Skip to content

Bitcoin jets#321

Merged
roconnor-blockstream merged 4 commits intomasterfrom
bitcoin-jets
Dec 9, 2025
Merged

Bitcoin jets#321
roconnor-blockstream merged 4 commits intomasterfrom
bitcoin-jets

Conversation

@roconnor-blockstream
Copy link
Collaborator

@roconnor-blockstream roconnor-blockstream commented Dec 5, 2025

Implement our set of jets for the Bitcoin application of Simplicity.

This also includes defining the transaction environment for the Bitcoin application of Simplicity.

@roconnor-blockstream
Copy link
Collaborator Author

roconnor-blockstream commented Dec 5, 2025

@apoelstra The C code here involves a lot of code to review, and it does take a little while. I found the best way to review the code is to compare each new file to the associated elements version of the file (I used meld to do this comparison) while reviewing the file.

@apoelstra
Copy link
Collaborator

apoelstra commented Dec 9, 2025

In 647ff0b:

The bitcoin_fee jet, as specified, can overflow for coinbase transactions (which have a "negative fee"). I'm unsure whether coinbases are allowed to have additional inputs which might have Simplicity programs in them. But it could be that this jet allows miners to break certain contracts by overflowing the fee.

Maybe we want to change the spec to just abort on overflow here?

@roconnor-blockstream
Copy link
Collaborator Author

roconnor-blockstream commented Dec 9, 2025
edited
Loading

Coinbase transactions are not allowed to have extra inputs.

Regardless the specification states the fee is taken modulo 2^64, which is well-defined. There is plenty of room in 64 bits to consider values in the range [-money_range, +money_range] if users need to interpret the result as a signed 64 bit value.

Edit: In the C implementation we specifically must use unsigned values here since they are the only integer types that have well defined overflow behaviour, even if we want to interpret the result as an signed value.

@apoelstra
Copy link
Collaborator

apoelstra commented Dec 9, 2025

Edit: In the C implementation we specifically must use unsigned values here since they are the only integer types that have well defined overflow behaviour, even if we want to interpret the result as an signed value.

Yep, I am familiar with this (and checked your code to make sure there was no signed overflow, which would have been UB).

Coinbase transactions are not allowed to have extra inputs.

Regardless the specification states the fee is taken modulo 2^64, which is well-defined.

...well-defined, but could be a footgun. But if there's no way you can get a valid on-chain transaction with overflowing fees, I think it's fine.

apoelstra
apoelstra approved these changes Dec 9, 2025
View reviewed changes
Copy link
Collaborator

@apoelstra apoelstra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK e36063f; successfully ran local tests

@roconnor-blockstream roconnor-blockstream merged commit e36063f into master Dec 9, 2025
18 checks passed
@roconnor-blockstream roconnor-blockstream deleted the bitcoin-jets branch December 9, 2025 22:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@apoelstra apoelstra apoelstra approved these changes

@canndrew canndrew Awaiting requested review from canndrew

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roconnor-blockstream @apoelstra