aboutsummaryrefslogtreecommitdiff
path: root/src/script
AgeCommit message (Collapse)Author
2018-02-16Assert CPubKey::ValidLength to the pubkey's header-relevent sizeBen Woosley
Previously this was an inline test where the specificity was probably judged overly specific. As a class method it makes sense to maintain consistency. And replace some magic values with their constant equivalents.
2018-02-11Fix a-vs-an typospracticalswift
2018-02-08Merge #12298: Refactor HaveKeys to early return on false resultWladimir J. van der Laan
5bdbbdc Refactor HaveKeys to early return on false result (João Barbosa) Pull request description: This consists in a trivial change where the return type of `HaveKeys()` is now `bool` meaning that it returns whether all keys are in the keystore, and early returns when one isn't. Tree-SHA512: 03e35ea8486404b84884b49f6905c9f4fc161a3eeef080b06482d77985d5242a2bdd57a34b8d16abe19ee8c6cfa3e6fbcb935c73197d53f4cd468a2c7c0b889b
2018-02-07Merge #10498: Use static_cast instead of C-style casts for non-fundamental typesMarcoFalke
9ad6746ccd Use static_cast instead of C-style casts for non-fundamental types (practicalswift) Pull request description: A C-style cast is equivalent to try casting in the following order: 1. `const_cast(...)` 2. `static_cast(...)` 3. `const_cast(static_cast(...))` 4. `reinterpret_cast(...)` 5. `const_cast(reinterpret_cast(...))` By using `static_cast<T>(...)` explicitly we avoid the possibility of an unintentional and dangerous `reinterpret_cast`. Furthermore `static_cast<T>(...)` allows for easier grepping of casts. For a more thorough discussion, see ["ES.49: If you must use a cast, use a named cast"](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#es49-if-you-must-use-a-cast-use-a-named-cast) in the C++ Core Guidelines (Stroustrup & Sutter). Tree-SHA512: bd6349b7ea157da93a47b8cf238932af5dff84731374ccfd69b9f732fabdad1f9b1cdfca67497040f14eaa85346391404f4c0495e22c467f26ca883cd2de4d3c
2018-01-29Refactor HaveKeys to early return on false resultJoão Barbosa
2018-01-10Merge #11403: SegWit wallet supportJonas Schnelli
b224a47a1 Add address_types test (Pieter Wuille) 7ee54fd7c Support downgrading after recovered keypool witness keys (Pieter Wuille) 940a21932 SegWit wallet support (Pieter Wuille) f37c64e47 Implicitly know about P2WPKH redeemscripts (Pieter Wuille) 57273f2b3 [test] Serialize CTransaction with witness by default (Pieter Wuille) cf2c0b6f5 Support P2WPKH and P2SH-P2WPKH in dumpprivkey (Pieter Wuille) 37c03d3e0 Support P2WPKH addresses in create/addmultisig (Pieter Wuille) 3eaa003c8 Extend validateaddress information for P2SH-embedded witness (Pieter Wuille) 30a27dc5b Expose method to find key for a single-key destination (Pieter Wuille) 985c79552 Improve witness destination types and use them more (Pieter Wuille) cbe197470 [refactor] GetAccount{PubKey,Address} -> GetAccountDestination (Pieter Wuille) 0c8ea6380 Abstract out IsSolvable from Witnessifier (Pieter Wuille) Pull request description: This implements a minimum viable implementation of SegWit wallet support, based on top of #11389, and includes part of the functionality from #11089. Two new configuration options are added: * `-addresstype`, with options `legacy`, `p2sh`, and `bech32`. It controls what kind of addresses are produced by `getnewaddress`, `getaccountaddress`, and `createmultisigaddress`. * `-changetype`, with the same options, and by default equal to `-addresstype`, that controls what kind of change is used. All wallet private and public keys can be used for any type of address. Support for address types dependent on different derivation paths will need a major overhaul of how our internal detection of outputs work. I expect that that will happen for a next major version. The above also applies to imported keys, as having a distinction there but not for normal operations is a disaster for testing, and probably for comprehension of users. This has some ugly effects, like needing to associate the provided label to `importprivkey` with each style address for the corresponding key. To deal with witness outputs