the same limit. Without that, a increased limit but still less than what many miners will do leaves the harmful gap between relay and mining policy. I think it would be an obviously poor choice that undermines much of the principled argument for making the change at all. (and to be clear, I would agree that all substantive discrepancies ought to be closed either by convincing miners to change behavior or removing the restrictions, and if a discrepant rule is hiding a DOS vulnerability it must be fixed either in code or consensus rules). If there were a serious argument that progress could be made getting most hashpower to enforce some other limit, then I would agree with trying to achieve that. My understanding however is that there is no real prospect of that.

Turning to the substance above, @k98kurz advances an argument that rejected transactions are cached as a reason relay/mining mismatches don’t hurt block propagation. @instagibbs provides a technically correct response that the caching is insignificant and demonstratively doesn’t avoid the problem, but I think it’s important to give a broader answer in the context of this PR and the default relay policy of Bitcoin Core: If the transaction is never relayed to you because all your peers dropped it then no amount of caching can help.

Caching, when it is successful, reduces the bandwidth inflation from transmitting the txn twice (once to just throw it out, the second when it shows up in a block) and it may diminish the block relay harm caused by a small number of mining-inconsistent nodes. Improving that caching might help a little but especially in terms of widely deployed policy it can’t help much because nodes simply won’t see the transactions. Steel-manning the opposition a little: It could be argued that block relay could be improved to be less sensitive to missed transactions. I agree that it could and should, but doing so is very technically complex, unlikely to be accomplished safely in the social climate exhibited in these PRs, and that even at it’s best is inherently inferior to already having the transaction and having already validated it. The best improvements we know of also trade more bandwidth usage to diminish the huge round trip delays, so keeping the discrepancy as small as can be is important to them. Some rare discrepancy is unavoidable, but filtering transactions that will get mined is an entirely unforced error.

[And as co-designer of the block relay mechanism: the extras pool is intended to deal with replacement races– when a new replacement comes in for a little while it’s anyone’s guess which one a just found block will have. Depending on the ordering the miner saw the transactions a block could have any version, even when replacement would be denied by the replacement rules. Most of the time in the Bitcoin p2p network we took an assumption that relay and mining policy would not have any persistent substantive differences.]

The comment of @BootsStribling appears to be disconnected from reality in a manner characteristic of LLM hallucinations. It takes a number of positions which would be interesting if they were true or substantiated in any way by the comment. I don’t think there is any serious dispute that this PR will not make the default behavior more consistent with what gets mined.

As far as fee estimation goes, the actual estimator is designed to be robust against missed transactions (they’re basically ignored)– but I know that I and many other people I know look at an actual mempool to make decisions on what to bid against… and having transactions unknown to us that will likely show up in the next block makes it harder to make a good decision. Again, I don’t think there is any serious dispute on this point.

There are a number of other easily addressed fallacious points I’ve seen raised in opposition to this elsewhere, but since they haven’t (yet) been raised here I won’t (yet) readdress them, I don’t think they’re useful even as steelmanning the opposition because none of my counters on those have been countered. If anyone has any interest they can go follow my recent reddit traffic (u/nullc) which has been ~exclusively on this subject.

Cheers.

[And if anyone wants to respond to me but can’t do so here for whatever reason, please reach out directly… my email is available to anyone!]

Concept ACK, the code looks sensible from brief look, though it’s unclear what the intention of the parameter was.

I’d also like to ask the opposition to address the numerous arguments about the limit driving centralization and causing long-term storage problems as well as causing the size of the chain to increase in the mailinglist. I haven’t seen a single person attempting to do that yet.

@FractalEncrypt you can use python to create a transaction with multiple OP_RETURN, fundrawtransaction to add inputs, signrawtransactionwithwallet to sign and sendrawtransaction to broadcast it later. It will be listed in the output for getrawmempool once broadcasted.

