Merge pull request #24 from petertodd/document-bip16-520-byte-redeemScript-limit

Document BIP16/P2SH 520 byte redeem script limit

bip-0016.mediawiki

@@ -29,7 +29,7 @@ This new transaction type is redeemed by a standard scriptSig:
 
     ...signatures... {serialized script}
 
-Transactions that redeem these pay-to-script outpoints are only considered standard if the ''serialized script'' is, itself, one of the other standard transaction types.
+Transactions that redeem these pay-to-script outpoints are only considered standard if the ''serialized script'' - also referred to as the ''redeemScript'' - is, itself, one of the other standard transaction types.
 
 The rules for validating these outpoints when relaying transactions or considering them for inclusion in a new block are as follows:
 
@@ -96,6 +96,11 @@ On February 1, 2012, the block-chain will be examined to determine the number of
 
 If a majority of hashing power does not support the new validation rules, then rollout will be postponed (or rejected if it becomes clear that a majority will never be achieved).
 
+===520-byte limitation on serialized script size===
+
+As a consequence of the requirement for backwards compatiblity the serialized script is itself subject to the same rules as any other PUSHDATA operation, including the rule that no data greater than 520 bytes may be pushed to the stack. Thus is it not possible to spend a P2SH output if the redemption script it refers to is >520 bytes in length. For instance while the OP_CHECKMULTISIG opcode can itself accept up to 20 pubkeys, with 33-byte compressed pubkeys it is only possible to spend a P2SH output requiring a maximum of 15 pubkeys to redeem: 3 bytes + 15 pubkeys * 34 bytes/pubkey = 513 bytes.
+
+
 ==Reference Implementation==
 
 https://gist.github.com/gavinandresen/3966071