From df89776a170e8ff2960139c6da679aabbb00a5db Mon Sep 17 00:00:00 2001 From: Olaoluwa Osuntokun Date: Sun, 9 Oct 2022 17:03:31 -0700 Subject: [PATCH 1/2] wire: remove erroneous witness size check in wire parsing In this commit, we fix a bug that would cause nodes to be unable to parse a given block from the wire. The block would be properly accepted if fed in via other mechanisms. The issue here is that the old checks for the maximum witness size, circa segwit v0 where placed in the wire package _as well_ as the tx engine. This check should only be in the engine, since it's properly gated by other related scrip validation flags. The fix itself is simple: limit witnesses only based on the maximum block size in bytes, or ~4MB. --- wire/msgtx.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/wire/msgtx.go b/wire/msgtx.go index a60f7a8291..d4f5299ea4 100644 --- a/wire/msgtx.go +++ b/wire/msgtx.go @@ -103,10 +103,9 @@ const ( maxWitnessItemsPerInput = 500000 // maxWitnessItemSize is the maximum allowed size for an item within - // an input's witness data. This number is derived from the fact that - // for script validation, each pushed item onto the stack must be less - // than 10k bytes. - maxWitnessItemSize = 11000 + // an input's witness data. This value is bounded by the largest + // possible block size, post segwit v1 (taproot). + maxWitnessItemSize = 4_000_000 ) // TxFlagMarker is the first byte of the FLAG field in a bitcoin tx @@ -588,8 +587,9 @@ func (msg *MsgTx) BtcDecode(r io.Reader, pver uint32, enc MessageEncoding) error // item itself. txin.Witness = make([][]byte, witCount) for j := uint64(0); j < witCount; j++ { - txin.Witness[j], err = readScript(r, pver, - maxWitnessItemSize, "script witness item") + txin.Witness[j], err = readScript( + r, pver, maxWitnessItemSize, "script witness item", + ) if err != nil { returnScriptBuffers() return err From c96645c3a8bff6c04d454b5a724529bf7cae6136 Mon Sep 17 00:00:00 2001 From: Elle Mouton Date: Tue, 1 Nov 2022 13:42:09 +0200 Subject: [PATCH 2/2] wire: increase max witness items per input --- wire/msgtx.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/wire/msgtx.go b/wire/msgtx.go index d4f5299ea4..0720b70253 100644 --- a/wire/msgtx.go +++ b/wire/msgtx.go @@ -96,11 +96,13 @@ const ( // maxWitnessItemsPerInput is the maximum number of witness items to // be read for the witness data for a single TxIn. This number is - // derived using a possble lower bound for the encoding of a witness + // derived using a possible lower bound for the encoding of a witness // item: 1 byte for length + 1 byte for the witness item itself, or two // bytes. This value is then divided by the currently allowed maximum - // "cost" for a transaction. - maxWitnessItemsPerInput = 500000 + // "cost" for a transaction. We use this for an upper bound for the + // buffer and consensus makes sure that the weight of a transaction + // cannot be more than 4000000. + maxWitnessItemsPerInput = 4_000_000 // maxWitnessItemSize is the maximum allowed size for an item within // an input's witness data. This value is bounded by the largest