From: Jeremy <jlrubin@mit.edu>
To: "Russell O'Connor" <roconnor@blockstream.io>
Cc: Bitcoin development mailing list <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] OP_SECURETHEBAG (supersedes OP_CHECKOUTPUTSVERIFY)
Date: Mon, 24 Jun 2019 15:47:44 -0700 [thread overview]
Message-ID: <CAD5xwhjaC61jOLvPrMcsvL9ji5zUAP-=ai3NhBojeQcC4v8DpA@mail.gmail.com> (raw)
In-Reply-To: <CAMZUoKkorcO+CD6jcV5tyCtrKuHq_2hJhKE08FTrqJz7GgPM8Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 3277 bytes --]
I agree in principal, but I think that's just a bit of 'how things are'
versus how they should be.
I disagree that we get composability semantics because of OP_IF. E.g., the
script "OP_IF .... " and "OP_END" are two scripts that separately are
invalid as parsed, but together are valid. OP_IF already imposes some
lookahead functionality... but as I understand it, it may be feasible to
get rid of OP_IF for tapscripts anyways. Also in this bucket are P2SH and
segwit, which I think breaks this because the concat of two p2sh scripts or
segwit scripts is not the same as them severally.
I also think that the OP_SECURETHEBAG use of pushdata is a backwards
compatible hack: we can always later redefine the parser to parse
OP_SECURETHEBAG as the 34 byte opcode, recapturing the purity of the
semantics. We can also fix it to not use an extra byte in a future tapleaf
version.
====
In any case, I don't disagree with figuring out what patching the parser to
handle multibyte opcodes would look like. If that sort of upgrade-path were
readily available when I wrote this, it's how I would have done it. There
are two approaches I looked at mostly:
1) Adding flags to GetOp to change how it parses
a) Most of the same code paths used for new and old script
b) Higher risk of breaking something in old script style/downstream
c) Cleans up only one issue (multibyte opcodes) leaves other warts in
place
d) less bikesheddable design (mostly same as old script)
e) code not increased in size
2) Adding a completely new interpreter for Tapscript
a) Fork the existing interpreter code
b) For all places where scripts are run, switch based on if it is
tapscript or not
c) Can clean up various semantics, can even do fancier things like
huffman encode opcodes to less than a byte
d) Can clearly separate parsing the script from executing it
e) Can improve versioning techniques
f) Low risk of breaking something in old script style/downstream
g) Increases amount of code substantially
h) Bikesheddable design (everything is on the table).
i) probably a better general mechanism for future changes to script
parsing, less consensus risk
j) More compatible with templated script as well.
If not clear, I think that 2 is probably a better approach, but I'm worried
that 2.h means this would take a much longer time to implement.
2 can be segmented into two components:
1) the architecture of script parser versioning
2) the actual new script version
I think that component 1 can be relatively non controversial, thankfully,
using tapleaf versions (the architecture question is more around code
structure). A proof of concept of this would be to have a fork that uses
two independent, but identical, script parsers.
Part two of this plan would be to modify one of the versions substantially.
I'm not sure what exists on the laundry list, but I think it would be
possible to pick a few worthwhile cleanups. E.g.:
1) Multibyte opcodes
2) Templated scripts
3) Huffman Encoding opcodes
4) OP_IF handling (maybe just get rid of it in favor of conditional Verify
semantics)
And make it clear that because we can add future script versions fairly
easily, this is a sufficient step.
Does that seem in line with your understanding of how this might be done?
[-- Attachment #2: Type: text/html, Size: 8839 bytes --]
next prev parent reply other threads:[~2019-06-24 22:48 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-01 5:35 [bitcoin-dev] OP_SECURETHEBAG (supersedes OP_CHECKOUTPUTSVERIFY) Jeremy
2019-06-02 5:35 ` ZmnSCPxj
2019-06-02 14:32 ` Russell O'Connor
2019-06-02 21:32 ` Jeremy
2019-06-05 9:30 ` Anthony Towns
2019-06-06 7:30 ` ZmnSCPxj
2019-06-18 20:57 ` Russell O'Connor
2019-06-20 22:05 ` Anthony Towns
2019-06-23 6:43 ` Jeremy
2019-07-08 10:26 ` Dmitry Petukhov
2019-10-03 23:22 ` Jeremy
[not found] ` <CAD5xwhj8o8Vbrk2KADBOFGfkD3fW3eMZo5aHJytGAj_5LLhYCg@mail.gmail.com>
2019-06-23 13:11 ` ZmnSCPxj
2019-06-24 14:34 ` Russell O'Connor
2019-06-24 18:07 ` Jeremy
2019-06-24 18:48 ` Russell O'Connor
2019-06-24 22:47 ` Jeremy [this message]
2019-06-25 17:05 ` Russell O'Connor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAD5xwhjaC61jOLvPrMcsvL9ji5zUAP-=ai3NhBojeQcC4v8DpA@mail.gmail.com' \
--to=jlrubin@mit.edu \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=roconnor@blockstream.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox