pull down to refresh

If it's too generic I can imagine it'd be difficult to preclude DoS attacks aren't possible. I guess we'd have to be suspicious of operations where the computational cost isn't proportional to the operation's size, but I don't know enough about bitcoin script to imagine OP_CAT breaking that.