* [bitcoin-dev] SigOps limit.
@ 2017-09-13 13:24 Russell O'Connor
0 siblings, 0 replies; only message in thread
From: Russell O'Connor @ 2017-09-13 13:24 UTC (permalink / raw)
To: Mark Friedenbach, Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 820 bytes --]
On Tue, Sep 12, 2017 at 3:57 PM, Mark Friedenbach via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
>
> 4MB of secp256k1 signatures takes 10s to validate on my 5 year old
> laptop (125,000 signatures, ignoring public keys and other things that
> would consume space). That's much less than bad blocks that can be
> constructed using other vulnerabilities.
If there were no sigops limits, I believe the worst case block could have
closer to 1,000,000 CHECKSIG operations. Signature checks are cached so
while repeating the sequence "2DUP CHECKSIGVERIFY" does create a lot of
checksig operations, the cached values prevent a lot of work being done.
To defeat the cache one can repeat the sequence "2DUP CHECKSIG DROP
CODESEPARATOR", which will create unique signature validation requests
every 4 bytes.
[-- Attachment #2: Type: text/html, Size: 1233 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-09-13 13:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-13 13:24 [bitcoin-dev] SigOps limit Russell O'Connor
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox