From 76c4ca9a6ecea8a3923fb980f0de4588bbf3ab81 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Wed, 15 Jun 2022 17:11:52 -0400
Subject: [PATCH 1/7] AVM 7 spec changes

---
 dev/TEAL.md         |  33 +++++++----
 dev/TEAL_opcodes.md | 136 +++++++++++++++++++++++++++-----------------
 dev/ledger.md       |   5 +-
 3 files changed, 109 insertions(+), 65 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index 061e1092..a3612bc6 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -188,6 +188,9 @@ _available_.
    associated account of a contract that was created earlier in the
    group is _available_.
 
+ * Since v7, the account associated with any contract present in the
+   `txn.ForeignApplications` field is _available_.
+
 ## Constants
 
 Constants can be pushed onto the stack in two different ways:
@@ -275,7 +278,9 @@ return stack matches the name of the input value.
 | `sha256` | SHA256 hash of value A, yields [32]byte |
 | `keccak256` | Keccak256 hash of value A, yields [32]byte |
 | `sha512_256` | SHA512_256 hash of value A, yields [32]byte |
+| `sha3_256` | SHA3_256 hash of value A, yields [32]byte |
 | `ed25519verify` | for (data A, signature B, pubkey C) verify the signature of ("ProgData" \|\| program_hash \|\| data) against the pubkey => {0 or 1} |
+| `ed25519verify_bare` | for (data A, signature B, pubkey C) verify the signature of the data against the pubkey => {0 or 1} |
 | `ecdsa_verify v` | for (data A, signature B, C and pubkey D, E) verify the signature of the data against the pubkey => {0 or 1} |
 | `ecdsa_pk_recover v` | for (data A, recovery id B, signature C, D) recover a public key |
 | `ecdsa_pk_decompress v` | decompress pubkey A into components X, Y |
@@ -298,8 +303,8 @@ return stack matches the name of the input value.
 | `!=` | A is not equal to B => {0 or 1} |
 | `!` | A == 0 yields 1; else 0 |
 | `len` | yields length of byte value A |
-| `itob` | converts uint64 A to big endian bytes |
-| `btoi` | converts bytes A as big endian to uint64 |
+| `itob` | converts uint64 A to big-endian byte array, always of length 8 |
+| `btoi` | converts big-endian byte array A to uint64. Fails if len(A) > 8. Padded by leading 0s if len(A) < 8. |
 | `%` | A modulo B. Fail if B == 0. |
 | `\|` | A bitwise-or B |
 | `&` | A bitwise-and B |
@@ -310,10 +315,10 @@ return stack matches the name of the input value.
 | `divw` | A,B / C. Fail if C == 0 or if result overflows. |
 | `divmodw` | W,X = (A,B / C,D); Y,Z = (A,B modulo C,D) |
 | `expw` | A raised to the Bth power as a 128-bit result in two uint64s. X is the high 64 bits, Y is the low. Fail if A == B == 0 or if the results exceeds 2^128-1 |
-| `getbit` | Bth bit of (byte-array or integer) A. |
-| `setbit` | Copy of (byte-array or integer) A, with the Bth bit set to (0 or 1) C |
-| `getbyte` | Bth byte of A, as an integer |
-| `setbyte` | Copy of A with the Bth byte set to small integer (between 0..255) C |
+| `getbit` | Bth bit of (byte-array or integer) A. If B is greater than or equal to the bit length of the value (8*byte length), the program fails |
+| `setbit` | Copy of (byte-array or integer) A, with the Bth bit set to (0 or 1) C. If B is greater than or equal to the bit length of the value (8*byte length), the program fails |
+| `getbyte` | Bth byte of A, as an integer. If B is greater than or equal to the array length, the program fails |
+| `setbyte` | Copy of A with the Bth byte set to small integer (between 0..255) C. If B is greater than or equal to the array length, the program fails |
 | `concat` | join A and B |
 
 ### Byte Array Manipulation
@@ -327,6 +332,10 @@ return stack matches the name of the input value.
 | `extract_uint16` | A uint16 formed from a range of big-endian bytes from A starting at B up to but not including B+2. If B+2 is larger than the array length, the program fails |
 | `extract_uint32` | A uint32 formed from a range of big-endian bytes from A starting at B up to but not including B+4. If B+4 is larger than the array length, the program fails |
 | `extract_uint64` | A uint64 formed from a range of big-endian bytes from A starting at B up to but not including B+8. If B+8 is larger than the array length, the program fails |
+| `replace2 s` | Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A) |
+| `replace3` | Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A) |
+| `base64_decode e` | Decode Base-64 encoded byte-array A. Fail if A is not properly encoded. |
+| `json_ref r` | Return key B's value from a [valid](jsonspec.md) utf-8 encoded json object string A. Fail if B's value can not be represented by the type R. |
 
 The following opcodes take byte-array values that are interpreted as
 big-endian unsigned integers.  For mathematical operators, the
@@ -440,7 +449,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 16 | TypeEnum | uint64 |      | See table below |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
-| 19 | AssetSender | []byte |      | 32 byte address. Causes clawback of all value of asset from AssetSender if Sender is the Clawback address of the asset. |
+| 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
 | 20 | AssetReceiver | []byte |      | 32 byte address |
 | 21 | AssetCloseTo | []byte |      | 32 byte address |
 | 22 | GroupIndex | uint64 |      | Position of this transaction within an atomic transaction group. A stand-alone transaction is implicitly element 0 in a group of 1 |
@@ -461,7 +470,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 37 | ConfigAssetUnitName | []byte | v2  | Unit name of the asset |
 | 38 | ConfigAssetName | []byte | v2  | The asset name |
 | 39 | ConfigAssetURL | []byte | v2  | URL |
-| 40 | ConfigAssetMetadataHash | []byte | v2  | 32 byte commitment to some unspecified asset metadata |
+| 40 | ConfigAssetMetadataHash | []byte | v2  | 32 byte commitment to unspecified asset metadata |
 | 41 | ConfigAssetManager | []byte | v2  | 32 byte address |
 | 42 | ConfigAssetReserve | []byte | v2  | 32 byte address |
 | 43 | ConfigAssetFreeze | []byte | v2  | 32 byte address |
@@ -484,7 +493,8 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
-| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment.|
+| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
+
 
 Additional details in the [opcodes document](TEAL_opcodes.md#txn) on the `txn` op.
 
@@ -530,7 +540,7 @@ Asset fields include `AssetHolding` and `AssetParam` fields that are used in the
 | 4 | AssetName | []byte |      | Asset name |
 | 5 | AssetURL | []byte |      | URL with additional info about the asset |
 | 6 | AssetMetadataHash | []byte |      | Arbitrary commitment |
-| 7 | AssetManager | []byte |      | Manager commitment |
+| 7 | AssetManager | []byte |      | Manager address |
 | 8 | AssetReserve | []byte |      | Reserve address |
 | 9 | AssetFreeze | []byte |      | Freeze address |
 | 10 | AssetClawback | []byte |      | Clawback address |
@@ -626,7 +636,8 @@ In v5, inner transactions may perform `pay`, `axfer`, `acfg`, and
 with the next instruction with, for example, `balance` and
 `min_balance` checks. In v6, inner transactions may also perform
 `keyreg` and `appl` effects. Inner `appl` calls fail if they attempt
-to invoke a program with version less than v6.
+to invoke a program with version less than v4, or if they attempt to
+opt-in to an app with a ClearState Program less than v4.
 
 In v5, only a subset of the transaction's header fields may be set: `Type`/`TypeEnum`,
 `Sender`, and `Fee`. In v6, header fields `Note` and `RekeyTo` may
diff --git a/dev/TEAL_opcodes.md b/dev/TEAL_opcodes.md
index 1fc0ead4..e68f3331 100644
--- a/dev/TEAL_opcodes.md
+++ b/dev/TEAL_opcodes.md
@@ -14,7 +14,7 @@ Ops have a 'cost' of 1 unless otherwise specified.
 ## err
 
 - Opcode: 0x00
-- Stack: ... &rarr; ...
+- Stack: ... &rarr; _exits_
 - Fail immediately.
 
