Now that redeem scripts can be arbitrary, I think OP_EVAL might find a new usage.
Imagine you create a redeem that can be proven by anybody knowing some secret OR owning a specific bitcoin address.
Script redeemScript = new Script(
"OP_IF "
+ "OP_HASH256 " + Op.GetPushOp(secretHash) + " OP_EQUAL " +
"OP_ELSE "
+ address.ScriptPubKey + " " +
"OP_ENDIF");
Such script works fine if address is a P2PKH, however if address is a P2SH then the only condition to satisfy the ELSE branch is to know the redeem script of address.
This could be fixed with OP_EVAL by the following way. (assuming address is P2SH)
Script redeemScript = new Script(
"OP_IF "
+ "OP_HASH256 " + Op.GetPushOp(secretHash) + " OP_EQUAL " +
"OP_ELSE "
"OP_DUP " + address.ScriptPubKey + " OP_EVAL" +
"OP_ENDIF");
Sure, we could also use multi sig or public key ScriptPubKey directly in the ELSE branch, but they might not necessarily be known by the builder of the redeem script.