Bitcoin Covenants: CHECKTEMPLATEVERIFY (BIP 119)

By / / 7 minutes of reading
Bitcoin Covenants: CHECKTEMPLATEVERIFY (BIP 119)

That is the primary article in a sequence deep diving into particular person covenant proposals which have reached some extent of maturity meriting an in depth breakdown. 

CHECKTEMPLATEVERIFY (CTV), put ahead by Jeremy Rubin with BIP 119, is probably the most mature and totally fleshed out covenant proposal, not solely out of the proposals we can be protecting, however out of all the covenant proposals of their entirety. As I discussed within the introduction article to this sequence, there are lots of considerations within the ecosystem concerning covenants which are too versatile enabling issues that wind up having very detrimental penalties for Bitcoin. 

CTV was designed particularly to constrain its capabilities tightly sufficient to keep away from any of these considerations. To first perceive how CTV features, we have to perceive the person elements of a Bitcoin transaction. 

It is a very excessive degree view of a Bitcoin transaction. It has inputs, or unspent cash (UTXOs), and outputs, the brand new unspent cash that the transaction will create when it’s confirmed in a block. There are much more items we are going to undergo, however that is the very best degree view of a transaction’s construction. 

Each transaction additionally has a model quantity subject for the entire transaction, indicating applicability of recent variations of guidelines or options. There’s additionally the marker and the flag, that are set to particular values to point the transaction makes use of Segwit. After that is the enter depend, the variety of inputs within the transaction. Then come the precise inputs. 

Every enter incorporates a TXID of the transaction that created the unspent coin being spent, a VOUT which marks what output in that transaction is being spent, the scale of the ScriptSig, and the ScriptSig, which is the unlocking script proving the enter being spent is permitted by its locking script guidelines, and at last a Sequence quantity which is used to make sure the enter being spent is following relative timelock guidelines. i.e. the enter has existed for a sure variety of blocks or size of time since its creation. 

The output depend is the subsequent piece of knowledge, the variety of outputs within the transaction. After this comes the precise outputs, which include an quantity of satoshis assigned to that output, the ScriptPubKey measurement, and the precise ScriptPubKey, which is the locking script for that output. Lastly the nLocktime subject applies a timelock worth in timestamp or block top that applies to your complete transaction. 

Every Segwit transaction additionally incorporates a Witness part, the place every enter has a corresponding witness containing a Stack Objects depend, what number of issues can be placed on the script stack, a Dimension subject for every merchandise, and the precise knowledge Merchandise to go on the stack. 

How CTV Works

CTV is an opcode that allows probably the most fundamental type of introspection and ahead knowledge finishing up of all of the covenant proposals. It permits a script to take a pre-defined 32 byte hash and examine that towards a hash of many of the fields of the spending transaction. If the hash derived from the precise spending transaction doesn’t match the pre-defined hash, the transaction is invalid. 

The fields it commits to are:

  • nVersion
  • nLocktime
  • Enter depend
  • A hash of all of the nSequence fields
  • Output depend
  • A hash of all of the outputs
  • Enter index (the place the enter has within the transaction, 1st enter, 2nd, and so on.)

These are all of the fields dedicated to by the CTV hash, of their entirety, and with no capacity to choose and select. That is the diploma of introspection CTV allows, “does the hash of these fields in the spending transaction match the hash in the locking script of the input being spent,” that’s it. The hash commits to basically your complete transaction besides the precise inputs. There’s a motive the hash doesn’t embody the inputs. With a view to lock an output to a 32 byte hash with CTV, it’s worthwhile to know the hash of the transaction that you’re making certain is the one means for it to be spent. The enter locked with CTV being spent should embody this hash as a way to be verified towards CTV. That necessitates having the hash of that transaction earlier than you create the whole transaction. That’s not doable. 

You may as well nest CTV scripts, i.e. have an preliminary CTV script decide to a transaction with outputs that additionally embody CTV scripts. That is what permits CTV to “carry forward” knowledge. All it carries ahead in observe although is no matter knowledge is contained within the chain of transactions. You are able to do this in concept to an infinite depth, however you’re restricted in observe to a finite depth as a result of the nesting should be generated backwards ranging from the tip. It’s because every degree, or “hop,”  should have the hash of the transaction shifting to the subsequent one, in any other case you possibly can’t create the locking script within the first place. Should you don’t already know the subsequent transaction, you possibly can’t generate the earlier one. 

What Is CTV Helpful For

CTV lets you prohibit an output in order that it could actually solely be spent, in keeping with consensus guidelines, by an actual pre-defined transaction. A few of you may be asking what the large deal is, we will already pre-sign transactions. If the extent of introspection is so restricted that it could actually solely accomplish one thing we will already just do pre-signing, what’s the worth add? 

First, pre-signed transactions all the time go away open the potential for the keyholder(s) signing new transactions and spending these cash another way. You must belief that the keyholder won’t do that, or will delete the important thing wanted to signal with (which you additionally need to belief them on). CTV removes that belief completely. As soon as the spending transaction is outlined and the output locked to that CTV hash is created, there isn’t a risk of being spent one other means, enforced by consensus. 

