Author: Bastien TEINTURIER 2019-12-18 15:14:24
Published on: 2019-12-18T15:14:24+00:00
In a discussion on #bitcoin-wizards, gmaxwell shared his feedback regarding the proposal to modify Tapscript's OP_CHECKSIG. He suggested that changing the behaviour of OP_CHECKSIG is not feasible as it increases the witness size and should be implemented as a new opcode instead. OP_CAT and friends were intentionally left out of Taproot as they are too general and require more analysis. However, the proposed OP_CHECKSPLITSIG may be acceptable as it is very constrained but does not protect against a finney attack. The scheme only protects against double-spending if Patrick is disallowed from emptying the UTXO via Lightning before double-spending. Despite these issues, Bastien believes there are good use-cases for this for off-chain protocols and is interested in more feedback about the scheme and potential attack vectors or other use-cases. Ethan Heilman also voiced his support for enabling outputs to enforce ECDSA nonce reuse but argued against changing the behaviour of OP_CHECKSIG, suggesting that it would likely result in bugs in systems that create and sign transactions and instead proposed the creation of a new OP code, such as OP_CHECKSPLITSIG or getting OP_CAT approved.
Updated on: 2023-06-02T22:27:27.754665+00:00