public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: vjudeu@gazeta•pl
To: ZmnSCPxj <ZmnSCPxj@protonmail•com>,Nadav Ivgi <nadav@shesek•info>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Speedy covenants (OP_CAT2)
Date: Wed, 11 May 2022 12:57:01 +0200	[thread overview]
Message-ID: <161946014-482cdec305e2bd7a2c3fc4774c70239d@pmq1v.m5r2.onet> (raw)
In-Reply-To: <6pDae6X_tAfMTldPPsad5CSHPF98NVbTf06JxRCs7RqJGyrOqLALsDHHa_3C5DbbfpAVnzLMWCn-7e0FwQO-TOk4XxWYIiaYomuA9NJjkEQ=@protonmail.com>

> Looks like `OP_CAT` is not getting enabled until after we are reasonably sure that recursive covenants are not really unsafe.

Maybe we should use OP_SUBSTR instead of OP_CAT. Or even better: OP_SPLIT. Then, we could have OP_SPLIT <n> <pos1> <pos2> ... <posN> that would split a string N times (so there will be N+1 pieces). Or we could have just OP_SPLIT <pos> to split one string into two. Or maybe OP_2SPLIT and OP_3SPLIT, just to split into two or three pieces (as we have OP_2DUP and OP_3DUP). I think OP_SUBSTR or OP_SPLIT is better than OP_CAT, because then things always get smaller and we can be always sure that we will have one byte as the smallest unit in our Script.

On 2022-05-08 04:20:19 user ZmnSCPxj via bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org> wrote:
> Good morning shesek,

> On Sat, May 7, 2022 at 5:08 PM ZmnSCPxj via bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org> wrote:
> > * Even ***with*** `OP_CAT`, the following will enable non-recursive covenants without enabling recursive covenants:
> >  * `OP_CTV`, ...
> > * With `OP_CAT`, the following would enable recursive covenants:
> >  * `OP_CHECKSIGFROMSTACK`, ...
>
> Why does CTV+CAT not enable recursive covenants while CSFS+CAT does?
>
> CTV+CAT lets you similarly assert against the outputs and verify that they match some dynamically constructed script.
>
> Is it because CTV does not let you have a verified copy of the input's prevout scriptPubKey on the stack [0], while with OP_CSFS you can because the signature hash covers it?
>
> But you don't actually need this for recursion. Instead of having the user supply the script in the witness stack and verifying it against the input to obtain the quine, the script can simply contain a copy of itself as an initial push (minus this push). You can then reconstruct the full script quine using OP_CAT, as a PUSH(<script>) followed by the literal <script>.

    <OP_PUSH_length-of-script> OP_SWAP OP_DUP OP_CAT OP_CAT <rest of script...>

Ha, yes, looks like you are correct here.

`OP_CAT` makes *all* covenant opcodes recursive, because you can always quine using `OP_CAT`.

By itself it does not make recursive covenants, but with probably any opcode it would.

Looks like `OP_CAT` is not getting enabled until after we are reasonably sure that recursive covenants are not really unsafe.

Regards,
ZmnSCPxj
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists•linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev



  reply	other threads:[~2022-05-11 10:57 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-06 22:30 Jorge Timón
2022-05-07  3:06 ` ZmnSCPxj
2022-05-07  3:52   ` vjudeu
2022-05-07 13:31     ` Jorge Timón
2022-05-11 15:25     ` alicexbt
2022-05-11 16:03       ` vjudeu
2022-05-07 13:27   ` Jorge Timón
2022-05-07 14:08     ` ZmnSCPxj
     [not found]       ` <CABm2gDo1wTOoWcNgJ4mUgSB3KCtBSnjqe3nwVBSL+7=ziDJ==w@mail.gmail.com>
2022-05-07 22:28         ` ZmnSCPxj
2022-05-08  2:03       ` Nadav Ivgi
2022-05-08  2:19         ` ZmnSCPxj
2022-05-11 10:57           ` vjudeu [this message]
2022-05-11 11:42             ` ZmnSCPxj
2022-05-11 19:41               ` Russell O'Connor
2022-05-12  3:07                 ` ZmnSCPxj
2022-05-12 10:48                   ` Russell O'Connor
2022-05-13 21:43                     ` Anthony Towns
2022-05-13 23:33                       ` Russell O'Connor
2022-05-14 13:32                         ` Erik Aronesty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=161946014-482cdec305e2bd7a2c3fc4774c70239d@pmq1v.m5r2.onet \
    --to=vjudeu@gazeta$(echo .)pl \
    --cc=ZmnSCPxj@protonmail$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=nadav@shesek$(echo .)info \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox