aboutsummaryrefslogtreecommitdiff
path: root/src/script/miniscript.h
AgeCommit message (Collapse)Author
2024-08-05miniscript: Use `ToIntegral` instead of `ParseInt64`brunoerg
2024-07-08tidy: modernize-use-equals-defaultMarcoFalke
2024-06-12Merge bitcoin/bitcoin#29015: kernel: Streamline util libraryAva Chow
c7376babd19d0c858fef93ebd58338abd530c1f4 doc: Clarify distinction between util and common libraries in libraries.md (Ryan Ofsky) 4f74c59334d496f28e1a5c0d84c412f9020b366f util: Move util/string.h functions to util namespace (Ryan Ofsky) 4d05d3f3b42a41525aa6ec44b90f543dfab53ecf util: add TransactionError includes and namespace declarations (Ryan Ofsky) 680eafdc74021c1e0893c3a62404e607fd4724f5 util: move fees.h and error.h to common/messages.h (Ryan Ofsky) 02e62c6c9af4beabaeea58fb1ea3ad0dc5094678 common: Add PSBTError enum (Ryan Ofsky) 0d44c44ae33434f366229c612d6edeedf7658963 util: move error.h TransactionError enum to node/types.h (Ryan Ofsky) 9bcce2608dd2515dc35a0f0866abc9d43903c795 util: move spanparsing.h to script/parsing.h (Ryan Ofsky) 6dd2ad47922694d2ab84bad4dac9dd442c5df617 util: move spanparsing.h Split functions to string.h (Ryan Ofsky) 23cc8ddff472d259605d7790ba98a1900e77efab util: move HexStr and HexDigit from util to crypto (TheCharlatan) 6861f954f8ff42c87ad638037adae86a5bd89600 util: move util/message to common/signmessage (Ryan Ofsky) cc5f29fbea15d33e4d1aa95591253c6b86953fe7 build: move memory_cleanse from util to crypto (Ryan Ofsky) 5b9309420cc9721a0d5745b6ad3166a4bdbd1508 build: move chainparamsbase from util to common (Ryan Ofsky) ffa27af24da81a97d6c4912ae0e10bc5b6f17f69 test: Add check-deps.sh script to check for unexpected library dependencies (Ryan Ofsky) Pull request description: Remove `fees.h`, `errors.h`, and `spanparsing.h` from the util library. Specifically: - Move `Split` functions from `util/spanparsing.h` to `util/string.h`, using `util` namespace for clarity. - Move remaining spanparsing functions to `script/parsing.h` since they are used for descriptor and miniscript parsing. - Combine `util/fees.h` and `util/errors.h` into `common/messages.h` so there is a place for simple functions that generate user messages to live, and these functions are not part of the util library. Motivation for this change is that the util library is a dependency of the kernel, and we should remove functionality from util that shouldn't be called by kernel code or kernel applications. These changes should also improve code organization and make functions easier to discover. Some of these same moves are (or were) part of #28690, but did not help with code organization, or made it worse, so it is better to move them and clean them up in the same PR so code only has to change one time. ACKs for top commit: achow101: ACK c7376babd19d0c858fef93ebd58338abd530c1f4 TheCharlatan: Re-ACK c7376babd19d0c858fef93ebd58338abd530c1f4 hebasto: re-ACK c7376babd19d0c858fef93ebd58338abd530c1f4. Tree-SHA512: 5bcef16c1255463b1b69270548711e7ff78ca0dd34e300b95e3ca1ce52ceb34f83d9ddb2839e83800ba36b200de30396e504bbb04fa02c6d0c24a16d06ae523d
2024-06-07refactor: Rename CTransaction::nVersion to versionAva Chow
In order to ensure that the change of nVersion to a uint32_t in the previous commit has no effect, rename nVersion to version in this commit so that reviewers can easily spot if a spot was missed or if there is a check somewhere whose semantics have changed.
2024-05-16util: Move util/string.h functions to util namespaceRyan Ofsky
There are no changes to behavior. Changes in this commit are all additions, and are easiest to review using "git diff -U0 --word-diff-regex=." options. Motivation for this change is to keep util functions with really generic names like "Split" and "Join" out of the global namespace so it is easier to see where these functions are defined, and so they don't interfere with function overloading, especially since the util library is a dependency of the kernel library and intended to be used with external code.
