A collection of resources related to covenants

covenants.md

Covenants

Covenant-enabling Bitcoin Features

• BIP119: CHECKTEMPLATEVERIFY (CTV) by Jeremy Rubin
• BIP118: SIGHASH_ANYPREVOUT (APO) (aka SIGHASH_NOINPUT) by Christian Decker and Anthony Towns
• OP_CAT by Andrew Poelstra
• OP_CHECKSIGFROMSTACK (CSFS) + OP_CAT
• OP_TAPLEAF_UPDATE_VERIFY (TLUV) by Anthony Towns
• TXHASH + CHECKSIGFROMSTACKVERIFY (TXHASH + CSFS) by Russel O'Connor
• OP_EVICT by ZmnSCPxj

Properties of Covenants

• Granularity: Which transaction fields can be defined by the covenant?
• Overhead: How many bytes are required per TX?
• Simplicity: How complex is the implementation and the usability?
• Status: Is there a BIP? PR? Reviews? Signet? Testnet? Signals? Merged?
• Recursion: Can the covenant be applied endlessly to itself?
• Use cases: For which applications is the covenant the optimal solution?

Resources

• CTV Website
• APO Website
• bitcoinops.org - Covenants
• bitcoinops.org - Covenant opcode proposal
• Bitcoin Covenants (Möser et al, 2016)
• Enhancing Bitcoin Transactions with Covenants (O'Connor et al, 2017)
• Bitcoin Covenants: Three Ways to Control the Future (Swambo et al, 2020)
• bitcoincovenants.com - A compilation of research on Bitcoin Covenants
• Jeremy Rubin AMA
• UnhashedPodcast - Russell O’Connor’s reframing of OPs APO+CTV
• CoinCovenants using SCIP signatures, an amusingly bad idea. (2013)
• Covenants in Elements Alpha (2016)
• Bitcoin2022 - What Are Covenants? (Video)
• Eltoo with Anyprevout and Taproot
• CTV Telegram Group
• How to emulate SIGHASH_NOINPUT using CHECKSIGFROMSTACKVERIFY?

Comparisons to CTV

• Anthony Towns: "I don't think of TLUV as an alternative to CTV"
• Christian Decker: "I consider the two proposals [APO and CTV] complementary, and not competing"
• Alternatives to CTV

Projects based on covenants

• CTV use cases
• Simple CTV Vault
• Spacechains
• Stakechains
• CTV dramatically improves DLCs
• Automated Market Maker by Bitmatrix

CTV Activation - Pros and Cons

Pros

• Covenants have been discussed for more than 6 years.
• There is strong consensus that Bitcoin should support covenants.
• CTV is the most conservative approach to enable covenants.
• The BIP was finalized over two years ago.
• The code is well tested and reviewed.
• People are testing vaults and other covenants live on the CTV signet.
• There are no objections against CTV on the code level.
• For 5 months there has been a 5.5 BTC bug bounty program funded by community members.
• Many community members support the activation of CTV.

Cons

• The strongest technical argument against bip119 is: since we have to do some soft fork for covenants let’s activate full-featured covenants right away instead of causing multiple forks with overlapping features.
• The most likely alternative seems to be TXHASH + CSFS. It combines Eltoo fans with ctv fans in a way that makes technical sense, it satisfies those who want more complex covenants going forward, the conversational well around it is less poisoned. The main downside is that it uses a few more bytes. The work that needs to be done to get it in safely can be overcome with effort.
  • However, nobody is working on it. There's no BIP yet. No review. Not even remotely a PR.
  • The number of bitfields in TXHASH is high, so the limiting factor would be writing a large number of both tests and arguing that any possible permutation of those bitfields does not lead to some resource exhaustion attack on some inputs.
  • It would take years to activate it.