You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
compiler: revert malleability check to simpler version
In the compiler we have a function which inserts the "cast closure" of
an expression. It accepts the expression as a candidate as well as a
large list of cast-wrapped variants of the expression. For each
candidate it rejects it if it is consensus-invalid or has malleable
satisfactions.
In the original compiler (PR #29) it would decide whether an expression
was malleable by checking ty.mall.non_malleable on the miniscript. It
had the confusing comment "return malleable types directly" which I
believe was supposed to mean "return early if the node is malleable".
The comment also observes that "If a elem is malleable, all the casts to
it are also going to be malleable" but the code doesn't actually use
this fact anywhere. It always tries all the casts. But ok, whatever.
Later in #97 (add context to Miniscript) we weakened the malleability
check in a bizarre way -- now it checks that the node is malleable
according to the type system AND that it is non-malleable according to
the context system. That is, we whitelist or_i and d: as "acceptable
malleability" in a legacy/bare context.
This change, which was not commented on in the original PR, seems like
it's just totally wrong. I suspect it was supposed to be an or: if the
node is malleable according to the type system OR according to the
contextual checks, then skip it. But I'm unsure. (The check is also
wrong because the contextual check is wrong; see the last commit.)
Anyway, after some fairly heavy fuzzing I was unable to find any
instance where this check affects compiler output. I suspect that it's
merely an optimization. So change it back to the stronger, simpler check
and update the comment.
0 commit comments