Covenant Script: Modern upgrade or new vulnerability?

[Liocen]

In an effort to control and make Bitcoin transactions more secure, developers have created a script called Covenant Script. Covenant Script is a scripting concept that can restrict the future use of Bitcoin’s UTXO (Unspent Transaction Output).
Normally, when you send Bitcoin, that output can be spent by anyone in a future transaction — if they provide the correct signature.
But with Covenant, you can say:
“This output can only be spent in the future on this specific script, or this specific type of output.”
Thus, Covenant imposes a “rule” or “condition” that controls the natural free flow of Bitcoin.

Although Covenant scripts (such as the OP_CHECKTEMPLATEVERIFY, OP_CAT, or OP_TXHASH proposed codes) enable a new generation of scaling and privacy tools such as Ark, Vault, and Channel Factory,
some people are still hesitant to use them due to their risks or controversial aspects.

They explain the following conclusions about its risks_
▫️ Since Covenant allows anyone to create scripts that force transactions to be sent to specific addresses or conditions.
This allows governments or large organizations to create policy-enforced address lists and apply “whitelists/blacklists”.
If Covenant is used incorrectly, the fungibility and independence of Bitcoin can be damaged.
▫️ If Covenant is designed incorrectly, “recursive” or repetitive covenants can be created —
that is, a Covenant will continue to impose the Covenant on subsequent UTXOs, acting as a kind of self-propagating script.
Unexpected script loops can be created in the network,
node verification can become complicated,
even “locked output” (stale coins) can be created on the blockchain.
▫️ Using Covenants makes some transaction patterns “predictable” —
such as Ark or Vault transactions having to be in a specific format.
Although this increases privacy, analysts will be able to identify Covenant-type outputs.
▫️Every new Opcode or Covenant type change means adding new rules to the consensus layer.
If all nodes or miners do not agree, then a chain split (soft fork contention) can occur.

So is Covenant dangerous?
Not at all, Covenant itself is not dangerous,
But it is dangerous if the user uses it dangerously. Moreover, it is powerful.
Just as caution is required when using powerful tools, proper security design and setting limits are essential in the case of Covenant.

Developers working on Covenant have proposed different versions to see if this capability can be added without breaking the consensus rules of Bitcoin Core. For example-
Jeremy Rubin proposed “OP_CHECKTEMPLATEVERIFY (CTV)”
Gleb Naumenko proposed “OP_TXHASH or TXHASH”

Covenant Script Modern Upgrade or New Vulnerability Door? We would like your valuable opinion on this.

[Satofan44]

They explain the following conclusions about its risks_
▫️ Since Covenant allows anyone to create scripts that force transactions to be sent to specific addresses or conditions.
This allows governments or large organizations to create policy-enforced address lists and apply “whitelists/blacklists”.
If Covenant is used incorrectly, the fungibility and independence of Bitcoin can be damaged.

This is nonsense and not a valid concern. The government and organizations already do this. Private companies can also do this. The way it is done is by centralized methods. All covenants would do is improve all of these existing methods, that are already used, and make them decentralized.

▫️ If Covenant is designed incorrectly, “recursive” or repetitive covenants can be created —
that is, a Covenant will continue to impose the Covenant on subsequent UTXOs, acting as a kind of self-propagating script.

If any upgrade is designed incorrectly it can cause small to catastrophic issues, this is not something that is convenant specific.

Covenant Script Modern Upgrade or New Vulnerability Door? We would like your valuable opinion on this.

Don't ask LLMs like ChatGPT about advanced subjects like this. They respond with generic concerns with have many flaws if analyzed well, they hallucinate all the time. Stop relying on them.

[Satofan44]

Did you just respond with your alt account?   Tagged both accounts.

first off centralized control and covenant-driven control are not the same thing in centralized systems if someone changes policy it’s outside community oversight. but with covenants if they’re misdesigned, you could get recursive covenants or locked outputs and that’s decentralized risk, no one can directly control it. that’s a new kind of systemic risk.

It is not. Stop exaggerating everything. This "systemic risk" is not anything specific to covenants it is present in all feature additions and further it is always present due to the very nature of Bitcoin itself. Anyway many outputs are "locked", either by technical error or by key loss. Stop spreading misinformation.

[Ambatman]

Smart contract on layer one is a No to me. But I understand it's utility and find it as a good direction if properly implemented
Maybe on separate layer say Layer two.

Covenants themselves aren’t dangerous but without precise design+community awareness+audit, they’re a powerful double edged sword, we want to unlock their potential without compromising chain safety.

In my opinion, There's always a price. The simplicity of Bitcoin is one it's strength.

We would like your valuable opinion on this

You can check out this thread.
https://bitcointalk.org/index.php?topic=5220520.0

[d5000]

Maybe on separate layer say Layer two.

The "problem" here is that we don't have perfect Layer 2's still, and covenants could enable better ones.

Still hoping for hashrate escrows / Drivechain but this proposal is almost 10 years old now. With a limited set of covenants we could get finally Ark taking off (e.g. with OP_CTV) and also some new sidechain and rollup ideas would benefit from it.

