# Gavin Andresen
# 2012-01-23 21:59:37
# https://bitcointalk.org/index.php?topic=60433.msg709359#msg709359

@s{quotedtext}
@s{quotedtext}
 @p{brk}
BIP 16 explicitly states: @p{brk}
"Validation fails if there are any operations other than "push data" operations in the scriptSig." @p{par}

Let me try again for why I think it is a bad idea to put anything besides "push data" in the scriptSig: @p{par}

Bitcoin version 0.1 evaluated transactions by doing this: @p{par}


Code:
Evaluate(scriptSig + OP_CODESEPARATOR + scriptPubKey)
 @p{brk}
That turned out to be a bad idea, because one person controls what is in the scriptPubKey and another the scriptSig. @p{par}

Part of the fix was to change evaluation to: @p{par}


Code:
stack = Evaluate(scriptSig) @p{brk}
Evaluate(scriptPubKey, stack)
 @p{brk}
That gives a potential attacker much less ability to leverage some bug or flaw in the scripting system. @p{par}

Little known fact of bitcoin as it exists right now: you can insert extra "push data" opcodes at the beginning of the scriptsigs of transactions that don't belong to you, relay them, and the modified transaction (with a different transaction id!) may be mined. @p{par}


@s{quotedtext}
@s{quotedtext}
 @p{brk}
Are you volunteering to make that happen? After working really hard for over four months now to get a @p{(it}backwards-compatible@p{it)} change done I'm not about to suggest an "entire network must upgrade" change... @p{brk}