 ## sha256
@@ -58,14 +58,15 @@ The 32 byte public key is the last element on the stack, preceded by the 64 byte
 - Opcode: 0x05 {uint8 curve index}
 - Stack: ..., A: []byte, B: []byte, C: []byte, D: []byte, E: []byte &rarr; ..., uint64
 - for (data A, signature B, C and pubkey D, E) verify the signature of the data against the pubkey => {0 or 1}
-- **Cost**: 1700
+- **Cost**:  Secp256k1=1700 Secp256r1=2500
 - Availability: v5
 
 `ECDSA` Curves:
 
-| Index | Name | Notes |
-| - | ------ | --------- |
-| 0 | Secp256k1 | secp256k1 curve |
+| Index | Name | In | Notes |
+| - | ------ | - | --------- |
+| 0 | Secp256k1 |      | secp256k1 curve, used in Bitcoin |
+| 1 | Secp256r1 | v7  | secp256r1 curve, NIST standard |
 
 
 The 32 byte Y-component of a public key is the last element on the stack, preceded by X-component of a pubkey, preceded by S and R components of a signature, preceded by the data that is fifth element on the stack. All values are big-endian encoded. The signed data must be 32 bytes long, and signatures in lower-S form are only accepted.
@@ -75,16 +76,9 @@ The 32 byte Y-component of a public key is the last element on the stack, preced
 - Opcode: 0x06 {uint8 curve index}
 - Stack: ..., A: []byte &rarr; ..., X: []byte, Y: []byte
 - decompress pubkey A into components X, Y
-- **Cost**: 650
+- **Cost**:  Secp256k1=650 Secp256r1=2400
 - Availability: v5
 
-`ECDSA` Curves:
-
-| Index | Name | Notes |
-| - | ------ | --------- |
-| 0 | Secp256k1 | secp256k1 curve |
-
-
 The 33 byte public key in a compressed form to be decompressed into X and Y (top) components. All values are big-endian encoded.
 
 ## ecdsa_pk_recover v
@@ -95,13 +89,6 @@ The 33 byte public key in a compressed form to be decompressed into X and Y (top
 - **Cost**: 2000
 - Availability: v5
 
-`ECDSA` Curves:
-
-| Index | Name | Notes |
-| - | ------ | --------- |
-| 0 | Secp256k1 | secp256k1 curve |
-
-
 S (top) and R elements of a signature, recovery id and data (bottom) are expected on the stack and used to deriver a public key. All values are big-endian encoded. The signed data must be 32 bytes long.
 
 ## +
@@ -198,13 +185,13 @@ Overflow is an error condition which halts execution and fails the transaction.
 
 - Opcode: 0x16
 - Stack: ..., A: uint64 &rarr; ..., []byte
-- converts uint64 A to big endian bytes
+- converts uint64 A to big-endian byte array, always of length 8
 
 ## btoi
 
 - Opcode: 0x17
 - Stack: ..., A: []byte &rarr; ..., uint64
-- converts bytes A as big endian to uint64
+- converts big-endian byte array A to uint64. Fails if len(A) > 8. Padded by leading 0s if len(A) < 8.
 
 `btoi` fails if the input is longer than 8 bytes.
 
@@ -401,7 +388,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 16 | TypeEnum | uint64 |      | See table below |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
-| 19 | AssetSender | []byte |      | 32 byte address. Causes clawback of all value of asset from AssetSender if Sender is the Clawback address of the asset. |
+| 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
 | 20 | AssetReceiver | []byte |      | 32 byte address |
 | 21 | AssetCloseTo | []byte |      | 32 byte address |
 | 22 | GroupIndex | uint64 |      | Position of this transaction within an atomic transaction group. A stand-alone transaction is implicitly element 0 in a group of 1 |
@@ -422,7 +409,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 37 | ConfigAssetUnitName | []byte | v2  | Unit name of the asset |
 | 38 | ConfigAssetName | []byte | v2  | The asset name |
 | 39 | ConfigAssetURL | []byte | v2  | URL |
-| 40 | ConfigAssetMetadataHash | []byte | v2  | 32 byte commitment to some unspecified asset metadata |
+| 40 | ConfigAssetMetadataHash | []byte | v2  | 32 byte commitment to unspecified asset metadata |
 | 41 | ConfigAssetManager | []byte | v2  | 32 byte address |
 | 42 | ConfigAssetReserve | []byte | v2  | 32 byte address |
 | 43 | ConfigAssetFreeze | []byte | v2  | 32 byte address |
@@ -445,19 +432,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
-
-
-TypeEnum mapping:
-
-| Index | "Type" string | Description |
-| --- | --- | --- |
-| 0 | unknown | Unknown type. Invalid transaction |
-| 1 | pay | Payment |
-| 2 | keyreg | KeyRegistration |
-| 3 | acfg | AssetConfig |
-| 4 | axfer | AssetTransfer |
-| 5 | afrz | AssetFreeze |
-| 6 | appl | ApplicationCall |
+| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
 
 
 FirstValidTime causes the program to fail. The field is reserved for future use.
@@ -595,7 +570,7 @@ for notes on transaction fields available, see `txn`. If top of stack is _i_, `g
 
 ## bnz target
 
-- Opcode: 0x40 {int16 branch offset, big endian}
+- Opcode: 0x40 {int16 branch offset, big-endian}
 - Stack: ..., A: uint64 &rarr; ...
 - branch to TARGET if value A is not zero
 
@@ -605,7 +580,7 @@ At v2 it became allowed to branch to the end of the program exactly after the la
 
 ## bz target
 
-- Opcode: 0x41 {int16 branch offset, big endian}
+- Opcode: 0x41 {int16 branch offset, big-endian}
 - Stack: ..., A: uint64 &rarr; ...
 - branch to TARGET if value A is zero
 - Availability: v2
@@ -614,7 +589,7 @@ See `bnz` for details on how branches work. `bz` inverts the behavior of `bnz`.
 
 ## b target
 
-- Opcode: 0x42 {int16 branch offset, big endian}
+- Opcode: 0x42 {int16 branch offset, big-endian}
 - Stack: ... &rarr; ...
 - branch unconditionally to TARGET
 - Availability: v2
@@ -624,7 +599,7 @@ See `bnz` for details on how branches work. `b` always jumps to the offset.
 ## return
 
 - Opcode: 0x43
-- Stack: ..., A: uint64 &rarr; ...
+- Stack: ..., A: uint64 &rarr; _exits_
 - use A as success value; end
 - Availability: v2
 
@@ -671,7 +646,7 @@ See `bnz` for details on how branches work. `b` always jumps to the offset.
 ## select
 
 - Opcode: 0x4d
-- Stack: ..., A, B, C &rarr; ..., A or B
+- Stack: ..., A, B, C: uint64 &rarr; ..., A or B
 - selects one of two values based on top-of-stack: B if C != 0, else A
 - Availability: v3
 
@@ -716,7 +691,7 @@ See `bnz` for details on how branches work. `b` always jumps to the offset.
 
