aboutsummaryrefslogtreecommitdiff
path: root/src/script/interpreter.h
AgeCommit message (Collapse)Author
2020-10-12Implement Tapscript script validation rules (BIP 342)Johnson Lau
This adds a new `SigVersion::TAPSCRIPT`, makes the necessary interpreter changes to make it implement BIP342, and uses them for leaf version 0xc0 in Taproot script path spends.
2020-10-12Use ScriptExecutionData to pass through annex hashPieter Wuille
Instead of recomputing the annex hash every time a signature is verified, compute it once and cache it in a new ScriptExecutionData structure.
2020-10-12Implement Taproot validation (BIP 341)Pieter Wuille
This includes key path spending and script path spending, but not the Tapscript execution implementation (leaf 0xc0 remains unemcumbered in this commit). Includes constants for various aspects of the consensus rules suggested by Jeremy Rubin.
2020-10-12Support for Schnorr signatures and integration in SignatureCheckers (BIP 340)Pieter Wuille
This enables the schnorrsig module in libsecp256k1, adds the relevant types and functions to src/pubkey, as well as in higher-level `SignatureChecker` classes. The (verification side of the) BIP340 test vectors is also added.
2020-10-12Implement Taproot signature hashing (BIP 341)Johnson Lau
This implements the new sighashing scheme from BIP341, with all relevant whole-transaction values precomputed once and cached. Includes changes to PrecomputedTransactionData by Pieter Wuille.
2020-10-12refactor: keep spent outputs in PrecomputedTransactionDataPieter Wuille
A BIP-341 signature message may commit to the scriptPubKeys and amounts of all spent outputs (including other ones than the input being signed for spends), so keep them available to signature hashing code.
2020-10-06scripted-diff: put ECDSA in name of signature functionsPieter Wuille
In preparation for adding Schnorr versions of `CheckSig`, `VerifySignature`, and `ComputeEntry`, give them an ECDSA specific name. -BEGIN VERIFY SCRIPT- sed -i 's/CheckSig(/CheckECDSASignature(/g' $(git grep -l CheckSig ./src) sed -i 's/VerifySignature(/VerifyECDSASignature(/g' $(git grep -l VerifySignature ./src) sed -i 's/ComputeEntry(/ComputeEntryECDSA(/g' $(git grep -l ComputeEntry ./src) -END VERIFY SCRIPT-
2020-04-11[REFACTOR] Initialize PrecomputedTransactionData in CheckInputScriptsPieter Wuille
Add a default constructor to `PrecomputedTransactionData`, which doesn't initialize the struct's members. Instead they're initialized inside the `CheckInputScripts()` function. This allows a later commit to add the spent UTXOs to that structure.
2019-12-30scripted-diff: Bump copyright of files changed in 2019MarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2019-10-15Remove unused includespracticalswift
2018-07-27Update copyright headers to 2018DrahtBot
2018-05-30Generic TransactionSignatureCreator works with both CTransaction and ↵Martin Ankerl
CMutableTransaction Templated version so that no copying of CMutableTransaction into a CTransaction is necessary. This speeds up the test case transaction_tests/test_big_witness_transaction from 7.9 seconds to 3.1 seconds on my machine.
2018-05-05Add constant scriptCode policy in non-segwit scriptsJohnson Lau
This disables OP_CODESEPARATOR in non-segwit scripts (even in an unexecuted branch), and makes a positive FindAndDelete result invalid. This ensures that the scriptCode serialized in SignatureHash() is always the same as the script passing to the EvalScript.
