diff --git a/src/pubkey.cpp b/src/pubkey.cpp
index a4ca9a170a9..f33a5c2d4a2 100644
--- a/src/pubkey.cpp
+++ b/src/pubkey.cpp
@@ -273,6 +273,40 @@ std::optional<std::pair<XOnlyPubKey, bool>> XOnlyPubKey::CreateTapTweak(const ui
     return ret;
 }
 
+bool XOnlyPubKey::CheckDoubleTweak(const XOnlyPubKey& naked_key, const std::vector<unsigned char>& data, const uint256* merkle_root) const
+{
+    int parity;
+    secp256k1_xonly_pubkey internal_xonly;
+    if (data.empty()) {
+        // No data tweak; the internal key is the naked key
+        if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &internal_xonly, naked_key.data())) return false;
+    } else {
+        // Compute the sha256 of naked_key || data
+        uint256 data_tweak = (HashWriter{} << naked_key << MakeUCharSpan(data)).GetSHA256();
+        secp256k1_xonly_pubkey naked_key_parsed;
+        if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &naked_key_parsed, naked_key.data())) return false;
+        secp256k1_pubkey internal;
+        if (!secp256k1_xonly_pubkey_tweak_add(secp256k1_context_static, &internal, &naked_key_parsed, data_tweak.data())) return false;
+        if (!secp256k1_xonly_pubkey_from_pubkey(secp256k1_context_static, &internal_xonly, &parity, &internal)) return false;
+    }
+    secp256k1_xonly_pubkey expected_xonly;
+    if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &expected_xonly, m_keydata.data())) return false;
+    if (merkle_root != nullptr) {
+        // Compute the taptweak based on merkle_root
+        unsigned char pubkey_bytes[32];
+        secp256k1_xonly_pubkey_serialize(secp256k1_context_static, pubkey_bytes, &internal_xonly);
+        XOnlyPubKey internal_key = XOnlyPubKey(pubkey_bytes);
+        uint256 tweak = internal_key.ComputeTapTweakHash(merkle_root);
+        secp256k1_pubkey result;
+        if (!secp256k1_xonly_pubkey_tweak_add(secp256k1_context_static, &result, &internal_xonly, tweak.begin())) return false;
+        secp256k1_xonly_pubkey result_xonly;
+        if (!secp256k1_xonly_pubkey_from_pubkey(secp256k1_context_static, &result_xonly, &parity, &result)) return false;
+        return secp256k1_xonly_pubkey_cmp(secp256k1_context_static, &result_xonly, &expected_xonly) == 0;
+    } else {
+        // If merkle_root is nullptr, compare internal_xonly with expected_xonly
+        return secp256k1_xonly_pubkey_cmp(secp256k1_context_static, &internal_xonly, &expected_xonly) == 0;
+    }
+}
 
 bool CPubKey::Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) const {
     if (!IsValid())
diff --git a/src/pubkey.h b/src/pubkey.h
index cbc827dc606..384b611a073 100644
--- a/src/pubkey.h
+++ b/src/pubkey.h
@@ -282,6 +282,12 @@ public:
     /** Construct a Taproot tweaked output point with this point as internal key. */
     std::optional<std::pair<XOnlyPubKey, bool>> CreateTapTweak(const uint256* merkle_root) const;
 
+    /** Verify that this key is obtained from the x-only pubkey `naked` after applying in sequence:
+     * - the tweak with `data` (this tweak is skipped if `data` is empty);
+     * - the taptweak with `merkle_root` (unless it's null).
+     */
+    bool CheckDoubleTweak(const XOnlyPubKey& naked_key, const std::vector<unsigned char>& data, const uint256* merkle_root) const;
+
     /** Returns a list of CKeyIDs for the CPubKeys that could have been used to create this XOnlyPubKey.
      * This is needed for key lookups since keys are indexed by CKeyID.
      */
diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp
index 2ff63118aff..341973d2e82 100644
--- a/src/script/interpreter.cpp
+++ b/src/script/interpreter.cpp
@@ -14,6 +14,15 @@
 
 typedef std::vector<unsigned char> valtype;
 
+//! Flag to mark an OP_CHECKCONTRACVERIFY as referring to an input.
+const int CCV_MODE_CHECK_INPUT = -1;
+//! Flag to specify that an OP_CHECKCONTRACVERIFY which refers to an output, with the default amount logic.
+const int CCV_MODE_CHECK_OUTPUT = 0;
+//! Flag to specify that an OP_CHECKCONTRACVERIFY which refers to an output does not check the output amount.
+const int CCV_MODE_CHECK_OUTPUT_IGNORE_AMOUNT = 1;
+//! Flag to specify that an OP_CHECKCONTRACVERIFY referring to an output deducts the amount of its output from the current input amount for future calls.
+const int CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT = 2;
+
 namespace {
 
 inline bool set_success(ScriptError* ret)
@@ -1101,6 +1110,51 @@ bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript&
                 }
                 break;
 
+                case OP_CHECKCONTRACTVERIFY:
+                {
+                    // OP_CHECKCONTRACTVERIFY is only available in Tapscript
+                    if (sigversion == SigVersion::BASE || sigversion == SigVersion::WITNESS_V0) return set_error(serror, SCRIPT_ERR_BAD_OPCODE);
+
+                    // we expect at least the flag to be on the stack
+                    if (stack.empty())
+                        return set_error(serror, SCRIPT_ERR_INVALID_STACK_OPERATION);
+
+                    // initially, read only a single parameter at the top of stack
+                    int flags = CScriptNum(stacktop(-1), fRequireMinimal).getint();
+                    if (flags < -1 || flags > CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT) {
+                        // undefined values of the flags; keep OP_SUCCESS behavior
+                        // in order to enable future upgrades via soft-fork
+                        stack = { {1} };
+                        return set_success(serror);
+                    }
+
+                    // all currently defined versions require exactly 5 stack elements
+
+                    // (data index pk taptree flags -- )
+                    if (stack.size() < 5)
+                        return set_error(serror, SCRIPT_ERR_INVALID_STACK_OPERATION);
+
+                    valtype& data = stacktop(-5);
+                    int index = CScriptNum(stacktop(-4), fRequireMinimal).getint();
+                    valtype& pk = stacktop(-3);
+                    valtype& taptree = stacktop(-2);
+
+                    if (!pk.empty() && pk != std::vector<unsigned char>{0x81} && pk.size() != 32) {
+                        return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
+                    }
+
+                    if (!checker.CheckContract(flags, index, pk, data, taptree, execdata, serror, tx_exec_data)) {
+                        return false; // serror is set
+                    }
+
+                    popstack(stack);
+                    popstack(stack);
+                    popstack(stack);
+                    popstack(stack);
+                    popstack(stack);
+                }
+                break;
+
                 case OP_CHECKMULTISIG:
                 case OP_CHECKMULTISIGVERIFY:
                 {
@@ -1781,6 +1835,116 @@ bool GenericTransactionSignatureChecker<T>::CheckSequence(const CScriptNum& nSeq
     return true;
 }
 