 - Opcode: 0x53
 - Stack: ..., A, B: uint64 &rarr; ..., uint64
-- Bth bit of (byte-array or integer) A.
+- Bth bit of (byte-array or integer) A. If B is greater than or equal to the bit length of the value (8*byte length), the program fails
 - Availability: v3
 
 see explanation of bit ordering in setbit
@@ -725,7 +700,7 @@ see explanation of bit ordering in setbit
 
 - Opcode: 0x54
 - Stack: ..., A, B: uint64, C: uint64 &rarr; ..., any
-- Copy of (byte-array or integer) A, with the Bth bit set to (0 or 1) C
+- Copy of (byte-array or integer) A, with the Bth bit set to (0 or 1) C. If B is greater than or equal to the bit length of the value (8*byte length), the program fails
 - Availability: v3
 
 When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on the integer 0 yields 8, or 2^3. When A is a byte array, index 0 is the leftmost bit of the leftmost byte. Setting bits 0 through 11 to 1 in a 4-byte-array of 0s yields the byte array 0xfff00000. Setting bit 3 to 1 on the 1-byte-array 0x00 yields the byte array 0x10.
@@ -734,14 +709,14 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 
 - Opcode: 0x55
 - Stack: ..., A: []byte, B: uint64 &rarr; ..., uint64
-- Bth byte of A, as an integer
+- Bth byte of A, as an integer. If B is greater than or equal to the array length, the program fails
 - Availability: v3
 
 ## setbyte
 
 - Opcode: 0x56
 - Stack: ..., A: []byte, B: uint64, C: uint64 &rarr; ..., []byte
-- Copy of A with the Bth byte set to small integer (between 0..255) C
+- Copy of A with the Bth byte set to small integer (between 0..255) C. If B is greater than or equal to the array length, the program fails
 - Availability: v3
 
 ## extract s l
@@ -779,6 +754,55 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 - A uint64 formed from a range of big-endian bytes from A starting at B up to but not including B+8. If B+8 is larger than the array length, the program fails
 - Availability: v5
 
+## replace2 s
+
+- Opcode: 0x5c {uint8 start position}
+- Stack: ..., A: []byte, B: []byte &rarr; ..., []byte
+- Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A)
+- Availability: v7
+
+## replace3
+
+- Opcode: 0x5d
+- Stack: ..., A: []byte, B: uint64, C: []byte &rarr; ..., []byte
+- Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A)
+- Availability: v7
+
+## base64_decode e
+
+- Opcode: 0x5e {uint8 encoding index}
+- Stack: ..., A: []byte &rarr; ..., []byte
+- Decode Base-64 encoded byte-array A. Fail if A is not properly encoded.
+- **Cost**: 1 + 1 per 16 bytes of A
+- Availability: v7
+
+`base64` Encodings:
+
+| Index | Name | Notes |
+| - | ------ | --------- |
+| 0 | URLEncoding |  |
+| 1 | StdEncoding |  |
+
+
+A must be encoded as specified by <a href="https://rfc-editor.org/rfc/rfc4648.html">RFC 4648</a>.  Padding (`=`) characters may be present as specified by the RFC, or omitted entirely.  The encoding must follow the 'canonical' rules of section 3.5. `\n` and `\r` are allowed but completely ignored. No bytes other than those of the encoding alphabet, `=`, `\r`, and `\n` may appear.
+
+## json_ref r
+
+- Opcode: 0x5f {uint8 return type}
+- Stack: ..., A: []byte, B: []byte &rarr; ..., any
+- Return key B's value from a [valid](jsonspec.md) utf-8 encoded json object string A. Fail if B's value can not be represented by the type R.
+- **Cost**: 25 + 2 per 7 bytes of A
+- Availability: v7
+
+`json_ref` Types:
+
+| Index | Name | Type | Notes |
+| - | ------ | -- | --------- |
+| 0 | JSONString | []byte |  |
+| 1 | JSONUint64 | uint64 |  |
+| 2 | JSONObject | []byte |  |
+
+
 ## balance
 
 - Opcode: 0x60
@@ -889,7 +913,7 @@ Deleting a key which is already absent has no effect on the application global s
 - Availability: v2
 - Mode: Application
 
-`asset_holding_get` Fields:
+`asset_holding` Fields:
 
 | Index | Name | Type | Notes |
 | - | ------ | -- | --------- |
@@ -907,7 +931,7 @@ params: Txn.Accounts offset (or, since v4, an _available_ address), asset id (or
 - Availability: v2
 - Mode: Application
 
-`asset_params_get` Fields:
+`asset_params` Fields:
 
 | Index | Name | Type | In | Notes |
 | - | ------ | -- | - | --------- |
@@ -918,7 +942,7 @@ params: Txn.Accounts offset (or, since v4, an _available_ address), asset id (or
 | 4 | AssetName | []byte |      | Asset name |
 | 5 | AssetURL | []byte |      | URL with additional info about the asset |
 | 6 | AssetMetadataHash | []byte |      | Arbitrary commitment |
-| 7 | AssetManager | []byte |      | Manager commitment |
+| 7 | AssetManager | []byte |      | Manager address |
 | 8 | AssetReserve | []byte |      | Reserve address |
 | 9 | AssetFreeze | []byte |      | Freeze address |
 | 10 | AssetClawback | []byte |      | Clawback address |
@@ -935,7 +959,7 @@ params: Txn.ForeignAssets offset (or, since v4, an _available_ asset id. Return:
 - Availability: v5
 - Mode: Application
 
-`app_params_get` Fields:
+`app_params` Fields:
 
 | Index | Name | Type | Notes |
 | - | ------ | -- | --------- |
@@ -960,7 +984,7 @@ params: Txn.ForeignApps offset or an _available_ app id. Return: did_exist flag
 - Availability: v6
 - Mode: Application
 
-`acct_params_get` Fields:
+`acct_params` Fields:
 
 | Index | Name | Type | Notes |
 | - | ------ | -- | --------- |
@@ -997,9 +1021,17 @@ pushbytes args are not added to the bytecblock during assembly processes
 
 pushint args are not added to the intcblock during assembly processes
 
+## ed25519verify_bare
+
+- Opcode: 0x84
+- Stack: ..., A: []byte, B: []byte, C: []byte &rarr; ..., uint64
+- for (data A, signature B, pubkey C) verify the signature of the data against the pubkey => {0 or 1}
+- **Cost**: 1900
+- Availability: v7
+
 ## callsub target
 
-- Opcode: 0x88 {int16 branch offset, big endian}
+- Opcode: 0x88 {int16 branch offset, big-endian}
 - Stack: ... &rarr; ...
 - branch unconditionally to TARGET, saving the next instruction on the call stack
 - Availability: v4
diff --git a/dev/ledger.md b/dev/ledger.md
index 7b7d1719..017cf3be 100644
--- a/dev/ledger.md
+++ b/dev/ledger.md
@@ -1112,8 +1112,9 @@ point must be discarded and the entire transaction rejected.
         - Delete the application’s parameters from the creator’s account data.
           (Note: this does not affect any local state). **SUCCEED.**
     - If `OnCompletion == UpdateApplication`
-        - If the existing programs are version 6 or higher and either
-          program is a downgrade from the existing version **FAIL**
+        - If an existing program is version 4 or higher program and
+          the supplied program is a downgrade from the existing
+          version **FAIL**
         - Update the Approval and ClearState programs for this
           application according to the programs specified in this
           `ApplicationCall` transaction. The new programs are not executed in

From 45e5302607b5de012887de293fb5742810708532 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Thu, 21 Jul 2022 09:02:54 -0400
Subject: [PATCH 2/7] all opcodes for v7

