transactions – Is there a set size {that a} signature could be?

Inside the script language there are two varieties of directions:

Knowledge pushes are encoded by a single byte n (with worth between 0 and 75 inclusive), adopted by n bytes (the info to be pushed). Its impact throughout execution is pushing that n-byte worth onto the stack.

Every other byte worth (so between 76 and 255 inclusive) denotes an opcode. Most opcodes are only a single byte, apart from OP_PUSHDATA1, OP_PUSHDATA2, and OP_PUSHDATA4, that are used for pushing bigger knowledge parts than 75 bytes, however are nonetheless thought of opcodes.

Within the notation you cite above, <X> is a shorthand for “knowledge push of X”. Within the precise byte encoding, which means it’s prefixed by its size. So particularly, OP_0 <A sig> <B sig> OP_2 <A pubkey> <B pubkey> <C pubkey> OP_3, e.g. when A sig is 71 bytes and B sig is 72 bytes (and the pubkeys are all 33 bytes):

• 0x00 (OP_0)
• 0x47 (knowledge push of size 71 follows)
• A sig‘s 71 bytes
• 0x48 (knowledge push of size 72 follows)
• B sig‘s 72 bytes
• 0x52 (OP_2)
• 0x21 (knowledge push of size 33 follows)
• A pubkey‘s 33 bytes
• 0x21 (knowledge push of size 33 follows)
• B pubkey‘s 33 bytes
• 0x21 (knowledge push of size 33 follows)
• C pubkey‘s 33 bytes
• 0x53 (OP_3)

Be aware that within the instance you are referring to, this entire sequence is not truly realized as a single script. The general public keys would sometimes be within the scriptPubKey or redeemScript (and possibly adopted by OP_CHECKMULTISIG), whereas the signatures could be within the scriptSig. It is solely throughout spending that each get executed so as, making it equal to having this single script.

Be aware additionally that the script language itself doesn’t know or care in regards to the distinction between public keys and signatures – they’re simply knowledge parts on a stack. It is the OP_CHECKMULTISIG opcode that follows which will probably be decoding the info on the stack (and it is guided by the two and three pushed by OP_2 and OP_3 to know this can be a 2-of-3 multisig, thus decoding the opposite parts on the stack as 3 public keys and a pair of signatures).

Now to reply the query in your title: since BIP66 took impact in 2015, ECDSA signatures could be at most 73 bytes.