summaryrefslogtreecommitdiff
path: root/04/a2dc73fd145c373e14a9f3b7db2f8fc2cf35ad
blob: 7c9c7c9cae021e06e7e7ff183d111a9b3265b337 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
Return-Path: <jl2012@xbt.hk>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 09F32884;
	Thu,  1 Sep 2016 11:40:48 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from erelay3.ox.registrar-servers.com
	(erelay3.ox.registrar-servers.com [192.64.117.2])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 30977137;
	Thu,  1 Sep 2016 11:40:45 +0000 (UTC)
Received: from localhost (unknown [127.0.0.1])
	by erelay1.ox.registrar-servers.com (Postfix) with ESMTP id
	7D23D2206E65; Thu,  1 Sep 2016 11:40:43 +0000 (UTC)
Received: from erelay1.ox.registrar-servers.com ([127.0.0.1])
	by localhost (erelay.ox.registrar-servers.com [127.0.0.1]) (amavisd-new,
	port 10024)
	with LMTP id eIHx6yMgavR9; Thu,  1 Sep 2016 07:40:38 -0400 (EDT)
Received: from MTA-10.privateemail.com (unknown [10.20.150.200])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by erelay1.ox.registrar-servers.com (Postfix) with ESMTPS id
	0C4952206B89; Thu,  1 Sep 2016 07:39:52 -0400 (EDT)
Received: from APP-06 (unknown [10.20.147.156])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by MTA-10.privateemail.com (Postfix) with ESMTPSA id 6F2D960032;
	Thu,  1 Sep 2016 11:39:51 +0000 (UTC)
Date: Thu, 1 Sep 2016 07:39:51 -0400 (EDT)
From: Johnson Lau <jl2012@xbt.hk>
Reply-To: Johnson Lau <jl2012@xbt.hk>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>, 
	lightning-dev@lists.linuxfoundation.org
Message-ID: <1060084086.55457.1472729991439@privateemail.com>
In-Reply-To: <1736097121.90204.1471369988809@privateemail.com>
References: <1736097121.90204.1471369988809@privateemail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_55456_976106680.1472729991376"
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.8.1-Rev19
X-Originating-Client: open-xchange-appsuite
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE,
	RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] New BIP: Dealing with OP_IF and OP_NOTIF
 malleability in P2WSH
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Sep 2016 11:40:48 -0000

------=_Part_55456_976106680.1472729991376
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Restriction for segwit OP_IF argument as a policy has got a few concept ACK. I would like to have more people to ACK or NACK, especially the real users of OP_IF. I think Lightning network would use that at lot.

Pull request: https://github.com/bitcoin/bitcoin/pull/8526

more related discussion could be found at https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013036.html

It does have impact if your script uses the combination of "OP_SIZE OP_IF" or "OP_DEPTH OP_IF". With this policy/softfork, you need to use  "OP_SIZE OP_0NOTEQUAL OP_IF" or "OP_DEPTH OP_0NOTEQUAL OP_IF", or reconstruct your scripts.

> 
>     On August 16, 2016 at 1:53 PM Johnson Lau via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> 
>     -----BEGIN PGP SIGNED MESSAGE-----
>     Hash: SHA512
> 
>     A new BIP is prepared to deal with OP_IF and OP_NOTIF malleability in P2WSH:
>     https://github.com/jl2012/bips/blob/minimalif/bip-minimalif.mediawiki
>     https://github.com/bitcoin/bitcoin/pull/8526
> 
>     BIP: x
>     Title: Dealing with OP_IF and OP_NOTIF malleability in P2WSH
>     Author: Johnson Lau <jl2012@xbt.hk>
>     Status: Draft
>     Type: Standards Track
>     Created: 2016-08-17
> 
>     Abstract
> 
>     This document specifies proposed changes to the Bitcoin script validity rules in order to make transaction malleability related to OP_IF and OP_NOTIF impossible in pay-to-witness-script-hash (P2WSH) scripts.
> 
>     Motivation
> 
>     OP_IF and OP_NOTIF are flow control codes in the Bitcoin script system. The programme flow is decided by whether the top stake value is True or False. However, this behaviour opens a source of malleability as a third party may replace a True (False) stack item with any other True (False) value without invalidating the transaction.
> 
>     The proposed rules apply only to pay-to-witness-script-hash (P2WSH) scripts described in BIP141, which has not been activated on the Bitcoin mainnet as of writing. To ensure OP_IF and OP_NOTIF transactions created before the introduction of this BIP will still be accepted by the network, the new rules are not applied to non-segregated witness scripts.
> 
>     Specification
> 
>     In P2WSH, the argument for OP_IF and OP_NOTIF MUST be exactly an empty vector or 0x01, or the script evaluation fails immediately.
> 
>     This is deployed using BIP9 after segregated witness (BIP141) is activated. Details TBD.
> 
>     Compatibility
> 
>     This is a softfork on top of BIP141. The rules are enforced as a relay policy by the reference client since the first release of BIP141 (v0.13.1). To avoid risks of fund loss, users MUST NOT create P2WSH scripts that are incompatible with this BIP. An OP_0NOTEQUAL may be used before OP_IF or OP_NOTIF to imitate the original behaviour (which may also re-enable the malleability vector depending on the exact script).
> 
>     Implementation
> 
>     https://github.com/bitcoin/bitcoin/pull/8526
> 
>     Copyright
> 
>     This work is placed in the public domain.
>     -----BEGIN PGP SIGNATURE-----
>     Comment: GPGTools - https://gpgtools.org
> 
>     iQGcBAEBCgAGBQJXs1LgAAoJEO6eVSA0viTSrJQL/A/womJKgi4FuyBTL9oykCss
>     aBMNN9+SLtmuH7SBgEUGZ8TFxa2st+6RP6Imu+Vvn4O5sXQl3DIXV+X38X93sUYk
>     wrjdpvdpqFFYJezPDESz6pR/6bZ1ES0aO2QqX578/8sqr8GO6L388s66vJeIGj4n
>     0LWW8sdEypMuV3HUG/9FFdUNHgiVX1U0sS1rT3P4aN30JYtb7PQpd7r8KTMta7Rt
>     L1VOZB+W3m2m2YZ9gB7IRmMfzzNm2QXRTPIZXt2x3mYDBuMkp+zEd5+ogA4sBpgP
>     wp2+l/aos686v0w8QYiNUX2+9Qpe7+238qUpw75d2XJYmLzdotWFvmp4g1hP+awX
>     HEfwe4BUM+El17LjrHkNeMWNJXMlhTtXb2i0XMj8tU5lZVHep4WpQ+LEahrNlsUl
>     FdFsi3q8HeWh8JsGaNCL41Bgbg/rKb5hUXyF6hTRHa//E6llOrpXRnsloKgBLv8c
>     QezgKTAPwwgdjcS6Ek0AqgLp7bCFRijCduYH9i9uaQ==
>     =lLIZ
>     -----END PGP SIGNATURE-----
> 
>     _______________________________________________
>     bitcoin-dev mailing list
>     bitcoin-dev@lists.linuxfoundation.org
>     https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> 