+template <class T>
+bool GenericTransactionSignatureChecker<T>::CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const
+{
+    assert(ScriptExecutionData.m_internal_key.has_value());
+    assert(ScriptExecutionData.m_taproot_merkle_root.has_value());
+    assert(tx_exec_data != nullptr);
+
+    if (!(txdata->m_bip341_taproot_ready && txdata->m_spent_outputs_ready)) {
+        return HandleMissingData(m_mdb);
+    }
+
+    bool use_current_taptree = taptree.size() == 1 && taptree.data()[0] == 0x81;
+    bool use_current_pubkey = pubkey.size() == 1 && pubkey.data()[0] == 0x81;
+
+    uint256 merkle_tree;
+    const uint256 *merkle_tree_ptr = nullptr;
+    if (taptree.empty()) {
+        // no taptweak, leave nullptr
+    } else if (use_current_taptree) {
+        merkle_tree_ptr = &ScriptExecutionData.m_taproot_merkle_root.value();
+    } else if (taptree.size() == 32) {
+        merkle_tree = uint256(taptree);
+        merkle_tree_ptr = &merkle_tree;
+    } else {
+        return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
+    }
+
+    XOnlyPubKey initialXOnlyKey;
+    if (use_current_pubkey) {
+        initialXOnlyKey = ScriptExecutionData.m_internal_key.value();
+    } else if (pubkey.empty()) {
+        initialXOnlyKey = XOnlyPubKey::NUMS_H;
+    } else {
+        initialXOnlyKey = XOnlyPubKey{std::span<const unsigned char>{pubkey.data(), pubkey.data() + 32}};
+    }
+
+    if (index == -1) {
+        index = nIn;
+    }
+
+    auto indexLimit = (mode == CCV_MODE_CHECK_INPUT ? txTo->vin.size() : txTo->vout.size());
+    if (index < 0 || index >= static_cast<int>(indexLimit)) {
+        return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS);
+    }
+
+    CScript scriptPubKey = (mode == CCV_MODE_CHECK_INPUT) ? txdata->m_spent_outputs[index].scriptPubKey : txTo->vout.at(index).scriptPubKey;
+
+    if (scriptPubKey.size() != 1 + 1 + 32 || scriptPubKey[0] != OP_1 || scriptPubKey[1] != 32) {
+        return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
+    }
+
+    const XOnlyPubKey finalXOnlyKey{std::span<const unsigned char>{scriptPubKey.data() + 2, scriptPubKey.data() + 34}};
+
+    if (!finalXOnlyKey.CheckDoubleTweak(initialXOnlyKey, data, merkle_tree_ptr)) {
+        return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH);
+    }
+
+
+    if (!ScriptExecutionData.m_ccv_amount_init) {
+        ScriptExecutionData.m_ccv_amount = amount;
+        ScriptExecutionData.m_ccv_amount_init = true;
+    }
+
+    {
+        LOCK(tx_exec_data->m_mutex);
+        if (tx_exec_data->m_error.has_value()) {
+            // an error related to tx_exec_data already occurred while validating the transaction
+            return set_error(serror, tx_exec_data->m_error.value());
+        }
+
+        switch (mode) {
+            case CCV_MODE_CHECK_OUTPUT:
+                if (tx_exec_data->m_ccv_output_checked_deduct[index]) {
+                    tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
+                    return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
+                }
+                tx_exec_data->m_ccv_output_checked_default[index] = true;
+
+                tx_exec_data->m_ccv_output_min_amount[index] += ScriptExecutionData.m_ccv_amount;
+                ScriptExecutionData.m_ccv_amount = 0;
+                if (txTo->vout[index].nValue < tx_exec_data->m_ccv_output_min_amount[index]) {
+                    tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
+                    return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
+                }
+                break;
+            case CCV_MODE_CHECK_OUTPUT_IGNORE_AMOUNT:
+                // amount checking is disabled
+                break;
+            case CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT:
+                if (tx_exec_data->m_ccv_output_checked_default[index] || tx_exec_data->m_ccv_output_checked_deduct[index]) {
+                    tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
+                    return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
+                }
+                tx_exec_data->m_ccv_output_checked_deduct[index] = true;
+                // subtract amount from input
+                if (txTo->vout[index].nValue > ScriptExecutionData.m_ccv_amount) {
+                    tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
+                    return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
+                }
+                ScriptExecutionData.m_ccv_amount -= txTo->vout[index].nValue;
+
+                break;
+            default:
+                break;
+        }
+    }
+
+    return true;
+}
+
 // explicit instantiation
 template class GenericTransactionSignatureChecker<CTransaction>;
 template class GenericTransactionSignatureChecker<CMutableTransaction>;
@@ -1789,6 +1953,8 @@ static bool ExecuteWitnessScript(const std::span<const valtype>& stack_span, con
 {
     std::vector<valtype> stack{stack_span.begin(), stack_span.end()};
 
