From 6584ae2ef86c1173fe2ad061c0498ceb9842daad Mon Sep 17 00:00:00 2001 From: SomberNight Date: Wed, 9 Apr 2025 15:04:40 +0000 Subject: [PATCH] transaction: add note serialize_preimage is not caching Sighash.SINGLE Unlike a full bitcoin node, we rarely (if ever) validate the signatures of arbitrary transactions, so I don't think these DOS issues can really be used against us. ref https://rubin.io/bitcoin/2025/03/11/core-vuln-taproot-dos/ ref https://github.com/bitcoin/bitcoin/pull/24105 btw what is not explained in either source link is that the lack of caching is much more serious for taproot as bip-342 lifted the 10 kbyte max size for scriptPubKeys. --- electrum/transaction.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/electrum/transaction.py b/electrum/transaction.py index 8be28d3f4..82f0afbfa 100644 --- a/electrum/transaction.py +++ b/electrum/transaction.py @@ -2258,6 +2258,7 @@ class PartialTransaction(Transaction): txout = outputs[txin_index] except IndexError: raise Exception("Using SIGHASH_SINGLE without a corresponding output") from None + # note: we could cache this to avoid some potential DOS vectors: preimage_outputdata += sha256(txout.serialize_to_network()) return bytes(sighash_epoch + hash_type + preimage_txdata + preimage_inputdata + preimage_outputdata) else: # segwit (witness v0) @@ -2273,6 +2274,7 @@ class PartialTransaction(Transaction): if (sighash & 0x1f) != Sighash.SINGLE and (sighash & 0x1f) != Sighash.NONE: hashOutputs = scache.hashOutputs elif (sighash & 0x1f) == Sighash.SINGLE and txin_index < len(outputs): + # note: we could cache this to avoid some potential DOS vectors: hashOutputs = sha256d(outputs[txin_index].serialize_to_network()) else: hashOutputs = bytes(32)