If operands are not available for an operator, that means the script is invalid.
So I guess it is THE classical stack-concept and script evaluation always starts with an empty (later always of finite depth) stack.
Anything that doesn't meet the expectations of the OP-code results in an invalid script.
Okay, this matches grau's statement (assumping that it is evident what all the expectations of a specific Op-code are!).
If it checks a signature using the top stack item as a public key, but the stack data does not parse as a public key, return SCRIPT_INVALID
Who does the parsing? I hope not me explicitly, but a (selectable) library function which depends on the run-time environment. :-/
Currently the only nontrivial library I use is the openssl library (libssl3.so.12) for SHA256 and RIPEMD160 hashing, but these functions I could also code to be independent of these library-versions - if I like.
If there are no more opcodes to run and the top stack item is not OP_TRUE, return SCRIPT_INVALID (I think I remember that's how it works...been a while...)
This contradicts the URL
https://en.bitcoin.it/wiki/Script where is stated in the beginning of the article:
A transaction is valid if nothing in the combined script triggers failure and the top stack item is true (non-zero).
. So what is correct -- if you remember correctly?
# Gavin clarified the effects of OP_0, and OP_1-OP_16.
# OP_0 puts an empty string onto the stack, which evaluates to
# false and is treated by HASH160 as '' (length=zero)
# OP_X puts a single byte onto the stack, 0x01 to 0x10
To be frank, I see here no subtilities. OP_X stands for the range of OP_1 up to OP_16, each pushing 1 byte onto the stack. OP_O in contrast like the whole range of nemonics with the byte values 0 - 75 each pushs 1 item onto the stack , a byte vector of length of its opcode. This sounds to me like independent kind to push data onto the stack (like Op-codes with byte values 76 - 78 a further different kind). Anyway, at least I think I have interpreted the same meaning from the URL
https://en.bitcoin.it/wiki/Script like you.
Appendum: Hm .... the ugly "subtility" (I would call it an ugly design decision) is that the op-code value 0x50 is a reserved op-code and not the op-code for pushing the byte 0 onto the stack. Maybe one better should have called the nemonic OP_0 OP_Empty to avoid misinterpretation or give it no official nemonic like all the op-codes with byte values <= 75?
I dislike to comment or even ask anymore to the replies given, in spite there have been arosen many questions by the following reply-postings from grau & gmaxwell. My feeling is: I have hiten a wasp's nest which is due to the fact, that there exist no (complete) definition of this scripting language only a historic implementation which is used as a reference (including all its bugs, subtilities, environment depending stuff, etc.)
It would be nice if I'm wrong.
Maybe the "community" has to wait until serious commercial interests takes place on bitcoin (if anytime) and then surely forks in bitcoin-client script interpretation will result which are incompatible resulting in a mess and much worry -- perhaps the end or the unimportance of the known bitcoin-network.
In the blockchain there appear a few certain deposit-scripts: 0x73 0x63 0x72 0x69 0x70 0x74 (nemonics as OP_IFDUP OP_IF OP_2SWAP OP_VERIFY OP_2OVER OP_DEPTH) which were not redeemed. I wondered about this crazy script, but it triggered the question: if an OP_IF (or OP_NOTIF) is not closed by an OP_ENDIF inside a script, is the whole script then surely invalid or is this not necessarily invalid?
Thanks all for your informations and help
smtp