---
 dev/TEAL.md         | 45 +++++++++++++++---------
 dev/TEAL_opcodes.md | 86 +++++++++++++++++++++++++++++++++++----------
 2 files changed, 95 insertions(+), 36 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index a3612bc6..9a7fe00d 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -284,6 +284,8 @@ return stack matches the name of the input value.
 | `ecdsa_verify v` | for (data A, signature B, C and pubkey D, E) verify the signature of the data against the pubkey => {0 or 1} |
 | `ecdsa_pk_recover v` | for (data A, recovery id B, signature C, D) recover a public key |
 | `ecdsa_pk_decompress v` | decompress pubkey A into components X, Y |
+| `vrf_verify s` | Verify the proof B of message A against pubkey C. Returns vrf output and verification flag. |
+1} |
 | `+` | A plus B. Fail on overflow. |
 | `-` | A minus B. Fail if B > A. |
 | `/` | A divided by B (truncated division). Fail if B == 0. |
@@ -328,14 +330,14 @@ return stack matches the name of the input value.
 | `substring s e` | A range of bytes from A starting at S up to but not including E. If E < S, or either is larger than the array length, the program fails |
 | `substring3` | A range of bytes from A starting at B up to but not including C. If C < B, or either is larger than the array length, the program fails |
 | `extract s l` | A range of bytes from A starting at S up to but not including S+L. If L is 0, then extract to the end of the string. If S or S+L is larger than the array length, the program fails |
-| `extract3` | A range of bytes from A starting at B up to but not including B+C. If B+C is larger than the array length, the program fails |
+| `extract3` | A range of bytes from A starting at B up to but not including B+C. If B+C is larger than the array length, the program fails<br />`extract3` can be called using `extract` with no immediates. |
 | `extract_uint16` | A uint16 formed from a range of big-endian bytes from A starting at B up to but not including B+2. If B+2 is larger than the array length, the program fails |
 | `extract_uint32` | A uint32 formed from a range of big-endian bytes from A starting at B up to but not including B+4. If B+4 is larger than the array length, the program fails |
 | `extract_uint64` | A uint64 formed from a range of big-endian bytes from A starting at B up to but not including B+8. If B+8 is larger than the array length, the program fails |
-| `replace2 s` | Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A) |
-| `replace3` | Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A) |
-| `base64_decode e` | Decode Base-64 encoded byte-array A. Fail if A is not properly encoded. |
-| `json_ref r` | Return key B's value from a [valid](jsonspec.md) utf-8 encoded json object string A. Fail if B's value can not be represented by the type R. |
+| `replace2 s` | Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A)<br />`replace2` can be called using `replace` with 1 immediate. |
+| `replace3` | Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A)<br />`replace3` can be called using `replace` with no immediates. |
+| `base64_decode e` | decode A which was base64-encoded using _encoding_ E. Fail if A is not base64 encoded with encoding E |
+| `json_ref r` | return key B's value from a [valid](jsonspec.md) utf-8 encoded json object A |
 
 The following opcodes take byte-array values that are interpreted as
 big-endian unsigned integers.  For mathematical operators, the
@@ -408,12 +410,12 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | `args` | Ath LogicSig argument |
 | `txn f` | field F of current transaction |
 | `gtxn t f` | field F of the Tth transaction in the current group |
-| `txna f i` | Ith value of the array field F of the current transaction |
+| `txna f i` | Ith value of the array field F of the current transaction<br />`txna` can be called using `txn` with 2 immediates. |
 | `txnas f` | Ath value of the array field F of the current transaction |
-| `gtxna t f i` | Ith value of the array field F from the Tth transaction in the current group |
+| `gtxna t f i` | Ith value of the array field F from the Tth transaction in the current group<br />`gtxna` can be called using `gtxn` with 3 immediates. |
 | `gtxnas t f` | Ath value of the array field F from the Tth transaction in the current group |
 | `gtxns f` | field F of the Ath transaction in the current group |
-| `gtxnsa f i` | Ith value of the array field F from the Ath transaction in the current group |
+| `gtxnsa f i` | Ith value of the array field F from the Ath transaction in the current group<br />`gtxnsa` can be called using `gtxns` with 2 immediates. |
 | `gtxnsas f` | Bth value of the array field F from the Ath transaction in the current group |
 | `global f` | global field F |
 | `load i` | Ith scratch space value. All scratch spaces are 0 at program start. |
@@ -426,14 +428,14 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | `gaid t` | ID of the asset or application created in the Tth transaction of the current group |
 | `gaids` | ID of the asset or application created in the Ath transaction of the current group |
 
-**Transaction Fields**
-
+#### Transaction Fields
+##### Scalar Fields
 | Index | Name | Type | In | Notes |
 | - | ------ | -- | - | --------- |
 | 0 | Sender | []byte |      | 32 byte address |
 | 1 | Fee | uint64 |      | microalgos |
 | 2 | FirstValid | uint64 |      | round number |
-| 3 | FirstValidTime | uint64 |      | Causes program to fail; reserved for future use |
+| 3 | FirstValidTime | uint64 | v7  | UNIX timestamp of block before txn.FirstValid. Fails if negative |
 | 4 | LastValid | uint64 |      | round number |
 | 5 | Note | []byte |      | Any data up to 1024 bytes |
 | 6 | Lease | []byte |      | 32 byte lease value |
@@ -446,7 +448,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 13 | VoteLast | uint64 |      | The last round that the participation key is valid. |
 | 14 | VoteKeyDilution | uint64 |      | Dilution for the 2-level participation key |
 | 15 | Type | []byte |      | Transaction type as bytes |
-| 16 | TypeEnum | uint64 |      | See table below |
+| 16 | TypeEnum | uint64 |      | Transaction type as integer |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
 | 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
@@ -456,9 +458,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 23 | TxID | []byte |      | The computed ID for this transaction. 32 bytes. |
 | 24 | ApplicationID | uint64 | v2  | ApplicationID from ApplicationCall transaction |
 | 25 | OnCompletion | uint64 | v2  | ApplicationCall transaction on completion action |
-| 26 | ApplicationArgs | []byte | v2  | Arguments passed to the application in the ApplicationCall transaction |
 | 27 | NumAppArgs | uint64 | v2  | Number of ApplicationArgs |
-| 28 | Accounts | []byte | v2  | Accounts listed in the ApplicationCall transaction |
 | 29 | NumAccounts | uint64 | v2  | Number of Accounts |
 | 30 | ApprovalProgram | []byte | v2  | Approval program |
 | 31 | ClearStateProgram | []byte | v2  | Clear state program |
@@ -478,9 +478,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 45 | FreezeAsset | uint64 | v2  | Asset ID being frozen or un-frozen |
 | 46 | FreezeAssetAccount | []byte | v2  | 32 byte address of the account whose asset slot is being frozen or un-frozen |
 | 47 | FreezeAssetFrozen | uint64 | v2  | The new frozen value, 0 or 1 |
-| 48 | Assets | uint64 | v3  | Foreign Assets listed in the ApplicationCall transaction |
 | 49 | NumAssets | uint64 | v3  | Number of Assets |
-| 50 | Applications | uint64 | v3  | Foreign Apps listed in the ApplicationCall transaction |
 | 51 | NumApplications | uint64 | v3  | Number of Applications |
 | 52 | GlobalNumUint | uint64 | v3  | Number of global state integers in ApplicationCall |
 | 53 | GlobalNumByteSlice | uint64 | v3  | Number of global state byteslices in ApplicationCall |
@@ -488,12 +486,24 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 55 | LocalNumByteSlice | uint64 | v3  | Number of local state byteslices in ApplicationCall |
 | 56 | ExtraProgramPages | uint64 | v4  | Number of additional pages for each of the application's approval and clear state programs. An ExtraProgramPages of 1 means 2048 more total bytes, or 1024 for each program. |
 | 57 | Nonparticipation | uint64 | v5  | Marks an account nonparticipating for rewards |
-| 58 | Logs | []byte | v5  | Log messages emitted by an application call (only with `itxn` in v5). Application mode only |
 | 59 | NumLogs | uint64 | v5  | Number of Logs (only with `itxn` in v5). Application mode only |
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
 | 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
+| 65 | NumApprovalProgramPages | uint64 | v7  | Number of Approval Program pages |
+| 67 | NumClearStateProgramPages | uint64 | v7  | Number of ClearState Program pages |
+
+##### Array Fields
+| Index | Name | Type | In | Notes |
+| - | ------ | -- | - | --------- |
+| 26 | ApplicationArgs | []byte | v2  | Arguments passed to the application in the ApplicationCall transaction |
+| 28 | Accounts | []byte | v2  | Accounts listed in the ApplicationCall transaction |
+| 48 | Assets | uint64 | v3  | Foreign Assets listed in the ApplicationCall transaction |
+| 50 | Applications | uint64 | v3  | Foreign Apps listed in the ApplicationCall transaction |
+| 58 | Logs | []byte | v5  | Log messages emitted by an application call (only with `itxn` in v5). Application mode only |
+| 64 | ApprovalProgramPages | []byte | v7  | Approval Program as an array of pages |
+| 66 | ClearStateProgramPages | []byte | v7  | ClearState Program as an array of pages |
 
