Age | Commit message (Collapse) | Author |
|
This changes the keystore data format, wallet format and IsMine logic
to detect watch-only outputs based on direct script matching rather
than first trying to convert outputs to destinations (addresses).
The reason is that we don't know how the software that has the spending
keys works. It may support the same types of scripts as us, but that is
not guaranteed. Furthermore, it removes the ambiguity between addresses
used as identifiers for output scripts or identifiers for public keys.
One practical implication is that adding a normal pay-to-pubkey-hash
address via importaddress will not cause payments to the corresponding
full public key to be detected as IsMine. If that is wanted, add those
scripts directly (importaddress now also accepts any hex-encoded script).
Conflicts:
src/wallet.cpp
|
|
Changes:
* Add Add/Have WatchOnly methods to CKeyStore, and implementations
in CBasicKeyStore.
* Add similar methods to CWallet, and support entries for it in
CWalletDB.
* Make IsMine in script/wallet return a new enum 'isminetype',
rather than a boolean. This allows distinguishing between
spendable and unspendable coins.
* Add a field fSpendable to COutput (GetAvailableCoins' return type).
* Mark watchonly coins in listunspent as 'watchonly': true.
* Add 'watchonly' to validateaddress, suppressing script/pubkey/...
in this case.
Based on a patch by Eric Lombrozo.
Conflicts:
src/qt/walletmodel.cpp
src/rpcserver.cpp
src/wallet.cpp
|
|
86fe1b8 update coding.md to reflect changes by pull (Philip Kaufmann)
e10dcf2 ensure clean and consistent "namespace" usage (Philip Kaufmann)
|
|
transactions
|
|
- remove some missplaced ;
- ensure end of a namespace is clearly visible
- use same formatting when using namespace
|
|
In addition, introduce a cached hash inside CTransaction, to prevent
recalculating it over and over again.
|
|
|
|
|
|
|
|
|
|
You can just use HexStr(script) or script.ToString() for debugging, no
need for these extra functions.
|
|
Since they are not real opcodes, being reported as OP_UNKNOWN is less confusing for human-readable decoding.
Signed-off-by: Huang Le <4tarhl@gmail.com>
|
|
6fd7ef2 Also switch the (unused) verification code to low-s instead of even-s. (Pieter Wuille)
|
|
787ee0c Check redeemScript size does not exceed 520 byte limit (Peter Todd)
4d79098 Increase IsStandard() scriptSig length (Peter Todd)
f80cffa Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails (Peter Todd)
6380180 Add rejection of non-null CHECKMULTISIG dummy values (Peter Todd)
29c1749 Let tx (in)valid tests use any SCRIPT_VERIFY flag (Peter Todd)
68f7d1d Create (MANDATORY|STANDARD)_SCRIPT_VERIFY_FLAGS constants (Peter Todd)
|
|
This is a source of transaction mutability as the dummy value was
previously not checked and could be modified to something other than the
usual OP_0 value.
|
|
|
|
|
|
|
|
a81cd968 introduced a malleability breaker for signatures
(using an even value for S). In e0e14e43 this was changed to
the lower of two potential values, rather than the even one.
Only the signing code was changed though, the (for now unused)
verification code wasn't adapted.
|
|
Per mailing list discussion.
|
|
|
|
|
|
|
|
379778b core: remove includes in .cpp, if header is already in .h (Philip Kaufmann)
|
|
|
|
- example: if util.h includes stdint.h, remove it from util.cpp, as
util.h is the first header included in util.cpp
|
|
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
|
|
Also fix decoderawtransaction to not show reqSigs or addresses for
nulldata txouts. (Previous version also left reqSigs uninitialized
mistakenly)
|
|
Relay OP_RETURN data TxOut as standard transaction type.
|
|
db0e8cc Bump Year Number to 2013 (super3)
|
|
|
|
|
|
Instead of building a full copy of a CTransaction being signed, and
then modifying bits and pieces until its fits the form necessary
for computing the signature hash, use a wrapper serializer that
only serializes the necessary bits on-the-fly.
This makes it easier to see which data is actually being hash,
reduces load on the heap, and also marginally improves performances
(around 3-4us/sigcheck here). The performance improvements are much
larger for large transactions, though.
The old implementation of SignatureHash is moved to a unit tests,
to test whether the old and new algorithm result in the same value
for randomly-constructed transactions.
|
|
|
|
Document and test OP_RESERVED weirdness
|
|
Seems it was forgotten about when IsPushOnly() and the unittests were
written. A particular oddity is that OP_RESERVED doesn't count towards
the >201 opcode limit unlike every other named opcode.
|
|
Partial solaris support
|
|
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)
The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.
This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
|
|
Replace the loop macro with while (true). The #define caused
problems for Qt.
|
|
|
|
This function finds all keys affected by a particular output script,
supporting everything ExtractDestinations supports (pay-to-pubkey,
pay-to-pubkeyhash, multisig) and recurses into subscripts (P2SH).
|
|
|
|
|
|
|
|
|
|
So we stop getting pull requests (like #2604) fixing problems with disabled Script opcodes.
A hard fork would be required to re-enable these, and if we ever did that we'd require extensive review and testing.
|
|
Make IsCanonicalScript() check the hash type more thoroughly
|
|
|
|
Since block validation happens in parallel, multiple threads may be
accessing the signature cache simultaneously. To prevent contention:
* Turn the signature cache lock into a shared mutex
* Make reading from the cache only acquire a shared lock
* Let block validations not store their results in the cache
|
|
|