1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
Return-Path: <lf-lists@mattcorallo.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id AD766C89
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Nov 2017 16:33:10 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail.bluematt.me (mail.bluematt.me [192.241.179.72])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id F0C62576
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Nov 2017 16:33:09 +0000 (UTC)
Received: from [172.17.0.2] (gw.vpn.bluematt.me [144.217.106.88])
by mail.bluematt.me (Postfix) with ESMTPSA id 18EA0180DB4;
Mon, 27 Nov 2017 16:33:08 +0000 (UTC)
To: Mark Friedenbach <mark@friedenbach.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
Johnson Lau <jl2012@xbt.hk>
References: <53A587C3-DAC1-4055-875F-96B61717ACE6@xbt.hk>
<081A517B-B730-43AB-9D4E-4F696EFD91A3@friedenbach.org>
From: Matt Corallo <lf-lists@mattcorallo.com>
Message-ID: <56ca1248-6427-46f7-1645-84349cc8facc@mattcorallo.com>
Date: Mon, 27 Nov 2017 11:33:07 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <081A517B-B730-43AB-9D4E-4F696EFD91A3@friedenbach.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Making OP_CODESEPARATOR and FindAndDelete in
non-segwit scripts non-standard
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2017 16:33:10 -0000
I strongly disagree here - we don't only soft-fork out transactions that
are "fundamentally insecure", that would be significantly too
restrictive. We have generally been willing to soft-fork out things
which clearly fall outside of best-practices, especially rather
"useless" fields in the protocol eg soft-forking behavior into OP_NOPs,
soft-forking behavior into nSequence, etc.
As a part of setting clear best-practices, making things non-standard is
the obvious step, though there has been active discussion of
soft-forking out FindAndDelete and OP_CODESEPARATOR for years now. I
obviously do not claim that we should be proposing a soft-fork to
blacklist FindAndDelete and OP_CODESEPARATOR usage any time soon, and
assume that it would take at least a year or three from when it was made
non-standard to when a soft-fork to finally remove them was proposed.
This should be more than sufficient time for folks using such weird (and
largely useless) parts of the protocol to object, which should be
sufficient to reconsider such a soft-fork.
Independently, making them non-standard is a good change on its own, and
if nothing else should better inform discussion about the possibility of
anyone using these things.
Matt
On 11/15/17 14:54, Mark Friedenbach via bitcoin-dev wrote:
> As good of an idea as it may or may not be to remove this feature from
> the code base, actually doing so would be crossing a boundary that we
> have not previously been willing to do except under extraordinary
> duress. The nature of bitcoin is such that we do not know and cannot
> know what transactions exist out there pre-signed and making use of
> these features.
>
> It may be a good idea to make these features non standard to further
> discourage their use, but I object to doing so with the justification of
> eventually disabling them for all transactions. Taking that step has the
> potential of destroying value and is something that we have only done in
> the past either because we didn’t understand forks and best practices
> very well, or because the features (now disabled) were fundamentally
> insecure and resulted in other people’s coins being vulnerable. This
> latter concern does not apply here as far as I’m aware.
>
> On Nov 15, 2017, at 8:02 AM, Johnson Lau via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org
> <mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote:
>
>> In https://github.com/bitcoin/bitcoin/pull/11423 I propose to
>> make OP_CODESEPARATOR and FindAndDelete in non-segwit scripts non-standard
>>
>> I think FindAndDelete() is one of the most useless and complicated
>> functions in the script language. It is omitted from segwit (BIP143),
>> but we still need to support it in non-segwit scripts. Actually,
>> FindAndDelete() would only be triggered in some weird edge cases like
>> using out-of-range SIGHASH_SINGLE.
>>
>> Non-segwit scripts also use a FindAndDelete()-like function to remove
>> OP_CODESEPARATOR from scriptCode. Note that in BIP143, only executed
>> OP_CODESEPARATOR are removed so it doesn’t have the
>> FindAndDelete()-like function. OP_CODESEPARATOR in segwit scripts are
>> useful for Tumblebit so it is not disabled in this proposal
>>
>> By disabling both, it guarantees that scriptCode serialized inside
>> SignatureHash() must be constant
>>
>> If we use a softfork to remove FindAndDelete() and OP_CODESEPARATOR
>> from non-segwit scripts, we could completely remove FindAndDelete()
>> from the consensus code later by whitelisting all blocks before the
>> softfork block. The first step is to make them non-standard in the
>> next release.
>>
>>
>>
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> <mailto:bitcoin-dev@lists.linuxfoundation.org>
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
|
