From: Gavin Andresen <gavinandresen@gmail.com>
To: Tier Nolan <tier.nolan@gmail.com>
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] For discussion: limit transaction size to mitigate CVE-2013-2292
Date: Mon, 20 Jul 2015 16:30:08 -0400 [thread overview]
Message-ID: <CABsx9T0Y7K62-c4ivcgscU4cuXgQEAehZkupL64zmJTXjOnt0w@mail.gmail.com> (raw)
In-Reply-To: <CAE-z3OVWYaoGc+_=xQN1=CV=LUHdLEtuds6FZCXdktowfCaLYA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1350 bytes --]
On Mon, Jul 20, 2015 at 3:43 PM, Tier Nolan via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> This could render transactions with a locktime in the future as
> unspendable.
>
> It is pretty low probability that someone has created a >100kB locked
> transaction though.
>
> It violates the principle that no fork should render someone's coins
> unspendable.
>
Mmmm.... you'd have to:
a) Have lost or thrown away the keys to the unspent transaction outputs
b) Have created a locktime'd transaction with a lock time after the
BIP100/101 switchover times
that is more than 100,000 bytes big
c) Have some special relationship with a miner that you trust to still be
around when the transaction
unlocks that would mine the bigger-than-standard transaction for you.
I don't think adding extra complexity to consensus-critical code to support
such an incredibly unlikely
scenario is the right decision here. I think it is more likely that the
extra complexity would trigger a bug
that causes a loss of bitcoin greater than the amount of bitcoin tied up in
locktime'ed transactions
(because I think there are approximately zero BTC tied up in >100K
locktime'ed transactions).
RE: limit size of transaction+parents: Feature creep, belongs in another
BIP in my opinion. This one
is focused on fixing CVE-2013-2292
--
--
Gavin Andresen
[-- Attachment #2: Type: text/html, Size: 2434 bytes --]
next prev parent reply other threads:[~2015-07-20 20:30 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-20 19:10 [bitcoin-dev] For discussion: limit transaction size to mitigate CVE-2013-2292 Gavin Andresen
2015-07-20 19:43 ` Tier Nolan
2015-07-20 20:30 ` Gavin Andresen [this message]
2015-07-20 19:58 ` Ross Nicoll
2015-07-20 20:55 ` Gregory Maxwell
2015-07-21 18:09 ` Gavin Andresen
2015-07-21 18:18 ` Jeremy Rubin
2015-07-23 15:41 ` Gavin Andresen
2015-07-24 20:59 ` Gavin Andresen
2015-07-25 0:47 ` odinn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABsx9T0Y7K62-c4ivcgscU4cuXgQEAehZkupL64zmJTXjOnt0w@mail.gmail.com \
--to=gavinandresen@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=tier.nolan@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox