public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Pieter Wuille <pieter.wuille@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Malleable booleans
Date: Tue, 14 Oct 2014 15:45:18 -0400	[thread overview]
Message-ID: <20141014194518.GB941@savin.petertodd.org> (raw)
In-Reply-To: <CAPg+sBh4r8CzdOZ_nfJpq_7W07-e0bP7Subnxpsm=29tzKK0OQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1410 bytes --]

On Tue, Oct 14, 2014 at 11:54:36AM -0700, Pieter Wuille wrote:
> > I think a decent argument *for* doing this is that if a script author
> > fails to properly 'bool-ize' every boolean-using path that can have
> > non-minimal encodings in normal execution, you can always create a
> > nVersion=1 transaction manually to spend the output, preventing funds
> > from getting lost. Meanwhile in the general case of a compenent script
> > author having the canonical bool testing in every boolean-using opcode
> > saves a lot of bytes.
> 
> The real question is whether there are use cases for not having this
> requirement. I can't come up with any, as that would imply a boolean
> that is also interpretable as a hash, a pubkey or a signature - all of
> which seems crpytographically impossible to ever result in false.

I'm kinda inclined to agree, however there is an opposing argument too:
How often is BOOLAND and BOOLOR applied to unsanitised input from the
scriptSig? I can't think of a script type where that would be the case,
unlike OP_IF where the logical way of writing scripts is to have the
scriptSig select which brance you take. In every script I've ever
thought of BOOLAND and BOOLOR is applied to stuff generated within the
script itself, which isn't a malleability concern.

-- 
'peter'[:-1]@petertodd.org
000000000000000005f3f265a1636bd90c2c8098093c2db2ccfc91c17890a714

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 650 bytes --]

      reply	other threads:[~2014-10-14 19:45 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-14  2:34 [Bitcoin-development] Malleable booleans Pieter Wuille
2014-10-14  2:45 ` Gregory Maxwell
2014-10-14  7:27 ` Thomas Zander
2014-10-14  7:52   ` Gregory Maxwell
2014-10-14  8:04   ` Wladimir
2014-10-14  8:09 ` Peter Todd
2014-10-14 18:54   ` Pieter Wuille
2014-10-14 19:45     ` Peter Todd [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141014194518.GB941@savin.petertodd.org \
    --to=pete@petertodd.org \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=pieter.wuille@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox