From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 11DC2AB6 for ; Wed, 15 Nov 2017 19:54:22 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pf0-f195.google.com (mail-pf0-f195.google.com [209.85.192.195]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D707B517 for ; Wed, 15 Nov 2017 19:54:19 +0000 (UTC) Received: by mail-pf0-f195.google.com with SMTP id x7so17777448pfa.1 for ; Wed, 15 Nov 2017 11:54:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=friedenbach-org.20150623.gappssmtp.com; s=20150623; h=from:content-transfer-encoding:mime-version:date:subject:message-id :references:in-reply-to:to; bh=nd5WhOBWH0RjQGFRF9NUvbodqKwQf3BACh6/uhqQZfI=; b=gwsb4sPTaqwILHw3u5vdN+pCOmqHMYm2yvzaliHIS7pVNr9hX9xdbUFp5Ge4JUta+u NJmyeSqcwdRJRua27JokP6+OhMy63sEHDsFVw7N96dAH1phvEYQMXcp+1soUvv1eYx3H goTkdnNZ6jniQxBDLX9txIFkFl3MiADrlbfRnMGpHPd0le6gprpxmURaLyJj1vRFGjjy AGK5xXXYTIfQu/nZxNBpEXNY50TA2UYZRQwZwSvZXGD9feCDVcg31xZ0q0wl79kzlfor 0PhU8EDiGmguUVEAM/BarZ7lWE/O6peAtDHv90iVfnfFEOgKwZEDuJLEMaxC5oBG+3BK 5+dQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version:date :subject:message-id:references:in-reply-to:to; bh=nd5WhOBWH0RjQGFRF9NUvbodqKwQf3BACh6/uhqQZfI=; b=b+rCHl8Ej7jwWqe0Bix/vuS/34xw9NmCqgaMFpf837gtUe7SrPdXuLUXwWOT0pki0y u1NNSR99KVHoWhYdH39xa+jp09PPcGaUXaZHZwtNm2+nOPFH76gvG2Bm1mA7cj2gn8tC BCjDLPTi6lWxZmEPh4DyYbe1cBtM7w2dxA/qBLGNQOKZ6PZ5KoevL64a6tD9vJMRH4Br dyTylvuI/z6EEWC5bXdIOpQMbt2OWHMX+fXKEp90xIorKZ2NWVlLuEKEtQmRjpBvzN0n 38NAHpWdBdm1yvNdbIMl7v0wh2tWlx1gL3b//iSR6JqEay0OnuKTrn91wmTiIAXf9uvr dqjw== X-Gm-Message-State: AJaThX7qDHyTFlTpwcTjhm9YAuiC+H25hEhHBVuM1IMzSWAs4KUyp1wS mG0l3mM1b5hWiVvXZcCIOn0nIxtEYhA= X-Google-Smtp-Source: AGs4zMaVSRjCxMFPB5LB+9pukL4VNWUI+evgRdASDNVPy5XCZiJy2FB/CTmPgHZExk706o6d10QkHw== X-Received: by 10.101.92.129 with SMTP id a1mr16373753pgt.6.1510775659327; Wed, 15 Nov 2017 11:54:19 -0800 (PST) Received: from [10.0.6.127] (rrcs-173-197-88-101.west.biz.rr.com. [173.197.88.101]) by smtp.gmail.com with ESMTPSA id r13sm15724213pfl.157.2017.11.15.11.54.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 15 Nov 2017 11:54:18 -0800 (PST) From: Mark Friedenbach Content-Type: multipart/alternative; boundary=Apple-Mail-7F30FF3C-0BEF-4739-81C7-19D1B5308035 Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (1.0) Date: Wed, 15 Nov 2017 09:54:17 -1000 Message-Id: <081A517B-B730-43AB-9D4E-4F696EFD91A3@friedenbach.org> References: <53A587C3-DAC1-4055-875F-96B61717ACE6@xbt.hk> In-Reply-To: <53A587C3-DAC1-4055-875F-96B61717ACE6@xbt.hk> To: Johnson Lau , Bitcoin Protocol Discussion X-Mailer: iPad Mail (15B150) X-Spam-Status: No, score=0.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HTML_MESSAGE,MIME_QP_LONG_LINE,RCVD_IN_DNSWL_NONE autolearn=disabled version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Making OP_CODESEPARATOR and FindAndDelete in non-segwit scripts non-standard X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Nov 2017 19:54:22 -0000 --Apple-Mail-7F30FF3C-0BEF-4739-81C7-19D1B5308035 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable As good of an idea as it may or may not be to remove this feature from the c= ode base, actually doing so would be crossing a boundary that we have not pr= eviously been willing to do except under extraordinary duress. The nature of= bitcoin is such that we do not know and cannot know what transactions exist= out there pre-signed and making use of these features. It may be a good idea to make these features non standard to further discour= age their use, but I object to doing so with the justification of eventually= disabling them for all transactions. Taking that step has the potential of d= estroying value and is something that we have only done in the past either b= ecause we didn=E2=80=99t understand forks and best practices very well, or b= ecause the features (now disabled) were fundamentally insecure and resulted i= n other people=E2=80=99s coins being vulnerable. This latter concern does no= t apply here as far as I=E2=80=99m aware. > On Nov 15, 2017, at 8:02 AM, Johnson Lau via bitcoin-dev wrote: >=20 > In https://github.com/bitcoin/bitcoin/pull/11423 I propose to make OP_CODE= SEPARATOR and FindAndDelete in non-segwit scripts non-standard >=20 > I think FindAndDelete() is one of the most useless and complicated functio= ns in the script language. It is omitted from segwit (BIP143), but we still n= eed to support it in non-segwit scripts. Actually, FindAndDelete() would onl= y be triggered in some weird edge cases like using out-of-range SIGHASH_SING= LE. >=20 > Non-segwit scripts also use a FindAndDelete()-like function to remove OP_C= ODESEPARATOR from scriptCode. Note that in BIP143, only executed OP_CODESEPA= RATOR are removed so it doesn=E2=80=99t have the FindAndDelete()-like functi= on. OP_CODESEPARATOR in segwit scripts are useful for Tumblebit so it is not= disabled in this proposal >=20 > By disabling both, it guarantees that scriptCode serialized inside Signatu= reHash() must be constant >=20 > If we use a softfork to remove FindAndDelete() and OP_CODESEPARATOR from n= on-segwit scripts, we could completely remove FindAndDelete() from the conse= nsus code later by whitelisting all blocks before the softfork block. The fi= rst step is to make them non-standard in the next release. >=20 >=20 > =20 > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev --Apple-Mail-7F30FF3C-0BEF-4739-81C7-19D1B5308035 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable As good of an idea as it may or may not be t= o remove this feature from the code base, actually doing so would be cr= ossing a boundary that we have not previously been willing to do except unde= r extraordinary duress. The nature of bitcoin is such that we do not know an= d cannot know what transactions exist out there pre-signed and making use of= these features.