2024-05-16util: move spanparsing.h to script/parsing.hRyan Ofsky
Move miniscript / descriptor script parsing functions out of util library so they are not a dependency of the kernel. There are no changes to code or behavior.
2024-05-03miniscript: make operator_mst constevalPieter Wuille
It seems modern compilers don't realize that all invocations of operator""_mst can be evaluated at compile time, despite the constexpr keyword. Since C++20, we can force them to evaluate at compile time, turning all the miniscript type constants into actual compile-time constants. It appears that MSVC does not support consteval operator"" when used inside certain expressions. For the few places where this happens, define a constant outside the operator call. Co-Authored-By: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2024-03-26doc: fix some typoscrazeteam
Signed-off-by: crazeteam <lilujing@outlook.com>
2023-10-13miniscript: make GetWitnessSize accurate for tapscriptPieter Wuille
2023-10-08miniscript: remove P2WSH-specific part of GetStackSize doc commentAntoine Poinsot
2023-10-08miniscript: have a custom Node destructorAntoine Poinsot
To avoid recursive calls in shared_ptr's destructor that could lead to a stack overflow.
2023-10-08descriptor: Tapscript-specific Miniscript key serialization / parsingAntoine Poinsot
64-hex-characters public keys are valid in Miniscript key expressions within a Tapscript context. Keys under a Tapscript context always serialize as 32-bytes x-only public keys (and that's what get hashed by OP_HASH160 on the stack too).
2023-10-08miniscript: check maximum stack size during executionAntoine Poinsot
Under Tapscript, due to the lifting of some standardness and consensus limits, scripts can now run into the maximum stack size during execution. Any Miniscript that may hit the limit on any of its spending paths must be marked as unsafe. Co-Authored-By: Pieter Wuille <pieter@wuille.net>
2023-10-08miniscript: account for keys as being 32 bytes under Taproot contextAntoine Poinsot
2023-10-08miniscript: adapt resources checks depending on contextAntoine Poinsot
Under Tapscript, there is: - No limit on the number of OPs - No limit on the script size, it's implicitly limited by the maximum (standard) transaction size. - No standardness limit on the number of stack items, it's limited by the consensus MAX_STACK_SIZE. This requires tracking the maximum stack size at all times during script execution, which will be tackled in its own commit. In order to avoid any Miniscript that would not be spendable by a standard transaction because of the size of the witness, we limit the script size under Tapscript to the maximum standard transaction size minus the maximum possible witness and Taproot control block sizes. Note this is a conservative limit but it still allows for scripts more than a hundred times larger than under P2WSH.
2023-10-08miniscript: make 'd:' have the 'u' property under Tapscript contextAntoine Poinsot
In Tapscript MINIMALIF is a consensus rule, so we can rely on the fact that the `DUP IF [X] ENDIF` will always put an exact 1 on the stack upon satisfaction.
2023-10-08miniscript: introduce a multi_a fragmentAntoine Poinsot
It is the equivalent of multi() but for Tapscript, using CHECKSIGADD instead of CHECKMULTISIG. It shares the same properties as multi() but for 'n', since a threshold multi_a() may have an empty vector as the top element of its satisfaction. It could also have the 'o' property when it only has a single key, but in this case a 'pk()' is always preferable anyways.
2023-10-08miniscript: restrict multi() usage to P2WSH contextAntoine Poinsot
CHECKMULTISIG is disabled for Tapscript. Instead, we'll introduce a multi_a() fragment with the same semantic as multi().
2023-10-08miniscript: store the script context within the Node structureAntoine Poinsot
Some checks will be different depending on the script context (for instance the maximum script size).
2023-10-08miniscript: introduce a MsContext() helper to contextsAntoine Poinsot
We are going to introduce Tapscript support in Miniscript, for which some of Miniscript rules and properties change (new or modified fragments, different typing rules, different resources consumption, ..).
