diff options
| author | David Bakin <david@bakins-bits.com> | 2022-05-24 13:03:42 -0700 |
|---|---|---|
| committer | David Bakin <david@bakins-bits.com> | 2022-05-25 12:51:01 -0700 |
| commit | bd7c5e2f0a1b572decdf3a4bafe4ee990e1f4953 (patch) | |
| tree | fe04b41c657cab800be99218c830f2f03380f01d /src/script/interpreter.cpp | |
| parent | 90e49c1ececd6296c6ec6109cea525a208c0626e (diff) | |
| download | bitcoin-bd7c5e2f0a1b572decdf3a4bafe4ee990e1f4953.tar.xz | |
Add BIP-341 specified constraints to `ComputeTaprootMerkleRoot`
BIP 341 specifies constraints on the size of the control block _c_ used
to compute the taproot merkle root.
> The last stack element is called the control block _c_, and must have
> length _33 + 32m_, for a value of m that is an integer between 0 and
> 128, inclusive. Fail if it does not have such a length.
(See BIP-341 "Script Validation Rules" here: https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki#script-validation-rules)
Diffstat (limited to 'src/script/interpreter.cpp')
| -rw-r--r-- | src/script/interpreter.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp index c4d13d7283..9f56301377 100644 --- a/src/script/interpreter.cpp +++ b/src/script/interpreter.cpp @@ -1832,6 +1832,10 @@ uint256 ComputeTapleafHash(uint8_t leaf_version, const CScript& script) uint256 ComputeTaprootMerkleRoot(Span<const unsigned char> control, const uint256& tapleaf_hash) { + assert(control.size() >= TAPROOT_CONTROL_BASE_SIZE); + assert(control.size() <= TAPROOT_CONTROL_MAX_SIZE); + assert((control.size() - TAPROOT_CONTROL_BASE_SIZE) % TAPROOT_CONTROL_NODE_SIZE == 0); + const int path_len = (control.size() - TAPROOT_CONTROL_BASE_SIZE) / TAPROOT_CONTROL_NODE_SIZE; uint256 k = tapleaf_hash; for (int i = 0; i < path_len; ++i) { |