Hi Chris, Thanks for that example.
I also realised that there indeed can exist 64 byte transactions that can't be malleated into a different size (see Stack Exchange link below). The example uses SIGHASH_SINGLE | SIGHASH_ANYONECANPAY, so as long as our hypothetical smart contracting system uses those flags for its burn-all / giveaway-all clauses, then if it produces a 64 byte transaction by mistake, it's recoverable. But a SIGHASH_ALL could get stuck (can't be confirmed, can't be modified). And IIUC with OP_CTV even a SIGHASH_SINGLE | SIGHASH_ANYONECANPAY, once committed inside a CTV tree, can't be modified. - Sjors > Op 28 mrt 2025, om 12:02 heeft Chris Stewart <[email protected]> > het volgende geschreven: > > Hi Sjors, > > An example is any segwit transaction that 1 input 1 output that pays to a 2 > byte witness program. Since witness data doesn't count towards the 64 byte > limit, the witness could be of arbitrary size. This was pointed out > <https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/74?u=chris_stewart_5> > by garlonicon <https://delvingbitcoin.org/u/garlonicon> on delvingbitcoin. > This type of witness program is used for pay-to-anchor outputs currently - > although I don't believe anchor outputs make sense in a 1 input 1 output > transaction? The author of pay to anchor outputs is aware of this issue > <https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710/78?u=chris_stewart_5>, > but I haven't heard of any further updates since his post on delving. > > -Chris > > On Fri, Mar 28, 2025 at 4:25 AM Sjors Provoost <[email protected] > <mailto:[email protected]>> wrote: >> >> > Op 27 mrt 2025, om 21:45 heeft jeremy <[email protected] >> > <mailto:[email protected]>> het volgende geschreven: >> > >> > I'm also personally strongly against removing 64-byte transactions. It's a >> > wart in how transactions work, and future upgrades (especially around tx >> > programmability) might integrate very poorly with this kind of edge >> > condition. >> >> Do you have an example in mind where a 64-byte transaction could appear in >> such a system? >> >> Given the limited space, in particular no room for a public key or >> signature, I could imagine a burn or anyone-can-spend clause. Those don't >> have to be exactly 64 bytes. Even if 64 byte transactions are generated by >> accident, I believe they can be tweaked after the fact (though that claim >> could use more scrutiny): >> >> https://bitcoin.stackexchange.com/q/125971/4948 >> -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/80010585-E209-4042-B6F6-5B7DC6675247%40sprovoost.nl.