I understand however the concerns regarding recursive covenants. This could lead slowly to a separate Bitcoin universe with some coins only being able to transferred with other rules which could never be changed again. So I would prefer a very restricted proposal. Some rollup ideas like this one rely on recursive covenants, so other alternatives should be researched.


It would be interesting as a thought experiment what would happen if we had such a "walled garden" of "restricted covenant coins for life" ("covenantBTC") and they compete with regular BTC: would they diverge into different currencies with different prices, transforming the covenantBTC effectively into an altcoin?

One could argue for example that a covenantBTC is less flexible than a "vanilla BTC" and thus should have a lower value. If less people accept the "covenantBTC", that would reduce the incentive for Bitcoin users to create recursive covenants with these characteristics.

Perhaps this would mean that the fear of recursive covenants is exaggerated? I have still not found an answer for that.

The government example doesn't really convince me. If people are so scared about governments banning an "unseizable" Bitcoin, they must acknowledge that these governments could also ban generally all coins which don't offer blacklisting, so for example only ERC-20 tokens could be permitted.

[Liocen]

They explain the following conclusions about its risks_
▫️ Since Covenant allows anyone to create scripts that force transactions to be sent to specific addresses or conditions.
This allows governments or large organizations to create policy-enforced address lists and apply “whitelists/blacklists”.
If Covenant is used incorrectly, the fungibility and independence of Bitcoin can be damaged.

This is nonsense and not a valid concern. The government and organizations already do this. Private companies can also do this. The way it is done is by centralized methods. All covenants would do is improve all of these existing methods, that are already used, and make them decentralized.

▫️ If Covenant is designed incorrectly, “recursive” or repetitive covenants can be created —
that is, a Covenant will continue to impose the Covenant on subsequent UTXOs, acting as a kind of self-propagating script.

If any upgrade is designed incorrectly it can cause small to catastrophic issues, this is not something that is convenant specific.

Covenant Script Modern Upgrade or New Vulnerability Door? We would like your valuable opinion on this.

Don't ask LLMs like ChatGPT about advanced subjects like this. They respond with generic concerns with have many flaws if analyzed well, they hallucinate all the time. Stop relying on them.

Satofan44, I don't know if you considered my post as given by AI. But I read some recent articles about Covenant Script Bitcoin Covenants: What Are They And What Do They Do?,
Bitcoin Covenants where various people mentioned various positive and ethical aspects. In that case, I also observed deeply and realized that the matter is not a concern at all but it has played a major role in the proper management of money management. There are many people in our forum who are much more knowledgeable than many on this subject. I only presented my own thoughts to get their opinions so that if I am wrong somewhere, I can correct them. If you think that these are created by AI (ChatGpt), then you can check. nutildah sir, you may have given me Neutral Trust based on this opinion of Satofan44 but I never prepared this post of mine by ChatGpt.

[Satofan44]

Satofan44, I don't know if you considered my post as given by AI. But I read some recent articles about Covenant Script Bitcoin Covenants: What Are They And What Do They Do?,
Bitcoin Covenants where various people mentioned various positive and ethical aspects. In that case, I also observed deeply and realized that the matter is not a concern at all but it has played a major role in the proper management of money management. There are many people in our forum who are much more knowledgeable than many on this subject. I only presented my own thoughts to get their opinions so that if I am wrong somewhere, I can correct them. If you think that these are created by AI (ChatGpt), then you can check. nutildah sir, you may have given me Neutral Trust based on this opinion of Satofan44 but I never prepared this post of mine by ChatGpt.

You should not be concerned with things that are not part of your expertise and which go beyond your head. Therefore, you are wasting the time of technical contributors and your own time by getting worried about things which you are not able to understand fully. This is a frequent error committed by common folk. The internet and social media has given you the impression that you should have an opinion on everything which is wrong.

There are people who are much smarter than you and whose daily job is considering potential attack vectors and security issues working on this. What makes you think that YOU, a random person with no expertise in these fields, will know better than those who work on such things their whole lives? I have explained already in less technical ways how these issues are not as grave as you make them out to be, and that any previously added feature to Bitcoin could have caused a different kind of catastrophe if it were very poorly designed. Let the experts do their job. You can come and participate in technical review only if you become one of the experts yourself.

Please just stop, thank you.

[alani123]

Out of all the scripts and sigops added to bitcoin in later years, which one has been useful.
Close to none.

We've not seen any legitimate usage other than utilizing OP space to abuse segwit discounts from idiots that want to push monkey JPEGs in the bitcoin Blockchain.

Satoshi did indeed include scripting in his vision, but when he realized of the potential abuse and how it would harm bitcoin's immutability, he had completely disabled almost all of the scripting on bitcoin.

We need to realize that scripts are not important in order to build an truly immutable way to transact. Marginal use cases should not concern everyone securing the chain by mining or running a node.

Keep it simple and keep it decentralised.