From 06442549f8b725f46c1c727e9eb6fde6b843503c Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Sun, 26 Apr 2020 20:01:46 +0800
Subject: validation: Add minimum witness commitment size constant

Per BIP 141, the witness commitment structure is atleast 38 bytes,
OP_RETURN (0x6a) + 36 (0x24) + 4 byte header (0xaa21a9ed) + 32 byte
SHA256 hash. It can be longer, however any additional data has no
consensus meaning.
---
 src/validation.cpp | 11 +++++++++--
 src/validation.h   |  2 ++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/validation.cpp b/src/validation.cpp
index 25975e3e31..8f873bb3a6 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -3386,7 +3386,14 @@ int GetWitnessCommitmentIndex(const CBlock& block)
     int commitpos = -1;
     if (!block.vtx.empty()) {
         for (size_t o = 0; o < block.vtx[0]->vout.size(); o++) {
-            if (block.vtx[0]->vout[o].scriptPubKey.size() >= 38 && block.vtx[0]->vout[o].scriptPubKey[0] == OP_RETURN && block.vtx[0]->vout[o].scriptPubKey[1] == 0x24 && block.vtx[0]->vout[o].scriptPubKey[2] == 0xaa && block.vtx[0]->vout[o].scriptPubKey[3] == 0x21 && block.vtx[0]->vout[o].scriptPubKey[4] == 0xa9 && block.vtx[0]->vout[o].scriptPubKey[5] == 0xed) {
+            const CTxOut& vout = block.vtx[0]->vout[o];
+            if (vout.scriptPubKey.size() >= MINIMUM_WITNESS_COMMITMENT &&
+                vout.scriptPubKey[0] == OP_RETURN &&
+                vout.scriptPubKey[1] == 0x24 &&
+                vout.scriptPubKey[2] == 0xaa &&
+                vout.scriptPubKey[3] == 0x21 &&
+                vout.scriptPubKey[4] == 0xa9 &&
+                vout.scriptPubKey[5] == 0xed) {
                 commitpos = o;
             }
         }
@@ -3417,7 +3424,7 @@ std::vector<unsigned char> GenerateCoinbaseCommitment(CBlock& block, const CBloc
             CHash256().Write(witnessroot.begin(), 32).Write(ret.data(), 32).Finalize(witnessroot.begin());
             CTxOut out;
             out.nValue = 0;
-            out.scriptPubKey.resize(38);
+            out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
             out.scriptPubKey[0] = OP_RETURN;
             out.scriptPubKey[1] = 0x24;
             out.scriptPubKey[2] = 0xaa;
diff --git a/src/validation.h b/src/validation.h
index 91b1ba6497..0169362768 100644
--- a/src/validation.h
+++ b/src/validation.h
@@ -92,6 +92,8 @@ static const unsigned int DEFAULT_CHECKLEVEL = 3;
 // one 128MB block file + added 15% undo data = 147MB greater for a total of 545MB
 // Setting the target to >= 550 MiB will make it likely we can respect the target.
 static const uint64_t MIN_DISK_SPACE_FOR_BLOCK_FILES = 550 * 1024 * 1024;
+/** Minimum size of a witness commitment structure. Defined in BIP 141. **/
+static constexpr size_t MINIMUM_WITNESS_COMMITMENT{38};
 
 struct BlockHasher
 {
-- 
cgit v1.2.3


From 692f8307fc1449299b90182e7d79efb81a55d7ab Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Mon, 27 Apr 2020 11:48:30 +0800
Subject: test: add test for witness commitment index

As per BIP 141, if there is more than 1 pubkey that matches the witness
commitment structure, the one with the highest output index should be
chosen. This adds a sanity check that we are doing that, which will fail
if anyone trys to "optimise" GetWitnessCommitmentIndex() be returning
early.
---
 src/test/validation_block_tests.cpp | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/src/test/validation_block_tests.cpp b/src/test/validation_block_tests.cpp
index b8af869b8e..c345f1eafb 100644
--- a/src/test/validation_block_tests.cpp
+++ b/src/test/validation_block_tests.cpp
@@ -340,4 +340,38 @@ BOOST_AUTO_TEST_CASE(mempool_locks_reorg)
         rpc_thread.join();
     }
 }
+
+BOOST_AUTO_TEST_CASE(witness_commitment_index)
+{
+    CScript pubKey;
+    pubKey << 1 << OP_TRUE;
+    auto ptemplate = BlockAssembler(*m_node.mempool, Params()).CreateNewBlock(pubKey);
+    CBlock pblock = ptemplate->block;
+
+    CTxOut witness;
+    witness.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
+    witness.scriptPubKey[0] = OP_RETURN;
+    witness.scriptPubKey[1] = 0x24;
+    witness.scriptPubKey[2] = 0xaa;
+    witness.scriptPubKey[3] = 0x21;
+    witness.scriptPubKey[4] = 0xa9;
+    witness.scriptPubKey[5] = 0xed;
+
+    // A witness larger than the minimum size is still valid
+    CTxOut min_plus_one = witness;
+    min_plus_one.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT + 1);
+
+    CTxOut invalid = witness;
+    invalid.scriptPubKey[0] = OP_VERIFY;
+
+    CMutableTransaction txCoinbase(*pblock.vtx[0]);
+    txCoinbase.vout.resize(4);
+    txCoinbase.vout[0] = witness;
+    txCoinbase.vout[1] = witness;
+    txCoinbase.vout[2] = min_plus_one;
+    txCoinbase.vout[3] = invalid;
+    pblock.vtx[0] = MakeTransactionRef(std::move(txCoinbase));
+
+    BOOST_CHECK_EQUAL(GetWitnessCommitmentIndex(pblock), 2);
+}
 BOOST_AUTO_TEST_SUITE_END()
-- 
cgit v1.2.3