Alp: This work looks really interesting. I'm also excited how Peter figured out how to use the nonce-based way of implementing it to protect savings accounts in wallets, really nice work!

Between these two uses, and existing uses for multiple CHECK(MULTI)SIG's in a scriptPubKey, I think it makes sense to create a whitelist for opcodes least likely to cause us problems and allow them in serialized scripts for use with P2SH. That removes the UTXO bloat problem of allowing anything, and limits the risk from opcodes we haven't implemented correctly. (I left out arithmetic from my initial whitelist, just boolean AND and OR for now) I posted my full proposal to the bitcoin-development email list: http://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg02606.html

You should post your thoughts to the list, especially to figure out if the restriction to just boolean opcodes is ok for the first trials. I think it is, we can always extend it later, but if you have a really good argument for arithmetic make your case. Just remember that there have been some serious bugs found related to arithmetic before, so IMO playing it safe initially is a good idea.