 0from bitcoin.core import CTransaction, CTxOut, CScript, b2x
 1from bitcoin.core.script import OP_RETURN
 2
 3inputs = [] 
 4outputs = [
 5    CTxOut(0, CScript([OP_RETURN, b'deadbeef'])),
 6    CTxOut(0, CScript([OP_RETURN, b'cafebabe']))
 7]
 8
 9tx = CTransaction(inputs, outputs)
10
11raw_tx = b2x(tx.serialize())
12print(raw_tx)

Example tx:

0010000000001019eee1ba28a55abf31bd52501515d5c701478ea7edc27ba0b5e8a299e61bb81260000000000fdffffff0300000000000000000a6a08646561646265656600000000000000000a6a086361666562616265c0eb052a010000002251203e9d78540e0bb81dbb409b0ef517c11e2cb94d1ffab46ace3bcc45ccee39a1e80247304402205ae327bf416966d9e1567d4c141a7e408ed53e2863c2400023345bc3ce7d0d35022067f00d09a499e4282d33598c76f0bfa3d34b3c52810a5e39f61d100a607499ed0121020ead75a237556f4986a78e815700c3b4215679ffca5f25539f06ef38b766282900000000

 0{
 1  "txid": "3d0f6a1d4b0854968b9af9f8d8f477271adec96e85266e9c49ef08eec35970db",
 2  "hash": "c2765e5146a7cc07a81294ebea71c57b30b3083947460d7412f2f00115fe62a2",
 3  "version": 1,
 4  "size": 241,
 5  "vsize": 160,
 6  "weight": 637,
 7  "locktime": 0,
 8  "vin": [
 9    {
10      "txid": "2681bb619e298a5e0bba27dc7eea7814705c5d510125d51bf3ab558aa21bee9e",
11      "vout": 0,
12      "scriptSig": {
13        "asm": "",
14        "hex": ""
15      },
16      "txinwitness": [
17        "304402205ae327bf416966d9e1567d4c141a7e408ed53e2863c2400023345bc3ce7d0d35022067f00d09a499e4282d33598c76f0bfa3d34b3c52810a5e39f61d100a607499ed01",
18        "020ead75a237556f4986a78e815700c3b4215679ffca5f25539f06ef38b7662829"
19      ],
20      "sequence": 4294967293
21    }
22  ],
23  "vout": [
24    {
25      "value": 0.00000000,
26      "n": 0,
27      "scriptPubKey": {
28        "asm": "OP_RETURN 6465616462656566",
29        "desc": "raw(6a086465616462656566)#2yjnw38t",
30        "hex": "6a086465616462656566",
31        "type": "nulldata"
32      }
33    },
34    {
35      "value": 0.00000000,
36      "n": 1,
37      "scriptPubKey": {
38        "asm": "OP_RETURN 6361666562616265",
39        "desc": "raw(6a086361666562616265)#kgaw0u9z",
40        "hex": "6a086361666562616265",
41        "type": "nulldata"
42      }
43    },
44    {
45      "value": 49.99998400,
46      "n": 2,
47      "scriptPubKey": {
48        "asm": "1 3e9d78540e0bb81dbb409b0ef517c11e2cb94d1ffab46ace3bcc45ccee39a1e8",
49        "desc": "rawtr(3e9d78540e0bb81dbb409b0ef517c11e2cb94d1ffab46ace3bcc45ccee39a1e8)#2q3qw2vr",
50        "hex": "51203e9d78540e0bb81dbb409b0ef517c11e2cb94d1ffab46ace3bcc45ccee39a1e8",
51        "address": "bcrt1p86whs4qwpwupmw6qnv80297prcktjngll26x4n3me3zuem3e585qf6mmjg",
52        "type": "witness_v1_taproot"
53      }
54    }
55  ]
56}

ACK c164064c266c518588d9d9175f9b14140ee751b6. I’ve left a few nits, but nothing blocking, especially in a PR with this much activity.

With the new default, I think users disabling or lowering datacarriersize are mostly reducing the performance of their own node, so I am in support of removing it completely. However, some people seem really keen on continuing to be able to do so, so pragmatically I think the approach taken in this PR is sensible. Changing the default is what’s really important here.

Concept NACK

There should be freedom and sovereignty on what users relay on their nodes mempool. To marked them as deprecated sets the precedent that in the future node runners wont be able to configure this.

Concept ACK for this and Concept ACK for #32359 unless @luke-jr/Knots argues convincingly that the removal of these config options in Core makes maintaining them in Knots an excessive amount of work.

