2020-09-15 23:30:59 +02:00
|
|
|
// Copyright (c) 2013-2020 The btcsuite developers
|
2015-05-01 22:20:07 +02:00
|
|
|
// Use of this source code is governed by an ISC
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package txscript
|
|
|
|
|
|
|
|
import (
|
2017-01-07 18:31:03 +01:00
|
|
|
"fmt"
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
"github.com/btcsuite/btcd/chaincfg"
|
2016-10-19 02:45:40 +02:00
|
|
|
"github.com/btcsuite/btcd/wire"
|
2015-05-01 22:20:07 +02:00
|
|
|
"github.com/btcsuite/btcutil"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2015-07-20 08:26:05 +02:00
|
|
|
// MaxDataCarrierSize is the maximum number of bytes allowed in pushed
|
2015-05-01 22:20:07 +02:00
|
|
|
// data to be considered a nulldata transaction
|
2015-07-20 08:26:05 +02:00
|
|
|
MaxDataCarrierSize = 80
|
2015-05-01 22:20:07 +02:00
|
|
|
|
|
|
|
// StandardVerifyFlags are the script flags which are used when
|
|
|
|
// executing transaction scripts to enforce additional checks which
|
|
|
|
// are required for the script to be considered standard. These checks
|
|
|
|
// help reduce issues related to transaction malleability as well as
|
|
|
|
// allow pay-to-script hash transactions. Note these flags are
|
|
|
|
// different than what is required for the consensus rules in that they
|
|
|
|
// are more strict.
|
|
|
|
//
|
|
|
|
// TODO: This definition does not belong here. It belongs in a policy
|
|
|
|
// package.
|
|
|
|
StandardVerifyFlags = ScriptBip16 |
|
|
|
|
ScriptVerifyDERSignatures |
|
|
|
|
ScriptVerifyStrictEncoding |
|
|
|
|
ScriptVerifyMinimalData |
|
|
|
|
ScriptStrictMultiSig |
|
|
|
|
ScriptDiscourageUpgradableNops |
|
2015-10-09 21:30:12 +02:00
|
|
|
ScriptVerifyCleanStack |
|
2016-11-18 04:08:06 +01:00
|
|
|
ScriptVerifyNullFail |
|
2015-10-05 18:11:56 +02:00
|
|
|
ScriptVerifyCheckLockTimeVerify |
|
2015-10-23 23:05:24 +02:00
|
|
|
ScriptVerifyCheckSequenceVerify |
|
2016-10-19 03:02:00 +02:00
|
|
|
ScriptVerifyLowS |
|
2016-10-19 03:03:51 +02:00
|
|
|
ScriptStrictMultiSig |
|
2016-10-19 03:02:00 +02:00
|
|
|
ScriptVerifyWitness |
|
2017-04-27 01:32:47 +02:00
|
|
|
ScriptVerifyDiscourageUpgradeableWitnessProgram |
|
|
|
|
ScriptVerifyMinimalIf |
|
|
|
|
ScriptVerifyWitnessPubKeyType
|
2015-05-01 22:20:07 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
// ScriptClass is an enumeration for the list of standard types of script.
|
|
|
|
type ScriptClass byte
|
|
|
|
|
|
|
|
// Classes of script payment known about in the blockchain.
|
|
|
|
const (
|
2016-10-19 02:45:40 +02:00
|
|
|
NonStandardTy ScriptClass = iota // None of the recognized forms.
|
|
|
|
PubKeyTy // Pay pubkey.
|
|
|
|
PubKeyHashTy // Pay pubkey hash.
|
|
|
|
WitnessV0PubKeyHashTy // Pay witness pubkey hash.
|
|
|
|
ScriptHashTy // Pay to script hash.
|
|
|
|
WitnessV0ScriptHashTy // Pay to witness script hash.
|
|
|
|
MultiSigTy // Multi signature.
|
|
|
|
NullDataTy // Empty data-only (provably prunable).
|
2020-09-15 23:30:59 +02:00
|
|
|
WitnessUnknownTy // Witness unknown
|
2015-05-01 22:20:07 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
// scriptClassToName houses the human-readable strings which describe each
|
|
|
|
// script class.
|
|
|
|
var scriptClassToName = []string{
|
2016-10-19 02:45:40 +02:00
|
|
|
NonStandardTy: "nonstandard",
|
|
|
|
PubKeyTy: "pubkey",
|
|
|
|
PubKeyHashTy: "pubkeyhash",
|
|
|
|
WitnessV0PubKeyHashTy: "witness_v0_keyhash",
|
|
|
|
ScriptHashTy: "scripthash",
|
|
|
|
WitnessV0ScriptHashTy: "witness_v0_scripthash",
|
|
|
|
MultiSigTy: "multisig",
|
|
|
|
NullDataTy: "nulldata",
|
2020-09-15 23:30:59 +02:00
|
|
|
WitnessUnknownTy: "witness_unknown",
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// String implements the Stringer interface by returning the name of
|
|
|
|
// the enum script class. If the enum is invalid then "Invalid" will be
|
|
|
|
// returned.
