📅 Original date posted:2017-09-19
📝 Original message:On Tuesday 19 September 2017 12:46:30 AM Mark Friedenbach via bitcoin-dev
wrote:
> After the main discussion session it was observed that tail-call semantics
> could still be maintained if the alt stack is used for transferring
> arguments to the policy script.
Isn't this a bug in the cleanstack rule?
(Unrelated...)
Another thing that came up during the discussion was the idea of replacing all
the NOPs and otherwise-unallocated opcodes with a new OP_RETURNTRUE
implementation, in future versions of Script. This would immediately exit the
program (perhaps performing some semantic checks on the remainder of the
Script) with a successful outcome.
This is similar to CVE-2010-5141 in a sense, but since signatures are no
longer Scripts themselves, it shouldn't be exploitable.
The benefit of this is that it allows softforking in ANY new opcode, not only
the -VERIFY opcode variants we've been doing. That is, instead of merely
terminating the Script with a failure, the new opcode can also remove or push
stack items. This is because old nodes, upon encountering the undefined
opcode, will always succeed immediately, allowing the new opcode to do
literally anything from that point onward.
Luke
Luke Dashjr [ARCHIVE] /
npub1tf…rfq0n
2023-06-07 18:05:38
in reply to nevent1q…7yk9
Author Public Key
npub1tfk373zg9dnmtvxnpnq7s2dkdgj37rwfj3yrwld7830qltmv8qps8rfq0nPublished at
2023-06-07 18:05:38Event JSON
{
"id": "061310e631f6e45eb7a281884dc1f3c629604c3f7ae8ef20bb80ed9e5acfd07b",
"pubkey": "5a6d1f44482b67b5b0d30cc1e829b66a251f0dc99448377dbe3c5e0faf6c3803",
"created_at": 1686161138,
"kind": 1,
"tags": [
[
"e",
"2a468f3688518e7a7f729ce11aaac86d8191608db6d8228100ef68169ab48586",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2017-09-19\n📝 Original message:On Tuesday 19 September 2017 12:46:30 AM Mark Friedenbach via bitcoin-dev \nwrote:\n\u003e After the main discussion session it was observed that tail-call semantics\n\u003e could still be maintained if the alt stack is used for transferring\n\u003e arguments to the policy script.\n\nIsn't this a bug in the cleanstack rule?\n\n(Unrelated...)\n\nAnother thing that came up during the discussion was the idea of replacing all \nthe NOPs and otherwise-unallocated opcodes with a new OP_RETURNTRUE \nimplementation, in future versions of Script. This would immediately exit the \nprogram (perhaps performing some semantic checks on the remainder of the \nScript) with a successful outcome.\n\nThis is similar to CVE-2010-5141 in a sense, but since signatures are no \nlonger Scripts themselves, it shouldn't be exploitable.\n\nThe benefit of this is that it allows softforking in ANY new opcode, not only \nthe -VERIFY opcode variants we've been doing. That is, instead of merely \nterminating the Script with a failure, the new opcode can also remove or push \nstack items. This is because old nodes, upon encountering the undefined \nopcode, will always succeed immediately, allowing the new opcode to do \nliterally anything from that point onward.\n\nLuke",
"sig": "47ee28439d6b98352581e56a99f0f364e724da50ef0fb2e05e2ccd3e6aebfa8634728edc579bd33e9ad8670cac9cca03f62fd3c3c94cb2019888a6212f198128"
}