The objectives of Core’s mempool policy and Knots mempool policy are totally different. Knots is trying to filter what it defines as spam and Core isn’t. I don’t know if it makes sense for Core to try catering to Knots’ objectives when they clash with Core’s objectives. It makes more sense for Core to direct users who want to attempt to filter spam-like transactions to run Knots instead.

That might be anathema to some but mempool policy isn’t consensus critical and consensus compatible forks like Knots are there for those who strongly disagree with the merge decisions or the direction of travel of Core on non-consensus changes. I don’t think anyone needs or wants this kind of discussion every time Core makes a change to mempool policy.

Anyway, my two cents for what it is worth.

re-ACK 35bcd8eed38130445aef5ebe217ab42248fa6f18

Smaller code code changes can be left to followups, as it’s tedious to keep track of actual code review comments in this PR due to continued brigading.

unless @luke-jr/Knots argues convincingly that the removal of these config options in Core makes maintaining them in Knots an excessive amount of work

It really shouldn’t be. After this PR it’s a matter of changing the default. After we actually drop the deprecated option, it would be a matter of reverting that one commit.

I don’t know if it makes sense for Core to try catering to Knots’ objectives

In general Bitcoin Core provides very limited catering to forks, whether that’s altcoins, modified implementations or even just experimental features. We do have e.g. CLIENT_NAME "Bitcoin Core" that’s easy to override, and a CI flag SKIP_BRANCH_PUSH which replaced a hardcoded gui repository name. But those require some convincing to include, as I’ve experienced myself with #29274.

It probably does not help (in motivating reviewers) if your fork’s main marketing message is to discredit upstream. @gmaxwell wrote:

I have a slight preference for the closed PR that removes it completely.

So do I conceptually, but at this point this PR has had more code review and some subsequent improvements, so I’d rather not switch back.

re-ACK 35bcd8eed38130445aef5ebe217ab42248fa6f18

No changes except addressing review feedback:

• squashing commits
• improving release notes
• test style changes

Smaller code code changes can be left to followups, as it’s tedious to keep track of actual code review comments in this PR due to continued brigading.

Agreed. Leaving nits here just for reference but they shouldn’t block progress.

utACK 35bcd8eed38130445aef5ebe217ab42248fa6f18

All nits that can be done in a follow-up.

ACK https://github.com/bitcoin/bitcoin/pull/32406/commits/35bcd8eed38130445aef5ebe217ab42248fa6f18

I have tested this branch with transactions having multiple OP_RETURN. Steps are shared in this comment marked as off-topic: #32406 (comment)

I am interested to see the usage of multiple OP_RETURN after v30 if this pull request gets merged. Written a post about their usage in coinjoin and other thoughts are shared on delving.

Last review: #32406 (comment)

Concept NACK

there is no clear need for this change. Use cases expressed are minor, with only hope of future usage. Expressed use cases can be accommodated in a simpler way with a minor size change. If Core would like this op return change for the future, do the work and convince node runners to change their defaults. Arguments for block propagation speed and fee estimates, though technically sound, are potentially minor compared to forcing the default size to max. Slow this down and move towards this goal if this is what you ultimately think is best, but gradually, allowing node runners to respond instead of being forced.

Definitely do not deprecate

Did the NACK/ACK bot break? Doesn’t seem to be updating? @DrahtBot

This is a known issue. See https://github.com/maflcko/DrahtBot/issues/51. edit: fixed

code review ACK 35bcd8eed3

left one small comment to avoid further discussions…

drahtbot has categorized your comment as nack instead of ack

When a comment contains both ack and nack (in uppercase), the bot just picks one. Obviously, it is off-topic to discuss here, but I think there is a misunderstanding what the goal of the summary comment by the bot is. The goal is not to have everyone “register” their “vote”. It is simply a best-effort overview to have a clickable link to every reviewer’s most recent review comment. The technical content of those review comments is what matters, not how many are registered in what category. This is also explained in the comment above the table: “See the guideline for information on the review process.”

ACK 35bcd8eed38130445aef5ebe217ab42248fa6f18 – only minor tweaks since previous review

I wrote:

I don’t think this PR will have any impact on fee estimation (the only way that would occur is if a large majority of the mempool were transactions with multiple OP_RETURN outputs or an OP_RETURN output larger than 83 bytes, and that’s not the case).

gmaxwell wrote:

As far as fee estimation goes, the actual estimator is designed to be robust against missed transactions (they’re basically ignored)– but I know that I and many other people I know look at an actual mempool to make decisions on what to bid against… and having transactions unknown to us that will likely show up in the next block makes it harder to make a good decision.

