Author: Andreas M. Antonopoulos 2017-09-21 00:15:37
Published on: 2017-09-21T00:15:37+00:00
The article discusses the use of Merklized Abstract Syntax Trees (MAST) in Bitcoin. The author explores how the Pay-to-Script Hash (P2SH) is executed upon being pulled from the stack and how it can be generalised to cover other use cases beyond committing to and executing a single redeem script. The concept of implicit tail-call execution semantics is introduced, where scripts are run to the end to allow for safe recursion. The post goes on to explain how this approach can be used to achieve MAST and how the MERKLEBRANCHVERIFY opcode can further simplify the process. The MERKLEBRANCHVERIFY opcode is used to prove that the public key is drawn from a set used to construct a Merkle hash tree and then checks its signature. The script can verify any monotone Boolean function over combinations of public keys, making it applicable to many use cases.The author argues for permission-less innovation, stating that new Bitcoin consensus features should be simple, work together, and do one thing well. They suggest using modularity and composition of powerful yet simple tools, such as MERKLEBRANCHVERIFY and single tail-call recursion, to construct MAST while minimizing changes to the consensus code. The underlying primitives can also be combined with other modular features to support use cases beyond vanilla MAST.The article concludes by mentioning the efficiency gain of adopting a MAST template, but suggests deploying MBV, tail-call, and overhauling the CHECKSIG operator before tackling an ideal MAST-supporting witness type. Overall, the article presents a more easily understandable explanation of the MERKLEBRANCHVERIFY opcode and tail-call execution semantics, which are crucial to achieving MAST in Bitcoin.
Updated on: 2023-06-12T18:58:41.673908+00:00