+    const bool is_checkcontractverify_active = (flags & SCRIPT_VERIFY_CHECKCONTRACTVERIFY);
+
     if (sigversion == SigVersion::TAPSCRIPT) {
         // OP_SUCCESSx processing overrides everything, including stack element size limits
         CScript::const_iterator pc = exec_script.begin();
@@ -1799,7 +1965,9 @@ static bool ExecuteWitnessScript(const std::span<const valtype>& stack_span, con
                 return set_error(serror, SCRIPT_ERR_BAD_OPCODE);
             }
             // New opcodes will be listed here. May use a different sigversion to modify existing opcodes.
-            if (IsOpSuccess(opcode)) {
+            if (is_checkcontractverify_active && opcode == OP_CHECKCONTRACTVERIFY) {
+                continue;
+            } else if (IsOpSuccess(opcode)) {
                 if (flags & SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS) {
                     return set_error(serror, SCRIPT_ERR_DISCOURAGE_OP_SUCCESS);
                 }
@@ -1856,18 +2024,19 @@ uint256 ComputeTaprootMerkleRoot(std::span<const unsigned char> control, const u
     return k;
 }
 
-static bool VerifyTaprootCommitment(const std::vector<unsigned char>& control, const std::vector<unsigned char>& program, const uint256& tapleaf_hash)
+static bool VerifyTaprootCommitment(const std::vector<unsigned char>& control, const std::vector<unsigned char>& program, const uint256& tapleaf_hash, std::optional<XOnlyPubKey>& internal_key, std::optional<uint256>& merkle_root)
 {
     assert(control.size() >= TAPROOT_CONTROL_BASE_SIZE);
     assert(program.size() >= uint256::size());
     //! The internal pubkey (x-only, so no Y coordinate parity).
     const XOnlyPubKey p{std::span{control}.subspan(1, TAPROOT_CONTROL_BASE_SIZE - 1)};
+    internal_key = p;
     //! The output pubkey (taken from the scriptPubKey).
     const XOnlyPubKey q{program};
     // Compute the Merkle root from the leaf and the provided path.
-    const uint256 merkle_root = ComputeTaprootMerkleRoot(control, tapleaf_hash);
+    merkle_root = ComputeTaprootMerkleRoot(control, tapleaf_hash);
     // Verify that the output pubkey matches the tweaked internal pubkey, after correcting for parity.
-    return q.CheckTapTweak(p, merkle_root, control[0] & 1);
+    return q.CheckTapTweak(p, merkle_root.value(), control[0] & 1);
 }
 
 static bool VerifyWitnessProgram(const CScriptWitness& witness, int witversion, const std::vector<unsigned char>& program, unsigned int flags, const BaseSignatureChecker& checker, ScriptError* serror, bool is_p2sh, TransactionExecutionData* tx_exec_data = nullptr)
@@ -1927,7 +2096,7 @@ static bool VerifyWitnessProgram(const CScriptWitness& witness, int witversion,
                 return set_error(serror, SCRIPT_ERR_TAPROOT_WRONG_CONTROL_SIZE);
             }
             execdata.m_tapleaf_hash = ComputeTapleafHash(control[0] & TAPROOT_LEAF_MASK, script);
-            if (!VerifyTaprootCommitment(control, program, execdata.m_tapleaf_hash)) {
+            if (!VerifyTaprootCommitment(control, program, execdata.m_tapleaf_hash, execdata.m_internal_key, execdata.m_taproot_merkle_root)) {
                 return set_error(serror, SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH);
             }
             execdata.m_tapleaf_hash_init = true;
diff --git a/src/script/interpreter.h b/src/script/interpreter.h
index 8fe1a415b26..19b32c060cd 100644
--- a/src/script/interpreter.h
+++ b/src/script/interpreter.h
@@ -9,6 +9,7 @@
 #include <consensus/amount.h>
 #include <hash.h>
 #include <primitives/transaction.h>
+#include <pubkey.h>
 #include <script/script_error.h> // IWYU pragma: export
 #include <span.h>
 #include <sync.h>
@@ -145,6 +146,9 @@ enum : uint32_t {
     // Making unknown public key versions (in BIP 342 scripts) non-standard
     SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = (1U << 20),
 