requiring a corresponding redeemscript in wallet, three approaches are used: * All SegWit addresses created through `getnewaddress` or multisig RPCs explicitly get their redeemscripts added to the wallet file. This means that downgrading after creating a witness address will work, as long as the wallet file is up to date. * All SegWit keys in the wallet get an _implicit_ redeemscript added, without it being written to the file. This means recovery of an old backup will work, as long as you use new software. * All keypool keys that are seen used in transactions explicitly get their redeemscripts added to the wallet files. This means that downgrading after recovering from a backup that includes a witness address will work. These approaches correspond to solutions 3a, 1a, and 5a respectively from https://gist.github.com/sipa/125cfa1615946d0c3f3eec2ad7f250a2. As argued there, there is no full solution for dealing with the case where you both downgrade and restore a backup, so that's also not implemented. `dumpwallet`, `importwallet`, `importmulti`, `signmessage` and `verifymessage` don't work with SegWit addresses yet. They're remaining TODOs, for this PR or a follow-up. Because of that, several tests unexpectedly run with `-addresstype=legacy` for now. Tree-SHA512: d425dbe517c0422061ab8dacdc3a6ae47da071450932ed992c79559d922dff7b2574a31a8c94feccd3761c1dffb6422c50055e6dca8e3cf94a169bc95e39e959
2018-01-03Extend validateaddress information for P2SH-embedded witnessPieter Wuille
This adds new fields 'pubkeys' and 'embedded' to the RPC's output, and improves the documentation for previously added 'witness_version' and 'witness_program' fields.
2018-01-03Improve witness destination types and use them morePieter Wuille
2018-01-03Abstract out IsSolvable from WitnessifierPieter Wuille
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-12-20Merge #10657: Utils: Improvements to ECDSA key-handling codeWladimir J. van der Laan
63179d0 Scope the ECDSA constant sizes to CPubKey / CKey classes (Jack Grigg) 1ce9f0a Ensure that ECDSA constant sizes are correctly-sized (Jack Grigg) 48abe78 Remove redundant `= 0` initialisations (Jack Grigg) 17fa391 Specify ECDSA constant sizes as constants (Jack Grigg) e4a1086 Update Debian copyright list (Jack Grigg) e181dbe Add comments (Jack Grigg) a3603ac Fix potential overflows in ECDSA DER parsers (Jack Grigg) Pull request description: Mostly trivial, but includes fixes to potential overflows in the ECDSA DER parsers. Cherry-picked from Zcash PR https://github.com/zcash/zcash/pull/2335 Tree-SHA512: 8fcbd51b0bd6723e5d33fa5d592f7cb68ed182796a9b837ecc8217991ad69d6c970258617dc00eb378c8caa4cec5d6b304d9d2c066acd40cda98e4da68e0caa4
2017-12-12Merge #10574: Remove includes in .cpp files for things the corresponding .h ↵Wladimir J. van der Laan
file already included a720b92 Remove includes in .cpp files for things the corresponding .h file already included (practicalswift) Pull request description: Remove includes in .cpp files for things the corresponding .h file already included. Example case: * `addrdb.cpp` includes `addrdb.h` and `fs.h` * `addrdb.h` includes `fs.h` Then remove the direct inclusion of `fs.h` in `addrman.cpp` and rely on the indirect inclusion of `fs.h` via the included `addrdb.h`. In line with the header include guideline (see #10575). Tree-SHA512: 8704b9de3011a4c234db336a39f7d2c139e741cf0f7aef08a5d3e05197e1e18286b863fdab25ae9638af4ff86b3d52e5cab9eed66bfa2476063aa5c79f9b0346
2017-12-12Merge #10699: Make all script validation flags backward compatibleWladimir J. van der Laan
