On Thu, Dec 29, 2011 at 01:55:03AM -0500, rocon...@theorem.ca wrote:
> Gavin asked me to come up with an alternative to OP_EVAL, so here is my
> proposal.
>
> OP_CODEHASH Initial Proposal
If we're again brainstorming about alternatives for OP_EVAL, I'll do my own.
It is called OP_CHECKEDEVAL, and is specified as follows:
* It looks at the two elements most recently (in code position) pushed by a
literal,
and not yet consumed by another OP_CHECKEDEVAL. These are S (the serialized
script),
and H (its hash). This implies it defines its own literal-only stack, where
all
literals push to, and only OP_CHECKEDEVAL pops from. This special stack has
the
advantage of allowing static analysis - one does not need to execute any
operations
to find out which data will end up on it. Note that "skipped" code (inside the
ignored part of an IF-THEN-ELSE) can still push to the literal stack.
* For the "outer script", it does not have any effect at all, except for:
* 2 elements popped from the literal-only stack
* potentially causing failure
It does not touch the main stack, alt stack or any other part of the
execution state
not listed above.
* Failure is caused when either of these conditions hold:
* No two elements remain on the literal-only stack
* The Hash(S) != H
* The inner script execution caused failure
* For the execution of the inner script:
* It is executed in a completely new and independent execution environnement
* It executes the deserialized S
* It inherits the main stack and alt stack (without the serialized script and
the hash
themselves) from the outer execution.
This requires OP_CHECKEDEVAL to immediately follow the push of script and hash,
so the code in the pair < <script> OP_CHECKEDEVAL > can be parsed and
interpreted as code,
allowing static analysis.
As OP_CHECKEDEVAL has absolutely no effects except for potentially causing
failure, it
is very similar to the OP_NOPx it would replace, and guarantees that
interpreting
OP_CHECKEDEVAL as OP_NOPx can never cause the script to become invalid if it
wasn't
already.
A basic pay-to-script-hash scriptPubKey is very short:
<scriptHash> OP_CHECKEDEVAL
And it is redeemed using:
<script inputs> <script>
Furthermore, the implementation is very similar to what was already done for
OP_EVAL. Modifications:
* EvalScriptInner needs less by-ref arguments, as it cannot modify the parent's
state.
* A literal-only stack needs to be maintained.
I believe this combines all advantages:
* Easy spend-to-script-hash (shorter than OP_EVAL)
* Backward compatible (guaranteed by construction, instead of separately
enforced like with OP_EVAL)
* Statically analyzable (though it requires deserializing the script data).
* Possibility to introduce a new language inside (not done in this proposal)
Only disadvantages:
* Slightly less flexible than OP_EVAL, as it disallows dynamic interation with
serialized scripts.
* Static code analyzers need to deserialize script data.
Credits: gmaxwell for the idea of a literal-only stack
--
Pieter
------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