Prior to this discussion, there were only 61 txs included in blocks in the prior ~11 months (blocks 846,000 to 894,000) that this PR would allow to be relayed (using up ~0.004% of blockspace during that period). Since this discussion started, that’s increased, eg to ~0.16% with ~11,800 txs (in blocks 894,000 to 896,528), though that rises to 3.1% of blockspace if you only count the blocks that actually included such txs. Those levels seem pretty easy to cope with, no matter how you calculate fees. (Only 3 of the 61 txs had multiple OP_RETURNs, 33 had a single OP_RETURN scriptPubKey between 84 and 160 bytes, and there were an additional six OP_RETURNs in txs larger than 100kvB which will still be non-standard if this PR is merged, one of which was also 0 fees)

gmaxwell also wrote:

I would agree that all substantive discrepancies ought to be closed either by convincing miners to change behavior or removing the restrictions,

I don’t disagree with this in principle, but I don’t think the level of non-standard OP_RETURNs that we were seeing prior to this topic being raised for discussion (ie 61 txs over a period of 48,000 blocks) should be counted as a “substantive” discrepency.

If it were to be counted, I think that’s a goal that’s pretty unlikely to be achievable – eg Mara’s slipstream has a transaction privacy policy (“Before they are mined, yes. Your transactions are not broadcasted to the Bitcoin network until they have received at least one confirmation”) which is advertised as being particularly useful to prevent token mints being sniped. Violations of other standardness rules (particularly tx size/weight) or using replace-by-feerate policies versus replace-by-fee ones also seem likely to remain sources of occasional discrepencies.

It seems if you want people to actually use this much OP RETURN data by relaxing the filter it’d make sense to simultaneously prevent “inscriptions” with this #28408

You can ACK this pull request if you agree with the changes and open a new issue or pull request for #28408

Concept NACK

Nodes shouldn’t relay arbitrary data on the network. Removing the cap on the default datacarriersize makes that easier. We’ve already seen a clear signal that people don’t want this, with a noticeable migration from Bitcoin Core to Bitcoin Knots over the past three weeks. And since [PR #32359](https://github.com/bitcoin/bitcoin/pull/32359#event-17618932800) was closed by @glozow a few days ago, I’d expect this one to be closed too.

We’ve already seen a clear signal that people don’t want this, with a noticeable migration from Bitcoin Core to Bitcoin Knots over the past three weeks.

It’s clear we’ve agreed to disagree: people who prefer arbitrary filters will run Bitcoin Knots, and people who prefer harmless, consensus-valid transactions will run Bitcoin Core.

We’ve already seen a clear signal that people don’t want this, with a noticeable migration from Bitcoin Core to Bitcoin Knots over the past three weeks.

It’s clear we’ve agreed to disagree: people who prefer arbitrary filters will run Bitcoin Knots, and people who prefer harmless, consensus-valid transactions will run Bitcoin Core.

Part of the motivation for this PR is that large OP RETURNs are less harmful than fake pub keys, with the understanding that both are still harmful.

wouldn’t it be reasonable to make the cap a “little bigger by default” as a conservative change, and just to see if it causes an uptick in average op_return sizes and uses as storage?

its not so urgent to allow 10kb op_returns

and data carrier limits are more about protecting the p2p and mempool layers - not protecting from inclusion in blocks

the knock-on effects of arbitrary data at the p2p layer could be severe in ways that have nothing to do with block storage

On Fri, May 23, 2025 at 5:38 PM BitcoinMechanic @.***> wrote:

BitcoinMechanic left a comment (bitcoin/bitcoin#32406) https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2906118037

We’ve already seen a clear signal that people don’t want this, with a noticeable migration from Bitcoin Core to Bitcoin Knots over the past three weeks.

It’s clear we’ve agreed to disagree: people who prefer arbitrary filters will run Bitcoin Knots, and people who prefer harmless, consensus-valid transactions will run Bitcoin Core.

Part of the motivation for this PR is that large OP RETURNs are less harmful than fake pub keys, with the understanding that both are still harmful.

