Author: Matt Corallo 2019-03-07 19:50:52
Published on: 2019-03-07T19:50:52+00:00
In a recent email exchange, Russell O'Connor raised concerns regarding the disabling of OP_CODESEPARATOR in non-BIP 143 scripts. O'Connor states that although OP_CODESEPARATOR is rarely used, it is necessary for users to sign specific branches they are authorizing within scripts that have multiple possible conditions reusing the same public key. However, Matt argues that despite significant effort, he has not seen any practical use-cases for this feature, with the exception of making SegWit scripts more efficient in TumbleBit. Additionally, OP_CODESEPARATOR in non-segwit scripts represents a vulnerability in Bitcoin today, which needs to be addressed.Regarding the risk of funds being permanently lost due to the activation of a soft-fork, Matt argues that the highly-unlikely remote possibility of someone having created something before which could be rendered unspendable is insufficient reason to not fix a vulnerability in Bitcoin today. To address the vulnerability caused by the execution of OP_CODESEPARATOR, Matt suggests an alternative whereby the transaction's weight increases suitably upon its execution. Alternatively, there could be some sort of limit on the maximum number of OP_CODESEPARATORs allowed to be executed per script, but this would require an argument as to why exceeding that limit is not reasonable. However, Matt notes that OP_CODESEPARATOR is non-standard, making it difficult to get them mined in any case.
Updated on: 2023-05-20T19:55:40.666973+00:00