|
|
|
|
func (t ScriptClass) String() string {
|
|
|
|
if int(t) > len(scriptClassToName) || int(t) < 0 {
|
|
|
|
return "Invalid"
|
|
|
|
}
|
|
|
|
return scriptClassToName[t]
|
|
|
|
}
|
|
|
|
|
|
|
|
// isPubkey returns true if the script passed is a pay-to-pubkey transaction,
|
|
|
|
// false otherwise.
|
|
|
|
func isPubkey(pops []parsedOpcode) bool {
|
|
|
|
// Valid pubkeys are either 33 or 65 bytes.
|
|
|
|
return len(pops) == 2 &&
|
|
|
|
(len(pops[0].data) == 33 || len(pops[0].data) == 65) &&
|
|
|
|
pops[1].opcode.value == OP_CHECKSIG
|
|
|
|
}
|
|
|
|
|
|
|
|
// isPubkeyHash returns true if the script passed is a pay-to-pubkey-hash
|
|
|
|
// transaction, false otherwise.
|
|
|
|
func isPubkeyHash(pops []parsedOpcode) bool {
|
|
|
|
return len(pops) == 5 &&
|
|
|
|
pops[0].opcode.value == OP_DUP &&
|
|
|
|
pops[1].opcode.value == OP_HASH160 &&
|
|
|
|
pops[2].opcode.value == OP_DATA_20 &&
|
|
|
|
pops[3].opcode.value == OP_EQUALVERIFY &&
|
|
|
|
pops[4].opcode.value == OP_CHECKSIG
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
// isMultiSig returns true if the passed script is a multisig transaction, false
|
|
|
|
// otherwise.
|
|
|
|
func isMultiSig(pops []parsedOpcode) bool {
|
|
|
|
// The absolute minimum is 1 pubkey:
|
|
|
|
// OP_0/OP_1-16 <pubkey> OP_1 OP_CHECKMULTISIG
|
|
|
|
l := len(pops)
|
|
|
|
if l < 4 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if !isSmallInt(pops[0].opcode) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if !isSmallInt(pops[l-2].opcode) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if pops[l-1].opcode.value != OP_CHECKMULTISIG {
|
|
|
|
return false
|
|
|
|
}
|
2015-10-22 20:44:26 +02:00
|
|
|
|
|
|
|
// Verify the number of pubkeys specified matches the actual number
|
|
|
|
// of pubkeys provided.
|
|
|
|
if l-2-1 != asSmallInt(pops[l-2].opcode) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
for _, pop := range pops[1 : l-2] {
|
|
|
|
// Valid pubkeys are either 33 or 65 bytes.
|
|
|
|
if len(pop.data) != 33 && len(pop.data) != 65 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// isNullData returns true if the passed script is a null data transaction,
|
|
|
|
// false otherwise.
|
|
|
|
func isNullData(pops []parsedOpcode) bool {
|
|
|
|
// A nulldata transaction is either a single OP_RETURN or an
|
|
|
|
// OP_RETURN SMALLDATA (where SMALLDATA is a data push up to
|
2015-07-20 08:26:05 +02:00
|
|
|
// MaxDataCarrierSize bytes).
|
2015-05-01 22:20:07 +02:00
|
|
|
l := len(pops)
|
|
|
|
if l == 1 && pops[0].opcode.value == OP_RETURN {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
return l == 2 &&
|
|
|
|
pops[0].opcode.value == OP_RETURN &&
|
2016-10-20 05:50:53 +02:00
|
|
|
(isSmallInt(pops[1].opcode) || pops[1].opcode.value <=
|
|
|
|
OP_PUSHDATA4) &&
|
2015-07-20 08:26:05 +02:00
|
|
|
len(pops[1].data) <= MaxDataCarrierSize
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// scriptType returns the type of the script being inspected from the known
|
|
|
|
// standard types.
|
|
|
|
func typeOfScript(pops []parsedOpcode) ScriptClass {
|
|
|
|
if isPubkey(pops) {
|
|
|
|
return PubKeyTy
|
|
|
|
} else if isPubkeyHash(pops) {
|
|
|
|
return PubKeyHashTy
|
2016-10-19 02:45:40 +02:00
|
|
|
} else if isWitnessPubKeyHash(pops) {
|
|
|
|
return WitnessV0PubKeyHashTy
|
2015-05-01 22:20:07 +02:00
|
|
|
} else if isScriptHash(pops) {
|
|
|
|
return ScriptHashTy
|
2016-10-19 02:45:40 +02:00
|
|
|
} else if isWitnessScriptHash(pops) {
|
|
|
|
return WitnessV0ScriptHashTy
|
2015-05-01 22:20:07 +02:00
|
|
|
} else if isMultiSig(pops) {
|
|
|
|
return MultiSigTy
|
|
|
|
} else if isNullData(pops) {
|
|
|
|
return NullDataTy
|
|
|
|
}
|
|
|
|
return NonStandardTy
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetScriptClass returns the class of the script passed.
|
|
|
|
//
|
|
|
|
// NonStandardTy will be returned when the script does not parse.
|
|
|
|
func GetScriptClass(script []byte) ScriptClass {
|
|
|
|
pops, err := parseScript(script)
|
|
|
|
if err != nil {
|
|
|
|
return NonStandardTy
|
|
|
|
}
|
|
|
|
return typeOfScript(pops)
|
|
|
|
}
|
|
|
|
|
2020-09-15 23:30:59 +02:00
|
|
|
// NewScriptClass returns the ScriptClass corresponding to the string name
|
|
|
|
// provided as argument. ErrUnsupportedScriptType error is returned if the
|
|
|
|
// name doesn't correspond to any known ScriptClass.
|
|
|
|
//
|
|
|
|
// Not to be confused with GetScriptClass.
|
|
|
|
func NewScriptClass(name string) (*ScriptClass, error) {
|
|
|
|
for i, n := range scriptClassToName {
|
|
|
|
if n == name {
|
|
|
|
value := ScriptClass(i)
|
|
|
|
return &value, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil, fmt.Errorf("%w: %s", ErrUnsupportedScriptType, name)
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
// expectedInputs returns the number of arguments required by a script.
|
|
|
|
// If the script is of unknown type such that the number can not be determined
|
|
|
|
// then -1 is returned. We are an internal function and thus assume that class
|
|
|
|
// is the real class of pops (and we can thus assume things that were determined
|
|
|
|
// while finding out the type).
|
|
|
|
func expectedInputs(pops []parsedOpcode, class ScriptClass) int {
|
|
|
|
switch class {
|
|
|
|
case PubKeyTy:
|
|
|
|
return 1
|
|
|
|
|
|
|
|
case PubKeyHashTy:
|
|
|
|
return 2
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
case WitnessV0PubKeyHashTy:
|
|
|
|
return 2
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
case ScriptHashTy:
|
|
|
|
// Not including script. That is handled by the caller.
|
|
|
|
return 1
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
case WitnessV0ScriptHashTy:
|
|
|
|
// Not including script. That is handled by the caller.
|
|
|
|
return 1
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
case MultiSigTy:
|
|
|
|
// Standard multisig has a push a small number for the number
|
|
|
|
// of sigs and number of keys. Check the first push instruction
|
|
|
|
// to see how many arguments are expected. typeOfScript already
|
|
|
|
// checked this so we know it'll be a small int. Also, due to
|
|
|
|
// the original bitcoind bug where OP_CHECKMULTISIG pops an
|
|
|
|
// additional item from the stack, add an extra expected input
|
|
|
|
// for the extra push that is required to compensate.
|
|
|
|
return asSmallInt(pops[0].opcode) + 1
|
|
|
|
|
|
|
|
case NullDataTy:
|
|
|
|
fallthrough
|
|
|
|
default:
|
|
|
|
return -1
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ScriptInfo houses information about a script pair that is determined by
|
|
|
|
// CalcScriptInfo.
|
|
|
|
type ScriptInfo struct {
|
|
|
|
// PkScriptClass is the class of the public key script and is equivalent
|
|
|
|
// to calling GetScriptClass on it.
|
|
|
|
PkScriptClass ScriptClass
|
|
|
|
|
|
|
|
// NumInputs is the number of inputs provided by the public key script.
|
|
|
|
NumInputs int
|
|
|
|
|
|
|
|
// ExpectedInputs is the number of outputs required by the signature
|
|
|
|
// script and any pay-to-script-hash scripts. The number will be -1 if
|
|
|
|
// unknown.
|
|
|
|
ExpectedInputs int
|
|
|
|
|
|
|
|
// SigOps is the number of signature operations in the script pair.
|
|
|
|
SigOps int
|
|
|
|
}
|
|
|
|
|
|
|
|
// CalcScriptInfo returns a structure providing data about the provided script
|
|
|
|
// pair. It will error if the pair is in someway invalid such that they can not
|
|
|
|
// be analysed, i.e. if they do not parse or the pkScript is not a push-only
|
|
|
|
// script
|
2016-10-19 02:45:40 +02:00
|
|
|
func CalcScriptInfo(sigScript, pkScript []byte, witness wire.TxWitness,
|
|
|
|
bip16, segwit bool) (*ScriptInfo, error) {
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
sigPops, err := parseScript(sigScript)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
pkPops, err := parseScript(pkScript)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Push only sigScript makes little sense.
