Since we implemented OP_PUSH_TX, a plethora of smart contracts have been built using this powerful primitive. As these contracts begin to be deployed on the Bitcoin network, it is imperative that OP_PUSH_TX is lightweight to minimize transaction costs. Today, we released sCrypt IDE 0.4.4, which optimizes OP_PUSH_TX by 700%.
How to Use it?
To use the optimized version, simply replace Tx.checkPreimage(SigHashPreimage txPreimage) with its optimized version Tx.checkPreimageOpt(SigHashPreimage txPreimage).
Before the optimization, the contract above compiles to a script of 633 bytes. Afterwards, it compiles to only 92 bytes, a reduction factor of 7X.
SigHash Constraint
Due to Low-S constraint, the most significant byte (MSB) of the hash of txPreimage (a.k.a sighash) must be less than a threshold of 0x7E when using Tx.checkPreimageOpt(). This can be easily solved by malleating the transaction if it does not meet this constraint. Each malleation has a success chance of ~50%. It will only take a few malleations to find a valid transaction.
There are many ways to malleate a transaction without invalidating it, for example:
- Add some dummy operations to the locking script such as “OP_0 OP_DROP”
- Change its nLockTime as shown below
