I've seen the term sigop in many places frequently. I've tried to figure out what does it mean by searching, and found that it's abbreviation of signature operation. But it's still not clear to me the meaning. I guess every opcode of scriptSig is considered to be a sigop. Am I right?
I would appreciate any explanation.
I think this question is completely different than this. My question is clearly about what is the sigop, while the other question is about calculation of sigops.
A sigop is script opcode which performs a signature check. That includes OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG, and OP_CHECKMULTISIGVERIFY.
This concept matters because of a consensus rule in Bitcoin which limits the number of sigops per block. How they are counted depends on the context:
scriptPubKey of outputs, and in scriptSig of inputs (the latter happens ~never, but if it did, it would be counted):
OP_CHECKSIG and OP_CHECKSIGVERIFY count as 4OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY count as 80OP_CHECKSIG and OP_CHECKSIGVERIFY count as 4OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY count as 4n when preceded by OP_n, and as 80 otherwise.OP_CHECKSIG and OP_CHECKSIGVERIFY count as 1OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY count as n when preceded by OP_n, and as 20 otherwise.A valid block cannot have more than 80000 sigops (so roughly 1 per 50 bytes of block data), as counted by the rules above. Note that this is checked before actually executing any scripts. So it doesn't require these opcode to actually be executed (e.g. they also count sigops that are surrounded by OP_IF ... OP_ENDIF in unexecuted branches, or in coinbase scriptSigs which are never executed).
In taproot, a different mechanism is used. Instead of having a global per-block limit, there is a per-transaction-input limit, proportional to the size of that input. Also only actually executed checks for claimed-to-be-valid signatures are counted.