2023-10-08miniscript: don't anticipate signature presence in CalcStackSize()Antoine Poinsot
It's true that for any public key there'll be a signature check in a valid Miniscript. The code would previously, when computing the size of a satisfaction, account for the signature when it sees a public key push. Instead, account for it when it is required (ie when encountering the `c:` wrapper). This has two benefits: - Allows to accurately compute the net effect of a fragment on the stack size. This is necessary to track the size of the stack during the execution of a Script. - It also just makes more sense, making the code more accessible to future contributors.
2023-10-08miniscript: add a missing dup key check bypass in Parse()Antoine Poinsot
This was calling the wrong constructor.
2023-08-25miniscript: introduce a helper to get the maximum witness sizeAntoine Poinsot
Similarly to how we compute the maximum stack size. Also note how it would be quite expensive to recompute it recursively by accounting for different ECDSA signature sizes. So we just assume high-R everywhere. It's only a trivial difference anyways.
2023-08-25miniscript: make GetStackSize independent of P2WSH contextAntoine Poinsot
It was taking into account the P2WSH script push in the number of stack elements.
2023-07-01descriptor: refuse to parse unspendable miniscript descriptorsAntoine Poinsot
It's possible for some unsatisfiable miniscripts to be considered sane. Make sure we refuse to import those, as they would be unspendable.
2023-06-29miniscript: make GetStackSize() and GetOps() return optionalsAntoine Poinsot
The value is only set for satisfiable nodes, so it was undefined for non-satisfiable nodes. Make it clear in the interface by returning std::nullopt if the node isn't satisfiable instead of an undefined value.
2023-03-31miniscript: explicit cast instead of comparing integers of different signsAntoine Poinsot
2023-02-28Make miniscript fuzzers avoid ops limitPieter Wuille
Keep track of the total number of ops the constructed script will have during miniscript_stable and miniscript_smart fuzzers' GenNode, so it can abort early if the 201 ops limit would be exceeded. Also add a self-check that the final constructed node has the predicted ops size limit, so we know the fuzzer's logic for keeping track of this is correct.
2023-02-16Merge bitcoin/bitcoin#24149: Signing support for Miniscript Descriptorsfanquake
6c7a17a8e0eec377f83ed1399f003ae70b898270 psbt: support externally provided preimages for Miniscript satisfaction (Antoine Poinsot) 840a396029316896beda46600aec3c1af09a899c qa: add a "smart" Miniscript fuzz target (Antoine Poinsot) 17e3547241d593bc92c5c6b36c54284d9d9f3feb qa: add a fuzz target generating random nodes from a binary encoding (Antoine Poinsot) 611e12502a5887ffb751bb92fadaa334d484824b qa: functional test Miniscript signing with key and timelocks (Antoine Poinsot) d57b7f2021d2369f6e88cdf0f562aab27c51beaf refactor: make descriptors in Miniscript functional test more readable (Antoine Poinsot) 0a8fc9e200b5018c1efd6f9126eb405ca0beeea3 wallet: check solvability using descriptor in AvailableCoins (Antoine Poinsot) 560e62b1e221832ae99ff8684559a7b8f9df84a7 script/sign: signing support for Miniscripts with hash preimage challenges (Antoine Poinsot) a2f81b6a8f1ff3b0750711409c7538812a52ef40 script/sign: signing support for Miniscript with timelocks (Antoine Poinsot) 61c6d1a8440db09c44d7fd367a6f2c641ea93d40 script/sign: basic signing support for Miniscript descriptors (Antoine Poinsot) 4242c1c52127df3a24be0c15b88d4fc463af04fc Align 'e' property of or_d and andor with website spec (Pieter Wuille) f5deb417804b9f267830bd40177677987df4526d Various additional explanations of the satisfaction logic from Pieter (Pieter Wuille) 22c5b00345063bdeb8b6d3da8b5692d18f92bfb7 miniscript: satisfaction support (Antoine Poinsot) Pull request description: This makes the Miniscript descriptors solvable. Note this introduces signing support for much more complex scripts than the wallet was previously able to solve, and the whole tooling isn't provided for a complete Miniscript integration in the wallet. Particularly, the PSBT<->Miniscript integration isn't entirely covered in this PR. ACKs for top commit: achow101: ACK 6c7a17a8e0eec377f83ed1399f003ae70b898270 sipa: utACK 6c7a17a8e0eec377f83ed1399f003ae70b898270 (to the extent that it's not my own code). Tree-SHA512: a71ec002aaf66bd429012caa338fc58384067bcd2f453a46e21d381ed1bacc8e57afb9db57c0fb4bf40de43b30808815e9ebc0ae1fbd9e61df0e7b91a17771cc
