--- Log opened Tue Sep 28 00:00:20 2021
00:28 < darosior> sanket1729, sipa: so do we agree for "Miniscripts which are either incorrectly typed or whose Script is larger than 3600 bytes are invalid. Any other checks are for safety." ?
04:14 <@sipa> i am ok with that rule
05:45 < andytoshi> to be clear, it is only during parsing that i want to allow "insane" things
05:45 < andytoshi> i think that's where we landed
05:46 < andytoshi> and also, for block explorer purposes it wouldn't be hard to maintain a fork of the library that just removed the safety checks wherever they explicitly appeared :P
05:46 <@sipa> andytoshi: during signing too, i would assume?
05:47 <@sipa> i thought that was the point: if you happen to have an output that already exists, even if it does weird things, you want to be able to still sign for whatever you can
05:47 < andytoshi> sipa: well, we have the "malleable signer" which i believe still enforces standardness
05:47 < andytoshi> right, agreed
05:47 < andytoshi> i'm not sure how that interacts with our willingness to do nonstandard things
05:48 <@sipa> i think we should not do anything nonstandard
05:48 < andytoshi> me neither -- and i think we don't
05:48 <@sipa> the 10000 vs 3600 limit is the only example of a nonstandard thing that's allowed
05:48 <@sipa> afaict
05:49 <@sipa> and if that's in fact the only thing, it just feels inconsistent
05:50 < andytoshi> yeah, agreed
06:16 < darosior> Updated https://github.com/sipa/miniscript/pull/72 from making <10000 invalid to make <3600 invalid. I agree it makes more sense (it's what i initially suggested).
06:17 < darosior> Should we add a note on the website as well?
06:17 <@sipa> yeah
06:20 < darosior> I was wrong earlier: the Rust implem is already ruling out Miniscripts which script size is >3600, so nothing to modify there
11:05 < sanket1729> We should note that some miniscripts that have all spend paths unspendable still valid.
11:06 < sanket1729> For example, where all spend paths exceed opcodes
11:08 < sanket1729> Should we also rule out these under validity? Or we should say no guarantees(which we already do) for miniscripts that are not `IsTopLevelSafe`
11:10 <@sipa> sanket1729: my thinking is that IsSane (and IsSaneTopLevel) refer to analyzability - anything that isn't, we have no guarantees about
11:11 <@sipa> but the signing algorithm works fine for non-IsSane things
11:12 < sanket1729> Right, but the signing algorithm is not guaranteed for produce correct witness.
11:12 < sanket1729> correct as in, accepted by the network
11:13 <@sipa> it should be
11:13 <@sipa> i don't know any circumstance under which it wouldn't
11:13 < sanket1729> The signing algorithm can produce a witness that exceeds 100 elements
11:13 <@sipa> really?
11:14 <@sipa> that sounds pretty easy to avoid, actuallu
11:14 < sanket1729> We have no check for this in the algorithm. 
11:14 <@sipa> sounds easy to add
11:14 < sanket1729> But then, the signing algorithm would not able to produce witness even if it has sufficient information
11:14 < sanket1729> Because we are not optimizing considering the size
11:15 <@sipa> the algorithm may fail to produce a witness, if no witness is possible
11:15 <@sipa> but the (malleable) signing algorithm i think should always be able to construct a valid witness, if one exists
11:16 < sanket1729> For example, it may choose a witness for 100 elements with less weight than one the 80 elements and more weight
11:16 < sanket1729> I don't see how we can easily do this, without storing min possible weight for each possible stack element count
11:21 <@sipa> oh, i see
11:21 <@sipa> good point
11:22 <@sipa> fair point, i agree, that's very hard to do
11:23 <@sipa> i guess the answer is just for-non-IsSane(), all bets are off; signing may or may not work
11:23 < sanket1729> Agreed
12:33 < darosior> Rebased https://github.com/darosior/bitcoin/pull/2 with the latest merges (with timelock checks but not yet the non-recursive parsing PR), will check the rebase with a fresh head and push it with the fuzz target tomorrow
12:34 <@sipa> darosior: thanks for all the PRs and rebasing!
12:34 <@sipa> we're getting there
--- Log closed Wed Sep 29 00:00:21 2021