diff options
Diffstat (limited to 'src/script/standard.h')
-rw-r--r-- | src/script/standard.h | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/src/script/standard.h b/src/script/standard.h index 8a76606082..9555cc2b61 100644 --- a/src/script/standard.h +++ b/src/script/standard.h @@ -175,136 +175,4 @@ std::optional<std::pair<int, std::vector<Span<const unsigned char>>>> MatchMulti /** Generate a multisig script. */ CScript GetScriptForMultisig(int nRequired, const std::vector<CPubKey>& keys); -struct ShortestVectorFirstComparator -{ - bool operator()(const std::vector<unsigned char>& a, const std::vector<unsigned char>& b) const - { - if (a.size() < b.size()) return true; - if (a.size() > b.size()) return false; - return a < b; - } -}; - -struct TaprootSpendData -{ - /** The BIP341 internal key. */ - XOnlyPubKey internal_key; - /** The Merkle root of the script tree (0 if no scripts). */ - uint256 merkle_root; - /** Map from (script, leaf_version) to (sets of) control blocks. - * More than one control block for a given script is only possible if it - * appears in multiple branches of the tree. We keep them all so that - * inference can reconstruct the full tree. Within each set, the control - * blocks are sorted by size, so that the signing logic can easily - * prefer the cheapest one. */ - std::map<std::pair<std::vector<unsigned char>, int>, std::set<std::vector<unsigned char>, ShortestVectorFirstComparator>> scripts; - /** Merge other TaprootSpendData (for the same scriptPubKey) into this. */ - void Merge(TaprootSpendData other); -}; - -/** Utility class to construct Taproot outputs from internal key and script tree. */ -class TaprootBuilder -{ -private: - /** Information about a tracked leaf in the Merkle tree. */ - struct LeafInfo - { - std::vector<unsigned char> script; //!< The script. - int leaf_version; //!< The leaf version for that script. - std::vector<uint256> merkle_branch; //!< The hashing partners above this leaf. - }; - - /** Information associated with a node in the Merkle tree. */ - struct NodeInfo - { - /** Merkle hash of this node. */ - uint256 hash; - /** Tracked leaves underneath this node (either from the node itself, or its children). - * The merkle_branch field of each is the partners to get to *this* node. */ - std::vector<LeafInfo> leaves; - }; - /** Whether the builder is in a valid state so far. */ - bool m_valid = true; - - /** The current state of the builder. - * - * For each level in the tree, one NodeInfo object may be present. m_branch[0] - * is information about the root; further values are for deeper subtrees being - * explored. - * - * For every right branch taken to reach the position we're currently - * working in, there will be a (non-nullopt) entry in m_branch corresponding - * to the left branch at that level. - * - * For example, imagine this tree: - N0 - - * / \ - * N1 N2 - * / \ / \ - * A B C N3 - * / \ - * D E - * - * Initially, m_branch is empty. After processing leaf A, it would become - * {nullopt, nullopt, A}. When processing leaf B, an entry at level 2 already - * exists, and it would thus be combined with it to produce a level 1 one, - * resulting in {nullopt, N1}. Adding C and D takes us to {nullopt, N1, C} - * and {nullopt, N1, C, D} respectively. When E is processed, it is combined - * with D, and then C, and then N1, to produce the root, resulting in {N0}. - * - * This structure allows processing with just O(log n) overhead if the leaves - * are computed on the fly. - * - * As an invariant, there can never be nullopt entries at the end. There can - * also not be more than 128 entries (as that would mean more than 128 levels - * in the tree). The depth of newly added entries will always be at least - * equal to the current size of m_branch (otherwise it does not correspond - * to a depth-first traversal of a tree). m_branch is only empty if no entries - * have ever be processed. m_branch having length 1 corresponds to being done. - */ - std::vector<std::optional<NodeInfo>> m_branch; - - XOnlyPubKey m_internal_key; //!< The internal key, set when finalizing. - XOnlyPubKey m_output_key; //!< The output key, computed when finalizing. - bool m_parity; //!< The tweak parity, computed when finalizing. - - /** Combine information about a parent Merkle tree node from its child nodes. */ - static NodeInfo Combine(NodeInfo&& a, NodeInfo&& b); - /** Insert information about a node at a certain depth, and propagate information up. */ - void Insert(NodeInfo&& node, int depth); - -public: - /** Add a new script at a certain depth in the tree. Add() operations must be called - * in depth-first traversal order of binary tree. If track is true, it will be included in - * the GetSpendData() output. */ - TaprootBuilder& Add(int depth, Span<const unsigned char> script, int leaf_version, bool track = true); - /** Like Add(), but for a Merkle node with a given hash to the tree. */ - TaprootBuilder& AddOmitted(int depth, const uint256& hash); - /** Finalize the construction. Can only be called when IsComplete() is true. - internal_key.IsFullyValid() must be true. */ - TaprootBuilder& Finalize(const XOnlyPubKey& internal_key); - - /** Return true if so far all input was valid. */ - bool IsValid() const { return m_valid; } - /** Return whether there were either no leaves, or the leaves form a Huffman tree. */ - bool IsComplete() const { return m_valid && (m_branch.size() == 0 || (m_branch.size() == 1 && m_branch[0].has_value())); } - /** Compute scriptPubKey (after Finalize()). */ - WitnessV1Taproot GetOutput(); - /** Check if a list of depths is legal (will lead to IsComplete()). */ - static bool ValidDepths(const std::vector<int>& depths); - /** Compute spending data (after Finalize()). */ - TaprootSpendData GetSpendData() const; - /** Returns a vector of tuples representing the depth, leaf version, and script */ - std::vector<std::tuple<uint8_t, uint8_t, std::vector<unsigned char>>> GetTreeTuples() const; - /** Returns true if there are any tapscripts */ - bool HasScripts() const { return !m_branch.empty(); } -}; - -/** Given a TaprootSpendData and the output key, reconstruct its script tree. - * - * If the output doesn't match the spenddata, or if the data in spenddata is incomplete, - * std::nullopt is returned. Otherwise, a vector of (depth, script, leaf_ver) tuples is - * returned, corresponding to a depth-first traversal of the script tree. - */ -std::optional<std::vector<std::tuple<int, std::vector<unsigned char>, int>>> InferTaprootTree(const TaprootSpendData& spenddata, const XOnlyPubKey& output); - #endif // BITCOIN_SCRIPT_STANDARD_H |