 
 Additional details in the [opcodes document](TEAL_opcodes.md#txn) on the `txn` op.
@@ -616,6 +626,7 @@ Account fields used in the `acct_params_get` opcode.
 | `app_params_get f` | X is field F from app A. Y is 1 if A exists, else 0 |
 | `acct_params_get f` | X is field F from account A. Y is 1 if A owns positive algos, else 0 |
 | `log` | write A to log state of the current application |
+| `block f` | field F of block A. Fail if A is not less than the current round or more than 1001 rounds before txn.LastValid. |
 
 ### Inner Transactions
 
diff --git a/dev/TEAL_opcodes.md b/dev/TEAL_opcodes.md
index e68f3331..e2bdf4bc 100644
--- a/dev/TEAL_opcodes.md
+++ b/dev/TEAL_opcodes.md
@@ -372,7 +372,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 0 | Sender | []byte |      | 32 byte address |
 | 1 | Fee | uint64 |      | microalgos |
 | 2 | FirstValid | uint64 |      | round number |
-| 3 | FirstValidTime | uint64 |      | Causes program to fail; reserved for future use |
+| 3 | FirstValidTime | uint64 | v7  | UNIX timestamp of block before txn.FirstValid. Fails if negative |
 | 4 | LastValid | uint64 |      | round number |
 | 5 | Note | []byte |      | Any data up to 1024 bytes |
 | 6 | Lease | []byte |      | 32 byte lease value |
@@ -385,7 +385,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 13 | VoteLast | uint64 |      | The last round that the participation key is valid. |
 | 14 | VoteKeyDilution | uint64 |      | Dilution for the 2-level participation key |
 | 15 | Type | []byte |      | Transaction type as bytes |
-| 16 | TypeEnum | uint64 |      | See table below |
+| 16 | TypeEnum | uint64 |      | Transaction type as integer |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
 | 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
@@ -395,9 +395,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 23 | TxID | []byte |      | The computed ID for this transaction. 32 bytes. |
 | 24 | ApplicationID | uint64 | v2  | ApplicationID from ApplicationCall transaction |
 | 25 | OnCompletion | uint64 | v2  | ApplicationCall transaction on completion action |
-| 26 | ApplicationArgs | []byte | v2  | Arguments passed to the application in the ApplicationCall transaction |
 | 27 | NumAppArgs | uint64 | v2  | Number of ApplicationArgs |
-| 28 | Accounts | []byte | v2  | Accounts listed in the ApplicationCall transaction |
 | 29 | NumAccounts | uint64 | v2  | Number of Accounts |
 | 30 | ApprovalProgram | []byte | v2  | Approval program |
 | 31 | ClearStateProgram | []byte | v2  | Clear state program |
@@ -417,9 +415,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 45 | FreezeAsset | uint64 | v2  | Asset ID being frozen or un-frozen |
 | 46 | FreezeAssetAccount | []byte | v2  | 32 byte address of the account whose asset slot is being frozen or un-frozen |
 | 47 | FreezeAssetFrozen | uint64 | v2  | The new frozen value, 0 or 1 |
-| 48 | Assets | uint64 | v3  | Foreign Assets listed in the ApplicationCall transaction |
 | 49 | NumAssets | uint64 | v3  | Number of Assets |
-| 50 | Applications | uint64 | v3  | Foreign Apps listed in the ApplicationCall transaction |
 | 51 | NumApplications | uint64 | v3  | Number of Applications |
 | 52 | GlobalNumUint | uint64 | v3  | Number of global state integers in ApplicationCall |
 | 53 | GlobalNumByteSlice | uint64 | v3  | Number of global state byteslices in ApplicationCall |
@@ -427,16 +423,15 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 55 | LocalNumByteSlice | uint64 | v3  | Number of local state byteslices in ApplicationCall |
 | 56 | ExtraProgramPages | uint64 | v4  | Number of additional pages for each of the application's approval and clear state programs. An ExtraProgramPages of 1 means 2048 more total bytes, or 1024 for each program. |
 | 57 | Nonparticipation | uint64 | v5  | Marks an account nonparticipating for rewards |
-| 58 | Logs | []byte | v5  | Log messages emitted by an application call (only with `itxn` in v5). Application mode only |
 | 59 | NumLogs | uint64 | v5  | Number of Logs (only with `itxn` in v5). Application mode only |
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
 | 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
+| 65 | NumApprovalProgramPages | uint64 | v7  | Number of Approval Program pages |
+| 67 | NumClearStateProgramPages | uint64 | v7  | Number of ClearState Program pages |
 
 
-FirstValidTime causes the program to fail. The field is reserved for future use.
-
 ## global f
 
 - Opcode: 0x32 {uint8 global field index}
@@ -488,14 +483,27 @@ for notes on transaction fields available, see `txn`. If this transaction is _i_
 
 - Opcode: 0x36 {uint8 transaction field index} {uint8 transaction field array index}
 - Stack: ... &rarr; ..., any
-- Ith value of the array field F of the current transaction
+- Ith value of the array field F of the current transaction<br />`txna` can be called using `txn` with 2 immediates.
 - Availability: v2
 
+`txna` Fields (see [transaction reference](https://developer.algorand.org/docs/reference/transactions/)):
+
+| Index | Name | Type | In | Notes |
+| - | ------ | -- | - | --------- |
+| 26 | ApplicationArgs | []byte | v2  | Arguments passed to the application in the ApplicationCall transaction |
+| 28 | Accounts | []byte | v2  | Accounts listed in the ApplicationCall transaction |
+| 48 | Assets | uint64 | v3  | Foreign Assets listed in the ApplicationCall transaction |
+| 50 | Applications | uint64 | v3  | Foreign Apps listed in the ApplicationCall transaction |
+| 58 | Logs | []byte | v5  | Log messages emitted by an application call (only with `itxn` in v5). Application mode only |
+| 64 | ApprovalProgramPages | []byte | v7  | Approval Program as an array of pages |
+| 66 | ClearStateProgramPages | []byte | v7  | ClearState Program as an array of pages |
+
+
 ## gtxna t f i
 
 - Opcode: 0x37 {uint8 transaction group index} {uint8 transaction field index} {uint8 transaction field array index}
 - Stack: ... &rarr; ..., any
-- Ith value of the array field F from the Tth transaction in the current group
+- Ith value of the array field F from the Tth transaction in the current group<br />`gtxna` can be called using `gtxn` with 3 immediates.
 - Availability: v2
 
 ## gtxns f
@@ -511,7 +519,7 @@ for notes on transaction fields available, see `txn`. If top of stack is _i_, `g
 
 - Opcode: 0x39 {uint8 transaction field index} {uint8 transaction field array index}
 - Stack: ..., A: uint64 &rarr; ..., any
-- Ith value of the array field F from the Ath transaction in the current group
+- Ith value of the array field F from the Ath transaction in the current group<br />`gtxnsa` can be called using `gtxns` with 2 immediates.
 - Availability: v3
 