At the moment the one means round that belief is to be concerned in pre-signing transactions your self utilizing multisig. Then you definately may be utterly sure that except you select to signal one your self, no different legitimate transaction spending a coin another way may be created. The issue is the extra persons are concerned, the harder and unreliable coordinating everybody to pre-sign a transaction on the identical time turns into. Previous small sizes it turns into a very impractical downside to resolve reliably. 

CTV offers a means for folks to know a set of transactions is dedicated with out everybody having to get on-line on the identical time to signal them. It drastically simplifies the coordination course of by permitting everybody to get the wanted info to anybody else at any time when they will, and as soon as that individual has everybody’s info they will create the chain of CTV transactions with out anybody else’s involvement, and everybody can confirm and make certain that the right final result is the one doable one. 

That’s extremely worthwhile by itself, however CTV may also allow much more worthwhile issues together with different opcodes, which we’ll see within the subsequent article. 

Closing Ideas

CTV is a tightly restricted covenant that allows a level of introspection and ahead knowledge carrying that’s so restricted it doesn’t exceed the precise performance of something that may be finished with pre-signed transactions. The worth proposition is just not in enabling new performance in its personal proper, however drastically enhancing the effectivity, scalability, and safety ensures of what may be constructed presently utilizing pre-signed transactions. This alone is an enormous profit to virtually each presently deployed protocol utilizing pre-signed transactions.

Listed below are among the tasks demonstrating how totally fleshed out and explored this specific covenant is in comparison with the others:

  • A fundamental cost pool instance by stutxo. 
  • A CTV vault implementation by James O’Beirne, who went on to suggest OP_VAULT (which nonetheless makes use of CTV). 
  • A proof-of-concept port of the pre-signed transaction based mostly Ark implementation from Second by Steven Roose to make use of CTV as a substitute.
  • The Sapio Language by Jeremy Rubin himself, the next degree language for constructing contracts with CTV (additionally supporting the usage of pre-signed transactions as a substitute). 
  • Timeout Bushes, a proposal for a really fundamental coinpool design by John Legislation.
  • Quite a few different doable protocols, resembling optimized Discreet Log Contracts (DLCs), non-interactive Lightning channels one get together may open with out the opposite, and even decentralized methods for miners to pool collectively. 

CTV is an extremely mature proposal at this level, with a excessive worth add, and no threat of enabling something driving the considerations round covenants. This could not solely be very severely thought of, however in my private opinion ought to have been activated years in the past. 

