This is the fifth article in A series Deep dives in individual alliance proposals that have reached a high school point by deserving a thorough break.
Op_cat, presented for the reactivation in Tapscript by Ethan Heilman and Armin Sabouri in Bip 347, is not a pact. It was an operating code originally included in the first version of Bitcoin to manipulate data elements on the stack. It was deactivated in 2010 with the release of Bitcoin 0.3.10 together with a number of other operational codes due to the concerns of negation attacks of the service attacks that could stop the nodes. A 520 byte maximum limit for each single element on the stack was also added during the execution of a script.
You should already have a basic understanding of how the evaluation of the scripts on the stack and the basic pieces of a bitcoin transaction works, so there is not really very prerequisite that explains necessary for op_cat.
While Op_cat may not be a pact in and of itself, it can emulate alliances because of a strangeness on how Schnorr’s signatures work. This is a rather in -depth topic, completely explained here by Andrew Poelstra by Blockstream, so I will remain with a high level view. Each elliptical curve has a point of the generator, which is essentially “0”, which is used in the mathematical elliptical curve for generation and key signature. With Schnorr, you can sign using the generator point as a key and give or take some bytes that you have to sign repeatedly to obtain the right, the resulting signature is actually the same hash of the transaction you have signed.
Put aside the mechanics of how it works mathematically for now and remember only for subsequent that these “strange” signatures allow you to obtain the current TXID transactions on the stack.
How Op_cat works
Op_cat takes the first two elements of data on the stack and concatenate them together. So if the first two elements on the stack are “1” and “2”, op_cat removes them both and then puts “12” at the top of the stack. That’s all.
What is useful for op_cat for
Ok, then what is the big problem? Why are everyone going out of the head for Op_cat even if the explanation of how it works has not even used a complete paragraph to write?
Two reasons, although given the nature of Op_cat, I cannot provide guarantees, these are the only two reasons. Op_cat allows the construction and verification of Merkle trees directly on the stack, which opens the door to some interesting behaviors and features. It also allows the emulation of alliances that allow complete granular introspection due to the “strange” Schnorr signatures mentioned above.
Merkle’s proof verification is a key component of Taproot, but the way in which the verification of the Merkle tree is implemented occurs only in the context of verifying that a path of mice spending is engaged in the public key of Root Schnorr in the writing of output of the shopping currency. TAPROOT does not support Merkle’s generic verification.
Op_cat allows it in a totally generic way. Simply provide leaf (e.g.) hash and therefore internal hash nodes in the right order and call Op_cat in succession will allow you to reconstruct a Merkle root hash and confront a predefined hash in the script. You could do it to provide unilateral withdrawal paths for Utxos shared as in CATVM, it is possible to make transactions dependent on other transactions that have been included in a block with a valid work, it is possible to make a transaction dependent on practically any condition that can be verified with a test of Merkle.
Now, for the emulation of the alliance that allows full introspection. What you are trying to do is make sure that a transaction must have certain features to be valid. Remember now that the “strange” signature gets the hash of the transaction on the stack. A signature of the transactions is not actually performed on the raw transaction, it is made on its hash. This allows us to do something interesting.
You can build very complicated and twisted scripts using op_cat to take the individual raw pieces of the transaction as part of the witness and slowly put them together on the stack with op_cat. Along the way, the individual pieces of the transaction can be checked against default hash by eliminating them and using op_etual. At the end of the script you have the complete transaction on the stack itself and you can add the data needed to it and then have them, comparing them once again with op_equal, this time against the “strange” signature. If that check passes, you can perform a normal checksig and as long as the “strange” signature was carried out with the shopping transaction, everything is valid.
The op_equal checks of the individual pieces of the transaction along the road guarantee that those pieces of the transaction are exactly what they should be. If any of them cannot verify, the transaction is not valid. This applies the emulated alliances. In the end, if the hash of the transaction built with Op_cat and the “Weird” correspondence, then the final checksig guarantees that the transaction built with op_cat and controlled against the emulated alliance corresponds to the effective transaction spent at that moment.
Closing thoughts
Op_cat will completely open the doors of the introspection and forward data. Introspection can be made in any desired granular degree, with every single field of the transaction capable of engaging independently. Enable all the same introspective skills as TXHASH, and then some.
The ability to verify the tests of Generic Merkle is also a powerful functionality, but it questioned how this ability will be used and what type of incentives could create. It is possible to build bitcoin scripts that require a transaction on external blockchain systems, provided that they use Merkle trees built with the hash functions available in the Bitcoin script.
While Op_cat is not a pact in itself, it allows full emulation of alliances with a much less efficient blockchain imprint (and the potential for developers to make mistakes and burn money). It is a proposal that, despite being incredibly simple, should be approached with caution, given the massive design space to which it opens.