Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reenable OP_CAT #29247

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Reenable OP_CAT #29247

wants to merge 2 commits into from
+477 −8

Conversation

0xBEEFCAF3
Copy link

@0xBEEFCAF3 0xBEEFCAF3 commented Jan 14, 2024
edited

Renabling OP_CAT, as per the BIP-347

This MR involves reinstating the legacy opcode by replacing OP_SUCCESS126. Currently, there are no proposed activation parameters.

Relevant Links

Btcd implementation
Signet MR
Mailing list post

@DrahtBot
Copy link
Contributor

DrahtBot commented Jan 14, 2024
edited

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage

For detailed information about the code coverage, see the test coverage report.

Reviews

See the guideline for information on the review process.
A summary of reviews will appear here.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #29280 (Implement OP_CHECKTEMPLATEVERIFY by reardencode)
  • #29270 (Implement OP_CHECKSIGFROMSTACK(VERIFY) by reardencode)
  • #29269 (Add OP_INTERNALKEY for Tapscript by reardencode)
  • #29221 (Implement 64 bit arithmetic op codes in the Script interpreter by Christewart)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@DrahtBot DrahtBot changed the title Reenable OP_CAT Reenable OP_CAT Jan 14, 2024
@DrahtBot
Copy link
Contributor

🚧 At least one of the CI tasks failed. Make sure to run all tests locally, according to the
documentation.

Possibly this is due to a silent merge conflict (the changes in this pull request being
incompatible with the current code in the target branch). If so, make sure to rebase on the latest
commit of the target branch.

Leave a comment here, if you need help tracking down a confusing failure.

Debug: https://github.com/bitcoin/bitcoin/runs/20473822722

This was referenced Jan 15, 2024
Draft
Draft
Draft
Closed
@Christewart Christewart mentioned this pull request Jan 17, 2024
Closed
This was referenced Jan 18, 2024
Draft
Draft
Draft
@0xBEEFCAF3 0xBEEFCAF3 marked this pull request as draft February 1, 2024 22:04
@0xBEEFCAF3
Copy link
Author

Drafting until I get the inquisition PR approved and I can get the builds passing.

@moonsettler
Copy link

Some of us have been playing with the idea of neutered CAT: instead of the MAX_SCRIPT_ELEMENT_SIZE (520 bytes) the maximum output size would be 80 bytes.

Rationale:
It explicitly disables open ended second order effects by removing the ability to assemble a SIGHASH or CTV template on the stack for more detailed introspection than intended. If such introspection behavior is desired in the future it can be explicitly enabled by specialized and more efficient opcodes.

Combined with CSFS it can be used as a signed datacarrier, for which the 'standard' limit is 80 bytes, it also has to be smaller than 84 bytes which is required for building CTV templates on the stack, and larger than 64/65/72 bytes which are respectively needed for:

  • Merkle inclusion: 2x 20/32 byte hashes
  • LN-symmetry (LNhance): 2x 32 byte hashes
  • Separate sig: 64/72 bytes (0-conf bonds, staking contracts)

Could be a livable compromise between the conservatives that want to preserve certain characteristics of bitcoin and the prometheans who want to give the developers more practical and useful tools to build with.

@reardencode reardencode mentioned this pull request Feb 15, 2024
Merged
4 tasks
@bigspider
Copy link

Rationale: It explicitly disables open ended second order effects by removing the ability to assemble a SIGHASH or CTV template on the stack for more detailed introspection than intended. If such introspection behavior is desired in the future it can be explicitly enabled by specialized and more efficient opcodes.

Script is already expressive enough to (awkwardly, expensively) compute arbitrary SHA256 hashes on the stack, except that the result would be broken in smaller pieces of at most 4 bytes. With CAT, those can be concatenated to get a single 32-byte result.

Therefore, neutering CATs does not achieve the desired result of preventing the CHECKSIG tricks, unless you limit the length of the result to less than 32 bytes - which would also neuter most of the utility of the opcode.

@0xBEEFCAF3 0xBEEFCAF3 force-pushed the arm/re-enable-opcat branch 3 times, most recently from 9dbf081 to b9c67da Compare May 27, 2024 00:39
@0xBEEFCAF3
Re-enable OP_CAT
40f2872
@0xBEEFCAF3
tests: add unit tests for op cat
f1fd2b6 
This commit introduces unit tests for opcat in script_tests.json.
Additionally, it creates new test utilities for future Taproot script
tests within script_tests.json. The key features of this commit are the
addition of three new tags: `#SCRIPT#`, `#CONTROLBLOCK#`, and
`#TAPROOTOUTPUT#`. These tags streamline the test creation process by
eliminating the need to manually generate these components outside the
test suite.

* `#SCRIPT#`: Parses Tapscript and outputs a byte string of opcodes.
* `#CONTROLBLOCK#`: Automatically generates the control block for a given
Taproot output.
* `#TAPROOTOUTPUT#`: Generates the final Taproot scriptPubKey.
@0xBEEFCAF3 0xBEEFCAF3 marked this pull request as ready for review May 27, 2024 19:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Consensus
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@0xBEEFCAF3 @DrahtBot @moonsettler @bigspider @ajtowns