— Reply to this email directly, view it on GitHub https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2906118037, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAMMUN7P7NTVQH2CZJJQYL2765R3AVCNFSM6AAAAAB4KKCMJOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMBWGEYTQMBTG4 . You are receiving this because you commented.Message ID: @.***>

and data carrier limits are more about protecting the p2p and mempool layers - not protecting from inclusion in blocks

Simply not true. The only motivation for the rule is to nudge people to not store arbitrary data on chain when it can be avoided.

the knock-on effects of arbitrary data at the p2p layer could be severe in ways that have nothing to do with block storage

There is zero reason to think this. Transactions can be up to 100kvB in any other shape or form, and the p2p needs to somehow handle that with or without this change.

There is zero reason to think this. Transactions can be up to 100kvB in any other shape or form, and the p2p needs to somehow handle that with or without this change.

Zero reason, like using the p2p layer as a command and control system for botnets by allowing long strings of arbitrary data? I guess it can be done with steganography anyway.

On Sat, May 24, 2025 at 7:45 AM Gregory Sanders @.***> wrote:

instagibbs left a comment (bitcoin/bitcoin#32406) https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2906870658

and data carrier limits are more about protecting the p2p and mempool layers - not protecting from inclusion in blocks

Simply not true. The only motivation for the rule is to nudge people to not store arbitrary data on chain when it can be avoided.

the knock-on effects of arbitrary data at the p2p layer could be severe in ways that have nothing to do with block storage

There is zero reason to think this. Transactions can be up to 100kvB in any other shape or form, and the p2p needs to somehow handle that with or without this change.

— Reply to this email directly, view it on GitHub https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2906870658, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAMMULYL2BUFA5HF7RLMTD3ACAYFAVCNFSM6AAAAAB4KKCMJOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMBWHA3TANRVHA . You are receiving this because you commented.Message ID: @.***>

Zero reason, like using the p2p layer as a command and control system for botnets by allowing long strings of arbitrary data

They have used output amounts in the past to encode IP address: https://www.akamai.com/blog/security/bitcoins--blockchains--and-botnets

They can use Libre Relay for OP_RETURN. Bitcoin Core policies can’t stop botnets from making consensus-valid transactions.

very detailed and accurate thanks

On Sat, May 24, 2025, 3:14 PM Chris Guida @.***> wrote:

chrisguida left a comment (bitcoin/bitcoin#32406) https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2907189059

For anyone interested, I posted a detailed explanation on Delving of why I am against this proposal: https://delvingbitcoin.org/t/addressing-community-concerns-and-objections-regarding-my-recent-proposal-to-relax-bitcoin-cores-standardness-limits-on-op-return-outputs/1697/2?u=cguida

— Reply to this email directly, view it on GitHub https://github.com/bitcoin/bitcoin/pull/32406#issuecomment-2907189059, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAMMUL4XKDGDKP4KKETIXT3ADVLHAVCNFSM6AAAAAB4KKCMJOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDSMBXGE4DSMBVHE . You are receiving this because you commented.Message ID: @.***>

ACK 35bcd8eed38130445aef5ebe217ab42248fa6f18

Concept

I understand node runners feeling like their agency would be restricted by deprecating and later removing this limit. However, I have not encountered any strong technical or incentive compatible argument in favor of keeping it. Deprecating and giving a little bit more opportunity for such an argument to appear before removal seems like a diplomatically acceptable solution.

I don’t feel strongly enough about this to have kicked this hornets nest of a debate in the first place. However, we hopefully already paid most of the cost for this debate in energy and trust in the short term, so getting closer to removal should free up energy in the long term.

Spammers can use networks like Libre Relay with preferential peering to circumvent this limit anyway.

Relaying OP_RETURNs between ~80-~140 bytes does not substantially change the economics for spammers using witness data today.

Gist for more in-depth arguments with attempt to steel-man opposition: https://gist.github.com/hodlinator/501ed81c61b06b6e082663ca646655eb

Approach

Thorough. Only one inline nit.

rebase required due to silent merge conflict

edit: Since the arg is deprecated now and used in a new spot in master, the newly touched test was failing, requiring touching the commits. Sorry!

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

No changes since 35bcd8eed38130445aef5ebe217ab42248fa6f18 except rebasing and removing the -datacarriersize=100000 no-op in mempool_updatefromblock.py that would cause the test to fail just for using a deprecated option.