|
|
|
|
si := new(ScriptInfo)
|
|
|
|
si.PkScriptClass = typeOfScript(pkPops)
|
|
|
|
|
2017-01-07 18:31:03 +01:00
|
|
|
// Can't have a signature script that doesn't just push data.
|
2015-05-01 22:20:07 +02:00
|
|
|
if !isPushOnly(sigPops) {
|
2017-01-07 18:31:03 +01:00
|
|
|
return nil, scriptError(ErrNotPushOnly,
|
|
|
|
"signature script is not push only")
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
si.ExpectedInputs = expectedInputs(pkPops, si.PkScriptClass)
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
switch {
|
2015-05-01 22:20:07 +02:00
|
|
|
// Count sigops taking into account pay-to-script-hash.
|
2016-10-19 02:45:40 +02:00
|
|
|
case si.PkScriptClass == ScriptHashTy && bip16 && !segwit:
|
2015-05-01 22:20:07 +02:00
|
|
|
// The pay-to-hash-script is the final data push of the
|
|
|
|
// signature script.
|
|
|
|
script := sigPops[len(sigPops)-1].data
|
|
|
|
shPops, err := parseScript(script)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
shInputs := expectedInputs(shPops, typeOfScript(shPops))
|
|
|
|
if shInputs == -1 {
|
|
|
|
si.ExpectedInputs = -1
|
|
|
|
} else {
|
|
|
|
si.ExpectedInputs += shInputs
|
|
|
|
}
|
|
|
|
si.SigOps = getSigOpCount(shPops, true)
|
2016-10-19 02:45:40 +02:00
|
|
|
|
|
|
|
// All entries pushed to stack (or are OP_RESERVED and exec
|
|
|
|
// will fail).
|
|
|
|
si.NumInputs = len(sigPops)
|
|
|
|
|
|
|
|
// If segwit is active, and this is a regular p2wkh output, then we'll
|
|
|
|
// treat the script as a p2pkh output in essence.
|
|
|
|
case si.PkScriptClass == WitnessV0PubKeyHashTy && segwit:
|
|
|
|
|
|
|
|
si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
|
|
|
|
si.NumInputs = len(witness)
|
|
|
|
|
|
|
|
// We'll attempt to detect the nested p2sh case so we can accurately
|
|
|
|
// count the signature operations involved.
|
|
|
|
case si.PkScriptClass == ScriptHashTy &&
|
|
|
|
IsWitnessProgram(sigScript[1:]) && bip16 && segwit:
|
|
|
|
|
|
|
|
// Extract the pushed witness program from the sigScript so we
|
|
|
|
// can determine the number of expected inputs.
|
|
|
|
pkPops, _ := parseScript(sigScript[1:])
|
|
|
|
shInputs := expectedInputs(pkPops, typeOfScript(pkPops))
|
|
|
|
if shInputs == -1 {
|
|
|
|
si.ExpectedInputs = -1
|
|
|
|
} else {
|
|
|
|
si.ExpectedInputs += shInputs
|
|
|
|
}
|
|
|
|
|
|
|
|
si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
|
|
|
|
|
|
|
|
si.NumInputs = len(witness)
|
|
|
|
si.NumInputs += len(sigPops)
|
|
|
|
|
|
|
|
// If segwit is active, and this is a p2wsh output, then we'll need to
|
|
|
|
// examine the witness script to generate accurate script info.
|
|
|
|
case si.PkScriptClass == WitnessV0ScriptHashTy && segwit:
|
|
|
|
// The witness script is the final element of the witness
|
|
|
|
// stack.
|
|
|
|
witnessScript := witness[len(witness)-1]
|
|
|
|
pops, _ := parseScript(witnessScript)
|
|
|
|
|
|
|
|
shInputs := expectedInputs(pops, typeOfScript(pops))
|
|
|
|
if shInputs == -1 {
|
|
|
|
si.ExpectedInputs = -1
|
|
|
|
} else {
|
|
|
|
si.ExpectedInputs += shInputs
|
|
|
|
}
|
|
|
|
|
|
|
|
si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
|
|
|
|
si.NumInputs = len(witness)
|
|
|
|
|
|
|
|
default:
|
2015-05-01 22:20:07 +02:00
|
|
|
si.SigOps = getSigOpCount(pkPops, true)
|
2016-10-19 02:45:40 +02:00
|
|
|
|
|
|
|
// All entries pushed to stack (or are OP_RESERVED and exec
|
|
|
|
// will fail).
|
|
|
|
si.NumInputs = len(sigPops)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return si, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// CalcMultiSigStats returns the number of public keys and signatures from
|
|
|
|
// a multi-signature transaction script. The passed script MUST already be
|
|
|
|
// known to be a multi-signature script.
