aboutsummaryrefslogtreecommitdiff
path: root/src/script.h
AgeCommit message (Collapse)Author
2013-09-23Merge pull request #2791 from sipa/provepruneGavin Andresen
Prune provably-unspendable outputs
2013-09-18Replace printf with LogPrintf / LogPrintGavin Andresen
2013-08-25Document and test OP_RESERVED weirdnessPeter Todd
Seems it was forgotten about when IsPushOnly() and the unittests were written. A particular oddity is that OP_RESERVED doesn't count towards the >201 opcode limit unlike every other named opcode.
2013-08-16Only create signatures with even S, and verification mode to check.Pieter Wuille
To fix a minor malleability found by Sergio Lerner (reported here: https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898) The problem is that if (R,S) is a valid ECDSA signature for a given message and public key, (R,-S) is also valid. Modulo N (the order of the secp256k1 curve), this means that both (R,S) and (R,N-S) are valid. Given that N is odd, S and N-S have a different lowest bit. We solve the problem by forcing signatures to have an even S value, excluding one of the alternatives. This commit just changes the signing code to always produce even S values, and adds a verification mode to check it. This code is not enabled anywhere yet. Existing tests in key_tests.cpp verify that the produced signatures are still valid.
2013-07-10Prune provably-unspendable outputsPieter Wuille
2013-06-22Add ExtractAffectedKeys to scriptPieter Wuille
This function finds all keys affected by a particular output script, supporting everything ExtractDestinations supports (pay-to-pubkey, pay-to-pubkeyhash, multisig) and recurses into subscripts (P2SH).
2013-06-05Removed AcceptToMemoryPool method from CTransaction. This method belongs to ↵Eric Lombrozo
the mempool instance. Removed AreInputsStandard from CTransaction, made it a regular function in main. Moved CTransaction::GetOutputFor to CCoinsViewCache. Moved GetLegacySigOpCount and GetP2SHSigOpCount out of CTransaction into regular functions in main. Moved GetValueIn and HaveInputs from CTransaction into CCoinsViewCache. Moved AllowFree, ClientCheckInputs, CheckInputs, UpdateCoins, and CheckTransaction out of CTransaction and into main. Moved IsStandard and IsFinal out of CTransaction and put them in main as IsStandardTx and IsFinalTx. Moved GetValueOut out of CTransaction into main. Moved CTxIn, CTxOut, and CTransaction into core. Added minimum fee parameter to CTxOut::IsDust() temporarily until CTransaction is moved to core.h so that CTxOut needn't know about CTransaction.
2013-05-30CSecret/CKey -> CKey/CPubKey split/refactorPieter Wuille
2013-05-30Make CPubKey statically allocatedPieter Wuille
2013-01-18Replace 520 constant with MAX_SCRIPT_ELEMENT_SIZEMatt Corallo
2013-01-17Merge pull request #2060 from sipa/parallelGavin Andresen
Parallel script verification
2013-01-15Fix clang warningsGavin Andresen
2013-01-08Remove contention on signature cache during block validationPieter Wuille
Since block validation happens in parallel, multiple threads may be accessing the signature cache simultaneously. To prevent contention: * Turn the signature cache lock into a shared mutex * Make reading from the cache only acquire a shared lock * Let block validations not store their results in the cache
2013-01-08Move VerifySignature to mainPieter Wuille
2012-11-15Introduce script verification flagsPieter Wuille
These flags select features to be enabled/disabled during script evaluation/checking, instead of several booleans passed along. Currently these flags are defined: * SCRIPT_VERIFY_P2SH: enable BIP16-style subscript evaluation * SCRIPT_VERIFY_STRICTENC: enforce strict adherence to pubkey/sig encoding standards.
2012-10-20UltraprunePieter Wuille
This switches bitcoin's transaction/block verification logic to use a "coin database", which contains all unredeemed transaction output scripts, amounts and heights. The name ultraprune comes from the fact that instead of a full transaction index, we only (need to) keep an index with unspent outputs. For now, the blocks themselves are kept as usual, although they are only necessary for serving, rescanning and reorganizing. The basic datastructures are CCoins (representing the coins of a single transaction), and CCoinsView (representing a state of the coins database). There are several implementations for CCoinsView. A dummy, one backed by the coins database (coins.dat), one backed by the memory pool, and one that adds a cache on top of it. FetchInputs, ConnectInputs, ConnectBlock, DisconnectBlock, ... now operate on a generic CCoinsView. The block switching logic now builds a single cached CCoinsView with changes to be committed to the database before any changes are made. This means no uncommitted changes are ever read from the database, and should ease the transition to another database layer which does not support transactions (but does support atomic writes), like LevelDB. For the getrawtransaction() RPC call, access to a txid-to-disk index would be preferable. As this index is not necessary or even useful for any other part of the implementation, it is not provided. Instead, getrawtransaction() uses the coin database to find the block height, and then scans that block to find the requested transaction. This is slow, but should suffice for debug purposes.