------=_Part_55456_976106680.1472729991376
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE html>
<html><head>
    <meta charset=3D"UTF-8">
</head><body><p>Restriction&#160;for segwit OP_IF argument as a policy has =
got a few concept ACK. I would like to have more people to ACK or NACK, esp=
ecially the real users of OP_IF. I think Lightning network would use that a=
t lot.</p><p>Pull request:&#160;https://github.com/bitcoin/bitcoin/pull/852=
6</p><p>more related discussion could be found at&#160;<a href=3D"https://l=
ists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013036.html">htt=
ps://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013036.htm=
l</a></p><p>It does have impact if your script uses the combination of &#34=
;OP_SIZE OP_IF&#34; or &#34;OP_DEPTH OP_IF&#34;. With this policy/softfork,=
 you need to use&#160; &#34;OP_SIZE OP_0NOTEQUAL OP_IF&#34; or &#34;OP_DEPT=
H OP_0NOTEQUAL OP_IF&#34;, or reconstruct your scripts.</p><blockquote><p>O=
n August 16, 2016 at 1:53 PM Johnson Lau via bitcoin-dev &#60;bitcoin-dev@l=
ists.linuxfoundation.org&#62; wrote:</p><p>-----BEGIN PGP SIGNED MESSAGE---=
--<br>Hash: SHA512</p><p>A new BIP is prepared to deal with OP_IF and OP_NO=
TIF malleability in P2WSH:<br><a href=3D"https://github.com/jl2012/bips/blo=
b/minimalif/bip-minimalif.mediawiki">https://github.com/jl2012/bips/blob/mi=
nimalif/bip-minimalif.mediawiki</a><br><a href=3D"https://github.com/bitcoi=
n/bitcoin/pull/8526">https://github.com/bitcoin/bitcoin/pull/8526</a></p><p=
>BIP: x<br> Title: Dealing with OP_IF and OP_NOTIF malleability in P2WSH<br=
> Author: Johnson Lau &#60;jl2012@xbt.hk&#62;<br> Status: Draft<br> Type: S=
tandards Track<br> Created: 2016-08-17</p><p>Abstract</p><p>This document s=
pecifies proposed changes to the Bitcoin script validity rules in order to =
make transaction malleability related to OP_IF and OP_NOTIF impossible in p=
ay-to-witness-script-hash (P2WSH) scripts.</p><p>Motivation</p><p>OP_IF and=
 OP_NOTIF are flow control codes in the Bitcoin script system. The programm=
e flow is decided by whether the top stake value is True or False. However,=
 this behaviour opens a source of malleability as a third party may replace=
 a True (False) stack item with any other True (False) value without invali=
dating the transaction.</p><p>The proposed rules apply only to pay-to-witne=
ss-script-hash (P2WSH) scripts described in BIP141, which has not been acti=
vated on the Bitcoin mainnet as of writing. To ensure OP_IF and OP_NOTIF tr=
ansactions created before the introduction of this BIP will still be accept=
ed by the network, the new rules are not applied to non-segregated witness =
scripts.</p><p>Specification</p><p>In P2WSH, the argument for OP_IF and OP_=
NOTIF MUST be exactly an empty vector or 0x01, or the script evaluation fai=
ls immediately.</p><p>This is deployed using BIP9 after segregated witness =
(BIP141) is activated. Details TBD.</p><p>Compatibility</p><p>This is a sof=
tfork on top of BIP141. The rules are enforced as a relay policy by the ref=
erence client since the first release of BIP141 (v0.13.1). To avoid risks o=
f fund loss, users MUST NOT create P2WSH scripts that are incompatible with=
 this BIP. An OP_0NOTEQUAL may be used before OP_IF or OP_NOTIF to imitate =
the original behaviour (which may also re-enable the malleability vector de=
pending on the exact script).</p><p>Implementation</p><p><a href=3D"https:/=
/github.com/bitcoin/bitcoin/pull/8526">https://github.com/bitcoin/bitcoin/p=
ull/8526</a></p><p>Copyright</p><p>This work is placed in the public domain=
.<br>-----BEGIN PGP SIGNATURE-----<br>Comment: GPGTools - <a href=3D"https:=
//gpgtools.org">https://gpgtools.org</a></p><p>iQGcBAEBCgAGBQJXs1LgAAoJEO6e=
VSA0viTSrJQL/A/womJKgi4FuyBTL9oykCss<br>aBMNN9+SLtmuH7SBgEUGZ8TFxa2st+6RP6I=
mu+Vvn4O5sXQl3DIXV+X38X93sUYk<br>wrjdpvdpqFFYJezPDESz6pR/6bZ1ES0aO2QqX578/8=
sqr8GO6L388s66vJeIGj4n<br>0LWW8sdEypMuV3HUG/9FFdUNHgiVX1U0sS1rT3P4aN30JYtb7=
PQpd7r8KTMta7Rt<br>L1VOZB+W3m2m2YZ9gB7IRmMfzzNm2QXRTPIZXt2x3mYDBuMkp+zEd5+o=
gA4sBpgP<br>wp2+l/aos686v0w8QYiNUX2+9Qpe7+238qUpw75d2XJYmLzdotWFvmp4g1hP+aw=
X<br>HEfwe4BUM+El17LjrHkNeMWNJXMlhTtXb2i0XMj8tU5lZVHep4WpQ+LEahrNlsUl<br>Fd=
Fsi3q8HeWh8JsGaNCL41Bgbg/rKb5hUXyF6hTRHa//E6llOrpXRnsloKgBLv8c<br>QezgKTAPw=
wgdjcS6Ek0AqgLp7bCFRijCduYH9i9uaQ=3D=3D<br>=3DlLIZ<br>-----END PGP SIGNATUR=
E-----</p><p>_______________________________________________<br>bitcoin-dev=
 mailing list<br>bitcoin-dev@lists.linuxfoundation.org<br><a href=3D"https:=
//lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev">https://lists.lin=
uxfoundation.org/mailman/listinfo/bitcoin-dev</a></p></blockquote></body></=
html>
=20
------=_Part_55456_976106680.1472729991376--