 ## gload t i
@@ -730,7 +738,7 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 
 - Opcode: 0x58
 - Stack: ..., A: []byte, B: uint64, C: uint64 &rarr; ..., []byte
-- A range of bytes from A starting at B up to but not including B+C. If B+C is larger than the array length, the program fails
+- A range of bytes from A starting at B up to but not including B+C. If B+C is larger than the array length, the program fails<br />`extract3` can be called using `extract` with no immediates.
 - Availability: v5
 
 ## extract_uint16
@@ -758,21 +766,21 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 
 - Opcode: 0x5c {uint8 start position}
 - Stack: ..., A: []byte, B: []byte &rarr; ..., []byte
-- Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A)
+- Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A)<br />`replace2` can be called using `replace` with 1 immediate.
 - Availability: v7
 
 ## replace3
 
 - Opcode: 0x5d
 - Stack: ..., A: []byte, B: uint64, C: []byte &rarr; ..., []byte
-- Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A)
+- Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A)<br />`replace3` can be called using `replace` with no immediates.
 - Availability: v7
 
 ## base64_decode e
 
 - Opcode: 0x5e {uint8 encoding index}
 - Stack: ..., A: []byte &rarr; ..., []byte
-- Decode Base-64 encoded byte-array A. Fail if A is not properly encoded.
+- decode A which was base64-encoded using _encoding_ E. Fail if A is not base64 encoded with encoding E
 - **Cost**: 1 + 1 per 16 bytes of A
 - Availability: v7
 
@@ -784,13 +792,13 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 | 1 | StdEncoding |  |
 
 
-A must be encoded as specified by <a href="https://rfc-editor.org/rfc/rfc4648.html">RFC 4648</a>.  Padding (`=`) characters may be present as specified by the RFC, or omitted entirely.  The encoding must follow the 'canonical' rules of section 3.5. `\n` and `\r` are allowed but completely ignored. No bytes other than those of the encoding alphabet, `=`, `\r`, and `\n` may appear.
+Decodes A using the base64 encoding E. Specify the encoding with an immediate arg either as URL and Filename Safe (`URLEncoding`) or Standard (`StdEncoding`). See <a href="https://rfc-editor.org/rfc/rfc4648.html#section-4">RFC 4648</a> (sections 4 and 5). It is assumed that the encoding ends with the exact number of `=` padding characters as required by the RFC. When padding occurs, any unused pad bits in the encoding must be set to zero or the decoding will fail. The special cases of `\n` and `\r` are allowed but completely ignored. An error will result when attempting to decode a string with a character that is not in the encoding alphabet or not one of `=`, `\r`, or `\n`.
 
 ## json_ref r
 
-- Opcode: 0x5f {uint8 return type}
+- Opcode: 0x5f {string return type}
 - Stack: ..., A: []byte, B: []byte &rarr; ..., any
-- Return key B's value from a [valid](jsonspec.md) utf-8 encoded json object string A. Fail if B's value can not be represented by the type R.
+- return key B's value from a [valid](jsonspec.md) utf-8 encoded json object A
 - **Cost**: 25 + 2 per 7 bytes of A
 - Availability: v7
 
@@ -803,6 +811,8 @@ A must be encoded as specified by <a href="https://rfc-editor.org/rfc/rfc4648.ht
 | 2 | JSONObject | []byte |  |
 
 
+specify the return type with an immediate arg either as JSONUint64 or JSONString or JSONObject.
+
 ## balance
 
 - Opcode: 0x60
@@ -1110,6 +1120,14 @@ bitlen interprets arrays as big-endian integers, unlike setbit/getbit
 
 The notation A,B indicates that A and B are interpreted as a uint128 value, with A as the high uint64 and B the low.
 
+## sha3_256
+
+- Opcode: 0x98
+- Stack: ..., A: []byte &rarr; ..., []byte
+- SHA3_256 hash of value A, yields [32]byte
+- **Cost**: 130
+- Availability: v7
+
 ## b+
 
 - Opcode: 0xa0
@@ -1365,3 +1383,33 @@ The notation A,B indicates that A and B are interpreted as a uint128 value, with
 - Ath value of the array field F from the Tth transaction in the last inner group submitted
 - Availability: v6
 - Mode: Application
+
+## vrf_verify s
+
+- Opcode: 0xd0 {uint8 parameters index}
+- Stack: ..., A: []byte, B: []byte, C: []byte &rarr; ..., X: []byte, Y: uint64
+- Verify the proof B of message A against pubkey C. Returns vrf output and verification flag.
+- **Cost**: 5700
+- Availability: v7
+
+`vrf_verify` Standards:
+
+| Index | Name | Notes |
+| - | ------ | --------- |
+| 0 | VrfAlgorand |  |
+
+
+## block f
+
+- Opcode: 0xd1 {uint8 block field}
+- Stack: ..., A: uint64 &rarr; ..., any
+- field F of block A. Fail if A is not less than the current round or more than 1001 rounds before txn.LastValid.
+- Availability: v7
+
+`block` Fields:
+
+| Index | Name | Type | Notes |
+| - | ------ | -- | --------- |
+| 0 | BlkSeed | []byte |  |
+| 1 | BlkTimestamp | uint64 |  |
+

From b0fc3e0542198d9fbeefc1bb794d66317f9587a6 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Fri, 22 Jul 2022 11:47:46 -0400
Subject: [PATCH 3/7] Cleanup, and `block`

---
 dev/TEAL.md         | 41 +++++++++++++++++++----------------------
 dev/TEAL_opcodes.md | 14 +++++++++-----
 dev/ledger.md       |  6 +++---
 3 files changed, 31 insertions(+), 30 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index 9a7fe00d..3016184c 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -55,9 +55,7 @@ programs, AVM code is versioned.  When new opcodes are introduced, or
 behavior is changed, a new version is introduced.  Programs carrying
 old versions are executed with their original semantics. In the AVM
 bytecode, the version is an incrementing integer, currently 6, and
-denoted vX throughout this document. User friendly version numbers
-that correspond to programmer expectations, such as `AVM 1.0` map to
-these integers.  AVM 0.9 is v4. AVM 1.0 is v5. AVM 1.1 is v6.
+denoted vX throughout this document.
 
 ## Execution Modes
 
@@ -285,7 +283,6 @@ return stack matches the name of the input value.
 | `ecdsa_pk_recover v` | for (data A, recovery id B, signature C, D) recover a public key |
 | `ecdsa_pk_decompress v` | decompress pubkey A into components X, Y |
 | `vrf_verify s` | Verify the proof B of message A against pubkey C. Returns vrf output and verification flag. |
-1} |
 | `+` | A plus B. Fail on overflow. |
 | `-` | A minus B. Fail if B > A. |
 | `/` | A divided by B (truncated division). Fail if B == 0. |
@@ -337,7 +334,7 @@ return stack matches the name of the input value.
 | `replace2 s` | Copy of A with the bytes starting at S replaced by the bytes of B. Fails if S+len(B) exceeds len(A)<br />`replace2` can be called using `replace` with 1 immediate. |
 | `replace3` | Copy of A with the bytes starting at B replaced by the bytes of C. Fails if B+len(C) exceeds len(A)<br />`replace3` can be called using `replace` with no immediates. |
 | `base64_decode e` | decode A which was base64-encoded using _encoding_ E. Fail if A is not base64 encoded with encoding E |
-| `json_ref r` | return key B's value from a [valid](jsonspec.md) utf-8 encoded json object A |
+| `json_ref r` | key B's value, of type R, from a [valid](jsonspec.md) utf-8 encoded json object A |
 
 The following opcodes take byte-array values that are interpreted as
 big-endian unsigned integers.  For mathematical operators, the
@@ -490,7 +487,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
-| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
+| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key |
 | 65 | NumApprovalProgramPages | uint64 | v7  | Number of Approval Program pages |
 | 67 | NumClearStateProgramPages | uint64 | v7  | Number of ClearState Program pages |
 
@@ -626,7 +623,7 @@ Account fields used in the `acct_params_get` opcode.
 | `app_params_get f` | X is field F from app A. Y is 1 if A exists, else 0 |
 | `acct_params_get f` | X is field F from account A. Y is 1 if A owns positive algos, else 0 |
 | `log` | write A to log state of the current application |
-| `block f` | field F of block A. Fail if A is not less than the current round or more than 1001 rounds before txn.LastValid. |
+| `block f` | field F of block A. Fail unless A falls between txn.LastValid-1002 and the current round (exclusive) |
 
 ### Inner Transactions
 
@@ -692,7 +689,7 @@ The assembler parses line by line. Ops that only take stack arguments
 appear on a line by themselves. Immediate arguments follow the opcode
 on the same line, separated by whitespace.
 
