Hi, I just posted a proof of concept tool that can trace the execution of RISCV-32 binaries (ELFs), and generate Bitcoin script that can be used to verify this execution on-chain: Bitcoin Elftrace
It relies on the OP_CHECKCONTRACTVERIFY covenant opcode from MATT.
The way it uses is OP_CCV is by committing to a single 32-bit hash (a merkle root) in the output, then the spender of this transaction will modify this root according to the rules and commit the new root in the new output.
So essentially is just needs a covenant opcode that lets you enforce the embedding of a dynamic piece of data in the output and a (static) taptree. This is exaclty what OP_CCV enables, but perhaps some of the other covenant proposals could be used for the same purpose.
IIUC you’re using the newly proposed OP_CCV as well as OP_CAT, but otherwise only existing op codes. It seems one particular annoyance you need to work around when emulating a 32 bit system is the 31 bit limitation of CScriptNum .
Yes, the biggest improvement would come from 64-bit arithmetics.
Since we are emulating unsigned 32-bit RISC-V opcodes, and Bitcoin Script only supports 31-bit, we must reimplement the full bit-by-bit arithmetics in script (and the scripts get huge).