[bitcoin-dev] Dealing with OP_IF and OP_NOTIF malleability

Oleg Andreev oleganza at gmail.com
Fri Nov 6 09:32:02 UTC 2015


> One and zero should be defined as arrays of length one. Otherwise, it is still possible to mutate the transaction by changing the length of the array. 
> 
> They should also be minimally encoded but that is covered by previous rules.

These two lines contradict each other. Minimally-encoded "zero" is an array of length zero, not one. I'd suggest defining this explicitly here as "IF/NOTIF argument must be either zero-length array or a single byte 0x01".




More information about the bitcoin-dev mailing list