Script System
Tidecoin inherits the Bitcoin Core script engine and extends it for
post-quantum transaction validation. Existing script templates remain
available, while the post-AuxPoW ruleset adds strict PQ signature
verification, witness v1 P2WSH-512, and OP_SHA512.
This page is the canonical script behavior summary. It is not an address tutorial; for address encoding, see Address Formats. It is not the signature scheme registry; for scheme prefixes and sizes, see Scheme Registry.
Activation status
| Feature | Mainnet status | Activation rule |
|---|---|---|
| Base script engine | Live | Active from genesis |
| Legacy key-hash and script-hash templates | Live | Active from genesis |
| Witness v0 | Live | SegWit active from genesis-era parameters |
| Strict PQ verification | Built, not active on mainnet | Enabled at AuxPoW activation |
| Witness v1 P2WSH-512 | Built, not active on mainnet | Enabled at AuxPoW activation |
OP_SHA512 | Built, not active on mainnet | Enabled at AuxPoW activation |
On testnet, AuxPoW activates at height 1000. On regtest, it is active from height 0. On mainnet, AuxPoW is currently disabled.
Common script templates
| Type | ScriptPubKey |
|---|---|
| Key hash | OP_DUP OP_HASH160 <20-byte key hash> OP_EQUALVERIFY OP_CHECKSIG |
| Script hash | OP_HASH160 <20-byte script hash> OP_EQUAL |
| Witness v0 key hash | OP_0 <20-byte key hash> |
| Witness v0 script hash | OP_0 <32-byte SHA256(witness_script)> |
| Witness v1 script hash 512 | OP_1 <64-byte SHA512(witness_script)> |
Key-hash templates commit to HASH160(serialized_pq_public_key). The
serialized PQ public key includes the one-byte scheme prefix.
PQ signature checks
OP_CHECKSIG and related signature-checking paths verify
post-quantum signatures through Tidecoin’s PQ public-key dispatch. The
serialized public key selects the scheme:
scheme_prefix || raw_scheme_public_keyThe signature stack item contains the scheme signature plus the normal sighash byte when the script path uses one:
scheme_signature || sighash_typeBefore AuxPoW activation, consensus allows Falcon-512 under the legacy
verification regime. At and after AuxPoW activation,
SCRIPT_VERIFY_PQ_STRICT is enabled and new spends must satisfy strict
PQ verification.
OP_SHA512
OP_SHA512 is opcode 0xb3.
When SCRIPT_VERIFY_SHA512 is active, OP_SHA512:
- Requires at least one stack item.
- Removes the top stack item.
- Computes SHA-512 over that item.
- Pushes the 64-byte digest.
Before SCRIPT_VERIFY_SHA512 is active, OP_SHA512 is treated as an
upgrade-reserved opcode by the normal script flag rules. If
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS is active while SHA-512 is not
enabled, use of the opcode is rejected as an upgradable-NOP violation.
Witness v1 P2WSH-512
Witness v1 P2WSH-512 uses this output script:
OP_1 <64-byte SHA512(witness_script)>Validation rules:
SCRIPT_VERIFY_WITNESS_V1_512must be active.- The witness program must be exactly 64 bytes.
- The witness stack must not be empty.
- The last witness stack item is interpreted as the witness script.
- The node computes
SHA512(witness_script)and compares it with the 64-byte witness program. - If the hash matches, the witness script executes under
SigVersion::WITNESS_V1_512.
When witness v1 is not active, version-1 witness programs are handled by the normal upgradable witness-program rules rather than by P2WSH-512 execution.
Script verification flags
| Flag | Bit | Effect |
|---|---|---|
SCRIPT_VERIFY_PQ_STRICT | 13 | Reject legacy-only Falcon signatures and use strict PQ verification. |
SCRIPT_VERIFY_WITNESS_V1_512 | 14 | Enable 64-byte witness v1 script-hash validation. |
SCRIPT_VERIFY_SHA512 | 15 | Enable OP_SHA512. |
Validation adds all three flags once the block height is at or after
nAuxpowStartHeight.
Standardness limits
Tidecoin keeps Bitcoin-style policy boundaries while increasing some P2WSH limits for larger PQ scripts:
| Policy limit | Value |
|---|---|
| Maximum standard transaction weight | 800,000 |
| Maximum standard scriptSig size | 8,192 bytes |
| Maximum standard P2WSH stack items | 100 |
| Maximum standard P2WSH stack item size | 5,000 bytes |
| Maximum standard P2WSH script size | 65,536 bytes |
These are relay and mining policy limits, not all consensus limits. A transaction can be consensus-valid while still non-standard for mempool relay.
Source of truth
| Topic | Source |
|---|---|
| Opcode values and script names | ../tidecoin/src/script/script.h, ../tidecoin/src/script/script.cpp |
| Script flags and witness constants | ../tidecoin/src/script/interpreter.h |
OP_SHA512 execution | ../tidecoin/src/script/interpreter.cpp |
| Witness v1 validation | ../tidecoin/src/script/interpreter.cpp |
| Output classification | ../tidecoin/src/script/solver.cpp |
| Relay policy limits | ../tidecoin/src/policy/policy.h, ../tidecoin/src/policy/policy.cpp |
See also: Witness V1 SHA-512, Transactions, Address Formats, Verification Modes.