+    // OP_CHECKCONTRACTVERIFY
+    SCRIPT_VERIFY_CHECKCONTRACTVERIFY = (1U << 21),
+
     // Constants to point to the highest flag in use. Add new flags above this line.
     //
     SCRIPT_VERIFY_END_MARKER
@@ -203,6 +207,10 @@ struct ScriptExecutionData
     bool m_tapleaf_hash_init = false;
     //! The tapleaf hash.
     uint256 m_tapleaf_hash;
+    //! The taproot internal key.
+    std::optional<XOnlyPubKey> m_internal_key = std::nullopt;
+    //! The merkle root of the taproot tree.
+    std::optional<uint256> m_taproot_merkle_root = std::nullopt;
 
     //! Whether m_codeseparator_pos is initialized.
     bool m_codeseparator_pos_init = false;
@@ -223,22 +231,46 @@ struct ScriptExecutionData
 
     //! The hash of the corresponding output
     std::optional<uint256> m_output_hash;
+
+    //! Whether m_ccv_amount is initialized.
+    bool m_ccv_amount_init = false;
+    //! Residual amount of the current input according to CHECKCONTRACTVERIFY semantics.
+    CAmount m_ccv_amount;
 };
 
 /** The state of the script interpreter that persists across inputs of a single transaction.
  *
  * As access happens across different worker threads, it is crucial that access to this struct
- * is properly synchronized. Code accessing its members must hold the m_mutex lock. */
+ * is properly synchronized. Code accessing its members must hold the m_mutex lock.
+ * Currently only used for OP_CHECKCONTRACTVERIFY. */
 struct TransactionExecutionData {
     const CTransaction* m_tx;
     Mutex m_mutex;
 
-    // members related to the validation state of this transaction
-    // that need to persist across inputs will be added here,
-    // protected by m_mutex.
+    // If an error occurs during the evaluation of a condition related to the access to this
+    // struct, it must be stored here.
+    // The caller _must_ check if this field has value immediately after acquiring the lock,
+    // and return the corresponding script error if it does.
+    // This makes sure that the checks are idempotent if repeated with the same instance
+    // of TransactionExecutionData. This is necessary because the checks might mutate the
+    // state of the struct, and the check might be repeated multiple times.
+    std::optional<ScriptError> m_error GUARDED_BY(m_mutex) = std::nullopt;
+
+    // For each output, the minimum amount of that output in order for the transaction
+    // to be considered valid. Accumulated during the evaluation of OP_CHECKCONTRACTVERIFY
+    // with the 'default' semantics.
+    std::vector<CAmount> m_ccv_output_min_amount GUARDED_BY(m_mutex);
+    // Set to true if this output has been checked with OP_CHECKCONTRACTVERIFY
+    // with the 'default' semantics.
+    std::vector<bool> m_ccv_output_checked_default GUARDED_BY(m_mutex);
+    // Set to true if this output has been checked with OP_CHECKCONTRACTVERIFY
+    // with the 'deduct' semantics.
+    std::vector<bool> m_ccv_output_checked_deduct GUARDED_BY(m_mutex);
 
     TransactionExecutionData(const CTransaction* tx)
-        : m_tx(tx)
+    : m_ccv_output_min_amount(tx ? tx->vout.size() : 0, 0),
+      m_ccv_output_checked_default(tx ? tx->vout.size() : 0, false),
+      m_ccv_output_checked_deduct(tx ? tx->vout.size() : 0, false)
     {
         assert(tx != nullptr); // Ensure the transaction pointer is valid
     }
@@ -310,6 +342,11 @@ public:
          return false;
     }
 
+    virtual bool CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const
+    {
+        return false;
+    }
+
     virtual ~BaseSignatureChecker() = default;
 };
 
