Sure, but what we want here is a different script execution between btcd and Core. In the context of this disclosure, this was only possible using a discrepancy in the FindAndDelete implementation therefore you need a signature to be found in the scriptCode. Further, you need the signature to be valid for either btcd or Core, which is only possible if you do public key recovery.
I’m not sure what you are trying to get at since your Script is different from what i think you meant:
- Here the
CHECKSIGwould be executed taking<invalid_sig+noise>as signature and<invalid_sig>as public key, which is always going to push 0 on the stack; OP_SIZEwould then be executed on the result of theCHECKSIG, which is always 0, and so would always return 0 as well;- Then
OP_EQUALVERIFYwould always fail since the length of the invalid sig + noise would never be 0.
I assume you mean that running OP_CHECKSIG would drop the <invalid_sig> (in Bitcoin Core), or both <invalid_sig> and <invalid_sig + noise>, from the Script itself and lead to a discrepancy of the execution when asserting the size of the top element left on the stack. Then you are misunderstanding what FindAndDelete does. It does not tamper with the Script being executed at all, it only modifies a copy of it for the purpose of committing to it in the sighash. Even if your Script from above correctly implemented what i think you intended it to, it would not cause a different execution between btcd and Bitcoin Core: the executed script is always the same so the size of the top stack element would always be the same for both.