From 4bf562569e43e7521d3bf3c91cb4cb11f5365bd4 Mon Sep 17 00:00:00 2001 From: Johnson Lau Date: Tue, 26 Jan 2016 11:48:30 +0800 Subject: BIP141: Add 520 bytes witness stack limit @sipa --- bip-0141.mediawiki | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index b62d54d..ec6b146 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -52,7 +52,7 @@ The marker MUST be 0x00. The flag MUST be a 1-byte non-zero value. Currently, 0x01 MUST be used. -The witness is a serialization of all witness data of the transaction. Each txin is associated with a witness field. A witness field starts with a var_int to indicate the number of stack items for the txin. It is followed by stack items, with each item starts with a var_int to indicate the length. Witness data is NOT script and is not restricted by the 520-byte push limit. +The witness is a serialization of all witness data of the transaction. Each txin is associated with a witness field. A witness field starts with a var_int to indicate the number of stack items for the txin. It is followed by stack items, with each item starts with a var_int to indicate the length. Witness data is NOT script. A non-witness program (defined hereinafter) txin MUST be associated with an empty witness field, represented by a 0x00. If all txins are not witness program, a transaction's wtxid is equal to its txid. @@ -85,20 +85,20 @@ There are two cases in which witness validation logic are triggered. Each case d If the version byte is 0, and the witness program is 20 bytes: * It is interpreted as a pay-to-witness-public-key-hash (P2WPKH) program. -* The witness must consist of exactly 2 items. The first one a signature, and the second one a public key. +* The witness must consist of exactly 2 items (≤ 520 bytes each). The first one a signature, and the second one a public key. * The HASH160 of the public key must match the 20-byte witness program. * After normal script evaluation, the signature is verified against the public key with CHECKSIG operation. The verification must result in a single TRUE on the stack. If the version byte is 0, and the witness program is 32 bytes: * It is interpreted as a pay-to-witness-script-hash (P2WSH) program. * The witness must consist of an input stack to feed to the script, followed by a serialized script ("witnessScript"). -* The witnessScript is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program. -* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack. +* The witnessScript (≤ 10,000 bytes) is popped off the initial witness stack. SHA256 of the witnessScript must match the 32-byte witness program. +* The witnessScript is deserialized, and executed after normal script evaluation with the remaining witness stack (≤ 520 bytes for each stack item). * The script must not fail, and result in exactly a single TRUE on the stack. If the version byte is 0, but the witness program is neither 20 nor 32 bytes, the script must fail. -If the version byte is 1 to 16, no further interpretation of the witness program or witness happens. +If the version byte is 1 to 16, no further interpretation of the witness program or witness happens, and there is no size restriction for the witness. These versions are reserved for future extensions. === Other consensus critical limits === -- cgit v1.2.3