Author: Russell O'Connor 2019-03-08 15:57:25
Published on: 2019-03-08T15:57:25+00:00
In an email conversation between Matt Corallo and Russell O'Connor, the topic of OP_CODESEPARATOR in non-BIP 143 scripts failing script validation was discussed. It was noted that while OP_CODESEPARATOR is the only mechanism available for users to sign a particular branch they are authorizing for within scripts, it does not appear to be practically usable except for one example in TumbleBit. Russell O'Connor argued that because of P2SH, it is not acceptable to risk people's money by activating a soft-fork that would result in funds being permanently lost. He proposed an alternative solution whereby the execution of OP_CODESEPARATOR increases the transaction's weight or there is a limit on the maximum number of OP_CODESEPARATORs allowed per script. Matt Corallo disagreed with this proposal and suggested that any such limit could render some moderately-large transactions unspendable and that OP_CODESEPARATOR in non-segwit scripts represents a significant vulnerability in Bitcoin today. He also proposed a soft fork rule that an input's weight is increased by an amount equal to the number of OP_CODESEPARATORs executed times the sum of the weight of the UTXO being spent and 40 bytes, the weight of a stripped input, which he believes would completely address the vulnerabilities caused by OP_CODESEPARATOR.
Updated on: 2023-06-13T17:29:38.869418+00:00