1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
|
Return-Path: <oleganza@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id B9E7F8EF
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Nov 2015 10:52:50 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f49.google.com (mail-wm0-f49.google.com [74.125.82.49])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id E0F63138
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Nov 2015 10:52:49 +0000 (UTC)
Received: by wmec201 with SMTP id c201so108525011wme.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Nov 2015 02:52:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=content-type:mime-version:subject:from:in-reply-to:date:cc
:message-id:references:to;
bh=DCu73m7dl86CFgPUW3K6RhVlIttdPJqag/1CkcWfTbo=;
b=AYYEFFZmlmKU6x4Agwjz3QqhejoQCGZgDFLd64Qu7XwPTUF2VNGacK7jUmaWLBfWBO
sbKQcQlp6Sg620MUwZO9CJwbjuLeLfUGQl89jCFxYV3j3EttVQbVuzgG4vSyNho6SYcb
xNSgLtCgoOUrER8kk1aC+e2YAePfxPvS1K8kShV7cYl3h6qP1u0wL+rtYrRt0MQ9fUfm
aSgv+3k3r6blAu4Hi8AxobDAHbQpPX9vFHCC6GBG+QXwxIZRp1nERkeTcDS49JeHzDFx
1nMBUBnMxPImcy9F6hKlohG/fpM2Zs7tqq5/YmI87w2v6Qak/8OgcpQYLcIUaYUBXyZp
00SA==
X-Received: by 10.28.20.139 with SMTP id 133mr33427611wmu.36.1447152768379;
Tue, 10 Nov 2015 02:52:48 -0800 (PST)
Received: from [10.0.1.5] (AStLambert-651-1-41-45.w90-43.abo.wanadoo.fr.
[90.43.88.45]) by smtp.gmail.com with ESMTPSA id
u139sm6809062wmu.22.2015.11.10.02.52.46
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Tue, 10 Nov 2015 02:52:47 -0800 (PST)
Content-Type: multipart/alternative;
boundary="Apple-Mail=_1CD79689-9A75-4F5F-8DA7-189F62CD918F"
Mime-Version: 1.0 (Mac OS X Mail 9.1 \(3096.5\))
From: Oleg Andreev <oleganza@gmail.com>
In-Reply-To: <CAE-z3OX6bMY+RjphyDS-zAO=aXLs-B41G4m6ssUjFC03ByQkWA@mail.gmail.com>
Date: Tue, 10 Nov 2015 11:52:46 +0100
Message-Id: <B3EDCC26-F2CF-44AD-B373-0FD60DA3E30B@gmail.com>
References: <0e72b173ea8e8aaf6b1b678182fa1ea7@xbt.hk>
<CAE-z3OUQyW9Hss-jMDx_HjT9y55SctmUiXiGYhTZe6=2Mj2OaA@mail.gmail.com>
<8D9D1049-E502-4A37-ACE4-5A2B1369A90A@gmail.com>
<CAE-z3OX6bMY+RjphyDS-zAO=aXLs-B41G4m6ssUjFC03ByQkWA@mail.gmail.com>
To: Tier Nolan <tier.nolan@gmail.com>
X-Mailer: Apple Mail (2.3096.5)
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE autolearn=ham
version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Dealing with OP_IF and OP_NOTIF malleability
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2015 10:52:50 -0000
--Apple-Mail=_1CD79689-9A75-4F5F-8DA7-189F62CD918F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
OP_0 gives a zero length byte array because OP_0 =3D=3D 0x00 which is =
equivalent to pushdata with zero length.
OP_EQUAL compares byte strings as-is. So it will push "false" because =
empty string is not the same as a single-byte string with 0x00 byte in =
it. Value "false" in turn is encoded as empty string, just like result =
of OP_0.
> On 06 Nov 2015, at 10:37, Tier Nolan via bitcoin-dev =
<bitcoin-dev@lists.linuxfoundation.org> wrote:
>=20
> I meant not to use the OP_PUSH opcodes to do the push.
>=20
> Does OP_0 give a zero length byte array?
>=20
> Would this script return true?
>=20
> OP_0
> OP_PUSHDATA1 (length =3D 1, data =3D 0)
> OP_EQUAL
>=20
> The easiest definition is that OP_0 and OP_1 must be used to push the =
data and not any other push opcodes.
>=20
>=20
> On Fri, Nov 6, 2015 at 9:32 AM, Oleg Andreev <oleganza@gmail.com =
<mailto:oleganza@gmail.com>> wrote:
>=20
> > One and zero should be defined as arrays of length one. Otherwise, =
it is still possible to mutate the transaction by changing the length of =
the array.
> >
> > They should also be minimally encoded but that is covered by =
previous rules.
>=20
> These two lines contradict each other. Minimally-encoded "zero" is an =
array of length zero, not one. I'd suggest defining this explicitly here =
as "IF/NOTIF argument must be either zero-length array or a single byte =
0x01".
>=20
>=20
>=20
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--Apple-Mail=_1CD79689-9A75-4F5F-8DA7-189F62CD918F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D"">OP_0 gives a zero length byte array because OP_0 =3D=3D 0x00 =
which is equivalent to pushdata with zero length.<div class=3D""><br =
class=3D""></div><div class=3D"">OP_EQUAL compares byte strings as-is. =
So it will push "false" because empty string is not the same as a =
single-byte string with 0x00 byte in it. Value "false" in turn is =
encoded as empty string, just like result of OP_0.<br class=3D""><div =
class=3D""><br class=3D""><div><blockquote type=3D"cite" class=3D""><div =
class=3D"">On 06 Nov 2015, at 10:37, Tier Nolan via bitcoin-dev <<a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:</div><br =
class=3D"Apple-interchange-newline"><div class=3D""><div dir=3D"ltr" =
class=3D""><div class=3D"">I meant not to use the OP_PUSH opcodes to do =
the push.<br class=3D""><br class=3D""></div><div class=3D"">Does OP_0 =
give a zero length byte array?<br class=3D""><br class=3D""></div><div =
class=3D"">Would this script return true?<br class=3D""><br =
class=3D""></div><div class=3D"">OP_0<br class=3D""></div><div =
class=3D"">OP_PUSHDATA1 (length =3D 1, data =3D 0)<br =
class=3D""></div><div class=3D"">OP_EQUAL<br class=3D""><br =
class=3D""></div><div class=3D"">The easiest definition is that OP_0 and =
OP_1 must be used to push the data and not any other push opcodes.<br =
class=3D""><br class=3D""></div></div><div class=3D"gmail_extra"><br =
class=3D""><div class=3D"gmail_quote">On Fri, Nov 6, 2015 at 9:32 AM, =
Oleg Andreev <span dir=3D"ltr" class=3D""><<a =
href=3D"mailto:oleganza@gmail.com" target=3D"_blank" =
class=3D"">oleganza@gmail.com</a>></span> wrote:<br =
class=3D""><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 =
.8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=3D""><br =
class=3D"">
> One and zero should be defined as arrays of length one. Otherwise, =
it is still possible to mutate the transaction by changing the length of =
the array.<br class=3D"">
><br class=3D"">
> They should also be minimally encoded but that is covered by =
previous rules.<br class=3D"">
<br class=3D"">
</span>These two lines contradict each other. Minimally-encoded "zero" =
is an array of length zero, not one. I'd suggest defining this =
explicitly here as "IF/NOTIF argument must be either zero-length array =
or a single byte 0x01".<br class=3D"">
<br class=3D"">
<br class=3D"">
</blockquote></div><br class=3D""></div>
_______________________________________________<br class=3D"">bitcoin-dev =
mailing list<br class=3D""><a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a><br =
class=3D"">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<=
br class=3D""></div></blockquote></div><br =
class=3D""></div></div></body></html>=
--Apple-Mail=_1CD79689-9A75-4F5F-8DA7-189F62CD918F--
|
