Merge #20497: [Refactor] Add MAX_STANDARD_SCRIPTSIG_SIZE to policy

MarcoFalke · MarcoFalke · commit e2ff5e7b35d7 · 2020-11-27T10:59:24.000+01:00
e416cfc Add MAX_STANDARD_SCRIPTSIG_SIZE to policy (sanket1729) Pull request description: Bitcoin core has a standardness rule for max satisfaction script sig size. This PR adds to the policy header file so that it is documented along with along policy rules. The initial reasoning that 1650 is an implicit limit(would not reach assuming all other policy rules are being followed) is outdated. As we now know, bitcoin transactions can have spend conditions are more than just signatures and there may exist p2sh transactions involving 100 byte preimages that maybe non-standard because of this rule. Because this rule is no longer implicit, we should explicitly document it in policy header file ACKs for top commit: sipa: utACK e416cfc practicalswift: cr ACK e416cfc theStack: Code Review ACK e416cfc Tree-SHA512: 1a91ee23dfb6085807e04dd0687d7a443e0f3e0f52d0a995a6599dff28533b0b599afba2724735d93948a64a3e25d0bc016ce3e771c0bd453eef78b22dc2369d
diff --git a/src/policy/policy.cpp b/src/policy/policy.cpp
@@ -92,14 +92,15 @@ bool IsStandardTx(const CTransaction& tx, bool permit_bare_multisig, const CFeeR
 
     for (const CTxIn& txin : tx.vin)
     {
-        // Biggest 'standard' txin is a 15-of-15 P2SH multisig with compressed
-        // keys (remember the 520 byte limit on redeemScript size). That works
-        // out to a (15*(33+1))+3=513 byte redeemScript, 513+1+15*(73+1)+3=1627
-        // bytes of scriptSig, which we round off to 1650 bytes for some minor
-        // future-proofing. That's also enough to spend a 20-of-20
-        // CHECKMULTISIG scriptPubKey, though such a scriptPubKey is not
-        // considered standard.
-        if (txin.scriptSig.size() > 1650) {
+        // Biggest 'standard' txin involving only keys is a 15-of-15 P2SH
+        // multisig with compressed keys (remember the 520 byte limit on
+        // redeemScript size). That works out to a (15*(33+1))+3=513 byte
+        // redeemScript, 513+1+15*(73+1)+3=1627 bytes of scriptSig, which
+        // we round off to 1650(MAX_STANDARD_SCRIPTSIG_SIZE) bytes for
+        // some minor future-proofing. That's also enough to spend a
+        // 20-of-20 CHECKMULTISIG scriptPubKey, though such a scriptPubKey
+        // is not considered standard.
+        if (txin.scriptSig.size() > MAX_STANDARD_SCRIPTSIG_SIZE) {
             reason = "scriptsig-size";
             return false;
         }
diff --git a/src/policy/policy.h b/src/policy/policy.h
@@ -44,6 +44,8 @@ static const unsigned int MAX_STANDARD_P2WSH_STACK_ITEM_SIZE = 80;
 static const unsigned int MAX_STANDARD_TAPSCRIPT_STACK_ITEM_SIZE = 80;
 /** The maximum size of a standard witnessScript */
 static const unsigned int MAX_STANDARD_P2WSH_SCRIPT_SIZE = 3600;
+/** The maximum size of a standard ScriptSig */
+static const unsigned int MAX_STANDARD_SCRIPTSIG_SIZE = 1650;
 /** Min feerate for defining dust. Historically this has been based on the
  * minRelayTxFee, however changing the dust limit changes which transactions are
  * standard and should be done with care and ideally rarely. It makes sense to
