public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] SigOps limit.
@ 2017-09-13 13:24 Russell O'Connor
  0 siblings, 0 replies; only message in thread
From: Russell O'Connor @ 2017-09-13 13:24 UTC (permalink / raw)
  To: Mark Friedenbach, Bitcoin Protocol Discussion

[-- Attachment #1: Type: text/plain, Size: 820 bytes --]

On Tue, Sep 12, 2017 at 3:57 PM, Mark Friedenbach via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

>
> 4MB of secp256k1 signatures takes 10s to validate on my 5 year old
> laptop (125,000 signatures, ignoring public keys and other things that
> would consume space). That's much less than bad blocks that can be
> constructed using other vulnerabilities.


If there were no sigops limits, I believe the worst case block could have
closer to 1,000,000 CHECKSIG operations.  Signature checks are cached so
while repeating the sequence "2DUP CHECKSIGVERIFY" does create a lot of
checksig operations, the cached values prevent a lot of work being done.

To defeat the cache one can repeat the sequence "2DUP CHECKSIG DROP
CODESEPARATOR", which will create unique signature validation requests
every 4 bytes.

[-- Attachment #2: Type: text/html, Size: 1233 bytes --]

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2017-09-13 13:24 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-13 13:24 [bitcoin-dev] SigOps limit Russell O'Connor

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox