[bitcoin-dev] Schnorr and taproot (etc) upgrade

Johnson Lau jl2012 at xbt.hk
Tue Dec 18 10:00:59 UTC 2018



> On 18 Dec 2018, at 12:58 PM, Anthony Towns <aj at erisian.com.au> wrote:
> 
> On Mon, Dec 17, 2018 at 10:18:40PM -0500, Russell O'Connor wrote:
>> On Mon, Dec 17, 2018 at 3:16 PM Johnson Lau <jl2012 at xbt.hk> wrote:
>>    But I’m not sure if that would do more harm than good. For example, people
>>    might lose money by copying an existing script template. But they might
>>    also lose money in the same way as CHECKMULTISIG is disabled. So I’m not
>>    sure.
> 
> Well, if CHECKSIG* and CHECKMULTISIG* are all disabled in favour of
> CHECKDLS, CHECKDLSVERIFY and CHECKDLSADD with both different names and
> different opcodes, copying a script template opcode-for-opcode from v0
> to v1 will always fail. (With taproot, this doesn't necessarily mean you
> lose money, even if the script is impossible to ever satisfy, since you
> may be able to recover via the direct signature path)
> 
>>    Another related thing I’d like to bikeshed is to pop the stack after
>>    OP_CLTV and OP_CSV. The same pros and cons apply.
>> This one is almost a no-brainer I think.  Nearly every instance of OP_CSV is
>> followed by an OP_DROP and we'd save 1 WU per OP_CSV if we pop the stack
>> afterwards.
> 
> It's definitely bikeshedding so whatever; but to me, it seems like it'd
> be easier for everyone to have it so that if you've got the same opcode
> in v0 script and v1.0 script; they have precisely the same semantics.
> 
> (That said, constructions like "<n> CLTV <p> CHECKSIGVERIFY" that avoid
> the DROP and work when you're expected to leave a true value on the
> stack won't work if you have to end up with an empty stack)
> 
> Cheers,
> aj
> 

I think you mean  <p> CHECKSIGVERIFY <n> CLTV, but this works only for simple script. Most likely you need a DROP if you use IF or CODESEPARATOR.

However, if we change the rule from “one true stack item” to “empty stack”, CLTV/CSV popping stack will make more sense. So I think either we change all, or change nothing.

The “true stack item” and CLTV/CSV as NOP are tech debt. Fixing them in new script version makes script creation easier and sometimes cheaper, but the fix itself creates further tech debts in the code. So I don’t have strong opinion on this topic.


More information about the bitcoin-dev mailing list