I mentioned this on IRC a week or so ago, noticing that though they are not executed and required to be well-formed, we still count any sigops that appear in them (which I guessed may be an interesting attack if you could get a miner to put a byte in there that is the equivalent of OP_CHECKSIG because we dont count the sigops in the coinbase scriptSig during mining, however luke pointed out that we always push the content of coinbase scriptSigs properly by default, and those modifying the code should spend time researching this stuff anyway, so if they break it, its their fault (and now they can find this email)).
Matt On Mon, 2012-07-23 at 02:07 -0400, Jeff Garzik wrote: > While writing the script engine for pynode, I ran a test to validate > my script tokenizer -- a python script which does nothing more than > split up scriptPubKey and scriptSig into component opcodes and data > elements. No execution, just tokenization of the script's data > stream. > > Scanning the entire blockchain, my script found over 8,000 > tokenization failures, and 100% of those were in coinbase > transactions' scriptSig. The scripts used to generate this can be > found at https://github.com/jgarzik/pynode > > The following data dump are just the first few, and most recent few, > of the invalid scripts I found in the blockchain: > > Scanning block #142312 > 000000000000046acff93b0e76cd10490551bf871ce9ac9fad62e67a0 > 7ff1d1e (1 tx) > TX 50cfd3361f7162b3c0c00dacd3d0e4ddf61e8ec0c51bfa54c4ca0e61876810a9 > txin 0 parse failed > Scanning block #142357 > 0000000000000743c432f84ad688b7b60d1474ccd7baa3d762df0b3f5 > 1205712 (1 tx) > TX 587da4d4870515e57efc27623aa92fae0b7aef5908162de57fef0bbe6382be73 > txin 0 parse failed > Scanning block #143014 > 00000000000007fe6ecd20a8c454cd43c78d912b499c46a1179e30f7c > ff002b3 (1 tx) > TX 4c8f43c5115c5f29f3761176fa59cde2de2ad976efcbc5faae8ee79fa5dd6264 > txin 0 parse failed > ... > Scanning block #190315 > 00000000000006a0bc3be527033c02d3bcfa72af2f4213c4b0feec923 > 9573342 (336 tx) > TX f0ba80ce080eb49148b69c47d744bbb85e4e07e4e4d0273b402c0989d79c359c > txin 0 parse failed > Scanning block #190321 > 00000000000001c3bacc869917cacdafb6e00c552ac294835107b574a > 44a0362 (38 tx) > TX 4c91f5ad0616df92165819902d0b117d9e68345f5fe964de6146f89838b9295e > txin 0 parse failed > Scanning block #190331 > 00000000000000e3d3eaf93600684b085df7d58f84ef952c91e84eb4a > 251d5d8 (128 tx) > TX 5ee371d65e323934570566b1d92dceb8456e887814da8ef2a53971683bd11da4 > txin 0 parse failed > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
