- It opens up malleability vectors. IIUC this proposal correctly, we have 3 different usages of
-1
on the witness stack. This means we have 8 different combinations of potential valid values on the witness stack. I’ve pasted a table below of the different malleability combinations
In the vast majority of usages, all those arguments would not be passed via the witness stack. The only case where I used an index passed via the witness stack, so far, was for index
argument in vaults, in order to make them more ergonomic (in that you have more freedom in how to compose your transactions).
If a script takes those arguments from the witness, then it’s up to the script designer to deal with malleability, possibly by adding additional constraints (like a CHECKSIG
) in order to avoid it.
Remark: I don’t it would ever make sense for pk
or taptree
to directly come from the witness; in some case, it could come from a computation that depends on the witness arguments - for example, as the result of opening a commitment, which implicitly deals with malleability,
- Its not composable with other index based opcodes. Other index based opcodes would need to adopt your
-1
semantic to be composable with OP_CCV
.
Do you have a concrete example of lack of composability?
If you remove the -1
semantic you would get rid of malleability potential and make OP_CCV more composable with future index based opcodes (OP_INOUT_AMOUNT
, and various elements project opcodes)
This has the tradeoff of increasing witness size, but I think the tradeoff is worth it for the benefit of composability. These values can be useful for other opcodes other than OP_CCV
during script validation! :-)
The -1
semantic is extremely common and dramatically optimizes the script sizes.
The CCV_MODE_CHECK_OUTPUT_IGNORE_AMOUNT
mode is there precisely to future-proof the opcode and make it composable with any other amount introspection - even if I don’t currently have a use case for it.
It’s unclear to me how removing a feature could make the opcode more composable. If you don’t need the feature for your script, you can simply not use it.