2012-10-20Compact serialization for scriptsPieter Wuille
Special serializers for script which detect common cases and encode them much more efficiently. 3 special cases are defined: * Pay to pubkey hash (encoded as 21 bytes) * Pay to script hash (encoded as 21 bytes) * Pay to pubkey starting with 0x02, 0x03 or 0x04 (encoded as 33 bytes) Other scripts up to 121 bytes require 1 byte + script length. Above that, scripts up to 16505 bytes require 2 bytes + script length.
2012-09-21Check for canonical public keys and signaturesPieter Wuille
Only enabled inside tests for now.
2012-08-01Update Warning-strings to use a standard-formatPhilip Kaufmann
- ensure warnings always start with "Warning:" and that the first character after ":" is written uppercase - ensure the first sentence in warnings ends with an "!" - remove unneeded spaces from Warning-strings - add missing Warning-string translation - remove a "\n" and replace with untranslatable "<br><br>"
2012-07-05Implement raw transaction RPC callsGavin Andresen
Implement listunspent / getrawtransaction / createrawtransaction / signrawtransaction, to support creation and signing-on-multiple-device multisignature transactions.
2012-07-05Refactor: SignSignature/VerifyScriptGavin Andresen
Minor refactor to support signrawtx signing/verifying transactions when it might only have the previous transaction's txid and txOut.
2012-07-02Fix signed/unsigned warnings in {script,serialize}.h (fixes #1541)Matt Corallo
2012-05-24Refactor: split CKeyID/CScriptID/CTxDestination from CBitcoinAddressPieter Wuille
This introduces internal types: * CKeyID: reference (hash160) of a key * CScriptID: reference (hash160) of a script * CTxDestination: a boost::variant of the former two CBitcoinAddress is retrofitted to be a Base58 encoding of a CTxDestination. This allows all internal code to only use the internal types, and only have RPC and GUI depend on the base58 code. Furthermore, the header dependencies are a lot saner now. base58.h is at the top (right below rpc and gui) instead of at the bottom. For the rest: wallet -> script -> keystore -> key. Only keystore still requires a forward declaration of CScript. Solving that would require splitting script into two layers.
2012-05-24Encapsulate public keys in CPubKeyPieter Wuille
2012-05-18Update License in File HeadersFordy
I originally created a pull to replace the "COPYING" in crypter.cpp and crypter.h, but it turned out that COPYING was actually the correct file.
2012-04-23Add casts for unavoidable signed/unsigned comparisonsJeff Garzik
At these code sites, it is preferable to cast rather than change a variable's type.
2012-04-23SigOp and orphan-tx constants and counts are always unsigned.Jeff Garzik
Fixes several sign-comparison warnings.
2012-04-21Add explicit numeric constant value for all opcodesWladimir J. van der Laan
- Easier for debugging (what opcode was 0x... again?) - Clarifies that the opcodes are set in stone in the protocol, and signals that it is impossible to insert opcodes in between.
2012-04-18Fix bugs on 'unsigned char' platforms.Dwayne C. Litzenberger
In ISO C++, the signedness of 'char' is undefined. On some platforms (e.g. ARM), 'char' is an unsigned type, but some of the code relies on 'char' being signed (as it is on x86). This is indicated by compiler warnings like this: bignum.h: In constructor 'CBigNum::CBigNum(char)': bignum.h:81:59: warning: comparison is always true due to limited range of data type [-Wtype-limits] util.cpp: In function 'bool IsHex(const string&)': util.cpp:427:28: warning: comparison is always false due to limited range of data type [-Wtype-limits] In particular, IsHex erroneously returned true regardless of the input characters, as long as the length of the string was a positive multiple of 2. Note: For testing, it's possible using GCC to force char to be unsigned by adding the -funsigned-char parameter to xCXXFLAGS.
