[bitcoin-dev] IsStandard

ZmnSCPxj ZmnSCPxj at protonmail.com
Thu May 2 00:10:37 UTC 2019

Good morning Aymeric,

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, April 30, 2019 5:43 PM, Aymeric Vitte <vitteaymeric at gmail.com> wrote:

> I must badly explain my point (or just wondering things that do not
> exist finally), the question is indeed whether nodes will relay non
> usual transactions or not and how to know what they will accept or not:
> -   my modified multisig 2 of 3: I did put OP_2 out of the usual redeem
>     script, the redeem script still matches scriptpubkey and scriptsig will
>     execute succesfully, that's a normal legacy P2SH or segwit P2WSH
> -   bch segwit recovery: it's a p2sh transaction without any signature
>     verification, as far as I remember there was a story that it could not
>     propagate in the network (even taking the risk to be stolen) and that
>     people had to contact a (honest) miner
> -   sha bounties: same as above, p2sh transactions without signatures
>     etc
>     Will all of those transactions propagate normally? And then the rule is
>     just that it matches the P2PKH, P2WPKH, P2SH, or P2WSH templates
>     whatever scripts you put inside?

P2PKH and P2WPKH cannot have custom script.
However, yes, any custom script can be wrapped in P2SH and P2WSH and it will be propagated.
The P2SH/P2WSH hides the details of your custom script so cannot be filtered based on your custom script.
Do realize that once a claim on your modified x-of-3 is propagated your `redeemScript` is known and someone can attempt to RBF (or coordinate with a miner) with a modified `witness` stack or `scriptSig` to claim your UTXO.
(I do not know if `OP_CHECKMULTISIG` supports 0-of-3 but at least one of your signatories could make it a 1-of-3 and bribe a miner to get it claimed)

I cannot answer for BCH; arguably that is off-topic here.

The old SHA bounty transactions were propagated in the days before `isStandard` I think.
Either that or they were put in by miners.
An SHA bounty can still be propagated today if they are wrapped in a P2SH or P2WSH, but you have to publish the `redeemScript` yourself in some other method.
Or bribe a miner if the transaction is not time-sensitive (for an SHA bounty, unlikely to be time-sensitive).


More information about the bitcoin-dev mailing list