01013f5 Simplify tx validation tests (Pieter Wuille) 2dd6f80 Add a test that all flags are softforks (Pieter Wuille) 2851b77 Make all script verification flags softforks (Pieter Wuille) Pull request description: This change makes `SCRIPT_VERIFY_UPGRADABLE_NOPS` not apply to `OP_CHECKLOCKTIMEVERIFY` and `OP_CHECKSEQUENCEVERIFY`. This is a no-op as `UPGRADABLE_NOPS` is only set for mempool transactions, and those always have `SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY` and `SCRIPT_VERIFY_CHECKSEQUENCEVERIFY` set as well. The advantage is that setting more flags now always results in a reduction in acceptable scripts (=softfork). This results in a nice and testable property for validation, for which a new test is added. This also means that the introduction of a new definition for a NOP or witness version will likely need the following procedure (example OP_NOP8 here) * Remove OP_NOP8 from being affected by `SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS`. * Add a `SCRIPT_VERIFY_DISCOURAGE_NOP8`, which only applies to `OP_NOP8`. * Add a `SCRIPT_VERIFY_NOP8` which implements the new consensus logic. * Before activation, add `SCRIPT_VERIFY_DISCOURAGE_NOP8` to the mempool flags. * After activation, add `SCRIPT_VERIFY_NOP8` to both the mempool and consensus flags. Tree-SHA512: d3b4538986ecf646aac9dba13a8d89318baf9e308e258547ca3b99e7c0509747f323edac6b1fea4e87e7d3c01b71193794b41679ae4f86f6e11ed6be3fd62c72
2017-11-16Remove includes in .cpp files for things the corresponding .h file already ↵practicalswift
included
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-10-05Merge #9572: Skip witness sighash cache for non-segwit transactionsWladimir J. van der Laan
0da49b5 Skip precompute sighash for transactions without witness (Johnson Lau) Pull request description: This saves unnecessary hash caching for non-segwit transactions, but I am not sure if the difference is noticeable. Tree-SHA512: 5cd733a729a52a45781510b3572b26e76837a94155caa14311c6d23a27a12e9613ff278dfc2592e21f640202782f22c5ad00fca85c4de5efacaa617c48ccb08d
2017-10-02Merge #11411: script: Change SignatureHash input index check to an assert.Wladimir J. van der Laan
5ddf560 script: Change SignatureHash input index check to an assert. (Jim Posen) Pull request description: In the SignatureHash function, the input index must refer to a valid index. This is not enforced equally in the segwit/non-segwit branches and should be an assertion rather than returning a error hash. Tree-SHA512: a775fc9e9bd9835c0ab36368aa45ab3d53e38f31fd4d2b8684a77ee6028c854c363df038681a59358b30138957573ad63b71d4a722c16e0830fb4fa72669ef39
2017-10-02Merge #11284: Fix invalid memory access in CScript::operator+= ↵Wladimir J. van der Laan
(guidovranken, ajtowns) d601f16 Fix invalid memory access in CScript::operator+= (Anthony Towns) Pull request description: This is a fix for #11114 -- invoking "s += s" gets turned into "s.insert(s.end(), s.begin(), s.end())" which can result in an invalid memory access is s.capacity() < 2*s.size() (because s gets resized and possibly moved, so s.begin() and s.end() become invalid references when reading the values to be appended). The fix is straightforward: reserve enough space in advance, so that insert() doesn't need to resize and thus its arguments remain valid. A simple test case is added as well; though you probably need to run it via valgrind to actually catch the problem when it's not fixed... Tree-SHA512: 4720d0c17463fdc43b344c45fe603423d20b30d48da1b9d85eeedc505d7f34db1ed5495ef1556459ae962a94717e3c6e8fc441763771901efea210d01322b7ef
2017-09-29Add error string for CLEANSTACK script violation, preventing an "unknown ↵Mark Friedenbach
error" if the CLEANSTACK error condition is set.
2017-09-28Implement BIP173 addresses and testsPieter Wuille
2017-09-27script: Change SignatureHash input index check to an assert.Jim Posen
In the SignatureHash function, the input index must refer to a valid index. This is not enforced equally in the segwit/non-segwit branches and should be an assertion rather than returning a error hash.
2017-09-22Use static_cast instead of C-style casts for non-fundamental typespracticalswift
A C-style cast is equivalent to try casting in the following order: 1. const_cast(...) 2. static_cast(...) 3. const_cast(static_cast(...)) 4. reinterpret_cast(...) 5. const_cast(reinterpret_cast(...)) By using static_cast<T>(...) explicitly we avoid the possibility of an unintentional and dangerous reinterpret_cast. Furthermore static_cast<T>(...) allows for easier grepping of casts.
2017-09-21[script] Unit tests for IsMineJim Posen
Does not test watch-only addresses.
