Skip to content

OP_CHECKCONTRACTVERIFY #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
bigspider wants to merge 7 commits into
base: 29.x
Choose a base branch
from
Draft

OP_CHECKCONTRACTVERIFY #102

bigspider wants to merge 7 commits into from

Conversation

@bigspider
Copy link

@bigspider bigspider commented Dec 13, 2025

This is a port of the previous PR for OP_CHECKCONTRACTVERIFY in core, matching the specifications in BIP-443.

Implementation with mutex

There are several ways the opcode's cross-input logic could be implemented, some without changing the semantics and some that make functionality tradeoffs to simplify the implementation. In this PR, I chose to use the keep the most direct implementation that uses a mutex for the synchronization of the cross-input logic, like in the linked bitcoin-core PR. The analysis of the various options will certainly deserve more careful consideration for an implementation in bitcoin-core, as cross-input Script evaluation logic is currently a new concept in the Script interpreter (although implicitly introduced in taproot, if Schnorr batch validation is implemented)

Sigops budget (draft)

Apart from rebasing and some minor style changes in the code, this PR adds a simple benchmark to compare with Schnorr signature checks, and a rough sigops budget pricing (which is still left as a TODO in the BIP). This will also need deserve more care in view of the fact that overpricing might cause some reasonable use cases to run out of sigops budget (forcing to stuff the witness just for the sake of gaining some more budget). I am currently not aware of such situations, but I hope that having the opcode available in signet might help with discovery. Underpricing it, of course, would cause the usual DoS concerns.

In this PR, CCV is priced as a signature check in the heaviest case with two tweaks, half if one tweak is skipped, and 0 otherwise.

@bigspider
Add binana json for CHECKCONTRACTVERIFY
5b9c277
@bigspider
consensus: Cross-input script validation framework
2d369cd 
Adds a framework for validation checks that persist an individual
input's script validation, allowing to persist state across the
evaluations of multiple inputs of a transaction.

This will be used for the amount logic of OP_CHECKCONTRACTVERIFY,
that performs amount checks that are aggregate across multiple inputs.

It could also be used for other applications, like batch validation
and cross-input Schnorr signature aggregation.
@bigspider
consensus: Add OP_CHECKCONTRACTVERIFY
8b34c8c
@bigspider
consensus: Add sigops budget for OP_CHECKCONTRACTVERIFY
bffc3d2
@bigspider
test: Add functional tests for OP_CHECKCONTRACTVERIFY
9ed6a96
@bigspider
test: Add functional tests for a vault construction based on CHECKCON…
635eb2b 
…TRACTVERIFY
@bigspider
bench: Add a simple benchmark for OP_CHECKCONTRACTVERIFY
7d56b1e
@bigspider
Copy link
Author

bigspider commented Dec 13, 2025
edited
Loading

This is currently failing the script_tests/script_assets_test, as redefining 0xbb from OP_SUCCESS187 to OP_CHECKCONTRACTVERIFY makes some testcases fail. The failing tests are testing the scripts OP_SUCCESS187 and 0 OP_IF OP_SUCCESS187 OP_ENDIF - so basically testing the OP_SUCCESS behavior.

I assume I must be doing something wrong in the activation logic - any advice would be greatly appreciated.

@bigspider bigspider marked this pull request as draft December 13, 2025 17:52
@bigspider bigspider mentioned this pull request Dec 13, 2025
Closed
@Christewart
Copy link

Christewart commented Dec 14, 2025
edited
Loading

Hey @bigspider , glad to see this show up here! Hopefully I can be a little helpful

I assume I must be doing something wrong in the activation logic - any advice would be greatly appreciated.

I didn't look at this super closely, but taking your word for it, if the Script that is failing is

0 OP_IF OP_SUCCESS187 OP_ENDIF

That means nothing ends up on the stack, which is equivalent to the empty byte vector and thus a Script failure correct? Previously [IsOpSuccess()] would return true, and now it returns false with the changes in 8b34c8c. The previous behavior would see the OP_SUCCESS187 (rather than OP_CCV) and trivially make the Script succeed. So I believe that this test case is failing as expected.

I believe you would want to make the IsOpSuccess() dependent on a new sigversion. See this PR which hopefully is helpful bitcoin#29265

Implementation with mutex

I'm still interested in this subject and will come back later and take a look at this. This is an interesting design space imo

@bigspider
Copy link
Author

bigspider commented Dec 14, 2025

That means nothing ends up on the stack, which is equivalent to the empty byte vector and thus a Script failure correct? Previously [IsOpSuccess()] would return true, and now it returns false with the changes in 8b34c8c. The previous behavior would see the OP_SUCCESS187 (rather than OP_CCV) and trivially make the Script succeed. So I believe that this test case is failing as expected.

Yes, the test is just checking the expected OP_SUCCESS behaviour of 0xbb, so it should only be run without SCRIPT_ENABLE_CHECKCONTRACTVERIFY. I think binana's magic in inquisition should be able handle that, therefore I probably did something wrong.

Summoning @ajtowns if you kindly have time to check.

@DrahtBot
Copy link
Collaborator

DrahtBot commented Dec 14, 2025

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #100 (OP_TEMPLATEHASH by darosior)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@DrahtBot DrahtBot mentioned this pull request Dec 14, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bigspider @Christewart @DrahtBot