2018-04-13[MOVEONLY] Move CSCript::FindAndDelete to interpreterPieter Wuille
2018-04-10Extract consts for WITNESS_V0 hash sizesBen Woosley
2018-03-09scripted-diff: Convert 11 enums into scoped enums (C++11)practicalswift
-BEGIN VERIFY SCRIPT- sed -i 's/enum DBErrors/enum class DBErrors/g' src/wallet/walletdb.h git grep -l DB_ | xargs sed -i 's/DB_\(LOAD_OK\|CORRUPT\|NONCRITICAL_ERROR\|TOO_NEW\|LOAD_FAIL\|NEED_REWRITE\)/DBErrors::\1/g' sed -i 's/^ DBErrors::/ /g' src/wallet/walletdb.h sed -i 's/enum VerifyResult/enum class VerifyResult/g' src/wallet/db.h sed -i 's/\(VERIFY_OK\|RECOVER_OK\|RECOVER_FAIL\)/VerifyResult::\1/g' src/wallet/db.cpp sed -i 's/enum ThresholdState/enum class ThresholdState/g' src/versionbits.h git grep -l THRESHOLD_ | xargs sed -i 's/THRESHOLD_\(DEFINED\|STARTED\|LOCKED_IN\|ACTIVE\|FAILED\)/ThresholdState::\1/g' sed -i 's/^ ThresholdState::/ /g' src/versionbits.h sed -i 's/enum SigVersion/enum class SigVersion/g' src/script/interpreter.h git grep -l SIGVERSION_ | xargs sed -i 's/SIGVERSION_\(BASE\|WITNESS_V0\)/SigVersion::\1/g' sed -i 's/^ SigVersion::/ /g' src/script/interpreter.h sed -i 's/enum RetFormat {/enum class RetFormat {/g' src/rest.cpp sed -i 's/RF_\(UNDEF\|BINARY\|HEX\|JSON\)/RetFormat::\1/g' src/rest.cpp sed -i 's/^ RetFormat::/ /g' src/rest.cpp sed -i 's/enum HelpMessageMode {/enum class HelpMessageMode {/g' src/init.h git grep -l HMM_ | xargs sed -i 's/HMM_BITCOIN/HelpMessageMode::BITCOIN/g' sed -i 's/^ HelpMessageMode::/ /g' src/init.h sed -i 's/enum FeeEstimateHorizon/enum class FeeEstimateHorizon/g' src/policy/fees.h sed -i 's/enum RBFTransactionState/enum class RBFTransactionState/g' src/policy/rbf.h git grep -l RBF_ | xargs sed -i 's/RBF_TRANSACTIONSTATE_\(UNKNOWN\|REPLACEABLE_BIP125\|FINAL\)/RBFTransactionState::\1/g' sed -i 's/^ RBFTransactionState::/ /g' src/policy/rbf.h sed -i 's/enum BlockSource {/enum class BlockSource {/g' src/qt/clientmodel.h git grep -l BLOCK_SOURCE_ | xargs sed -i 's/BLOCK_SOURCE_\(NONE\|REINDEX\|DISK\|NETWORK\)/BlockSource::\1/g' sed -i 's/^ BlockSource::/ /g' src/qt/clientmodel.h sed -i 's/enum FlushStateMode {/enum class FlushStateMode {/g' src/validation.cpp sed -i 's/FLUSH_STATE_\(NONE\|IF_NEEDED\|PERIODIC\|ALWAYS\)/FlushStateMode::\1/g' src/validation.cpp sed -i 's/^ FlushStateMode::/ /g' src/validation.cpp sed -i 's/enum WitnessMode {/enum class WitnessMode {/g' src/test/script_tests.cpp sed -i 's/WITNESS_\(NONE\|PKH\|SH\)/WitnessMode::\1/g' src/test/script_tests.cpp sed -i 's/^ WitnessMode::/ /g' src/test/script_tests.cpp -END VERIFY SCRIPT-
2018-02-11Fix a-vs-an typospracticalswift
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-12-12Merge #10699: Make all script validation flags backward compatibleWladimir J. van der Laan
01013f5 Simplify tx validation tests (Pieter Wuille) 2dd6f80 Add a test that all flags are softforks (Pieter Wuille) 2851b77 Make all script verification flags softforks (Pieter Wuille) Pull request description: This change makes `SCRIPT_VERIFY_UPGRADABLE_NOPS` not apply to `OP_CHECKLOCKTIMEVERIFY` and `OP_CHECKSEQUENCEVERIFY`. This is a no-op as `UPGRADABLE_NOPS` is only set for mempool transactions, and those always have `SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY` and `SCRIPT_VERIFY_CHECKSEQUENCEVERIFY` set as well. The advantage is that setting more flags now always results in a reduction in acceptable scripts (=softfork). This results in a nice and testable property