[rlpb]

> Inside every Bitcoin transaction is a small program that contains no loops. If that program when executed returns true, the transaction is valid.

I've read elsewhere that the official client no longer processes any such scripts except for ones that are whitelisted. That reduces the current protocol to a single feature set, instead of the promise of future extension without requiring further agreement from miners.

Can anybody verify this? Does today's client still process arbitrary scripts?

[Estragon]

I stopped following bitcoin about 18 months ago so it's possible my information is out of date, but I think your assertion is only true in the sense that today's client does no mining.

It is miners which run these scripts, and when I was following bitcoin it was miners who decided which script features they would allow. There were some significant mining pools which allowed nonstandard script features.

[oleganza]

Some operations were disabled by Satoshi because they were incompete/buggy/risky. Those need majority consensus among all miners and users to enable or modify.

Some specific kinds of scripts are marked as "standard", all the rest are "non-standard". Non-standard scripts are valid and all miners will validate blocks containing such scripts. But non-standard transactions (i.e. transactions, containing a non-standard script) will not be relayed by default by the bitcoind nodes. Every node and every miner may decide for themselves whether they relay/mine non-standard transactions or not. I'm not sure how many miners accept non-standard transactions, but there are some. You can also pay some miners directly to mine a specific transaction. Or you can mine your non-standard transaction yourself, if you can afford it. Non-standard transactions typically require higher miner fees and take longer to confirm (as not every miner will include them).

The point behind standardness is to contain damage if some complex scripts will turn out to allow DoS attacks, allow losing funds or something like that. In 2012 Bitcoin was extended with P2SH ("pay to script hash") type of transaction (which is also standard) that allows you to define the redemption script during redemption, not during payment. Payer sends coins to a "hash of script" instead of the script itself. Payee then needs to provide not only signatures to redeem the payment, but also the script matching this hash (however complex it is). This has several advantages:

1. Payer does not spend higher miner fees because of the complexity of the script.

2. Payer does not wait indefinitely long till the transaction confirms.

3. Payer may not know the contents of the redemption script until it's being used. In some protocols this could be a useful feature for privacy reasons.

So with P2SH a service may already use arbitrary non-standard scripts shifting the burden of mining non-standard transactions from its customers to itself. For the customer it will look exactly like sending money to a Bitcoin address, although that address will start with "3", not with "1" (which is reserved for the usual "pay to public key hash" script).

[wmf]

Let's go to the source: https://en.bitcoin.it/wiki/Script "Note that there is a small number of standard script forms that are relayed from node to node; non-standard scripts are accepted if they are in a block, but nodes will not relay them."

It seems there's enough flexibility left to do some interesting things. I see discussions in the forum of things like M-of-N, nLockTime, and anyonecanpay.

[baddox]

I think that's true, but clients can change.