 0  1:  496c5c2e92 = 285:  9f36962b07 policy: uncap datacarrier by default
 1  2:  af9f354c5a ! 286:  63091b79e7 test: remove unnecessary -datacarriersize args from tests
 2    @@ test/functional/mempool_truc.py: class MempoolTRUC(BitcoinTestFramework):
 3              self.log.info("Test that TRUC inheritance is checked within package")
 4              node = self.nodes[0]
 5
 6    + ## test/functional/mempool_updatefromblock.py ##
 7    +@@ test/functional/mempool_updatefromblock.py: class MempoolUpdateFromBlockTest(BitcoinTestFramework):
 8    +     def set_test_params(self):
 9    +         self.num_nodes = 1
10    +         # Ancestor and descendant limits depend on transaction_graph_test requirements
11    +-        self.extra_args = [['-limitdescendantsize=1000', '-limitancestorsize=1000', f'-limitancestorcount={CUSTOM_ANCESTOR_COUNT}', f'-limitdescendantcount={CUSTOM_DESCENDANT_COUNT}', '-datacarriersize=100000']]
12    ++        self.extra_args = [['-limitdescendantsize=1000', '-limitancestorsize=1000', f'-limitancestorcount={CUSTOM_ANCESTOR_COUNT}', f'-limitdescendantcount={CUSTOM_DESCENDANT_COUNT}']]
13    +
14    +     def create_empty_fork(self, fork_length):
15    +         '''
16    +
17      ## test/functional/mining_basic.py ##
18     @@ test/functional/mining_basic.py: class MiningTest(BitcoinTestFramework):
19                  assert tx_below_min_feerate['txid'] not in block_template_txids
20  3:  1ade56661f = 287:  0b4048c733 datacarrier: deprecate startup arguments for future removal
21  4:  1c4bf434db = 288:  a141e1bf50 Add more OP_RETURN mempool acceptance functional tests
22  5:  35bcd8eed3 = 289:  a189d63618 add release note for datacarriersize default change

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

Just a rebase and minor test tweak since my previous review.

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

Just a rebase due to silent merge conflict since my prev review

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

(as per $ git range-diff 35bcd8ee...a189d636)

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

Previous review: #32406#pullrequestreview-2838300949

re-ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

Changes since previous review (https://github.com/bitcoin/bitcoin/pull/32406#pullrequestreview-2870311100):

• Resolved silent merge conflict with 47894367b583c06c53d568dc4a984d27bac8f742 by same author.

ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

I would have also had a slight preference for “removing the (ineffective) knob” a.k.a the previous iteration of this PR, but removing the limited default along with a notice of intended deprecation works for me too.

Why is this pr still open?

“It’s abundantly clear that this PR is controversial and, in its current state, has no hope of reaching a conclusion that is acceptable to everyone.” -Achow101

#28408 (comment)

reNACK. 100 kilobyte OP RETURNS add absolutely nothing to Bitcoin.

They’d have to actually be happening out of band currently for the concerns about fee estimation/block propagation/mining centralization to actually be relevant here, even then they’d be massively overblown.

There are currently almost no OP RETURNs greater than 80 bytes. All this PR will do is open up another spam-highway along a route that is thankfully not practical with this filter left alone like it should be.

reNACK. 100 kilobyte OP RETURNS add absolutely nothing to Bitcoin.

NACK doesn’t need to be reposted if there is no new information added in the rationale. ACKs are reposted because they are linked with commits and become stale after rebase or update.

Sure, but I’m still marked as “Concept A%C*K” here for some reason?

reNACK. 100 kilobyte OP RETURNS add absolutely nothing to Bitcoin.

NACK doesn’t need to be reposted if there is no new information added in the rationale. ACKs are reposted because they are linked with commits and become stale after rebase or update.

Sure, but I’m still marked as “Concept ACK” here for some reason?

Probably the bot misunderstood your previous comment based on the regex used.

ACK a189d636184b1c28fa4a325b56c1fab8f44527b1

Nits in things like the exact wording of the release notes can be handled in a followup pull-req if necessary. The basic functionality clearly works.

@AMoynahan89

Why is this pr still open?

