Author: Matt Corallo 2019-03-12 02:23:33
Published on: 2019-03-12T02:23:33+00:00
The motivation behind removing OP_CODESEPARATOR is to simplify the theoretical operation of checksig operations and analysis of future changes, such as sighash-caching code. Although hiding data in invalid public keys is a long-discussed-and-implemented idea, no one seems to be aware of any real proposals to use OP_CODESEPARATOR, let alone anyone using it in the wild. Having all the OP_CODESEPARATOR mess left around after all the effort that has gone into removing it for the past few years would be a huge shame, especially compared to a standardness change. Increasing the weight of anything that has an OP_CODESEPARATOR in it by 572ish bytes could eliminate any vulnerability caused by OP_CODESEPARATOR within P2SH transactions without the need to remove it entirely. However, simply putting OP_CODESEPARATOR in a deprecated state for some time and making its usage more expensive would not solve the issue because it assumes that a user exists who has pre-signed transactions which are time-locked and claim a number of inputs and have several paths in the script which contain OP_CODESEPARATOR, rendering their transcription invalid.
Updated on: 2023-05-20T19:56:44.690982+00:00