First and foremost, I'd like to say that I like multisign on general principle and invite people to try out various ways of doing it on GG (it allows nonstandard by default).
However, I doubt that multisign in its most classical "(n+1) escrow" scenario is just as useful as it is usually portrayed to be, and I am convinced that lack of it is not a massive barrier to adoption.
As for op-eval specifically, I am quite worried about moving the fee burden to the receiving end of the transaction, as it seems to me that it would make the "unpredictable transaction fee" blight worse, but I think I'd best discuss this with Theymos - he's quite a smart guy, so it is possible that he is right, shifting fees to receiver is awesome, and he will convince me to that effect.
Multisign sounds like a huge benefit. As far as I'm aware every company that does Internet banking currently needs 2 signatures to transfer money. One from the finance guy who actually works out what to send to who and one from management who should verify the finance guy isn't transferring the money to his personal account.
It seems to me that since any reasonable company with more than one man involved
and a wallet teeming with hundreds of thousands of bitcoinses would have the machine the wallet resides on pretty buttoned up and gapped, so the rules regarding necessity for multiparty approval of transactions can be enforced on the level of "walletbox" authentication (with possible reasonabl-ish requirement of at least one decision maker to be physically present at the walletbox office if the sum is really huge)
So lack of multisign is hardly an adoption boundary (besides, AFAIK, painpal, libreserve, pecunix et al don't explicitly allow multiparty confirmation as well, and that does not seem to hamper their adoption all that much).
If anything, finding a way to split private keys in a manner that several different devices would have to cooperate to create a "normal" BTC transaction would be closer to what a corporate "multiparty validation" entails.
Lower trust escrow and "wallet lockdown" services are kind of neat, but not "we need it NOW or else" kind of neat.
It would be also neat to have a separate address format (different addressversions or perhaps even a new-ish address format specially for "exotic" stuff).
It would be also neat to have frugal (as in, puts only a little bit of info into the blockchain) transaction earmarking as well as intra-network messaging (incidentally, those are two things I hope to eventually implement in Tenebrix since they are needed for a website-less
Strong Transaction Decorrelator system)
P.P.S.: Personally, I love Gavin's Hidden Send
, but sadly this type of custom transaction has turned out to be DOA
. I would really love to see it (or a functional equivalent) to "come back", maybe with some nifty improvements (a man can dream right?
) but that would likely require a large (and dangerous) scripting language overhaul...