[ad_1]
With present model of Bitcoin Script, that’s not potential.
Nevertheless, with some upgrades to Bitcoin’s ScriptVM it will turn out to be potential, the stipulations are:
- A technique to decide to transaction’s outputs (e.g. OP_CHECKTEMPLATEVERIFY or TX introspection opcodes + OP_CAT)
- A technique to break up & concatenate stack gadgets (OP_CAT & OP_SPLIT)
- A approach for inputs to “see” one another (introspection opcodes)
With that, one may code a hash-lock however with a further requirement: one other enter should reveal an aged dedication to (prevout + output contents of the TX). That is one thing solely the one who is aware of the key would be capable of produce forward of unveiling the key. As soon as he spends from the contract he’ll reveal it, however he’ll have already got the aged dedication and others will not be capable of steal his funds.
As soon as posted to mempool, safety would depend on the spending TX getting mined earlier than an attacker would be capable of age another dedication and submit another spending TX.
A proof-of-concept for such a contract exists for Bitcoin Money (BCH), a blockchain fork of Bitcoin (BTC) which upgraded the ScriptVM with the required L1 primitives in ’18 (OP_CAT & OP_SPLIT) and ’22 (introspection opcodes) community upgrades.
The “lock” redeem script, positioned on the UTXO which might maintain the stability
(observe: there is not any unlocking knowledge, the enter’s unlocking script is simply the redeem script push)
// sha256(one_time_secret + commit_script_tail)
<93168bb98087a29aeb40733ef301f907c3e4125568dd0ddf851f304b43438a14>
// slice related enter's script
OP_INPUTINDEX OP_1ADD
OP_INPUTBYTECODE
<1> OP_SPLIT
OP_SWAP OP_SPLIT
<2> OP_SPLIT
<1> OP_SPLIT
<32> OP_SPLIT
<1> OP_SPLIT
<1> OP_SPLIT
// confirm sha256(one_time_secret + commit_script_tail)
<6> OP_ROLL OP_SWAP OP_CAT OP_SHA256
<6> OP_ROLL OP_EQUALVERIFY
// confirm enter script head format
<0x51> <0x61> OP_WITHIN OP_VERIFY
<0x51> <0x61> OP_WITHIN OP_VERIFY
OP_SIZE <32> OP_EQUALVERIFY
OP_DROP <32> OP_EQUALVERIFY
<0x4c72> OP_EQUAL
The “commit” redeem script, positioned on the UTXO which might reveal the aged dedication
(observe: the unlocking knowledge is simply the one_time_secret
)
// sha256(associated_outpoint + one_time_secret + {first 3 outputs})
<0x8bda8c89d438b6da3fd9d289da59532736bfb23d93bba1e2e8da41c194ea43e9>
// age_reveal
<2>
// age_cleanup
<4>
OP_DEPTH <4> OP_LESSTHAN
// if no secret is supplied then this can be a cleanup spend
OP_IF
// as soon as redeem script is revealed and utxo aged past age_cleanup,
// any miner can declare the mud to himself
// confirm age_cleanup
OP_CHECKSEQUENCEVERIFY OP_DROP
OP_2DROP
// else it's a reveal spend
OP_ELSE
// drop age_cleanup, not wanted right here
OP_DROP
// confirm age_spend
OP_CHECKSEQUENCEVERIFY OP_DROP
// get related outpoint on high of stack
OP_INPUTINDEX OP_1SUB OP_DUP
OP_OUTPOINTTXHASH
OP_SWAP OP_OUTPOINTINDEX OP_CAT
// get one_time_secret on high of stack and concatenate
OP_ROT OP_CAT
// concatenate outputs 00 [& 01 [& 02]]
<0> OP_OUTPUTVALUE OP_CAT
<0> OP_OUTPUTTOKENCATEGORY OP_CAT
<0> OP_OUTPUTTOKENCOMMITMENT OP_CAT
<0> OP_OUTPUTTOKENAMOUNT OP_CAT
<0> OP_OUTPUTBYTECODE OP_CAT
OP_TXOUTPUTCOUNT <2> OP_GREATERTHANOREQUAL
OP_IF
<1> OP_OUTPUTVALUE OP_CAT
<1> OP_OUTPUTTOKENCATEGORY OP_CAT
<1> OP_OUTPUTTOKENCOMMITMENT OP_CAT
<1> OP_OUTPUTTOKENAMOUNT OP_CAT
<1> OP_OUTPUTBYTECODE OP_CAT
OP_ENDIF
OP_TXOUTPUTCOUNT <3> OP_GREATERTHANOREQUAL
OP_IF
<2> OP_OUTPUTVALUE OP_CAT
<2> OP_OUTPUTTOKENCATEGORY OP_CAT
<2> OP_OUTPUTTOKENCOMMITMENT OP_CAT
<2> OP_OUTPUTTOKENAMOUNT OP_CAT
<2> OP_OUTPUTBYTECODE OP_CAT
OP_ENDIF
OP_SHA256
// confirm in opposition to embedded pre-commitment
OP_EQUALVERIFY
OP_ENDIF
OP_1
The contracts may be loaded into BitAuthIDE debugger utilizing this hyperlink.
The contracts have been efficiently spent from on BCH mainnet:
This proof-of-concept was first revealed right here
[ad_2]