public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] New BIP: Dealing with OP_IF and OP_NOTIF malleability in P2WSH
@ 2016-08-16 17:53 Johnson Lau
  2016-08-16 19:37 ` Luke Dashjr
  2016-09-01 11:39 ` Johnson Lau
  0 siblings, 2 replies; 21+ messages in thread
From: Johnson Lau @ 2016-08-16 17:53 UTC (permalink / raw)
  To: bitcoin-dev

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

A new BIP is prepared to deal with OP_IF and OP_NOTIF malleability in P2WSH:
https://github.com/jl2012/bips/blob/minimalif/bip-minimalif.mediawiki
https://github.com/bitcoin/bitcoin/pull/8526

   BIP: x
   Title: Dealing with OP_IF and OP_NOTIF malleability in P2WSH
   Author: Johnson Lau <jl2012@xbt.hk>
   Status: Draft
   Type: Standards Track
   Created: 2016-08-17

Abstract

This document specifies proposed changes to the Bitcoin script validity rules in order to make transaction malleability related to OP_IF and OP_NOTIF impossible in pay-to-witness-script-hash (P2WSH) scripts.

Motivation

OP_IF and OP_NOTIF are flow control codes in the Bitcoin script system. The programme flow is decided by whether the top stake value is True or False. However, this behaviour opens a source of malleability as a third party may replace a True (False) stack item with any other True (False) value without invalidating the transaction.

The proposed rules apply only to pay-to-witness-script-hash (P2WSH) scripts described in BIP141, which has not been activated on the Bitcoin mainnet as of writing. To ensure OP_IF and OP_NOTIF transactions created before the introduction of this BIP will still be accepted by the network, the new rules are not applied to non-segregated witness scripts.

Specification

In P2WSH, the argument for OP_IF and OP_NOTIF MUST be exactly an empty vector or 0x01, or the script evaluation fails immediately.

This is deployed using BIP9 after segregated witness (BIP141) is activated. Details TBD.

Compatibility

This is a softfork on top of BIP141. The rules are enforced as a relay policy by the reference client since the first release of BIP141 (v0.13.1). To avoid risks of fund loss, users MUST NOT create P2WSH scripts that are incompatible with this BIP. An OP_0NOTEQUAL may be used before OP_IF or OP_NOTIF to imitate the original behaviour (which may also re-enable the malleability vector depending on the exact script).

Implementation

https://github.com/bitcoin/bitcoin/pull/8526

Copyright

This work is placed in the public domain.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQGcBAEBCgAGBQJXs1LgAAoJEO6eVSA0viTSrJQL/A/womJKgi4FuyBTL9oykCss
aBMNN9+SLtmuH7SBgEUGZ8TFxa2st+6RP6Imu+Vvn4O5sXQl3DIXV+X38X93sUYk
wrjdpvdpqFFYJezPDESz6pR/6bZ1ES0aO2QqX578/8sqr8GO6L388s66vJeIGj4n
0LWW8sdEypMuV3HUG/9FFdUNHgiVX1U0sS1rT3P4aN30JYtb7PQpd7r8KTMta7Rt
L1VOZB+W3m2m2YZ9gB7IRmMfzzNm2QXRTPIZXt2x3mYDBuMkp+zEd5+ogA4sBpgP
wp2+l/aos686v0w8QYiNUX2+9Qpe7+238qUpw75d2XJYmLzdotWFvmp4g1hP+awX
HEfwe4BUM+El17LjrHkNeMWNJXMlhTtXb2i0XMj8tU5lZVHep4WpQ+LEahrNlsUl
FdFsi3q8HeWh8JsGaNCL41Bgbg/rKb5hUXyF6hTRHa//E6llOrpXRnsloKgBLv8c
QezgKTAPwwgdjcS6Ek0AqgLp7bCFRijCduYH9i9uaQ==
=lLIZ
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 21+ messages in thread

end of thread, other threads:[~2016-09-05 20:59 UTC | newest]

Thread overview: 21+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-08-16 17:53 [bitcoin-dev] New BIP: Dealing with OP_IF and OP_NOTIF malleability in P2WSH Johnson Lau
2016-08-16 19:37 ` Luke Dashjr
2016-08-16 19:43   ` Peter Todd
2016-08-16 21:58     ` Joseph Poon
2016-08-16 22:23     ` Russell O'Connor
2016-08-16 22:30       ` Pieter Wuille
2016-08-16 22:36         ` Russell O'Connor
2016-08-16 22:39           ` Pieter Wuille
2016-08-16 22:52             ` Russell O'Connor
2016-08-17  0:18               ` Gregory Maxwell
2016-08-17  0:27                 ` Russell O'Connor
2016-08-17  2:30                   ` Peter Todd
2016-08-17  3:02                   ` Johnson Lau
2016-08-17  4:40                     ` Luke Dashjr
2016-08-17 10:15                       ` Johnson Lau
2016-08-18  0:11                         ` Sergio Demian Lerner
     [not found]                           ` <CAAS2fgQ=Z+xmg0DcANV4vhp+XhpL1Vz0HNkJwNGdHTxtK1q1kg@mail.gmail.com>
2016-08-18  0:33                             ` Sergio Demian Lerner
2016-08-18  3:00                               ` Peter Todd
2016-09-05 14:55             ` Russell O'Connor
2016-09-01 11:39 ` Johnson Lau
2016-09-05  1:32   ` Rusty Russell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox