[Bitcoin-development] Pay to MultiScript hash:

[Jeremy <jlrubin@MIT.EDU>]

[-- Attachment #1: Type: text/plain, Size: 1524 bytes --]

Hey all,

I had an idea for a new transaction type. The base idea is that it is
matching on script hashes much like pay to script hash, but checks for one
of N scripts.

A motivating case is for "permission groups". Let's say I want to have a
single "root user" script, a 2 of 3 group, and a 2 of 2 group able to spend
a utxo. This would allow for any one of these permission groups to spend.

Right now, this could be expressed multiple ways (ie, using an op_dup if
then else chain) , but all would incur additional costs in terms of
complicated control flows. Instead, I would propose:

OP_HASH160 [20-byte-hash-value 1]...[20-byte-hash-value N] OP_N
OP_MULTISCRIPTHASHVERIFY


could be spent with

...signatures... {serialized script}


​And the alternative formulation: (more complex!)​

​OP_HASH160 OP_DUP [20-byte-hash-value 1]​
​ OP_IF OP_EQUAL​
​ OP_VERIFY OP_ELSE   <OP_DUP  [20-byte-hash-value 2]​​  OP_IF......>
OP_ENDIF​



Of course, the permission group example is just one use case, there could
be other interesting combinations as well
​.


There is an implication in terms of increased utxo pool bloat, but also an
implication in terms of increased txn complexity (each 20 byte hash allows
for a 500 byte script, only one of the 500 byte scripts has to be
permanently stored on blockchain).


Looking forward to your feedback -- the idea is a bit preliminary, but I
think it could be exciting.

Best,

Jeremy




-- 
Jeremy Rubin

[-- Attachment #2: Type: text/html, Size: 3176 bytes --]