Hi All,

I have a question about the often touted statement that "APO can emulate CTV". From what I have found in the specs and the inquisition codebase:

> BIP-118 ANYPREVOUTANYSCRIPT can constrain outputs of a spending transaction by hardcoding a 65-byte signature and a 33-byte unknown public key type in a script. Alternatively, BIP-119 CTV can directly constrain transaction outputs to a template hash.

APO/AS SIGHASH does not commit to the number of inputs (nor obviously the other input outpoints themselves). This has some interesting consequences for Ark, which relies on TXID non-malleability for it's ATLCs.

Either one of these cases seem to be true depending on how the contracts are constructed:

- APO only: Users can double spend the ASP (USER CAN STEAL)

- APO + ASP single sig: ASP can stop users from unilateral exit and sweep funds after 4 weeks (ASP CAN STEAL)

- n-of-n musig on the vTXO tree: trustless, APO however is not needed, full interactivity, analogous to key deletion covenant (NOBODY CAN STEAL)

APO/AS can also not be used for the ATLC itself, as it has to commit to the TX outpoint of the connector transaction.

OP_CTV however commits to the number of inputs explicitly, thus committing to a single input prevents TXID malleability and ensures the ATLC is going to be enforceable.

I would like to ask what the devs who are deeper into covenant research think about this, and if I'm missing something?

- moonsettler