@@ -346,6 +383,7 @@ public:
     bool CheckSchnorrSignature(std::span<const unsigned char> sig, std::span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override;
     bool CheckLockTime(const CScriptNum& nLockTime) const override;
     bool CheckSequence(const CScriptNum& nSequence) const override;
+    bool CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const override;
 };
 
 using TransactionSignatureChecker = GenericTransactionSignatureChecker<CTransaction>;
diff --git a/src/script/script.cpp b/src/script/script.cpp
index d650db9a0d6..0aecc2558dc 100644
--- a/src/script/script.cpp
+++ b/src/script/script.cpp
@@ -149,6 +149,8 @@ std::string GetOpName(opcodetype opcode)
     // Opcode added by BIP 342 (Tapscript)
     case OP_CHECKSIGADD            : return "OP_CHECKSIGADD";
 
+    case OP_CHECKCONTRACTVERIFY    : return "OP_CHECKCONTRACTVERIFY";
+
     case OP_INVALIDOPCODE          : return "OP_INVALIDOPCODE";
 
     default:
@@ -360,7 +362,7 @@ bool IsOpSuccess(const opcodetype& opcode)
     return opcode == 80 || opcode == 98 || (opcode >= 126 && opcode <= 129) ||
            (opcode >= 131 && opcode <= 134) || (opcode >= 137 && opcode <= 138) ||
            (opcode >= 141 && opcode <= 142) || (opcode >= 149 && opcode <= 153) ||
-           (opcode >= 187 && opcode <= 254);
+           (opcode >= 188 && opcode <= 254);
 }
 
 bool CheckMinimalPush(const std::vector<unsigned char>& data, opcodetype opcode) {
diff --git a/src/script/script.h b/src/script/script.h
index f4579849803..679cef3f854 100644
--- a/src/script/script.h
+++ b/src/script/script.h
@@ -209,6 +209,8 @@ enum opcodetype
     // Opcode added by BIP 342 (Tapscript)
     OP_CHECKSIGADD = 0xba,
 
+    OP_CHECKCONTRACTVERIFY = 0xbb,
+
     OP_INVALIDOPCODE = 0xff,
 };
 
diff --git a/src/script/script_error.cpp b/src/script/script_error.cpp
index fadc04262c3..77c57c77d85 100644
--- a/src/script/script_error.cpp
+++ b/src/script/script_error.cpp
@@ -111,6 +111,14 @@ std::string ScriptErrorString(const ScriptError serror)
             return "OP_CHECKMULTISIG(VERIFY) is not available in tapscript";
         case SCRIPT_ERR_TAPSCRIPT_MINIMALIF:
             return "OP_IF/NOTIF argument must be minimal in tapscript";
+        case SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS:
+            return "Invalid arguments for OP_CHECKCONTRACTVERIFY";
+        case SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS:
+            return "Index of input/output out of bounds in OP_CHECKCONTRACTVERIFY";
+        case SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH:
+            return "Mismatching contract data or program";
+        case SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT:
+            return "Incorrect amount for OP_CHECKCONTRACTVERIFY";
         case SCRIPT_ERR_OP_CODESEPARATOR:
             return "Using OP_CODESEPARATOR in non-witness script";
         case SCRIPT_ERR_SIG_FINDANDDELETE:
diff --git a/src/script/script_error.h b/src/script/script_error.h
index 44e68fe0fae..dc9d35af2d7 100644
--- a/src/script/script_error.h
+++ b/src/script/script_error.h
@@ -78,6 +78,12 @@ typedef enum ScriptError_t
     SCRIPT_ERR_TAPSCRIPT_CHECKMULTISIG,
     SCRIPT_ERR_TAPSCRIPT_MINIMALIF,
 