-The first line may contain a special version pragma `#pragma version X`, which directs the assembler to generate AVM bytecode targeting a certain version. For instance, `#pragma version 2` produces bytecode targeting TEAL v2. By default, the assembler targets TEAL v1.
+The first line may contain a special version pragma `#pragma version X`, which directs the assembler to generate bytecode targeting a certain version. For instance, `#pragma version 2` produces bytecode targeting v2. By default, the assembler targets v1.
 
 Subsequent lines may contain other pragma declarations (i.e., `#pragma <some-specification>`), pertaining to checks that the assembler should perform before agreeing to emit the program bytes, specific optimizations, etc. Those declarations are optional and cannot alter the semantics as described in this document.
 
@@ -743,25 +740,25 @@ A compiled program starts with a varuint declaring the version of the compiled c
 
 For version 1, subsequent bytes after the varuint are program opcode bytes. Future versions could put other metadata following the version identifier.
 
-It is important to prevent newly-introduced transaction fields from
-breaking assumptions made by older versions of the AVM. If one of the
-transactions in a group will execute a program whose version predates
-a given field, that field must not be set anywhere in the transaction
-group, or the group will be rejected. For example, executing a version
-1 program on a transaction with RekeyTo set to a nonzero address will
-cause the program to fail, regardless of the other contents of the
-program itself.
+It is important to prevent newly-introduced transaction types and
+fields from breaking assumptions made by programs written before they
+existed. If one of the transactions in a group will execute a program
+whose version predates a transaction type or field that can violate
+expectations, that transaction type or field must not be used anywhere
+in the transaction group. A v1 program included in a transaction group
+that includes a ApplicationCall transaction, or a non-zero RekeyTo
+field, will fail regardless of the other contents of the program
+itself.
 
 This requirement is enforced as follows:
 
 * For every transaction, compute the earliest version that supports
-  all the fields and values in this transaction. For example, a
-  transaction with a nonzero RekeyTo field will be (at least) v2.
+  all the fields and values in this transaction.
+  
+* Compute the largest version number across all the transactions in a group (of size 1 or more), call it `maxVerNo`. If any transaction in this group has a program with a version smaller than `maxVerNo`, then that program will fail.
 
-* Compute the largest version number across all the transactions in a group (of size 1 or more), call it `maxVerNo`. If any transaction in this group has a program with a version smaller than `maxVerNo`, then that TEAL program will fail.
-
-In addition, applications must be version 6 or greater to be eligible
-for being called in an inner transaction.
+In addition, applications must be v6 or greater to be eligible for
+being called in an inner transaction.
 
 ## Varuint
 
diff --git a/dev/TEAL_opcodes.md b/dev/TEAL_opcodes.md
index e2bdf4bc..6f7ad450 100644
--- a/dev/TEAL_opcodes.md
+++ b/dev/TEAL_opcodes.md
@@ -427,7 +427,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 60 | CreatedAssetID | uint64 | v5  | Asset ID allocated by the creation of an ASA (only with `itxn` in v5). Application mode only |
 | 61 | CreatedApplicationID | uint64 | v5  | ApplicationID allocated by the creation of an application (only with `itxn` in v5). Application mode only |
 | 62 | LastLog | []byte | v6  | The last message emitted. Empty bytes if none were emitted. Application mode only |
-| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key commitment |
+| 63 | StateProofPK | []byte | v6  | 64 byte state proof public key |
 | 65 | NumApprovalProgramPages | uint64 | v7  | Number of Approval Program pages |
 | 67 | NumClearStateProgramPages | uint64 | v7  | Number of ClearState Program pages |
 
@@ -792,13 +792,15 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 | 1 | StdEncoding |  |
 
 
-Decodes A using the base64 encoding E. Specify the encoding with an immediate arg either as URL and Filename Safe (`URLEncoding`) or Standard (`StdEncoding`). See <a href="https://rfc-editor.org/rfc/rfc4648.html#section-4">RFC 4648</a> (sections 4 and 5). It is assumed that the encoding ends with the exact number of `=` padding characters as required by the RFC. When padding occurs, any unused pad bits in the encoding must be set to zero or the decoding will fail. The special cases of `\n` and `\r` are allowed but completely ignored. An error will result when attempting to decode a string with a character that is not in the encoding alphabet or not one of `=`, `\r`, or `\n`.
+*Warning*: Usage should be restricted to very rare use cases. In almost all cases, smart contracts should directly handle non-encoded byte-strings.	This opcode should only be used in cases where base64 is the only available option, e.g. interoperability with a third-party that only signs base64 strings.
+
+ Decodes A using the base64 encoding E. Specify the encoding with an immediate arg either as URL and Filename Safe (`URLEncoding`) or Standard (`StdEncoding`). See <a href="https://rfc-editor.org/rfc/rfc4648.html#section-4">RFC 4648</a> (sections 4 and 5). It is assumed that the encoding ends with the exact number of `=` padding characters as required by the RFC. When padding occurs, any unused pad bits in the encoding must be set to zero or the decoding will fail. The special cases of `\n` and `\r` are allowed but completely ignored. An error will result when attempting to decode a string with a character that is not in the encoding alphabet or not one of `=`, `\r`, or `\n`.
 
 ## json_ref r
 
 - Opcode: 0x5f {string return type}
 - Stack: ..., A: []byte, B: []byte &rarr; ..., any
-- return key B's value from a [valid](jsonspec.md) utf-8 encoded json object A
+- key B's value, of type R, from a [valid](jsonspec.md) utf-8 encoded json object A
 - **Cost**: 25 + 2 per 7 bytes of A
 - Availability: v7
 
@@ -811,7 +813,9 @@ Decodes A using the base64 encoding E. Specify the encoding with an immediate ar
 | 2 | JSONObject | []byte |  |
 
 
-specify the return type with an immediate arg either as JSONUint64 or JSONString or JSONObject.
+*Warning*: Usage should be restricted to very rare use cases, as JSON decoding is expensive and quite limited. In addition, JSON objects are large and not optimized for size.
+
+Almost all smart contracts should use simpler and smaller methods (such as the ABI - https://arc.algorand.foundation/ARCs/arc-0004). This opcode should only be used in cases where JSON is only available option, e.g. when a third-party only signs JSON.
 
