It would be nice to have a mode that decoded hex-encoded script, like bitcoin-cli decodescript but much faster. Then we could do something like:

./bitcoin-iterate -q --output=%os --start 0 --end 80000 | btcs --decode

We could use the same syntax that bitcoin-tx uses:

btcs <<<'0x6a03 0x010203'

• swap drop -> nip
• dup if dup endif -> ifdup
• swap over -> tuck
• dup dup -> 2dup
• dup dup dup -> 3dup
• drop drop -> 2drop
• rot rot rot ->
• swap 1 pick -> tuck
• 0 pick -> dup
• 1 pick 1 pick -> 2dup
• 2 pick 2 pick 2 pick -> 3dup
• x add x sub ->
• 0 roll ->

Numbers

Where x and y are scriptnums

• x y add -> x + y
• x y sub -> x - y

Inspired from the mailing list:

   0 pkb6 pkb5 pkb4 pkb3 pkb2 pkb1 pka3 pka2 pka1 9 CHECK_AGGSIG_VERIFY
     (declare pubkeys)
   0b111 CHECK_AGG_SIGNERS VERIFY
     (one of pka{1,2,3} must sign)
   0b001 CHECK_AGG_SIGNERS
   0b010 CHECK_AGG_SIGNERS ADD
   0b100 CHECK_AGG_SIGNERS ADD
   DUP ADD
     (pka{1,2,3} count double)
   0b000001000 CHECK_AGG_SIGNERS ADD
   0b000010000 CHECK_AGG_SIGNERS ADD
   0b000100000 CHECK_AGG_SIGNERS ADD
   0b001000000 CHECK_AGG_SIGNERS ADD
   0b010000000 CHECK_AGG_SIGNERS ADD
   0b100000000 CHECK_AGG_SIGNERS ADD
     (pkb{1..6} count single)
   6 EQUAL

Perhaps 0xabcdef0123456789 for pushing data. Arbitrary hex strings without the prefix should be possible as well. What about decimal integers/ScriptNums? Strings?

Full support for many types of literals would be nice.

• #13 Number literals
• #11 Data literals
• #18 String literals

https://github.com/bitcoin/bips/blob/master/bip-0116.mediawiki

see gopher://jb55.com/0/bips/sipa/bip-tapscript.txt

• Only compressed public keys are accepted in P2WPKH and P2WSH (See BIP143)
• The argument of OP_IF/NOTIF in P2WSH must be minimal[4]
• Signature(s) must be null vector(s) if an OP_CHECKSIG or OP_CHECKMULTISIG is failed (for both pre-segregated witness script and P2WSH. See BIP146)

Would be nice to know if the script is standard in the results section

https://github.com/bitcoin/bitcoin/blob/79399c8cd0b6030034eea5feed3a7523e369b256/src/policy/policy.cpp#L57

https://github.com/bitcoin/bitcoin/blob/79399c8cd0b6030034eea5feed3a7523e369b256/src/script/standard.cpp#L38

If they have a minimal encoding

see http://bitcoin.sipa.be/miniscript/miniscript.html

so we can do things like btcs 1 dup equalverify

I just implemented some functional tests for bcalc in jb55/bcalc@ae0b2d3a02bf2c403663ec9f910fd1882ef4860b^...073990b and I'm really liking the csv way of defining tests. Perhaps I can rework the testsuite to do something similar.

because why not. perhaps an option to continue executing and report an invalid script error in the result.

-O option that cleans up non minimal data, etc.

Verification, etc

sha256, ripemd, etc

Generate addresses from scripts

Depends on #16

examples:

script      0 OP_NOT
script_hex  0091
stack       1
stack_hex   01
results     success

script      1 OP_NOT
script_hex  5191
stack       0
stack_hex                                {missing 00}
results     success

script      0 0 OP_SUB
script_hex  000094
stack       0
stack_hex                                {missing 00}
results     success

script      1 0 OP_SUB
script_hex  510094
stack       1
stack_hex   01
results     success

script      127 0 127 1
script_hex  017f00017f51
stack       0x7f 0x 0x7f 1                {0x?}
stack_hex   7f7f01                        {missing 00}
results     success

Would be nice when ran without input

A lot of bitcoin cli tools use JSON for output. Perhaps there could be a mode that supports this for interop with jq, bitcoin-cli, etc

Implement script_handle_input, which prompts on free variables.