2017-09-11Fix invalid memory access in CScript::operator+=Anthony Towns
2017-09-08Merge #10793: Changing &var[0] to var.data()Wladimir J. van der Laan
592404f03 Changing &vec[0] to vec.data(), what 9804 missed (MeshCollider) Pull request description: This just continues the work of https://github.com/bitcoin/bitcoin/pull/9804 Modifies a lot of `&vector[]`'s to `vector.data()`'s across all the files including tests, just the stuff that 9804 missed Tree-SHA512: dd1a9dffb999dea4fba78dcc91fe02f90250db86f5c74948e1ff3e8b4036b2154b600555eaa04dece5368920aae3513bc36425dc96e4319ca1041b0928a6b656
2017-09-08Changing &vec[0] to vec.data(), what 9804 missedMeshCollider
2017-09-06Introduce wrappers around CBitcoinAddressPieter Wuille
This patch removes the need for the intermediary Base58 type CBitcoinAddress, by providing {Encode,Decode,IsValid}Destination function that directly operate on the conversion between strings and CTxDestination.
2017-08-18Comments: More comments on functions/globals in standard.h.Jim Posen
2017-08-16Declare single-argument (non-converting) constructors "explicit"practicalswift
In order to avoid unintended implicit conversions.
2017-08-16Merge #11011: [Trivial] Add a comment on the use of prevector in script.MarcoFalke
08f71c29e [Trivial] Add a comment on the use of prevector in script. (Gregory Maxwell) Pull request description: Tree-SHA512: 020981516e67e576685eb9a8532178fb97d1780af409fc86d869cd05c293c0c823c26e838cf544d18610f5a3f479ce3e47d2ccb95fb1c4e55fe9e7ceb354f20b
2017-08-14scripted-diff: stop using the gArgs wrappersMarko Bencun
They were temporary additions to ease the transition. -BEGIN VERIFY SCRIPT- find src/ -name "*.cpp" ! -wholename "src/util.h" ! -wholename "src/util.cpp" | xargs perl -i -pe 's/(?<!\.)(ParseParameters|ReadConfigFile|IsArgSet|(Soft|Force)?(Get|Set)(|Bool|)Arg(s)?)\(/gArgs.\1(/g' -END VERIFY SCRIPT-
2017-08-12[Trivial] Add a comment on the use of prevector in script.Gregory Maxwell
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-07-17Add commentsJack Grigg
2017-07-07Avoid dereference-of-casted-pointerPieter Wuille
2017-07-04Merge #10193: scripted-diff: Remove #include <boost/foreach.hpp>Wladimir J. van der Laan
b1268a1 clang-format: Delete ForEachMacros (Jorge Timón) 5995735 scripted-diff: Remove #include <boost/foreach.hpp> (Jorge Timón) 3eff827 scripted-diff: Remove BOOST_REVERSE_FOREACH (Jorge Timón) 33aed5b Fix const_reverse_iterator constructor (pass const ptr) (Jorge Timón) 300851e Introduce src/reverse_iterator.hpp and include it... (Jorge Timón) Tree-SHA512: df3405328e9602d0a433ac134ba59a5c9a6202ef64188df2f94a59b2ce58dec7c988b25d0671c7937de516a96b2e6daeb9d04c82fa363b616ee4cf6e9cb0fac6
2017-06-30Make all script verification flags softforksPieter Wuille
2017-06-29Merge #10192: Cache full script execution results in addition to signaturesWladimir J. van der Laan
e3f9c05 Add CheckInputs() unit tests (Suhas Daftuar) a3543af Better document CheckInputs parameter meanings (Matt Corallo) 309ee1a Update -maxsigcachesize doc clarify init logprints for it (Matt Corallo) b014668 Add CheckInputs wrapper CCoinsViewMemPool -> non-consensus-critical (Matt Corallo) eada04e Do not print soft-fork-script warning with -promiscuousmempool (Matt Corallo) b5fea8d Cache full script execution results in addition to signatures (Matt Corallo) 6d22b2b Pull script verify flags calculation out of ConnectBlock (Matt Corallo) Tree-SHA512: 0c6c3c79c64fcb21e17ab60290c5c96d4fac11624c49f841a4201eec21cb480314c52a07d1e3abd4f9c764785cc57bfd178511f495aa0469addb204e96214fe4
2017-06-28Use the override specifier (C++11) where we expect to be overriding the ↵practicalswift
virtual function of a base class
2017-06-26Merge #9544: [trivial] Add end of namespace comments. Improve consistency.Wladimir J. van der Laan
5a9b508 [trivial] Add end of namespace comments (practicalswift) Tree-SHA512: 92b0fcae4d1d3f4da9e97569ae84ef2d6e09625a5815cd0e5f0eb6dd2ecba9852fa85c184c5ae9de5117050330ce995e9867b451fa8cd5512169025990541a2b