 ## balance
 
@@ -1403,7 +1407,7 @@ The notation A,B indicates that A and B are interpreted as a uint128 value, with
 
 - Opcode: 0xd1 {uint8 block field}
 - Stack: ..., A: uint64 &rarr; ..., any
-- field F of block A. Fail if A is not less than the current round or more than 1001 rounds before txn.LastValid.
+- field F of block A. Fail unless A falls between txn.LastValid-1002 and the current round (exclusive)
 - Availability: v7
 
 `block` Fields:
diff --git a/dev/ledger.md b/dev/ledger.md
index 017cf3be..f3d78079 100644
--- a/dev/ledger.md
+++ b/dev/ledger.md
@@ -1112,9 +1112,9 @@ point must be discarded and the entire transaction rejected.
         - Delete the application’s parameters from the creator’s account data.
           (Note: this does not affect any local state). **SUCCEED.**
     - If `OnCompletion == UpdateApplication`
-        - If an existing program is version 4 or higher program and
-          the supplied program is a downgrade from the existing
-          version **FAIL**
+        - If an existing program is version 4 or higher, and the
+          supplied program is a downgrade from the existing version
+          **FAIL**
         - Update the Approval and ClearState programs for this
           application according to the programs specified in this
           `ApplicationCall` transaction. The new programs are not executed in

From 3b2b0f178688f155136fc04e39313e13a3455299 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Fri, 29 Jul 2022 23:12:00 -0400
Subject: [PATCH 4/7] v6 to v4 for inner calls

---
 dev/TEAL.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index 3016184c..240eb39f 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -757,8 +757,7 @@ This requirement is enforced as follows:
   
 * Compute the largest version number across all the transactions in a group (of size 1 or more), call it `maxVerNo`. If any transaction in this group has a program with a version smaller than `maxVerNo`, then that program will fail.
 
-In addition, applications must be v6 or greater to be eligible for
-being called in an inner transaction.
+In addition, applications must be v4 or greater to be called in an inner transaction.
 
 ## Varuint
 

From eeec4a3d4cc345482047d7e433860de10c23b2d0 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Fri, 29 Jul 2022 23:24:38 -0400
Subject: [PATCH 5/7] AssetSender

---
 dev/TEAL.md         | 2 +-
 dev/TEAL_opcodes.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index 240eb39f..1ce308d6 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -448,7 +448,7 @@ Some of these have immediate data in the byte or bytes after the opcode.
 | 16 | TypeEnum | uint64 |      | Transaction type as integer |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
-| 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
+| 19 | AssetSender | []byte |      | 32 byte address. Source of assets if Sender is the Asset's Clawback address. |
 | 20 | AssetReceiver | []byte |      | 32 byte address |
 | 21 | AssetCloseTo | []byte |      | 32 byte address |
 | 22 | GroupIndex | uint64 |      | Position of this transaction within an atomic transaction group. A stand-alone transaction is implicitly element 0 in a group of 1 |
diff --git a/dev/TEAL_opcodes.md b/dev/TEAL_opcodes.md
index 6f7ad450..1570b196 100644
--- a/dev/TEAL_opcodes.md
+++ b/dev/TEAL_opcodes.md
@@ -388,7 +388,7 @@ The notation J,K indicates that two uint64 values J and K are interpreted as a u
 | 16 | TypeEnum | uint64 |      | Transaction type as integer |
 | 17 | XferAsset | uint64 |      | Asset ID |
 | 18 | AssetAmount | uint64 |      | value in Asset's units |
-| 19 | AssetSender | []byte |      | 32 byte address. Moves asset from AssetSender if Sender is the Clawback address of the asset. |
+| 19 | AssetSender | []byte |      | 32 byte address. Source of assets if Sender is the Asset's Clawback address. |
 | 20 | AssetReceiver | []byte |      | 32 byte address |
 | 21 | AssetCloseTo | []byte |      | 32 byte address |
 | 22 | GroupIndex | uint64 |      | Position of this transaction within an atomic transaction group. A stand-alone transaction is implicitly element 0 in a group of 1 |

From cad7053700e6a527a500da6abcdbe1289ee2edf3 Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Wed, 3 Aug 2022 12:47:29 -0400
Subject: [PATCH 6/7] explication of min avm version

---
 dev/TEAL.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/dev/TEAL.md b/dev/TEAL.md
index 1ce308d6..2fb08bc2 100644
--- a/dev/TEAL.md
+++ b/dev/TEAL.md
@@ -745,10 +745,12 @@ fields from breaking assumptions made by programs written before they
 existed. If one of the transactions in a group will execute a program
 whose version predates a transaction type or field that can violate
 expectations, that transaction type or field must not be used anywhere
-in the transaction group. A v1 program included in a transaction group
-that includes a ApplicationCall transaction, or a non-zero RekeyTo
-field, will fail regardless of the other contents of the program
-itself.
+in the transaction group.
+
+Concretely, the above requirement is translated as follows: A v1
+program included in a transaction group that includes a
+ApplicationCall transaction or a non-zero RekeyTo field will fail
+regardless of the program itself.
 
 This requirement is enforced as follows:
 

From a9c85d9222b29d8c31b89fd3dec51d8078e4197c Mon Sep 17 00:00:00 2001
From: John Jannotti <jannotti@gmail.com>
Date: Thu, 4 Aug 2022 15:59:30 -0400
Subject: [PATCH 7/7] Better links, especially VRF

---
 dev/TEAL_opcodes.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/dev/TEAL_opcodes.md b/dev/TEAL_opcodes.md
index 1570b196..bcfd551b 100644
--- a/dev/TEAL_opcodes.md
+++ b/dev/TEAL_opcodes.md
@@ -794,7 +794,7 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 
 *Warning*: Usage should be restricted to very rare use cases. In almost all cases, smart contracts should directly handle non-encoded byte-strings.	This opcode should only be used in cases where base64 is the only available option, e.g. interoperability with a third-party that only signs base64 strings.
 
- Decodes A using the base64 encoding E. Specify the encoding with an immediate arg either as URL and Filename Safe (`URLEncoding`) or Standard (`StdEncoding`). See <a href="https://rfc-editor.org/rfc/rfc4648.html#section-4">RFC 4648</a> (sections 4 and 5). It is assumed that the encoding ends with the exact number of `=` padding characters as required by the RFC. When padding occurs, any unused pad bits in the encoding must be set to zero or the decoding will fail. The special cases of `\n` and `\r` are allowed but completely ignored. An error will result when attempting to decode a string with a character that is not in the encoding alphabet or not one of `=`, `\r`, or `\n`.
+ Decodes A using the base64 encoding E. Specify the encoding with an immediate arg either as URL and Filename Safe (`URLEncoding`) or Standard (`StdEncoding`). See [RFC 4648 sections 4 and 5](https://rfc-editor.org/rfc/rfc4648.html#section-4). It is assumed that the encoding ends with the exact number of `=` padding characters as required by the RFC. When padding occurs, any unused pad bits in the encoding must be set to zero or the decoding will fail. The special cases of `\n` and `\r` are allowed but completely ignored. An error will result when attempting to decode a string with a character that is not in the encoding alphabet or not one of `=`, `\r`, or `\n`.
 
 ## json_ref r
 
@@ -815,7 +815,7 @@ When A is a uint64, index 0 is the least significant bit. Setting bit 3 to 1 on
 
 *Warning*: Usage should be restricted to very rare use cases, as JSON decoding is expensive and quite limited. In addition, JSON objects are large and not optimized for size.
 
-Almost all smart contracts should use simpler and smaller methods (such as the ABI - https://arc.algorand.foundation/ARCs/arc-0004). This opcode should only be used in cases where JSON is only available option, e.g. when a third-party only signs JSON.
+Almost all smart contracts should use simpler and smaller methods (such as the [ABI](https://arc.algorand.foundation/ARCs/arc-0004). This opcode should only be used in cases where JSON is only available option, e.g. when a third-party only signs JSON.
 
 ## balance
 
@@ -1403,6 +1403,8 @@ The notation A,B indicates that A and B are interpreted as a uint128 value, with
 | 0 | VrfAlgorand |  |
 
 
+`VrfAlgorand` is the VRF used in Algorand. It is ECVRF-ED25519-SHA512-Elligator2, specified in the IETF internet draft [draft-irtf-cfrg-vrf-03](https://datatracker.ietf.org/doc/draft-irtf-cfrg-vrf/03/).
+
 ## block f
 
 - Opcode: 0xd1 {uint8 block field}