For example, with a script such as:

OP_IF
    [HASHOP] <digest> OP_EQUALVERIFY OP_DUP OP_HASH160 <seller pubkey hash>            
OP_ELSE
    <num> [TIMEOUTOP] OP_DROP OP_DUP OP_HASH160 <buyer pubkey hash>
OP_ENDIF
OP_EQUALVERIFY
OP_CHECKSIG

it should prompt for input on <digest>, <seller pubkey hash> etc. otherwise, provide input via cli arguments. Maybe eventually we will have variables...

Testing if a number is within a range, returns 1 (i.e. 'true'):

script      1 -100 100 OP_WITHIN
script_hex  5101e40164a5
stack       1

script      1 -8388607 8388607 OP_WITHIN
script_hex  5103ffffff03ffff7fa5
stack       1

Increment the range (numbers now 4 bytes), returns 0 which is incorrect it should be 1.

script      1 -8388608 8388608 OP_WITHIN
script_hex  5104000080800400008000a5
stack       0

This test is from bitcoin core, expected return value is 1.

script      0 -2147483647 2147483647 OP_WITHIN
script_hex  0004ffffffff04ffffff7fa5
stack       0

From elements:

https://github.com/ElementsProject/elements/blob/8f83534d4e44dcb52f31422ea27e0a1586b02c4a/src/script/interpreter.cpp#L1252-L1305

It would be nice to expand the interpreter's ability to handle future upgrades to the Bitcoin script (thanks to segwit). I wonder if there's anything stopping me from implementing Simplicity? /cc @roconnor-blockstream

This is done!

Indent if statements, etc

from elements:

https://github.com/ElementsProject/elements/blob/8f83534d4e44dcb52f31422ea27e0a1586b02c4a/src/script/interpreter.cpp#L1217-L1250

Sugar for data literals

Would be handy for OP_RETURN stuff maybe?

Parameters for script context would be nice. I'm currently missing:

BaseSignatureChecker

Used in CLTV, CSV, CHECKSIGVERIFY. This is just an interface to the TransactionSignatureChecker which requires extra context, such as txos. How to represent this state for testing scripts?

• CSV: checker.CheckSequence
• CLTV: checker.CheckLockTime
• CHECKSIG: checker.CheckSig

Other stuff

• SigVersion
• flags:

SCRIPT_VERIFY_NONE                                  = 0,
SCRIPT_VERIFY_P2SH                                  = (1U << 0),
SCRIPT_VERIFY_STRICTENC                             = (1U << 1),
SCRIPT_VERIFY_DERSIG                                = (1U << 2),
SCRIPT_VERIFY_LOW_S                                 = (1U << 3),
SCRIPT_VERIFY_NULLDUMMY                             = (1U << 4),
SCRIPT_VERIFY_SIGPUSHONLY                           = (1U << 5),
SCRIPT_VERIFY_MINIMALDATA                           = (1U << 6),
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS            = (1U << 7),
SCRIPT_VERIFY_CLEANSTACK                            = (1U << 8),
SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY                   = (1U << 9),
SCRIPT_VERIFY_CHECKSEQUENCEVERIFY                   = (1U << 10),
SCRIPT_VERIFY_WITNESS                               = (1U << 11),
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM = (1U << 12),
SCRIPT_VERIFY_MINIMALIF                             = (1U << 13),
SCRIPT_VERIFY_NULLFAIL                              = (1U << 14),
SCRIPT_VERIFY_WITNESS_PUBKEYTYPE                    = (1U << 15),