|
|
|
|
func CalcMultiSigStats(script []byte) (int, int, error) {
|
|
|
|
pops, err := parseScript(script)
|
|
|
|
if err != nil {
|
|
|
|
return 0, 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// A multi-signature script is of the pattern:
|
|
|
|
// NUM_SIGS PUBKEY PUBKEY PUBKEY... NUM_PUBKEYS OP_CHECKMULTISIG
|
|
|
|
// Therefore the number of signatures is the oldest item on the stack
|
|
|
|
// and the number of pubkeys is the 2nd to last. Also, the absolute
|
|
|
|
// minimum for a multi-signature script is 1 pubkey, so at least 4
|
|
|
|
// items must be on the stack per:
|
|
|
|
// OP_1 PUBKEY OP_1 OP_CHECKMULTISIG
|
|
|
|
if len(pops) < 4 {
|
2017-01-07 18:31:03 +01:00
|
|
|
str := fmt.Sprintf("script %x is not a multisig script", script)
|
|
|
|
return 0, 0, scriptError(ErrNotMultisigScript, str)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
numSigs := asSmallInt(pops[0].opcode)
|
|
|
|
numPubKeys := asSmallInt(pops[len(pops)-2].opcode)
|
|
|
|
return numPubKeys, numSigs, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// payToPubKeyHashScript creates a new script to pay a transaction
|
|
|
|
// output to a 20-byte pubkey hash. It is expected that the input is a valid
|
|
|
|
// hash.
|
|
|
|
func payToPubKeyHashScript(pubKeyHash []byte) ([]byte, error) {
|
|
|
|
return NewScriptBuilder().AddOp(OP_DUP).AddOp(OP_HASH160).
|
|
|
|
AddData(pubKeyHash).AddOp(OP_EQUALVERIFY).AddOp(OP_CHECKSIG).
|
|
|
|
Script()
|
|
|
|
}
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
// payToWitnessPubKeyHashScript creates a new script to pay to a version 0
|
|
|
|
// pubkey hash witness program. The passed hash is expected to be valid.
|
|
|
|
func payToWitnessPubKeyHashScript(pubKeyHash []byte) ([]byte, error) {
|
|
|
|
return NewScriptBuilder().AddOp(OP_0).AddData(pubKeyHash).Script()
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
// payToScriptHashScript creates a new script to pay a transaction output to a
|
|
|
|
// script hash. It is expected that the input is a valid hash.
|
|
|
|
func payToScriptHashScript(scriptHash []byte) ([]byte, error) {
|
|
|
|
return NewScriptBuilder().AddOp(OP_HASH160).AddData(scriptHash).
|
|
|
|
AddOp(OP_EQUAL).Script()
|
|
|
|
}
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
// payToWitnessPubKeyHashScript creates a new script to pay to a version 0
|
|
|
|
// script hash witness program. The passed hash is expected to be valid.
|
|
|
|
func payToWitnessScriptHashScript(scriptHash []byte) ([]byte, error) {
|
|
|
|
return NewScriptBuilder().AddOp(OP_0).AddData(scriptHash).Script()
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
// payToPubkeyScript creates a new script to pay a transaction output to a
|
|
|
|
// public key. It is expected that the input is a valid pubkey.
|
|
|
|
func payToPubKeyScript(serializedPubKey []byte) ([]byte, error) {
|
|
|
|
return NewScriptBuilder().AddData(serializedPubKey).
|
|
|
|
AddOp(OP_CHECKSIG).Script()
|
|
|
|
}
|
|
|
|
|
|
|
|
// PayToAddrScript creates a new script to pay a transaction output to a the
|
|
|
|
// specified address.
