Many of the malleability points listed in BIP62 stem from the truth that an enter script (scriptSig) may be modified and nonetheless stay legitimate for the enter, and since the enter script is included when calculating the TXID, this modifies the TXID as effectively.
Instance methods you possibly can flip an enter script into a distinct however nonetheless legitimate enter script:
- Any legitimate ECDSA signature may be become a distinct legitimate signature by inverting the s-value. BIP62 proposed that an s-value within the decrease half of the vary be required.
- Any push operation may be expressed a number of methods. For instance, pushing the byte
01may be performed with the opcode0x51(OP_1/OP_TRUE), but additionally much less effectively utilizing the sequence0101(OP_PUSHBYTES_1 01). BIP62 proposed that probably the most environment friendly (“canonical”) manner be required. - For the reason that enter script is a script, it may be modified any variety of methods, for instance by together with
<information> OP_DROPanyplace within the script. BIP62 proposed to limit enter scripts to information pushing opcodes.
SegWit cleverly mounted all of those malleability vectors by merely requiring the enter script to be empty (or, within the case of wrapped SegWit, to push a single particular byte vector), and transferring signatures and different script inputs to the witness which is not lined by the TXID. Witness information can nonetheless be malleated by third events, however it does not have an effect on TXID malleability anymore.
“Nonintentional malleability” simply refers to malleability by a 3rd celebration that the unique creator of the transaction did not intend. It should in fact at all times be potential for the creator to deliberately malleate the transaction themselves earlier than it’s included in a block, and even with SegWit you possibly can nonetheless create transactions deliberately malleable by third events by e.g. not requiring any signatures to spend an output.
The pull request you point out modified standardness guidelines, not consensus guidelines, so it is simply bypassed by miners. As a result of SegWit took a distinct method to fixing malleability, excessive s-value signatures are nonetheless simply non-standard however legitimate by consensus.