public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: jl2012@xbt.hk
To: bitcoin-dev@lists.linuxfoundation.org
Subject: [bitcoin-dev] Dealing with OP_IF and OP_NOTIF malleability
Date: Fri, 06 Nov 2015 03:13:10 -0500	[thread overview]
Message-ID: <0e72b173ea8e8aaf6b1b678182fa1ea7@xbt.hk> (raw)

I have a new BIP draft for fixing OP_IF and OP_NOTIF malleability. 
Please comment: 
https://github.com/jl2012/bips/blob/master/opifmalleability.mediawiki

Copied below:

BIP: x
   Title: Dealing with OP_IF and OP_NOTIF malleability
   Author: jl2012 <jl2012@xbt.hk>
   Status: Draft
   Type: Standards Track
   Created: 2015-11-06

Abstract

As an supplement to BIP62, this document specifies proposed changes to 
the Bitcoin transaction validity rules in order to make malleability of 
transactions with OP_IF and OP_NOTIF impossible.

Motivation

OP_IF and OP_NOTIF are flow control codes in the Bitcoin script system. 
The programme flow is decided by whether the top stake value is 0 or 
not. However, this behavior opens a source of malleability as a third 
party may alter a non-zero flow control value to any other non-zero 
value without invalidating the transaction.

As of November 2015, OP_IF and OP_NOTIF are not commonly used in the 
blockchain. However, as more sophisticated functions such as 
OP_CHECKLOCKTIMEVERITY are being introduced, OP_IF and OP_NOTIF will 
become more popular and the related malleability should be fixed. This 
proposal serves as a supplement to BIP62 and should be implemented with 
other malleability fixes together.

Specification

If the transaction version is 3 or above, the flow control value for 
OP_IF and OP_NOTIF must be either 0 or 1, or the transaction fails.

This is to be implemented with BIP62.

Compatibility

This is a softfork. To ensure OP_IF and OP_NOTIF transactions created 
before the introduction of this BIP will still be accpeted by the 
network, the new rules only apply to transactions of version 3 or above.

For people who want to preserve the original behaviour of OP_IF and 
OP_NOTIF, an OP_0NOTEQUAL could be  used before the flow control code to 
transform any non-zero value to 1.

Reference

BIP62: https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki



             reply	other threads:[~2015-11-06  8:13 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-06  8:13 jl2012 [this message]
2015-11-06  9:22 ` [bitcoin-dev] Dealing with OP_IF and OP_NOTIF malleability Nick ODell
2015-11-06  9:27 ` Tier Nolan
2015-11-06  9:32   ` Oleg Andreev
2015-11-06  9:37     ` Tier Nolan
2015-11-06 10:16       ` jl2012
2015-11-10 10:52       ` Oleg Andreev

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0e72b173ea8e8aaf6b1b678182fa1ea7@xbt.hk \
    --to=jl2012@xbt.hk \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox