Recently, Craig Wright has claimed that the motivation for Bitcoin ABC’s OP_CHECKDATASIGVERIFY is to allow for illegal activity on Bitcoin Cash by enabling futures markets and on-chain gambling. But there’s a problem with this claim: You don’t need OP_CDSV for any of those things.
You can do on-chain gambling without CDSV. You can do futures contracts (e.g. for assassination of a target) without CDSV. All you need for that is for an oracle to SHA256 two secret messages, and then only reveal one of the two messages later on. The spend transaction needs to produce the secret message in order to spend the transaction.
An oracle can publish two SHA256 hashes:
- SHA_A means that JFK has been assassinated as of Jan 1st, 1970.
- SHA_B means that JFK has not been assassinated as of Jan 1st, 1970.
The oracle keeps the messages which are used to generate those hashes secret until 1970, at which time the oracle releases either MSG_A or MSG_B, such that SHA256(MSG_A) = SHA_A, and so forth.
A market can then be established for transactions that pay out to a different pubkey depending on which of the two messages has been revealed.
This SHA256 mechanism can be used for all of the illegal activities that CSW has claimed were CDSV’s purpose, but cannot be used for awemany’s 0-conf forfeits idea, or Mark Lundeberg’s pay-to-identity and PGP-on-BCH ideas, all of which specifically require ECDSA verification.