“It’s abundantly clear that this PR is controversial and, in its current state, has no hope of reaching a conclusion that is acceptable to everyone.” -Achow101

Pretty much every change to Bitcoin Core is controversial in the sense that there’s someone out there who doesn’t want the change to happen, or wants it to happen in a different way. Segwit, for example, was extremely controversial in that sense, even to the point of large companies holding meetings to try to replace Bitcoin Core with their own dev team. Not to mention Craig Wright’s lawsuits.

Controversy needs to be weighed against the reasonableness of that controversy, and where the controversy is coming from. Here, we have good consensus among reasonable devs that actively contribute to Bitcoin Core that this change is a good idea. Secondly, the people who still disagree with this change are welcome to run an alternative fork such as Knots.

Pretty much every change to Bitcoin Core is controversial in the sense that there’s someone out there who doesn’t want the change to happen, or wants it to happen in a different way.

Statement that’s “technically” true but leaves out critical context. This PR is the reason Core dropped from 97% to below 90% adoption. It’s not trivial disagreement, far from it.

Controversy needs to be weighed against the reasonableness of that controversy, and where the controversy is coming from. Here, we have good consensus among reasonable devs that actively contribute to Bitcoin Core that this change is a good idea. Secondly, the people who still disagree with this change are welcome to run an alternative fork such as Knots.

Translation: there’s an established pecking order in here and only a few get to define what “reasonable” means. In this instance, reasonable means follow the experts, and if you don’t like it, run something else.

At the risk of stating the obvious, any “trust the experts” approach necessarily implies centralized decision-making and flies directly in the face of open-source development principles.

dropped from 97% to below 90% adoption

flies directly in the face of open-source development principles. @maluquices this is a contradiction. Open source means anyone can fork the code, change it, release it, and use it. Bitcoin Core has been discussed, reviewed and maintained by hundreds of experts for over a decade and turned an idea into a two trillion dollar asset. Everyone is free to use Bitcoin Core, or to use software reviewed and maintained by any other group of people of any size.

Concept NACK.

After careful review, I must conclude that the PR doesn’t accomplish the objectives.

@petertodd you’re loading up with the logical fallacies which demonstrates the need for politics in the absence of a genuine need to change the code at this time.

Here, we have good consensus among reasonable devs that actively contribute to Bitcoin Core that this change is a good idea.

Ignoring however you choose to define “good consensus” and “reasonable”, you’re employing several logical fallacies: Appeal to Authority, Appeal to Popularity, Appeal to Tradition, and I’m sure some others.

Secondly, the people who still disagree with this change are welcome to run an alternative fork such as Knots.

They already are, along with a notable increase in the number running Knots since this debacle has begun.

Perhaps go back to “selling” it with actual needs and use cases that node runners are asking for, NOT miners and other corporate organizations.

I’d really appreciate it if @DrahtBot was manually updated to reflect my Concept NACK - currently it says I approve and I’d rather not go down in history as having been in favour of this terrible idea.

update: I see it has been fixed now - thank you

I’d really appreciate it if @DrahtBot was manually updated to reflect my Concept NACK

You can fix it yourself, as it clearly states in the comment:

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

@BitcoinMechanic: I’m not sure what you expect DrahtBot to do, but it just parses comments and links to the last comment per user that contains a relevant string. So, when you make comments like this, what do you think should happen?

You fixed it yourself, congrats:

Concept ACK a189d636184b1c28fa4a325b56c1fab8f44527b1.

I prefer the approach from #32359 because i believe that exposing the option is at best misleading to users. However i am fine with any approach (including this one) which gets rid of the poor incentive unnecessarily set by the existing limit.

Since this change has created a significant amount of confusion among bitcoiners, i have compiled a list of objections and concerns raised by the community and addressed them all in a single post. This post notably contains all objections that were raised on the original PR (#32359). I won’t reproduce the whole content here but here is a list of the objections addressed in the post:

• “Schrödinger filters: there is a double standard whereby ‘Core’ is claiming that filters don’t work but actually they do because we need to change the OP_RETURN limit.”
• “Nirvana argument: this change is being pushed by people who believe the lack of a perfect solution to fight arbitrary data storage onchain means we should give up fighting it altogether.”
• “OP_RETURN was only ever made standard at all as a tolerated form of data carrying to prevent more harmful forms of data carrying (fake pubkeys/script hashes/bare multisig/etc). To serve that purpose, it only needs to be ~40 bytes. The ~80 byte allowance is beyond sufficient for its intended purpose.”
• “The proper response to a spam attack is not to cave to the spammers.”
• “People won’t move from using fake pubkeys to op_return to be nice to us is ludicrous because it’d cost them 4x more. This is just bluff to kill the filters.”
• “Removing all limits on OP_RETURNs creates a perverse incentive: transactions can now carry large, non-economic payloads while avoiding long-term storage costs.”
• “A given quantity of data stored in a op_return output has a far larger negative externality on the throughput than the same data stored in a witness.”
• “Boiling frog: Core developers are trying to gradually make Bitcoin a universal database instead of just money, one step at a time.”
• “Core is trying to accommodate the Taproot Wizards who are a self-declared attack on Bitcoin which tries to corrupt the ecosystem.”
• “Core contributors actually believe that Bitcoin should be used for anything rather than just money. They should argue that instead of rationalizing with dishonest arguments such as UTxO bloat which is not the real reason they are pushing it.”
• “Antoine Poinsot paid Peter Todd to open the pull request to Bitcoin Core.”
• “Taking a step back from the technical details, Core is trying to push a contentious change that obviously everybody is annoyed with.”
• “As the reference implementation, Core has a responsibility of steering away from controversy as much as possible. It is irresponsible for Core to merge this change because of the number of people objecting to it on the Github pull request.”
• “The way this is being rushed is a red flag.”
• “This is making changes for the sake of making changes when nobody asked for this.”
• “This proposal won’t allow to reach the stated goal (limiting the misuse of witness data).”
• “Introducing filters is what Satoshi did, this is a departure from his legacy.”
• “This type of change should be treated with no less scrutiny than a hard fork, because that’s essentially what this is”
• “That may sound like hyperbole, but it really isn’t. If this PR is merged, Bitcoin as we know it changes forever in the most fundamental way imaginable: the reference implementation explicitly turning the Bitcoin network into an arbitrary data storage system, instead of evolving it as a decentralized currency.”
• “While provably unspendable outputs are preferable to dust outputs in some contexts, the absence of any guardrails could make it easier for bad actors to stress the network, especially in combination with existing vulnerabilities.”
• “Data stored in an OP_RETURN output doesn’t need to be chunked like it does in an inscription. This presents a risk for node runners as it allows anyone to store unobfuscated data on their disk.”
• “Considering the floodgates of absolutely horror this PR is going to bring upon Bitcoin node runners, there absolutely needs to be a way for existing users to protect themselves and retroactively apply this on-disk obfuscation to existing node data.”
• “This PR lowers the bar for storing large contiguous chunks arbitrary data on the systems of thousands of node runners worldwide from “you must get a miner to mine this for you” down to “you have to broadcast it and pay a fee”.”
• “I think the bar to bypass IsStandard is very underestimated. The fact that we don’t see huge OP_RETURNs all the time proves its overall effectiveness in protecting the network as a first line of defense.”
• “The -datacarrier option should be kept on Bitcoin Core regardless of whether the default is changed.”
• “As a node runner I should be allowed to configure my mempool and not have it filled with what I consider spam. This can make running a node very RAM expensive.”
• “This PR is completely pointless from a technical and incentives perspective unless combined with something like #28408 to make OP_RETURN the “proper” way to store data.”
• “I am also concerned that in the future we might see a large scale bypassing of the Core standarness rules, but it’s unclear whether we’ve reached that point yet. We can always reconsider dropping the OP_RETURN limit once it becomes truly problematic - but, and this is a genuine question, are we there yet?”
• “Raising UTxO bloat as a concern is beyond ironic when considering applications like Citrea may only cause trivial amount of bloat while inscriptions, which Core refuses to filter, are responsible for over 8 GiB of bloat in the past couple of years.”
• “Bitcoin Core dev should rather focus on Bitcoin as money.”
• “Bitcoin Core lifting the OP_RETURN limit is sending a signal that data storage is welcome, whereas before it was only tolerated.”
• “Increasing the size of OP_RETURN is an existential threat to Bitcoin.”
• “If you don’t upgrade Core devs are going to accuse you of censorship.”