2017-06-22Update -maxsigcachesize doc clarify init logprints for itMatt Corallo
2017-06-22scripted-diff: Remove #include <boost/foreach.hpp>Jorge Timón
-BEGIN VERIFY SCRIPT- sed -i ':a;N;$!ba;s/#include <boost\/foreach.hpp>\n//' ./src/*.h ./src/*.cpp ./src/*/*.h ./src/*/*.cpp ./src/*/*/*.h ./src/*/*/*.cpp -END VERIFY SCRIPT-
2017-06-13Merge #10502: scripted-diff: Remove BOOST_FOREACH, Q_FOREACH and PAIRTYPEPieter Wuille
1238f13cf scripted-diff: Remove PAIRTYPE (Jorge Timón) 18dc3c396 scripted-diff: Remove Q_FOREACH (Jorge Timón) 7c00c2672 scripted-diff: Fully remove BOOST_FOREACH (Jorge Timón) a5410ac5e Small preparations for Q_FOREACH, PAIRTYPE and #include <boost/foreach.hpp> removal (Jorge Timón) Tree-SHA512: d3ab4a173366402e7dcef31608977b757d4aa07abbbad2ee1bcbcfa311e994a4552f24e5a55272cb22c2dcf89a4b0495e02e9d9aceae4b08c0bab668f20e324c
2017-06-13Merge #10534: Clarify prevector::erase and avoid swap-to-clearWladimir J. van der Laan
e241a63 Clarify prevector::erase and avoid swap-to-clear (Pieter Wuille) Tree-SHA512: fa7602038feb4417158df13ee7c0351673acf38f8a824e75889710344c46a9b8d5f6059faeb521f73e48b7ad3e1a238a9e433e4b44f7c3b9085ff08ef65271fa
2017-06-09Clarify prevector::erase and avoid swap-to-clearPieter Wuille
2017-06-09Merge #10521: Limit variable scopePieter Wuille
90593ed92 Limit variable scope (practicalswift) Tree-SHA512: 4719e303688a31aefbe1d239e86b21dd3c2045524e08bd628c6ba0c6c2a97de14d04305b9beafe0b1dcde7229793e6663168953f192e88ed409be5c30fd2a9a9
2017-06-07Sanity check transaction scripts in DecodeHexTxAndrew Chow
Make sure that the scripts of decoded transactions are valid scripts.
2017-06-07Add a valid opcode sanity check to CScriptAndrew Chow
Added a function in CScript that checks if the script contains valid opcodes. Add a test for that function
2017-06-07Cache full script execution results in addition to signaturesMatt Corallo
This adds a new CuckooCache in validation, caching whether all of a transaction's scripts were valid with a given set of script flags. Unlike previous attempts at caching an entire transaction's validity, which have nearly universally introduced consensus failures, this only caches the validity of a transaction's scriptSigs. As these are pure functions of the transaction and data it commits to, this should be much safer. This is somewhat duplicative with the sigcache, as entries in the new cache will also have several entries in the sigcache. However, the sigcache is kept both as ATMP relies on it and because it prevents malleability-based DoS attacks on the new higher-level cache. Instead, the -sigcachesize option is re-used - cutting the sigcache size in half and using the newly freed memory for the script execution cache. Transactions which match the script execution cache never even have entries in the script check thread's workqueue created. Note that the cache is indexed only on the script execution flags and the transaction's witness hash. While this is sufficient to make the CScriptCheck() calls pure functions, this introduces dependancies on the mempool calculating things such as the PrecomputedTransactionData object, filling the CCoinsViewCache, etc in the exact same way as ConnectBlock. I belive this is a reasonable assumption, but should be noted carefully. In a rather naive benchmark (reindex-chainstate up to block 284k with cuckoocache always returning true for contains(), -assumevalid=0 and a very large dbcache), this connected blocks ~1.7x faster.
2017-06-05scripted-diff: Remove PAIRTYPEJorge Timón
-BEGIN VERIFY SCRIPT- sed -i 's/PAIRTYPE(\([^,]*\), \([^\)]*\))/std::pair<\1, \2>/' ./src/*.h ./src/*.cpp ./src/*/*.h ./src/*/*.cpp ./src/*/*/*.h ./src/*/*/*.cpp ; sed -i ':a;N;$!ba;s/#define std::pair<t1, t2> std::pair<t1, t2>\n//' ./src/utilstrencodings.h ; -END VERIFY SCRIPT-