Author: Gavin Andresen 2012-01-19 16:29:29
Published on: 2012-01-19T16:29:29+00:00
A patch is being developed to make transaction inputs with extra data non-standard as a precautionary measure to avoid possible problems. Currently, any node on the network can add bytes to the transaction's scriptSig before passing it on, and that modified version of the transaction may be mined. This unexpected behavior changes the transaction ID and might cause problems for other implementations or transaction-handling software. The patch will make transactions with extra stuff in the scriptSig non-standard, so they won't get relayed or mined by new nodes. Requiring the OP_PUSHDATA and OP_PUSHDATA to be DER-encoded for the transaction to be IsStandard() is under consideration. It is also considered to require the "filler item" to workaround the OP_CHECKMULTISIG pops-one-too-many-items-off-the-stack bug to be exactly OP_0. This would remove some wiggle room and improve security. Discussion is welcome, and a pull request will be made for the patch shortly.
Updated on: 2023-06-05T01:51:14.904889+00:00