summaryrefslogtreecommitdiff
path: root/e9/7868bb06c598476c8256c368cc3e3992c87057
blob: 8c6b76984e63727791dc471db90f3e42f9427b0e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <roconnor@theorem.ca>) id 1RgAJE-0003PD-2f
	for bitcoin-development@lists.sourceforge.net;
	Thu, 29 Dec 2011 07:21:52 +0000
X-ACL-Warn: 
Received: from erdos.theorem.ca ([72.2.4.176] helo=theorem.ca)
	by sog-mx-1.v43.ch3.sourceforge.com with smtp (Exim 4.76)
	id 1RgAJC-0006e1-MF for bitcoin-development@lists.sourceforge.net;
	Thu, 29 Dec 2011 07:21:52 +0000
Received: (qmail 2362 invoked by uid 603); 29 Dec 2011 06:55:03 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
	by localhost with SMTP; 29 Dec 2011 06:55:03 -0000
Date: Thu, 29 Dec 2011 01:55:03 -0500 (EST)
From: roconnor@theorem.ca
To: bitcoin-development@lists.sourceforge.net
Message-ID: <alpine.LRH.2.00.1112290111310.22327@theorem.ca>
User-Agent: Alpine 2.00 (LRH 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
X-Spam-Score: -1.9 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.3 RP_MATCHES_RCVD Envelope sender domain matches handover relay
	domain -0.7 AWL AWL: From: address is in the auto white-list
X-Headers-End: 1RgAJC-0006e1-MF
Cc: webmaster@btcguild.com, pool@deepbit.net
Subject: [Bitcoin-development] Alternative to OP_EVAL
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 29 Dec 2011 07:21:52 -0000

Gavin asked me to come up with an alternative to OP_EVAL, so here is my 
proposal.

OP_CODEHASH Initial Proposal

The idea is to add third "codehash" stack to the scripting engine (or 
alternatively a codehash state variable) and have OP_CODESEPARATOR in 
addition to its current behaviour push the hash of the remaining code in 
the script onto the codehash stack (or alternatively set the codehash 
state variable).

Then we add a new OP_CODEHASH operator that pops the codehash stack and 
pushes it onto the main stack (or alternatively push the value of the 
codehash state variable onto the mainstack which is initialized using the 
hash of the sigScript).

The new send-to-script transaction would be:

OP_CODEHASH OP_HASH160 {20-byte-hash-value} OP_EQUAL

Which can be redeemed by

{20-byte-code-hash} signatures OP_CODESEPARATOR code


When run the code will consume all the signatures leaving the 
20-byte-code-hash on the stack.  When OP_CODEHASH is interpreted as a NOP 
it is skipped, then the hash is hashed and compared to the 
20-byte-hash-value and a match is required to succeed.

When OP_CODEHASH is interpreted by a new client it pops the codehash stack 
and pushes the value onto the main stack, which in this standard 
transaction pushes a value identical to the existing {20-byte-code-hash} 
on the stack. Then again this hash is hashed and compared to to 
{20-byte-code-hash}.


This proposal covers all the desired behaviour from OP_EVAL proposal but 
with a less radical change:
   (1) you get send-to-script addresses
   (2) you cannot redeem with the old client without knowing the hash of the script

OP_CODEHASH has no dynamically generated code that is executed.  The 
language remains a weak stack based language which is clearly terminating. 
The number of operations executed is still bounded by the number of 
operations occurring in the script.  With the OP_EVAL proposal the script 
language becomes essentially Turing complete, with only an artificial 
limit on recursion depth preventing arbitrary computation and there is no 
way to know what code will run without executing it.  With the OP_EVAL 
proposal there is no way to statically analyze the script (say to count 
the number of uses of OP_CHECKSIG or OP_MULTICHECKSIG or other analysis) 
without actually executing the script.

This is just an initial proposal there are clearly some variations that 
could be done that would work just as well.

Thanks goes to luke-jr and others for their thoughts on this proposal.

Good night everyone.

-- 
Russell O'Connor                                      <http://r6.ca/>
``All talk about `theft,''' the general counsel of the American Graphophone
Company wrote, ``is the merest claptrap, for there exists no property in
ideas musical, literary or artistic, except as defined by statute.''