Re: [bitcoin-dev] MIN_STANDARD_TX_NONWITNESS_SIZE and OP_RETURN

I don't believe that 60 bytes is a problem here. SHA256 padding includes a length value of the original message data. Thus a padded non-64 byte transaction can never be the same as any padded 64-byte value, and therefore after applying the SHA256 compression function the resulting hashes cannot

Re: [bitcoin-dev] MIN_STANDARD_TX_NONWITNESS_SIZE and OP_RETURN

Good morning Thomas, > So I think the question to ask would be "why can't we just make sure it's not > 64?" If we accept a 60-byte tx, then SHA-256 will pad it to 64 bytes, and it may still be possible to mount CVE-2017-12842 attack with 32-bits of work. Of course some other details will be

Re: [bitcoin-dev] MIN_STANDARD_TX_NONWITNESS_SIZE and OP_RETURN

So I think the question to ask would be "why can't we just make sure it's not 64?" On Sat, May 23, 2020 at 11:24 AM Greg Sanders wrote: > AFAIU the number was picked to protect against CVE-2017-12842 covertly. > See: https://github.com/bitcoin/bitcoin/pull/16885 >

Re: [bitcoin-dev] MIN_STANDARD_TX_NONWITNESS_SIZE and OP_RETURN

AFAIU the number was picked to protect against CVE-2017-12842 covertly. See: https://github.com/bitcoin/bitcoin/pull/16885 which updated the text to explicitly mention this fact. On Sat, May 23, 2020 at 11:20 AM Thomas Voegtlin via bitcoin-dev

[bitcoin-dev] MIN_STANDARD_TX_NONWITNESS_SIZE and OP_RETURN

Hello list, I have been trying to CPFP a transaction using OP_RETURN, because the remaining output value would have been lower than the dust threshold. The scriptPubkey of the output was OP_RETURN + OP_0, and there was a single p2wsh input. The result is a 60 bytes transaction (without