+    /* CHECKCONTRACTVERIFY */
+    SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS,
+    SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS,
+    SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH,
+    SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT,
+
     /* Constant scriptCode */
     SCRIPT_ERR_OP_CODESEPARATOR,
     SCRIPT_ERR_SIG_FINDANDDELETE,
diff --git a/src/test/script_tests.cpp b/src/test/script_tests.cpp
index 4a5dc561cc3..89407d6236c 100644
--- a/src/test/script_tests.cpp
+++ b/src/test/script_tests.cpp
@@ -1579,6 +1579,15 @@ static void AssetTest(const UniValue& test, SignatureCache& signature_cache)
             // a subset of test_flags.
             if (fin || ((flags & test_flags) == flags)) {
                 bool ret = VerifyScript(tx.vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.vin[idx].scriptWitness, flags, txcheck, nullptr);
+
+                // HACK: Skip two failing tests due to 0xbb no longer being an op_success on regtest.
+                //       This is of course just a workaround for the draft PR.
+                if (test["comment"].get_str().substr(0, 9) == "opsuccess" &&
+                    tx.vin[idx].scriptWitness.stack.size() > 0 &&
+                    (tx.vin[idx].scriptWitness.stack[0] == std::vector<unsigned char>{0xbb} ||
+                     tx.vin[idx].scriptWitness.stack[0] == std::vector<unsigned char>{0x00, 0x63, 0xbb, 0x68})) {
+                    continue;
+                }
                 BOOST_CHECK(ret);
             }
         }
diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp
index 006d1d55df1..fa80e191899 100644
--- a/src/test/transaction_tests.cpp
+++ b/src/test/transaction_tests.cpp
@@ -70,6 +70,7 @@ static std::map<std::string, unsigned int> mapFlagNames = {
     {std::string("DISCOURAGE_UPGRADABLE_PUBKEYTYPE"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE},
     {std::string("DISCOURAGE_OP_SUCCESS"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS},
     {std::string("DISCOURAGE_UPGRADABLE_TAPROOT_VERSION"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION},
+    {std::string("CHECKCONTRACTVERIFY"), (unsigned int)SCRIPT_VERIFY_CHECKCONTRACTVERIFY},
 };
 
 unsigned int ParseScriptFlags(std::string strFlags)
diff --git a/src/validation.cpp b/src/validation.cpp
index 25e7bd23a8b..b2ba9970a71 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -2230,11 +2230,8 @@ bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
                 // splitting the network between upgraded and
                 // non-upgraded nodes by banning CONSENSUS-failing
                 // data providers.
-                // TODO: Should we make a clone of *tx_exec_data before the first check above, or is it fine
-                //       to pass nullptr?
-                //       We cannot reuse tx_exec_data, as it might be modified
                 CScriptCheck check2(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i,
-                        flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata, nullptr);
+                        flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata, tx_exec_data);
                 auto mandatory_result = check2();
                 if (!mandatory_result.has_value()) {
                     return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("non-mandatory-script-verify-flag (%s)", ScriptErrorString(result->first)), result->second);
diff --git a/test/functional/test_framework/script.py b/test/functional/test_framework/script.py
index 12bfee7c776..1959e2494e6 100644
--- a/test/functional/test_framework/script.py
+++ b/test/functional/test_framework/script.py
@@ -936,4 +936,4 @@ def taproot_construct(pubkey, scripts=None, treat_internal_as_infinity=False):
     return TaprootInfo(CScript([OP_1, tweaked]), pubkey, negated + 0, tweak, leaves, h, tweaked)
 
 def is_op_success(o):
-    return o == 0x50 or o == 0x62 or o == 0x89 or o == 0x8a or o == 0x8d or o == 0x8e or (o >= 0x7e and o <= 0x81) or (o >= 0x83 and o <= 0x86) or (o >= 0x95 and o <= 0x99) or (o >= 0xbb and o <= 0xfe)
+    return o == 0x50 or o == 0x62 or o == 0x89 or o == 0x8a or o == 0x8d or o == 0x8e or (o >= 0x7e and o <= 0x81) or (o >= 0x83 and o <= 0x86) or (o >= 0x95 and o <= 0x99) or (o >= 0xbc and o <= 0xfe)