Author: Russell O'Connor 2019-06-24 14:34:54
Published on: 2019-06-24T14:34:54+00:00
The OP_SECURETHEBAG opcode, which ensures that a transaction's input and output scripts cannot be modified without invalidating the signature, does not include the script being executed in its hash. This means that the ScriptPubKey, which is indirectly committed to through the input's prevoutpoint, cannot be reconstructed from the prevoutpoint in tapscript without implementation of public key tweaking in Bitcoin Script. In a thread on the bitcoin-dev mailing list, Jeremy Rubin asked for clarification on this comment and stated that the script and scriptsig are indeed committed to in OP_SECURETHEBAG. However, Russell O'Connor pointed out that creating covenants with OP_SECURETHEBAG is difficult without adding an OP_TWEEKPUBKEY operation to Script since the commitment of the script itself is not part of the opcode. ZmnSCPxj added that combining OP_LEFT and OP_CAT with OP_CHECKTXDIGESTVERIFY would allow for Turing-complete smart contracts.
Updated on: 2023-06-13T19:14:32.272847+00:00