|
|
|
|
func PayToAddrScript(addr btcutil.Address) ([]byte, error) {
|
2017-01-07 18:31:03 +01:00
|
|
|
const nilAddrErrStr = "unable to generate payment script for nil address"
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
switch addr := addr.(type) {
|
|
|
|
case *btcutil.AddressPubKeyHash:
|
|
|
|
if addr == nil {
|
2017-01-07 18:31:03 +01:00
|
|
|
return nil, scriptError(ErrUnsupportedAddress,
|
|
|
|
nilAddrErrStr)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
return payToPubKeyHashScript(addr.ScriptAddress())
|
|
|
|
|
|
|
|
case *btcutil.AddressScriptHash:
|
|
|
|
if addr == nil {
|
2017-01-07 18:31:03 +01:00
|
|
|
return nil, scriptError(ErrUnsupportedAddress,
|
|
|
|
nilAddrErrStr)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
return payToScriptHashScript(addr.ScriptAddress())
|
|
|
|
|
|
|
|
case *btcutil.AddressPubKey:
|
|
|
|
if addr == nil {
|
2017-01-07 18:31:03 +01:00
|
|
|
return nil, scriptError(ErrUnsupportedAddress,
|
|
|
|
nilAddrErrStr)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
return payToPubKeyScript(addr.ScriptAddress())
|
2016-10-19 02:45:40 +02:00
|
|
|
|
|
|
|
case *btcutil.AddressWitnessPubKeyHash:
|
|
|
|
if addr == nil {
|
2017-04-27 01:33:28 +02:00
|
|
|
return nil, scriptError(ErrUnsupportedAddress,
|
|
|
|
nilAddrErrStr)
|
2016-10-19 02:45:40 +02:00
|
|
|
}
|
|
|
|
return payToWitnessPubKeyHashScript(addr.ScriptAddress())
|
|
|
|
case *btcutil.AddressWitnessScriptHash:
|
|
|
|
if addr == nil {
|
2017-04-27 01:33:28 +02:00
|
|
|
return nil, scriptError(ErrUnsupportedAddress,
|
|
|
|
nilAddrErrStr)
|
2016-10-19 02:45:40 +02:00
|
|
|
}
|
|
|
|
return payToWitnessScriptHashScript(addr.ScriptAddress())
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
2017-01-07 18:31:03 +01:00
|
|
|
str := fmt.Sprintf("unable to generate payment script for unsupported "+
|
|
|
|
"address type %T", addr)
|
|
|
|
return nil, scriptError(ErrUnsupportedAddress, str)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
2016-10-21 17:03:14 +02:00
|
|
|
// NullDataScript creates a provably-prunable script containing OP_RETURN
|
2017-01-07 18:31:03 +01:00
|
|
|
// followed by the passed data. An Error with the error code ErrTooMuchNullData
|
|
|
|
// will be returned if the length of the passed data exceeds MaxDataCarrierSize.
|
2016-10-21 16:37:48 +02:00
|
|
|
func NullDataScript(data []byte) ([]byte, error) {
|
|
|
|
if len(data) > MaxDataCarrierSize {
|
2017-01-07 18:31:03 +01:00
|
|
|
str := fmt.Sprintf("data size %d is larger than max "+
|
|
|
|
"allowed size %d", len(data), MaxDataCarrierSize)
|
|
|
|
return nil, scriptError(ErrTooMuchNullData, str)
|
2016-10-21 16:37:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return NewScriptBuilder().AddOp(OP_RETURN).AddData(data).Script()
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
// MultiSigScript returns a valid script for a multisignature redemption where
|
|
|
|
// nrequired of the keys in pubkeys are required to have signed the transaction
|
2017-01-07 18:31:03 +01:00
|
|
|
// for success. An Error with the error code ErrTooManyRequiredSigs will be
|
|
|
|
// returned if nrequired is larger than the number of keys provided.
|
2015-05-01 22:20:07 +02:00
|
|
|
func MultiSigScript(pubkeys []*btcutil.AddressPubKey, nrequired int) ([]byte, error) {
|
|
|
|
if len(pubkeys) < nrequired {
|
2017-01-07 18:31:03 +01:00
|
|
|
str := fmt.Sprintf("unable to generate multisig script with "+
|
|
|
|
"%d required signatures when there are only %d public "+
|
|
|
|
"keys available", nrequired, len(pubkeys))
|
|
|
|
return nil, scriptError(ErrTooManyRequiredSigs, str)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
builder := NewScriptBuilder().AddInt64(int64(nrequired))
|
|
|
|
for _, key := range pubkeys {
|
|
|
|
builder.AddData(key.ScriptAddress())
|
|
|
|
}
|
|
|
|
builder.AddInt64(int64(len(pubkeys)))
|
|
|
|
builder.AddOp(OP_CHECKMULTISIG)
|
|
|
|
|
|
|
|
return builder.Script()
|
|
|
|
}
|
|
|
|
|
|
|
|
// PushedData returns an array of byte slices containing any pushed data found
|
|
|
|
// in the passed script. This includes OP_0, but not OP_1 - OP_16.
|
|
|
|
func PushedData(script []byte) ([][]byte, error) {
|
|
|
|
pops, err := parseScript(script)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
var data [][]byte
|
|
|
|
for _, pop := range pops {
|
|
|
|
if pop.data != nil {
|
|
|
|
data = append(data, pop.data)
|
|
|
|
} else if pop.opcode.value == OP_0 {
|
2015-05-02 21:56:55 +02:00
|
|
|
data = append(data, nil)
|
2015-05-01 22:20:07 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return data, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// ExtractPkScriptAddrs returns the type of script, addresses and required
|
|
|
|
// signatures associated with the passed PkScript. Note that it only works for
|
|
|
|
// 'standard' transaction script types. Any data such as public keys which are
|
|
|
|
// invalid are omitted from the results.