2023-02-11Align 'e' property of or_d and andor with website specPieter Wuille
2023-02-11Various additional explanations of the satisfaction logic from PieterPieter Wuille
Cherry-picked and squashed from https://github.com/sipa/bitcoin/commits/202302_miniscript_improve. - Explain thresh() and multi() satisfaction algorithms - Comment on and_v dissatisfaction - Mark overcomplete thresh() dissats as malleable and explain - Add comment on unnecessity of Malleable() in and_b dissat
2023-02-11miniscript: satisfaction supportAntoine Poinsot
This introduces the logic to "sign for" a Miniscript. Co-Authored-By: Pieter Wuille <pieter.wuille@gmail.com>
2023-01-18clang-tidy: Fix `performance-no-automatic-move` in headersHennadii Stepanov
See https://clang.llvm.org/extra/clang-tidy/checks/performance/no-automatic-move.html
2022-12-24scripted-diff: Bump copyright headersHennadii Stepanov
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: - 2021: f47dda2c58b5d8d623e0e7ff4e74bc352dfa83d7 - 2020: fa0074e2d82928016a43ca408717154a1c70a4db - 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2022-09-23refactor: use <cstdlib> over stdlib.hfanquake
We currently use both. Consolidate on the former.
2022-09-21Correct sanity-checking script_size calculationPieter Wuille
2022-09-17Make miniscript string parsing account for exact script size as boundPieter Wuille
Co-Authored-by: Antoine Poinsot <darosior@protonmail.com>
2022-09-17Permit delaying duplicate key check in miniscript::Node constructionPieter Wuille
2022-07-14miniscript: add a helper to find the first insane sub with no childAntoine Poinsot
This is helpful for finer grained descriptor parsing error: when there are multiple errors to report in a Miniscript descriptor start with the "smallest" fragments: the ones closer to be a leaf. Co-Authored-By: Pieter Wuille <pieter@wuille.net>
2022-07-14miniscript: don't check for top level validity at parsing timeAntoine Poinsot
Letting the caller perform the checks allows for finer-grained error reporting.
2022-05-30miniscript: rename IsSane and IsSaneSubexpression to prevent misuseAntoine Poinsot
2022-05-30miniscript: nit: don't return after assert(false)Antoine Poinsot
2022-05-30miniscript: add an OpCode typedef for readabilityAntoine Poinsot
Suggested-by: Vincenzo Palazzo
2022-05-30miniscript: mark nodes with duplicate keys as insaneAntoine Poinsot
As stated on the website, duplicate keys make it hard to reason about malleability as a single signature may unlock multiple paths. We use a custom KeyCompare function instead of operator< to be explicit about the requirement.
2022-04-28miniscript: tiny doc fixupsAntoine Poinsot
Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
2022-04-28miniscript: split ValidSatisfactions from IsSaneAntoine Poinsot
This makes IsSane clearer. It is useful to differentiate between 'potential non-malleable satisfactions are valid' and 'such satisfactions exist' for testing. Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
2022-04-28miniscript: introduce a CheckTimeLocksMix helperAntoine Poinsot
This helps to have finer-grained descriptor parsing errors.
2022-04-28miniscript: use optional instead of bool/outargAntoine Poinsot
Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
2022-04-28miniscript: make equality operator non-recursiveAntoine Poinsot
Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
2022-04-28scripted-diff: miniscript: rename 'nodetype' variables to 'fragment'Antoine Poinsot
The 'Fragment' type was previously named 'Nodetype'. For clarity, name the variables the same. -BEGIN VERIFY SCRIPT- sed -i 's/nodetype/fragment/g' src/script/miniscript.* -END VERIFY SCRIPT- Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>