Supply hyperlink

author avatar
Crypto Dunia
See Full Bio

Related Posts

bitcoin
Bitcoin (BTC) $ 109,661.38 0.54%
ethereum
Ethereum (ETH) $ 2,590.22 0.04%
tether
Tether (USDT) $ 1.00 0.01%
xrp
XRP (XRP) $ 2.26 0.80%
bnb
BNB (BNB) $ 663.35 0.34%
solana
Solana (SOL) $ 152.44 0.37%
usd-coin
USDC (USDC) $ 1.00 0.01%
tron
TRON (TRX) $ 0.28659 0.72%
dogecoin
Dogecoin (DOGE) $ 0.172203 1.41%
staked-ether
Lido Staked Ether (STETH) $ 2,589.03 0.13%
cardano
Cardano (ADA) $ 0.600301 1.97%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 109,610.37 0.44%
hyperliquid
Hyperliquid (HYPE) $ 40.46 0.58%
wrapped-steth
Wrapped stETH (WSTETH) $ 3,131.32 0.16%
sui
Sui (SUI) $ 3.02 3.86%
bitcoin-cash
Bitcoin Cash (BCH) $ 496.47 2.66%
chainlink
Chainlink (LINK) $ 13.66 0.12%
leo-token
LEO Token (LEO) $ 9.02 0.13%
avalanche-2
Avalanche (AVAX) $ 18.54 0.11%
stellar
Stellar (XLM) $ 0.243061 1.60%
usds
USDS (USDS) $ 1.00 0.01%
the-open-network
Toncoin (TON) $ 2.85 0.85%
weth
WETH (WETH) $ 2,590.75 0.15%
shiba-inu
Shiba Inu (SHIB) $ 0.000012 0.26%
litecoin
Litecoin (LTC) $ 88.88 1.45%
hedera-hashgraph
Hedera (HBAR) $ 0.159227 2.18%
wrapped-eeth
Wrapped eETH (WEETH) $ 2,777.68 0.04%
whitebit
WhiteBIT Coin (WBT) $ 43.78 0.16%
binance-bridged-usdt-bnb-smart-chain
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00 0.06%
monero
Monero (XMR) $ 318.64 1.52%
polkadot
Polkadot (DOT) $ 3.54 0.89%
bitget-token
Bitget Token (BGB) $ 4.57 0.39%
ethena-usde
Ethena USDe (USDE) $ 1.00 0.02%
coinbase-wrapped-btc
Coinbase Wrapped BTC (CBBTC) $ 109,711.39 0.57%
uniswap
Uniswap (UNI) $ 7.47 0.87%
pepe
Pepe (PEPE) $ 0.00001 0.15%
aave
Aave (AAVE) $ 279.64 0.39%
pi-network
Pi Network (PI) $ 0.496517 0.12%
dai
Dai (DAI) $ 1.00 0.00%
ethena-staked-usde
Ethena Staked USDe (SUSDE) $ 1.18 0.03%
aptos
Aptos (APT) $ 4.74 0.92%
bittensor
Bittensor (TAO) $ 338.32 0.35%
okb
OKB (OKB) $ 50.01 0.21%
blackrock-usd-institutional-digital-liquidity-fund
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00 0.00%
near
NEAR Protocol (NEAR) $ 2.27 1.93%
jito-staked-sol
Jito Staked SOL (JITOSOL) $ 185.06 0.17%
internet-computer
Internet Computer (ICP) $ 5.01 0.63%
crypto-com-chain
Cronos (CRO) $ 0.08351 1.22%
ethereum-classic
Ethereum Classic (ETC) $ 16.98 0.30%
ondo-finance
Ondo (ONDO) $ 0.795978 0.71%
susds
sUSDS (SUSDS) $ 1.06 0.01%
usd1-wlfi
USD1 (USD1) $ 1.00 0.04%
kaspa
Kaspa (KAS) $ 0.078631 0.56%
mantle
Mantle (MNT) $ 0.585006 0.03%
tokenize-xchange
Tokenize Xchange (TKX) $ 24.36 0.01%
gatechain-token
Gate (GT) $ 15.81 0.80%
cosmos
Cosmos Hub (ATOM) $ 4.18 0.16%
fasttoken
Fasttoken (FTN) $ 4.42 0.11%
vechain
VeChain (VET) $ 0.02196 0.72%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 0.719629 1.09%
official-trump
Official Trump (TRUMP) $ 8.91 0.89%
sky
Sky (SKY) $ 0.080888 2.28%
lombard-staked-btc
Lombard Staked BTC (LBTC) $ 109,591.36 0.49%
render-token
Render (RENDER) $ 3.31 0.06%
arbitrum
Arbitrum (ARB) $ 0.34434 0.94%
ethena
Ethena (ENA) $ 0.277128 0.27%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.187038 0.77%
filecoin
Filecoin (FIL) $ 2.39 0.31%
worldcoin-wld
Worldcoin (WLD) $ 0.944442 0.48%
algorand
Algorand (ALGO) $ 0.182444 0.61%
binance-peg-weth
Binance-Peg WETH (WETH) $ 2,593.85 0.25%
jupiter-perpetuals-liquidity-provider-token
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 4.52 0.06%
sei-network
Sei (SEI) $ 0.27201 4.11%
first-digital-usd
First Digital USD (FDUSD) $ 0.996423 0.09%
usdtb
USDtb (USDTB) $ 1.00 0.01%
kucoin-shares
KuCoin (KCS) $ 11.06 0.99%
binance-staked-sol
Binance Staked SOL (BNSOL) $ 161.83 0.19%
jupiter-exchange-solana
Jupiter (JUP) $ 0.458609 0.96%
usdt0
USDT0 (USDT0) $ 1.00 0.00%
bonk
Bonk (BONK) $ 0.000017 6.89%
nexo
NEXO (NEXO) $ 1.23 0.92%
fartcoin
Fartcoin (FARTCOIN) $ 1.22 4.12%
rocket-pool-eth
Rocket Pool ETH (RETH) $ 2,951.92 0.17%
trinique
TNQ (TNQ) $ 10.26 468.75%
spx6900
SPX6900 (SPX) $ 1.28 2.68%
kelp-dao-restaked-eth
Kelp DAO Restaked ETH (RSETH) $ 2,714.86 0.15%
flare-networks
Flare (FLR) $ 0.016883 2.64%
celestia
Celestia (TIA) $ 1.64 3.63%
injective-protocol
Injective (INJ) $ 11.57 2.16%
virtual-protocol
Virtuals Protocol (VIRTUAL) $ 1.66 2.72%
sonic-3
Sonic (S) $ 0.331799 1.51%
pudgy-penguins
Pudgy Penguins (PENGU) $ 0.016876 10.86%
polygon-bridged-usdt-polygon
Polygon Bridged USDT (Polygon) (USDT) $ 1.00 0.02%
blockstack
Stacks (STX) $ 0.689154 0.01%
optimism
Optimism (OP) $ 0.574442 1.55%
binance-bridged-usdc-bnb-smart-chain
Binance Bridged USDC (BNB Smart Chain) (USDC) $ 1.00 0.07%
mantle-staked-ether
Mantle Staked Ether (METH) $ 2,777.39 0.59%
xdce-crowd-sale
XDC Network (XDC) $ 0.060269 0.48%
stakewise-v3-oseth
StakeWise Staked ETH (OSETH) $ 2,720.66 0.02%
kaia
Kaia (KAIA) $ 0.164782 1.10%
Scroll to Top