|
|
|
|
func ExtractPkScriptAddrs(pkScript []byte, chainParams *chaincfg.Params) (ScriptClass, []btcutil.Address, int, error) {
|
|
|
|
var addrs []btcutil.Address
|
|
|
|
var requiredSigs int
|
|
|
|
|
|
|
|
// No valid addresses or required signatures if the script doesn't
|
|
|
|
// parse.
|
|
|
|
pops, err := parseScript(pkScript)
|
|
|
|
if err != nil {
|
|
|
|
return NonStandardTy, nil, 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
scriptClass := typeOfScript(pops)
|
|
|
|
switch scriptClass {
|
|
|
|
case PubKeyHashTy:
|
|
|
|
// A pay-to-pubkey-hash script is of the form:
|
|
|
|
// OP_DUP OP_HASH160 <hash> OP_EQUALVERIFY OP_CHECKSIG
|
|
|
|
// Therefore the pubkey hash is the 3rd item on the stack.
|
|
|
|
// Skip the pubkey hash if it's invalid for some reason.
|
|
|
|
requiredSigs = 1
|
|
|
|
addr, err := btcutil.NewAddressPubKeyHash(pops[2].data,
|
|
|
|
chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
|
2016-10-19 02:45:40 +02:00
|
|
|
case WitnessV0PubKeyHashTy:
|
|
|
|
// A pay-to-witness-pubkey-hash script is of thw form:
|
|
|
|
// OP_0 <20-byte hash>
|
|
|
|
// Therefore, the pubkey hash is the second item on the stack.
|
|
|
|
// Skip the pubkey hash if it's invalid for some reason.
|
|
|
|
requiredSigs = 1
|
|
|
|
addr, err := btcutil.NewAddressWitnessPubKeyHash(pops[1].data,
|
|
|
|
chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:20:07 +02:00
|
|
|
case PubKeyTy:
|
|
|
|
// A pay-to-pubkey script is of the form:
|
|
|
|
// <pubkey> OP_CHECKSIG
|
|
|
|
// Therefore the pubkey is the first item on the stack.
|
|
|
|
// Skip the pubkey if it's invalid for some reason.
|
|
|
|
requiredSigs = 1
|
|
|
|
addr, err := btcutil.NewAddressPubKey(pops[0].data, chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
|
|
|
|
case ScriptHashTy:
|
|
|
|
// A pay-to-script-hash script is of the form:
|
|
|
|
// OP_HASH160 <scripthash> OP_EQUAL
|
|
|
|
// Therefore the script hash is the 2nd item on the stack.
|
|
|
|
// Skip the script hash if it's invalid for some reason.
|
|
|
|
requiredSigs = 1
|
|
|
|
addr, err := btcutil.NewAddressScriptHashFromHash(pops[1].data,
|
2016-10-19 02:45:40 +02:00
|
|
|
chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
|
|
|
|
case WitnessV0ScriptHashTy:
|
|
|
|
// A pay-to-witness-script-hash script is of the form:
|
|
|
|
// OP_0 <32-byte hash>
|
|
|
|
// Therefore, the script hash is the second item on the stack.
|
|
|
|
// Skip the script hash if it's invalid for some reason.
|
|
|
|
requiredSigs = 1
|
|
|
|
addr, err := btcutil.NewAddressWitnessScriptHash(pops[1].data,
|
2015-05-01 22:20:07 +02:00
|
|
|
chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
|
|
|
|
case MultiSigTy:
|
|
|
|
// A multi-signature script is of the form:
|
|
|
|
// <numsigs> <pubkey> <pubkey> <pubkey>... <numpubkeys> OP_CHECKMULTISIG
|
|
|
|
// Therefore the number of required signatures is the 1st item
|
|
|
|
// on the stack and the number of public keys is the 2nd to last
|
|
|
|
// item on the stack.
|
|
|
|
requiredSigs = asSmallInt(pops[0].opcode)
|
|
|
|
numPubKeys := asSmallInt(pops[len(pops)-2].opcode)
|
|
|
|
|
|
|
|
// Extract the public keys while skipping any that are invalid.
|
|
|
|
addrs = make([]btcutil.Address, 0, numPubKeys)
|
|
|
|
for i := 0; i < numPubKeys; i++ {
|
|
|
|
addr, err := btcutil.NewAddressPubKey(pops[i+1].data,
|
|
|
|
chainParams)
|
|
|
|
if err == nil {
|
|
|
|
addrs = append(addrs, addr)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
case NullDataTy:
|
|
|
|
// Null data transactions have no addresses or required
|
|
|
|
// signatures.
|
|
|
|
|
|
|
|
case NonStandardTy:
|
|
|
|
// Don't attempt to extract addresses or required signatures for
|
|
|
|
// nonstandard transactions.
|
|
|
|
}
|
|
|
|
|
|
|
|
return scriptClass, addrs, requiredSigs, nil
|
|
|
|
}
|
2017-09-20 19:44:35 +02:00
|
|
|
|
|
|
|
// AtomicSwapDataPushes houses the data pushes found in atomic swap contracts.