for validation, for which a new test is added. This also means that the introduction of a new definition for a NOP or witness version will likely need the following procedure (example OP_NOP8 here) * Remove OP_NOP8 from being affected by `SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS`. * Add a `SCRIPT_VERIFY_DISCOURAGE_NOP8`, which only applies to `OP_NOP8`. * Add a `SCRIPT_VERIFY_NOP8` which implements the new consensus logic. * Before activation, add `SCRIPT_VERIFY_DISCOURAGE_NOP8` to the mempool flags. * After activation, add `SCRIPT_VERIFY_NOP8` to both the mempool and consensus flags. Tree-SHA512: d3b4538986ecf646aac9dba13a8d89318baf9e308e258547ca3b99e7c0509747f323edac6b1fea4e87e7d3c01b71193794b41679ae4f86f6e11ed6be3fd62c72
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-10-05Merge #9572: Skip witness sighash cache for non-segwit transactionsWladimir J. van der Laan
0da49b5 Skip precompute sighash for transactions without witness (Johnson Lau) Pull request description: This saves unnecessary hash caching for non-segwit transactions, but I am not sure if the difference is noticeable. Tree-SHA512: 5cd733a729a52a45781510b3572b26e76837a94155caa14311c6d23a27a12e9613ff278dfc2592e21f640202782f22c5ad00fca85c4de5efacaa617c48ccb08d
2017-08-16Declare single-argument (non-converting) constructors "explicit"practicalswift
In order to avoid unintended implicit conversions.
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-06-30Make all script verification flags softforksPieter Wuille
2017-06-28Use the override specifier (C++11) where we expect to be overriding the ↵practicalswift
virtual function of a base class
2017-01-19Skip precompute sighash for transactions without witnessJohnson Lau
2016-12-05Do not shadow variables (gcc set)Pavel Janík
2016-10-16Require compressed keys in segwit as policy and disable signing with ↵Johnson Lau
uncompressed keys for segwit scripts
2016-09-27Add policy: null signature for failed CHECK(MULTI)SIGJohnson Lau
2016-09-23Make non-minimal OP_IF/NOTIF argument non-standard for P2WSHJohnson Lau
2016-08-26Rename to PrecomputedTransactionDataPieter Wuille
2016-08-16Precompute sighashesPieter Wuille
Original version by Nicolas Dorier. Precomputing version by Pieter Wuille.
2016-06-22BIP141: Other consensus critical limits, and BIP145Pieter Wuille
Includes changes by Suhas Daftuar, Luke-jr, and mruddy.
2016-06-22BIP143: Verification logicPieter Wuille
Includes simplifications by Eric Lombrozo.
2016-06-22Refactor script validation to observe amountsPieter Wuille
This is a preparation for BIP143 support.
2016-06-22BIP141: Witness programPieter Wuille
2016-02-14BIP112: Implement CHECKSEQUENCEVERIFYMark Friedenbach
- Replace NOP3 with CHECKSEQUENCEVERIFY (BIP112) <nSequence> CHECKSEQUENCEVERIFY -> <nSequence> - Fails if txin.nSequence < nSequence, allowing funds of a txout to be locked for a number of blocks or a duration of time after its inclusion in a block. - Pull most of CheckLockTime() out into VerifyLockTime(), a local function that will be reused for CheckSequence() - Add bitwise AND operator to CScriptNum - Enable CHECKSEQUENCEVERIFY as a standard script verify flag - Transactions that fail CSV verification will be rejected from the mempool, making it easy to test the feature. However blocks containing "invalid" CSV-using transactions will still be accepted; this is *not* the soft-fork required to actually enable CSV for production use.
