Merge pull request #303 from jl2012/patch-10

BIP141: Add 520 bytes witness stack limit

1 files changed, 5 insertions, 5 deletions

diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki
index 1d06494..a73cf35 100644
--- a/bip-0141.mediawiki
+++ b/bip-0141.mediawiki
@@ -52,7 +52,7 @@ The <code>marker</code> MUST be <code>0x00</code>.
 
 The <code>flag</code> MUST be a 1-byte non-zero value. Currently, <code>0x01</code> MUST be used.
 
-The <code>witness</code> is a serialization of all witness data of the transaction. Each txin is associated with a witness field. A witness field starts with a <code>var_int</code> to indicate the number of stack items for the txin. It is followed by stack items, with each item starts with a <code>var_int</code> to indicate the length. Witness data is NOT script and is not restricted by the 520-byte push limit.
+The <code>witness</code> is a serialization of all witness data of the transaction. Each txin is associated with a witness field. A witness field starts with a <code>var_int</code> to indicate the number of stack items for the txin. It is followed by stack items, with each item starts with a <code>var_int</code> to indicate the length. Witness data is NOT script.
 
 A non-witness program (defined hereinafter) txin MUST be associated with an empty witness field, represented by a <code>0x00</code>. If all txins are not witness program, a transaction's <code>wtxid</code> is equal to its <code>txid</code>.
 
@@ -85,20 +85,20 @@ There are two cases in which witness validation logic are triggered. Each case d
 
 If the version byte is 0, and the witness program is 20 bytes:
 * It is interpreted as a pay-to-witness-public-key-hash (P2WPKH) program.
-* The witness must consist of exactly 2 items. The first one a signature, and the second one a public key.
+* The witness must consist of exactly 2 items (≤ 520 bytes each). The first one a signature, and the second one a public key.
 * The HASH160 of the public key must match the 20-byte witness program.
 * After normal script evaluation, the signature is verified against the public key with CHECKSIG operation. The verification must result in a single TRUE on the stack.
 
 If the version byte is 0, and the witness program is 32 bytes:
 * It is interpreted as a pay-to-witness-script-hash (P2WSH) program.
 * The witness must consist of an input stack to feed to the script, followed by a serialized script ("witnessScript").
-* The witnessScript is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program.
-* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack.
+* The witnessScript (≤ 10,000 bytes) is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program.
+* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack (≤ 520 bytes for each stack item).
 * The script must not fail, and result in exactly a single TRUE on the stack.
 
 If the version byte is 0, but the witness program is neither 20 nor 32 bytes, the script must fail.
 
-If the version byte is 1 to 16, no further interpretation of the witness program or witness happens.
+If the version byte is 1 to 16, no further interpretation of the witness program or witness happens, and there is no size restriction for the witness. These versions are reserved for future extensions.
 
 === Other consensus critical limits ===