Author: Gavin Andresen 2015-07-20 19:10:26
Published on: 2015-07-20T19:10:26+00:00
The author, Gavin Andresen, has drafted a BIP (Bitcoin Improvement Proposal) to prevent a potential CPU exhaustion attack in case a significantly larger maximum blocksize is adopted. The proposal suggests limiting the maximum size of a transaction included in a block to mitigate a potential CPU exhaustion denial-of-service attack. Sergio Demian Lerner had reported that a maliciously constructed block could take several minutes to validate due to the way signature hashes are computed for OP_CHECKSIG/OP_CHECKMULTISIG. This potential attack was mitigated by changing the default relay and mining policies so transactions larger than 100,000 bytes were not relayed across the network or included in blocks. However, a miner not following the default policy could choose to include a transaction that filled the entire one-megabyte block and took a long time to validate. After deployment, the maximum serialized size of a transaction allowed in a block shall be 100,000 bytes. This change should be compatible with existing transaction-creation software because transactions larger than 100,000 bytes have been considered "non-standard" for years. Software that assembles transactions into blocks and that validates blocks must be updated to reject oversize transactions. This change will be deployed with BIP 100 or BIP 101. Alternatives to this BIP include a new consensus rule that limits the number of signature operations in a single transaction instead of limiting size or fixing the SIG opcodes so they don't re-hash variations of the transaction's data. The latter solution would require updating every piece of transaction-creating and transaction-validating software to change how they compute the signature hash. The references provided include Sergio Demian Lerner's original report.
Updated on: 2023-06-10T03:02:32.484013+00:00