From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YEjK5-0004K5-64 for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 18:51:13 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.212.178 as permitted sender) client-ip=209.85.212.178; envelope-from=gmaxwell@gmail.com; helo=mail-wi0-f178.google.com; Received: from mail-wi0-f178.google.com ([209.85.212.178]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YEjK3-0004ki-UE for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 18:51:13 +0000 Received: by mail-wi0-f178.google.com with SMTP id em10so4817535wid.5 for ; Fri, 23 Jan 2015 10:51:06 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.194.84.240 with SMTP id c16mr17138916wjz.74.1422039066613; Fri, 23 Jan 2015 10:51:06 -0800 (PST) Received: by 10.27.11.170 with HTTP; Fri, 23 Jan 2015 10:51:06 -0800 (PST) In-Reply-To: References: <54C267A1.8090208@gmail.com> Date: Fri, 23 Jan 2015 18:51:06 +0000 Message-ID: From: Gregory Maxwell To: slush , Bitcoin Development Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YEjK3-0004ki-UE Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2015 18:51:13 -0000 On Fri, Jan 23, 2015 at 5:40 PM, slush wrote: > Yes, the step you're missing is "and build the table". Dynamic memory > allocation is something you want to avoid, as well as any artifical > restrictions to number of inputs or outputs. Current solution is slow, but > there's really no limitation on tx size. > > Plus there're significant restrictions to memory in embedded world. Actually > TREZOR uses pretty powerful (and expensive) MCU just because it needs to do > such validations and calculate such hashes. With SIGHASH_WITHINPUTVALUE or > similar we may cut hardware cost significantly. I'm quite familiar with embedded development :), and indeed trezor MCU is what I would generally consider (over-)powered which is why I was somewhat surprised by the numbers; I'm certainly not expecting you to perform dynamic allocation... but wasn't clear on how 40 minutes and was I just trying to understand. Using a table to avoid retransmitting reused transactions is just an optimization and can be done in constant memory (e.g. falling back to retransmission if filled). So what I'm understanding now is that you stream the transaction along with its inputs interleaved in order to reduce the memory requirement to two midstates and a value accumulator; requiring resending the transaction... so in the worst case transaction (since you can't get in more than about 800 inputs at the maximum transaction size) each input spending from (one or more, since even one would be repeated) 100kb input transactions you might send about 800MBytes of data, which could take a half an hour if hashing runs at 45KB/s or slower? (If so, okay then there isn't another thing that I was missing).