Author: Mark Friedenbach 2017-10-28 04:40:01
Published on: 2017-10-28T04:40:01+00:00
Mark Friedenbach has updated three BIPs based on feedback. The changes include modifying the hashing function fast-SHA256, changing MERKLEBRANCHVERIFY to verify a configurable number of elements from the tree instead of just one, and tail-call eval compatibility with BIP141’s CLEANSTACK consensus rule by allowing parameters to be passed on the alt-stack. Moreover, he has restricted tail-call eval to segwit scripts only. There were other small modifications, typo fixes, and optimizations made as well. Friedenbach proposes two new script features to be added to the bitcoin protocol via soft-fork activation. These features are a new opcode, MERKLE-BRANCH-VERIFY (MBV), and tail-call execution semantics. MBV allows script authors to force redemption to use values selected from a pre-determined set committed to in the scriptPubKey without requiring revelation of unused elements in the set for both enhanced privacy and smaller script sizes. Tail-call execution semantics allow a single level of recursion into a subscript, providing properties similar to P2SH while at the same time more flexible. Furthermore, these two features together can enable a range of applications such as tree signatures and a generalized MAST. It also brings privacy and fungibility improvements to users of counter-signing wallet/vault services. Friedenbach believes that the implementation of these features is simple enough, and the use cases compelling enough that we could BIP 8/9 rollout of these features in relatively short order, perhaps before the end of the year. Three BIPs have been written to describe these features, and their associated implementation. Friedenbach invites public review and discussion. He notes that there should be a multi-element MBV opcode that allows verifying multiple items are extracted from a single tree. However, it is not obvious how MBV could be modified to support this.
Updated on: 2023-06-12T18:19:22.956481+00:00