Author: Jeremy Rubin 2015-07-21 18:18:00
Published on: 2015-07-21T18:18:00+00:00
In a discussion regarding a potential CPU exhaustion denial-of-service attack by limiting the maximum size of a transaction included in a block, Gregory Maxwell suggested that it was a fairly indirect approach. He argued that the resource being watched for is not the size but rather the potential of N^2 costs related to repeated hashing in checksig, which would be ignored by the proposed approach. Gavin Andresen agreed with this but pointed out that counting signature operations is not as trivial as checking transaction size since it requires context. He proposed adding a field into the transaction metadata for N_SIG_OPS in the script_sig, which would make implementation much simpler and could easily be pruned and recomputed later. Furthermore, it would differentiate a branch with different counts well. Andresen also expressed concern about imposing a limit on transaction size and potentially struggling to get consensus to move away from it in the future. Therefore, he believed that a limit on sigops is the right way to go, and accurately counting how many sigops a transaction requires to be validated would be useful.
Updated on: 2023-06-10T03:01:15.900331+00:00