Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XdrwP-00037s-JR for bitcoin-development@lists.sourceforge.net; Tue, 14 Oct 2014 02:34:25 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.176 as permitted sender) client-ip=209.85.213.176; envelope-from=pieter.wuille@gmail.com; helo=mail-ig0-f176.google.com; Received: from mail-ig0-f176.google.com ([209.85.213.176]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XdrwM-0001kM-34 for bitcoin-development@lists.sourceforge.net; Tue, 14 Oct 2014 02:34:25 +0000 Received: by mail-ig0-f176.google.com with SMTP id hn15so12856505igb.3 for ; Mon, 13 Oct 2014 19:34:16 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.42.190.196 with SMTP id dj4mr2231238icb.35.1413254056796; Mon, 13 Oct 2014 19:34:16 -0700 (PDT) Received: by 10.50.65.9 with HTTP; Mon, 13 Oct 2014 19:34:16 -0700 (PDT) Date: Mon, 13 Oct 2014 19:34:16 -0700 Message-ID: From: Pieter Wuille To: Bitcoin Dev Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (pieter.wuille[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XdrwM-0001kM-34 Subject: [Bitcoin-development] Malleable booleans X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Oct 2014 02:34:25 -0000 Hi all, while working on a BIP62 implementation I discovered yet another type of malleability: the interpretation of booleans. Any byte array with non-zero bytes in it (ignoring the highest bit of the last byte, which is the sign bit when interpreting as a number) is interpreted as true, anything else as false. Other than numbers, they're not even restricted to 4 bytes. Worse, the code for dealing with booleans is not very consistent: OP_BOOLAND and OP_BOOLOR first interpret their arguments as numbers, and then compare them to 0 to turn them into boolean values. This means that scripts that use booleans as inputs will be inherently malleable. Given that that seems actually useful (passing in booleans to guide some OP_IF's during execution of several alternatives), I would like to change BIP62 to also state that interpreted booleans must be of minimal encoded size (in addition to numbers). Any opinions for or against?