|
|
|
|
type AtomicSwapDataPushes struct {
|
|
|
|
RecipientHash160 [20]byte
|
|
|
|
RefundHash160 [20]byte
|
2017-11-28 16:02:46 +01:00
|
|
|
SecretHash [32]byte
|
2018-02-16 22:18:43 +01:00
|
|
|
SecretSize int64
|
2017-09-20 19:44:35 +02:00
|
|
|
LockTime int64
|
|
|
|
}
|
|
|
|
|
|
|
|
// ExtractAtomicSwapDataPushes returns the data pushes from an atomic swap
|
|
|
|
// contract. If the script is not an atomic swap contract,
|
|
|
|
// ExtractAtomicSwapDataPushes returns (nil, nil). Non-nil errors are returned
|
|
|
|
// for unparsable scripts.
|
|
|
|
//
|
|
|
|
// NOTE: Atomic swaps are not considered standard script types by the dcrd
|
|
|
|
// mempool policy and should be used with P2SH. The atomic swap format is also
|
|
|
|
// expected to change to use a more secure hash function in the future.
|
|
|
|
//
|
|
|
|
// This function is only defined in the txscript package due to API limitations
|
|
|
|
// which prevent callers using txscript to parse nonstandard scripts.
|
2018-02-16 22:18:43 +01:00
|
|
|
func ExtractAtomicSwapDataPushes(version uint16, pkScript []byte) (*AtomicSwapDataPushes, error) {
|
2017-09-20 19:44:35 +02:00
|
|
|
pops, err := parseScript(pkScript)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2018-02-16 22:18:43 +01:00
|
|
|
if len(pops) != 20 {
|
2017-09-20 19:44:35 +02:00
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
isAtomicSwap := pops[0].opcode.value == OP_IF &&
|
2018-02-16 22:18:43 +01:00
|
|
|
pops[1].opcode.value == OP_SIZE &&
|
|
|
|
canonicalPush(pops[2]) &&
|
2017-09-20 19:44:35 +02:00
|
|
|
pops[3].opcode.value == OP_EQUALVERIFY &&
|
2018-02-16 22:18:43 +01:00
|
|
|
pops[4].opcode.value == OP_SHA256 &&
|
|
|
|
pops[5].opcode.value == OP_DATA_32 &&
|
|
|
|
pops[6].opcode.value == OP_EQUALVERIFY &&
|
|
|
|
pops[7].opcode.value == OP_DUP &&
|
|
|
|
pops[8].opcode.value == OP_HASH160 &&
|
|
|
|
pops[9].opcode.value == OP_DATA_20 &&
|
|
|
|
pops[10].opcode.value == OP_ELSE &&
|
|
|
|
canonicalPush(pops[11]) &&
|
|
|
|
pops[12].opcode.value == OP_CHECKLOCKTIMEVERIFY &&
|
|
|
|
pops[13].opcode.value == OP_DROP &&
|
|
|
|
pops[14].opcode.value == OP_DUP &&
|
|
|
|
pops[15].opcode.value == OP_HASH160 &&
|
|
|
|
pops[16].opcode.value == OP_DATA_20 &&
|
|
|
|
pops[17].opcode.value == OP_ENDIF &&
|
|
|
|
pops[18].opcode.value == OP_EQUALVERIFY &&
|
|
|
|
pops[19].opcode.value == OP_CHECKSIG
|
2017-09-20 19:44:35 +02:00
|
|
|
if !isAtomicSwap {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
pushes := new(AtomicSwapDataPushes)
|
2018-02-16 22:18:43 +01:00
|
|
|
copy(pushes.SecretHash[:], pops[5].data)
|
|
|
|
copy(pushes.RecipientHash160[:], pops[9].data)
|
|
|
|
copy(pushes.RefundHash160[:], pops[16].data)
|
|
|
|
if pops[2].data != nil {
|
|
|
|
locktime, err := makeScriptNum(pops[2].data, true, 5)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
pushes.SecretSize = int64(locktime)
|
|
|
|
} else if op := pops[2].opcode; isSmallInt(op) {
|
|
|
|
pushes.SecretSize = int64(asSmallInt(op))
|
|
|
|
} else {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
if pops[11].data != nil {
|
|
|
|
locktime, err := makeScriptNum(pops[11].data, true, 5)
|
2017-09-20 19:44:35 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
pushes.LockTime = int64(locktime)
|
2018-02-16 22:18:43 +01:00
|
|
|
} else if op := pops[11].opcode; isSmallInt(op) {
|
2017-09-20 19:44:35 +02:00
|
|
|
pushes.LockTime = int64(asSmallInt(op))
|
|
|
|
} else {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
return pushes, nil
|
|
|
|
}
|