diff options
| author | Andrew Chow <github@achow101.com> | 2023-10-17 18:22:29 -0400 |
|---|---|---|
| committer | Andrew Chow <github@achow101.com> | 2023-10-17 18:27:52 -0400 |
| commit | c2d4e40e454ba0c7c836a849b6d15db4850079f2 (patch) | |
| tree | 1ce07d7fd1064d6d40d98fe5cf0b1cca0be6a754 /src/script | |
| parent | 9c30f5ef9d6712539cb8dc0f52b3a2206a25e074 (diff) | |
| parent | b22810887b3840ad0fcb424ea7e16d2d195767d9 (diff) | |
Merge bitcoin/bitcoin#28651: Make miniscript GetWitnessSize accurate for tapscript
b22810887b3840ad0fcb424ea7e16d2d195767d9 miniscript: make GetWitnessSize accurate for tapscript (Pieter Wuille)
8be98514080ab816fcb2498ea4bc6f211a2b05e0 test: add tests for miniscript GetWitnessSize (Pieter Wuille)
7ed2b2d430e4dc0d3ba62a30f814df2c7c0c0651 test: remove mutable global contexts in miniscript fuzzer/test (Pieter Wuille)
Pull request description:
So far, the same algorithm is used to compute an (upper bound on) the maximum witness size for both P2WSH and P2TR miniscript. That's unfortunate, because it means fee estimations for P2TR miniscript will miss out on the generic savings brought by P2TR witnesses (smaller signatures and public keys, specifically).
Fix this by making the algorithm use script context specification calculations, and add tests for it. Also included is a cleanup for the tests to avoid mutable globals, as I found it hard to reason about what exactly was being tested.
ACKs for top commit:
achow101:
ACK b22810887b3840ad0fcb424ea7e16d2d195767d9
darosior:
ACK b22810887b3840ad0fcb424ea7e16d2d195767d9
Tree-SHA512: e4bda7376628f3e91cfc74917cefc554ca16eb5f2a0e1adddc33eb8717c4aaa071e56a40f85a2041ae74ec445a7bd0129bba48994c203e0e6e4d25af65954d9e
Diffstat (limited to 'src/script')
| -rw-r--r-- | src/script/miniscript.h | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/script/miniscript.h b/src/script/miniscript.h index d6bded959d..76b952350b 100644 --- a/src/script/miniscript.h +++ b/src/script/miniscript.h @@ -1105,13 +1105,15 @@ private: } internal::WitnessSize CalcWitnessSize() const { + const uint32_t sig_size = IsTapscript(m_script_ctx) ? 1 + 65 : 1 + 72; + const uint32_t pubkey_size = IsTapscript(m_script_ctx) ? 1 + 32 : 1 + 33; switch (fragment) { case Fragment::JUST_0: return {{}, 0}; case Fragment::JUST_1: case Fragment::OLDER: case Fragment::AFTER: return {0, {}}; - case Fragment::PK_K: return {1 + 72, 1}; - case Fragment::PK_H: return {1 + 72 + 1 + 33, 1 + 1 + 33}; + case Fragment::PK_K: return {sig_size, 1}; + case Fragment::PK_H: return {sig_size + pubkey_size, 1 + pubkey_size}; case Fragment::SHA256: case Fragment::RIPEMD160: case Fragment::HASH256: @@ -1131,8 +1133,8 @@ private: case Fragment::OR_C: return {subs[0]->ws.sat | (subs[0]->ws.dsat + subs[1]->ws.sat), {}}; case Fragment::OR_D: return {subs[0]->ws.sat | (subs[0]->ws.dsat + subs[1]->ws.sat), subs[0]->ws.dsat + subs[1]->ws.dsat}; case Fragment::OR_I: return {(subs[0]->ws.sat + 1 + 1) | (subs[1]->ws.sat + 1), (subs[0]->ws.dsat + 1 + 1) | (subs[1]->ws.dsat + 1)}; - case Fragment::MULTI: return {k * (1 + 72) + 1, k + 1}; - case Fragment::MULTI_A: return {k * (1 + 65) + static_cast<uint32_t>(keys.size()) - k, static_cast<uint32_t>(keys.size())}; + case Fragment::MULTI: return {k * sig_size + 1, k + 1}; + case Fragment::MULTI_A: return {k * sig_size + static_cast<uint32_t>(keys.size()) - k, static_cast<uint32_t>(keys.size())}; case Fragment::WRAP_A: case Fragment::WRAP_N: case Fragment::WRAP_S: |