It may be a good idea to make these feat= ures non standard to further discourage their use, but I object to doing so w= ith the justification of eventually disabling them for all transactions. Tak= ing that step has the potential of destroying value and is something that we= have only done in the past either because we didn=E2=80=99t understand fork= s and best practices very well, or because the features (now disabled) were f= undamentally insecure and resulted in other people=E2=80=99s coins being vul= nerable. This latter concern does not apply here as far as I=E2=80=99m aware= .

On Nov 15, 2017, at 8:02 AM, Johnson Lau via bitcoin-dev <<= a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.li= nuxfoundation.org> wrote:

In=  h= ttps://github.com/bitcoin/bitcoin/pull/11423 I propose to make = ;OP_CODESEPARATOR and FindAndDelete in non-segwit scripts non-standard

I think FindAndDelete() is on= e of the most useless and complicated functions in the script language. It i= s omitted from segwit (BIP143), but we still need to support it in non-segwi= t scripts. Actually, FindAndDelete() would only be triggered in some weird e= dge cases like using out-of-range SIGHASH_SINGLE.

Non-segwit scripts also use a FindAndDelete(= )-like function to remove OP_CODESEPARATOR from scriptCode. Note that in BIP= 143, only executed OP_CODESEPARATOR are removed so it doesn=E2=80=99t have t= he FindAndDelete()-like function. OP_CODESEPARATOR in segwit scripts are use= ful for Tumblebit so it is not disabled in this proposal

By disabling both, it guarantees that= scriptCode serialized inside SignatureHash() must be constant

If we use a softfork to remove = FindAndDelete() and OP_CODESEPARATOR from non-segwit scripts, we could compl= etely remove FindAndDelete() from the consensus code later by whitelisting a= ll blocks before the softfork block. The first step is to make them non-stan= dard in the next release.


 
=
_______________________________________= ________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfounda= tion.org
https://lists.linuxfoundation.org/mailman/listin= fo/bitcoin-dev
= --Apple-Mail-7F30FF3C-0BEF-4739-81C7-19D1B5308035--