[bitcoin-dev] BIP draft: OP_CHECKBLOCKATHEIGHT

Gregory Maxwell greg at xiph.org
Fri Sep 23 18:57:57 UTC 2016

On Fri, Sep 23, 2016 at 1:43 PM, Russell O'Connor via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> I believe Bitcoin currently enjoys the property that during an "innocent"
> re-org, i.e. a reorg in which no affected transactions are being double
> spent, all affected transactions can always eventually get replayed, so long
> as the re-org depth is less than 100.

> My concern with this proposed operation is that it would destroy this
> property.

The reorg safety impact of this proposal could be eliminated and the
mempool handling complexity greatly reduced if the transaction was
required to be locktimed at least 100 blocks after the block its

This would also resolve a rather severe DOS weakness that the spec has
with the suggestion that nodes would relay this rule without
validating it. With the depth restriction nodes could relay one (or a
couple) blocks early without creating a situation where someone can
consume relay resources with near zero odds of paying a fee for them.

Irritatingly, applications of this rule would really want to be
applied at signing time (like locktime is), not as part of a
scriptpubkey. With it part of a scriptpubkey two moves are required. I
think solving this is important.

FWIW, this scheme more has been proposed before for another reason--
effectively allowing users to 'vote against' long reorgs by making
sure their transactions can't be included in them. Though for that
application it was only needed to use 32 bits of the block hash.

More information about the bitcoin-dev mailing list