2012-03-26Begin doxygen-compatible commentsPieter Wuille
2012-02-07Update all copyrights to 2012Gavin Andresen
2012-01-19Make transactions with extra data in their scriptSig's non-standard.Gavin Andresen
2012-01-13Replace OP_EVAL (BIP 12) with Pay-to-script-hash (BIP 16).Gavin Andresen
2012-01-13Remove not-used-anywhere scriptPrereq from SignSignature()Gavin Andresen
2011-12-22Fix broken ExtractAddress (refactored, made callers check for addresses in ↵Gavin Andresen
keystore if they care)
2011-12-21Revert "Use standard C99 (and Qt) types for 64-bit integers"Wladimir J. van der Laan
This reverts commit 21d9f36781604e4ca9fc35dc65265593423b73e9.
2011-12-20Use standard C99 (and Qt) types for 64-bit integersLuke Dashjr
2011-12-19Use block times for 'hard' OP_EVAL switchover, and refactored EvalScriptGavin Andresen
so it takes a flag for how to interpret OP_EVAL. Also increased IsStandard size of scriptSigs to 500 bytes, so a 3-of-3 multisig transaction IsStandard.
2011-12-19OP_EVAL implementationGavin Andresen
OP_EVAL is a new opcode that evaluates an item on the stack as a script. It enables a new type of bitcoin address that needs an arbitrarily complex script to redeem.
2011-12-19Support 3 new multisignature IsStandard transactionsGavin Andresen
Initial support for (a and b), (a or b), and 2-of-3 escrow transactions (where a, b, and c are keys).
2011-08-11Merge pull request #458 from TheBlueMatt/copyrightGavin Andresen
Unify copyright notices.
2011-08-09Unify copyright notices.Matt Corallo
To a variation on: // Copyright (c) 2009-2010 Satoshi Nakamoto // Copyright (c) 2011 The Bitcoin developers
2011-08-08Add prototype for EvalScript() to script.hVegard Nossum
This is needed for the script unit tests.
2011-08-08Add missing include to script.hVegard Nossum
2011-07-17Use CBitcoinAddress instead of string/uint160Pieter Wuille
Instead of conversion functions between pubkey/uint160/address in base58.h, have a fully fledged class CBitcoinAddress (CAddress was already taken) to represent addresses.
2011-07-17get rid of mapPubKeysPieter Wuille
Make CKeyStore's interface work on uint160's instead of pubkeys, so no separate global mapPubKeys is necessary anymore.
2011-07-13fix warnings: expression result unused [-Wunused-value]Giel van Schijndel
In the assert()s take advantage of the fact that string constants ("string") are effectively of type 'const char []', which when used in an expression yield a non-NULL pointer. An assertion that should always fail can thus be formulated as: assert(!"fail); An assertion where a text message should be added to the expression can be written as such: assert("message" && expression); Signed-off-by: Giel van Schijndel <me@mortis.eu>
2011-06-15CWallet classPieter Wuille
* A new class CKeyStore manages private keys, and script.cpp depends on access to CKeyStore. * A new class CWallet extends CKeyStore, and contains all former wallet-specific globals; CWallet depends on script.cpp, not the other way around. * Wallet-specific functions in CTransaction/CTxIn/CTxOut (GetDebit, GetCredit, GetChange, IsMine, IsFromMe), are moved to CWallet, taking their former 'this' argument as an explicit parameter * CWalletTx objects know which CWallet they belong to, for convenience, so they have their own direct (and caching) GetDebit/... functions. * Some code was moved from CWalletDB to CWallet, such as handling of reserve keys. * Main.cpp keeps a set of all 'registered' wallets, which should be informed about updates to the block chain, and does not have any notion about any 'main' wallet. Function in main.cpp that require a wallet (such as GenerateCoins), take an explicit CWallet* argument. * The actual CWallet instance used by the application is defined in init.cpp as "CWallet* pwalletMain". rpc.cpp and ui.cpp use this variable. * Functions in main.cpp and db.cpp that are not used by other modules are marked static. * The code for handling the 'submitorder' message is removed, as it not really compatible with the idea that a node is independent from the wallet(s) connected to it, and obsolete anyway.
2011-06-15move wallet code to separate filePieter Wuille
This introduces two new source files, keystore.cpp and wallet.cpp with corresponding headers. Code is moved from main and db, in a preparation for a follow-up commit which introduces the classes CWallet and CKeyStore.
2011-05-15make bitcoin include files more modularWladimir J. van der Laan