2015-12-13Bump copyright headers to 2015MarcoFalke
2015-07-30Resolve issue 3166.mruddy
These changes decode valid SIGHASH types on signatures in assembly (asm) representations of scriptSig scripts. This squashed commit incorporates substantial helpful feedback from jtimon, laanwj, and sipa.
2015-06-21Replace NOP2 with CHECKLOCKTIMEVERIFY (BIP65)Peter Todd
<nLockTime> CHECKLOCKTIMEVERIFY -> <nLockTime> Fails if tx.nLockTime < nLockTime, allowing the funds in a txout to be locked until some block height or block time in the future is reached. Only the logic and unittests are implemented; this commit does not have any actual soft-fork logic in it. Thanks to Pieter Wuille for rebase. Credit goes to Gregory Maxwell for the suggestion of comparing the argument against the transaction nLockTime rather than the current time/blockheight directly.
2015-02-02Avoid storing a reference passed to SignatureChecker constructorsPieter Wuille
2015-02-02Use separate SignatureChecker for CMutableTransactionPieter Wuille
2015-01-08Merge pull request #5143Wladimir J. van der Laan
da918ac Make SCRIPT_VERIFY_CLEANSTACK a standardness requirement (Pieter Wuille) b6e03cc Add SCRIPT_VERIFY_CLEANSTACK (BIP62 rule 6) (Pieter Wuille) ae4151b No semantic change: reuse stack variable in P2SH evaluation (Pieter Wuille)
2014-12-19Added "Core" to copyright headerssandakersmann
Github-Pull: #5494 Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
2014-11-25Add SCRIPT_VERIFY_CLEANSTACK (BIP62 rule 6)Pieter Wuille
Based on an earlier patch by Peter Todd, though the rules here are different (P2SH scripts should not have a CLEANSTACK check before the P2SH evaluation).
2014-11-20Make STRICTENC invalid pubkeys fail the script rather than the opcode.Pieter Wuille
This turns STRICTENC turn into a softforking-safe change (even though it is not intended as a consensus rule), and as a result guarantee that using it for mempool validation only results in consensus-valid transactions in the mempool.
2014-11-17Discourage NOPs reserved for soft-fork upgradesPeter Todd
NOP1 to NOP10 are reserved for future soft-fork upgrades. In the event of an upgrade such NOPs have *VERIFY behavior, meaning that if their arguments are not correct the script fails. Discouraging these NOPs by rejecting transactions containing them from the mempool ensures that we'll never accept transactions, nor mine blocks, with scripts that are now invalid according to the majority of hashing power even if we're not yet upgraded. Previously this wasn't an issue as the IsStandard() rules didn't allow upgradable NOPs anyway, but 7f3b4e95 relaxed the IsStandard() rules for P2SH redemptions allowing any redeemScript to be spent. We *do* allow upgradable NOPs in scripts so long as they are not executed. This is harmless as there is no opportunity for the script to be invalid post-upgrade.
2014-11-14script: create sane error return codes for script validation and remove loggingCory Fields
Attempt to codify the possible error statuses associated with script validation. script/types.h has been created with the expectation that it will be part of the public lib interface. The other flag enums will be moved here in a future commit. Logging has also been removed in order to drop the dependency on core.h. It can be re-added to bitcoind as-needed. This makes script verification finally free of application state and boost!
2014-11-03Fix all header definesPavel Janík
2014-10-25Add SCRIPT_VERIFY_MINIMALDATA (BIP62 rules 3 and 4)Pieter Wuille
Also use the new flag as a standard rule, and replace the IsCanonicalPush standardness check with it (as it is more complete).