Why? By “it” I assume you are referring to OP_CCV/OP_VAULT. Is there some security consideration I am missing?
This is tested in the BIP345 case study. I didn’t have this issue you are talking about. Both test_batch_unvault and test_batch_recovery test cases work with OP_{IN,OUT}_AMOUNT.
Yes, that is why they should be provided on the witness stack at spending time rather than when the utxos are created. I modified your OP_CCV test code code to do just that.
Admittedly I am confused, as far as I can tell your test framework defines the index parameter for OP_CCV in the output script rather than placing it in the witness when the OP_CCV utxo is spent. Here is a link to the code I am looking at: 1 2 3 4 5.
I understand that both of our proposals are works in progress – is the the goal to remove the hard coded indices in favor of providing them on the witness stack in your OP_CCV test cases?
I think this is a fair critique and something I’m going to look into.
Thank you for sharing this, I wasn’t aware of this work. I’ll look into it. I’m always interested in alternative designs for amount locks :-).
I think that is right. However I’m not sure the inverse is true. I think amount locks may be useful without destination locks. See my coinjoin example. If privacy is your #1 concern, you want to enforce at the Script level that your utxos follow a specific amount pattern – you can enforce the destinations with digital signatures as coinjoin protocols do today.
I also think we can make more general purpose primitives to implement amount locks rather than baking them into a single covenant opcode. I like the design of OP_CCV for implementing destination locks from what I’ve learned so far, but I’m not a big fan of the amount lock side of things.
I’ll think about this more.
Thank you for the thoughtful reply, you’ve given me a lot to think about. 