An opcode we could call OP_TXHASHVERIFY could be introduced. It would be defined to work only if added to a scriptSig as the very first operation, and would abort if the hash of the transaction **with all OP_TXHASHVERIFY operations (including stack push) removed** does not match what has been pushed on the stack.

So, in order to produce a transaction with one or more inputs protected against tx ID malleability, one would:

1. Calculate tx ID of the tx: TX_HASH

2. For each input you wish to protect, add "0x32 $TX_HASH OP_TXHASHVERIFY" to the beginning of the scriptSig

When evaluating OP_TXHASHVERIFY, we make a copy of the tx in question, and remove the "0x32 <32 bytes> OP_TXHASHVERIFY" sequence from the beginning of all scriptSigs (if present), and abort if the tx copy hash does not match the top stack item.

This is a very simple solution that only adds 34 bytes per input, and when something better becomes available (eg. Segwit), we will stop using this. But in the meantime it's very valuable to be able to not worry about tx ID malleability.

Please let me know what you think.

            /Rune