Chip-2026-06: op_sighash

Consensus
#1

This is a low hanging fruit which we can get nearly for free and it will be generally useful.
It has already seen some good discussion, and I think we can go ahead with it for May '27.

Summary

This proposal adds OP_SIGHASH, an opcode that computes the transaction’s signature hash (sighash) and pushes it to the stack without verifying a signature.
It completes the “checksig unbundling”: OP_CHECKSIG is functionally OP_SIGHASH followed by OP_CHECKDATASIG verifying a signature over that digest.

The opcode pops a sighash-type byte from the stack and pushes the resulting 32-byte sighash digest.
It uses the identical sighash algorithm, type flags, and scriptCode conventions as OP_CHECKSIG, so it produces byte-for-byte the same digest that a checksig verify would compare against.

No new cryptography, sighash algorithms, or flag semantics are introduced.
The opcode exposes work the VM already does internally.

OP_SIGHASH: Early discussion, exploration, use-cases
#2

Except internally the sighash that is computed is the one used for the txn to sign.

This would have it so that you may have to potentially rehash – depending on the type requested.

I would cost this appropriately – consider it always to take worst-case hashing cost even if the “cached” value ended up being returned.

2 Likes