public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] We can trivially fix quadratic CHECKSIG with a simple soft-fork modifying just SignatureHash()
Date: Mon, 28 Dec 2015 21:35:59 -0800	[thread overview]
Message-ID: <20151229053559.GA8657@muck> (raw)

[-- Attachment #1: Type: text/plain, Size: 1050 bytes --]

Occured to me that this hasn't been mentioned before...

We can trivially fix the quadratic CHECK(MULTI)SIG execution time issue
by soft-forking in a limitation on just SignatureHash() to only return
true if the tx size is <100KB. (or whatever limit makes sense)

This fix has the advantage over schemes that limit all txs, or try to
count sigops, of being trivial to implement, while still allowing for a
future CHECKSIG2 soft-fork that properly fixes the quadratic hashing
issue; >100KB txs would still be technically allowed, it's just that
(for now) there'd be no way for them to spend coins that are
cryptographically secured.

For example, if we had an issue with a major miner exploiting
slow-to-propagate blocks(1) to harm their competitors, this simple fix
could be deployed as a soft-fork in a matter of days, stopping the
attack quickly.

1) www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg03200.html

-- 
'peter'[:-1]@petertodd.org
0000000000000000094afcbbad10aa6c82ddd8aad102020e553d50a60b6c678f

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 650 bytes --]

             reply	other threads:[~2015-12-29  5:36 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-29  5:35 Peter Todd [this message]
2015-12-29  7:47 ` [bitcoin-dev] We can trivially fix quadratic CHECKSIG with a simple soft-fork modifying just SignatureHash() jl2012
2015-12-29 12:42   ` Jonathan Toomim
2015-12-29 12:55     ` jl2012
2015-12-29 13:00       ` Jonathan Toomim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151229053559.GA8657@muck \
    --to=pete@petertodd.org \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox