Commit graph

3568 commits

Author SHA1 Message Date
Olaoluwa Osuntokun
80dd96ac5d txscript: add new post segwit policies to standard script flags 2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
0a7bbda6dd txscript: add verification of the post-segwit pub key type constraint
This commit adds verification of the post-segwit standardness
requirement that all pubkeys involved in checks operations MUST be
serialized as compressed public keys. A new ScriptFlag has been added
to guard this behavior when executing scripts.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
9367aedfd7 txscript: add verification of the post-segwit minimal if policy
This commit modifies the op-code execution for OP_IF and OP_NOTIF to
enforce the additional “minimal if” constraints which require the
top-stack item when the op codes are encountered to be either an empty
vector, or exactly [0x01].
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
65feec33e0 btcec: add new IsCompressedPubKey function
This commit adds a new function to btcec: IsCompressedPubKey. This
function returns true iff the passed serialized public key is encoded
in compressed format.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
9054ef8354 BIP 147: enforce NULLDUMMY w/ segwit verification
This commit implements the flag activation portion of BIP 0147. The
verification behavior triggered by the NULLDUMMY script verification
flag has been present within btcd for some time, however it wasn’t
activated by default.

With this commit, once segwit has activated, the ScriptStrictMultiSig
will also be activated within the Script VM. Additionally, the
ScriptStrictMultiSig is now a standard script verification flag which
is used unconditionally within the mempool.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
aaf187427e BIP0141+txscript: implement witness program validation
This commit implements full witness program validation for the
currently defined version 0 witness programs. This includes validation
logic for nested p2sh, p2wsh, and p2wkh. Additionally, when in witness
validation mode, an additional set of constrains are enforced such as
using the new sighash digest algorithm and enforcing clean stack
behavior within witness programs.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
b564111aff txscript: fix off-by-one error due to new OP_CODESEPARATOR behavior in segwit
This commit fixes an off-by-one error which is only manifested by the
new behavior of OP_CODESEPARATOR within sig hashes triggered by the
segwit behavior. The current behavior within the Script VM
(txscript.Engine) is known to be fully correct to the extent that it has
been verified. However, once segwit activates a consensus divergence
would emerge due to *when* the program counter was incremented in the
previous code (pre-this-commit).

Currently (pre-segwit) when calculating the pre-image to a transaction
sighash for signature verification, *all* instances of OP_CODESEPARATOR
are removed from the subScript being signed before generating the final
sighash. SegWit has additional nerfed the behavior of OP_CODESEPARATOR
by no longer removing them (and starting after the last instance), but
instead simply starting the subScript to be directly *after* the last
instance of an OP_CODESEPARATOR within the pkScript.

Due to this new behavior, without this commit, an off-by-one error
(which only matters post-segwit), would cause txscript to generate an
incorrect subScript since the instance of OP_CODESEPARATOR would remain
as part of the subScript instead of being sliced off as the new behavior
dictates. The off-by-one error itself is manifested due to a slight
divergence in txscript.Engine’s logic compared to Bitcoin Core.  In
Bitcoin Core script verification is as follows: first the next op-code
is fetched, then program counter is incremented, and finally the op-code
itself is executed. Before this commit, btcd flipped the order
of the last two steps, executing the op-code *before* the program
counter was incremented.

This commit fixes the post-segwit consensus divergence by incrementing
the program-counter *before* the next op-code is executed. It is
important to note that this divergence is only significant post-segwit,
meaning that txscript.Engine is still consensus compliant independent of
this commit.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
653459c810 BIP0141+txscript: implement signature operation cost calculations 2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
469e53ca27 BIP0141+txscript: awareness of new standard script templates, add helper funcs
This commit introduces a series of internal and external helper
functions which enable the txscript package to be aware of the new
standard script templates introduced as part of BIP0141. The two new
standard script templates recognized are pay-to-witness-key-hash
(P2WKH) and pay-to-witness-script-hash (P2WSH).
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
98cae74275 BIP0143+txscript: add segwit sighash, signing, and HashCache integration
This commit implements most of BIP0143 by adding logic to implement the
new sighash calculation, signing, and additionally introduces the
HashCache optimization which eliminates the O(N^2) computational
complexity for the SIGHASH_ALL sighash type.

The HashCache struct is the equivalent to the existing SigCache struct,
but for caching the reusable midstate for transactions which are
spending segwitty outputs.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
0db14c740b BIP0144: properly fetch witness data from witness-enabled peers
This commit modifies the logic within the block manager and service to
preferentially fetch transactions and blocks which include witness data
from fully upgraded peers.

Once the initial version handshake has completed, the server now tracks
which of the connected peers are witness enabled (they advertise
SFNodeWitness). From then on, if a peer is witness enabled, then btcd
will always request full witness data when fetching
transactions/blocks.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
7a1456aae5 BIP0144+peer: specify the wire encoding type when reading/writing messages
This commit modifies the base peer struct to ascertain when a peer is
able to understand the new witness encoding, and specify the peer’s
supported encoding explicitly before/after the version handshake.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
192bfbf123 BIP0144+wire: implement witness encoding/decoding for transactions
This commit implements the new witness encoding/decoding for
transactions as specified by BIP0144. After segwit activation, a
special transaction encoding is used to signal to upgraded nodes that
the transaction being deserialized bares witness data. The prior
BtcEncode and BtcDecode methods have been extended to be aware of the
new signaling bytes and the encoding of witness data within
transactions.

Additionally, a new method has been added to calculate the “stripped
size” of a transaction/block which is defined as the size of a
transaction/block *excluding* any witness data.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
28c5ce8e5c BIP0144+wire: introduce new segregated witness inventory types
This commit adds the new inventory types for segwit which are used by
the responder to explicitly request that transactions/blocks sent for a
particular inv hash should include all witness data.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
48abfdf87c BIP0144+wire: add a MessageEncoding variant for serialization/deserialization
This commit modifies the existing wire.Message interface to introduce a
new MessageEncoding variant which dictates the exact encoding to be
used when serializing and deserializing messages. Such an option is now
necessary due to the segwit soft-fork package, as btcd will need to be
able to optionally encode transactions/blocks without witness data to
un-upgraded peers.

Two new functions have been introduced: ReadMessageWithEncodingN and
WriteMessageWithEncodingN which wrap BtcDecode/BtcEncode with the
desired encoding format.
2017-08-13 23:17:40 -05:00
Olaoluwa Osuntokun
1b359e1131 BIP0144+wire: introduce the new SFNodeWitness service bit
This commit introduces the new SFNodeWitness service bit which has been
added to the protocol as part of BIP0144. The new service bit allows
peers on the network to signal their acceptance and adherence to the
new rules defined as part of the segwit soft-fork package.
2017-08-13 23:17:40 -05:00
Gregory Trubetskoy
1e331153b4 Fix the unknown new rules activation warning 2017-08-09 19:10:28 -04:00
Johan T. Halseth
47885ab870 chaincfg: Add IsBech32SegwitPrefix utility method.
The IsBech32SegwitPrefix method takes a string prefix and
determines if it is a valid prefix for a Bech32 encoded segwit
address for any of the default or registered networks.
2017-07-08 10:26:15 +02:00
Johan T. Halseth
9822ffad68 add Bech32HRPSegwit (human-readable part for segwit addresses) to chaincfg.Params 2017-07-05 16:33:50 -05:00
Ruben de Vries
c72658166a add InvalidateBlock RPC command 2017-07-04 15:56:36 +02:00
Ricardo Velhote
948d80b198
New RPC command to display the uptime of the server
Version 0.15.0 of Bitcoin Core will include a new RPC command that will
allow us to obtain the amount of time (in seconds) that the server has
been running.
2017-07-03 00:07:27 +01:00
Dave Collins
6487ba1047
TravisCI: Don't run tests with race.
This modifies the goclean.sh script that is executed on Travis to
only run the tests without the race detector.

While it is nice to run the race detector on the tests, unfortunately
there is a limit to the number of goroutines that can be launched while
running it.  Since Travis is now much slower than it once was, this
causes a ton of false positive failures.
2017-07-01 16:13:35 -05:00
Dave Collins
9f0e66ee3f
blockchain: Correct invalid assertion.
This corrects the assertion in the decodeSpentTxOut function so it does
not improperly cause a panic when unwinding transactions during a reorg
under certain circumstances.  In particular, the provided transaction
version that is passed when a stxo entry does not exist is now -1 in
order to properly distinguish it from the zero value.

It also updates the tests accordingly.

This was discovered by the reorg on testnet from block
00000000000018c58c2d2816f03dac327d975a18af6edf1a369df67ecddaf816 to
0000000000001c1161a367156465cc6226e9f862d9c585f94db5779fdf5455ff.
2017-07-01 02:25:41 -05:00
Dave Collins
01cb59c67d
multi: Simplify code per gosimple linter.
This simplifies the code based on the recommendations of the gosimple
lint tool.
2017-07-01 02:25:10 -05:00
Josh Rickmar
a6965d493f all: Remove seelog logger.
The btclog package has been changed to defining its own logging
interface (rather than seelog's) and provides a default implementation
for callers to use.

There are two primary advantages to the new logger implementation.

First, all log messages are created before the call returns.  Compared
to seelog, this prevents data races when mutable variables are logged.

Second, the new logger does not implement any kind of artifical rate
limiting (what seelog refers to as "adaptive logging").  Log messages
are outputted as soon as possible and the application will appear to
perform much better when watching standard output.

Because log rotation is not a feature of the btclog logging
implementation, it is handled by the main package by importing a file
rotation package that provides an io.Reader interface for creating
output to a rotating file output.  The rotator has been configured
with the same defaults that btcd previously used in the seelog config
(10MB file limits with maximum of 3 rolls) but now compresses newly
created roll files.  Due to the high compressibility of log text, the
compressed files typically reduce to around 15-30% of the original
10MB file.
2017-06-19 16:46:50 -04:00
Josh Rickmar
45b9cb481d Track btclog API updates. 2017-06-19 16:43:38 -04:00
Jimmy Song
1bdb713285 btcec: Slightly optimize NAF and add several tests.
This slightly optimizes the NAF function by avoiding returning the
unused bit when there is not a carry.

It also adds a bunch of additional unit tests which I made while
debugging.
2017-06-07 20:43:48 -05:00
Dave Collins
1238b7e55a
btcec: Optimize and correct normalize.
This modifies the normalize function of the internal field value to
both optimize it and address an issue where the reduction could
lead to an incorrect result with a small range of values.  It also adds
tests to ensure the behavior is correct.

The following benchmark shows the relative speedups as a result of the
optimization on my system.  In particular, the changes result in
approximately a 14% speedup in Normalize, which ultimately translates to
a 2% speedup in signature verifies.

benchmark                        old ns/op     new ns/op     delta
--------------------------------------------------------------------
BenchmarkAddJacobian             1364          1289          -5.50%
BenchmarkAddJacobianNotZOne      3150          3091          -1.87%
BenchmarkScalarBaseMult          134117        132816        -0.97%
BenchmarkScalarBaseMultLarge     135067        132966        -1.56%
BenchmarkScalarMult              411218        402217        -2.19%
BenchmarkSigVerify               671585        657833        -2.05%
BenchmarkFieldNormalize          36.0          31.0          -13.89%
2017-06-07 20:43:36 -05:00
Dave Collins
711e7dbb2e
btcec: Add benchmark for field normalization. 2017-06-07 20:43:27 -05:00
Steven Roose
ef87de9d88 Fix comparator that could cause a panic 2017-06-07 17:59:33 -05:00
Steven Roose
bf43e56f2f Fix warnings from ineffassign
I left one at the end of fullblocktest, since I suspected the unused
variable assignments there were set for the possibility of extending the
tests.
2017-06-07 17:59:33 -05:00
Steven Roose
3d0dfed40b Fix a ton of typos accumulated over time 2017-05-30 16:59:51 +02:00
Dave Collins
b14827fd64
Update markdown files for GFM changes.
The github markdown interpreter has been changed such that it no longer
allows spaces in between the brackets and parenthesis of links.  This
updates the markdown files accordingly.

While here, it also corrects a couple of inconsistencies in regards to
other README.md files in the project.
2017-05-25 12:55:45 -05:00
Dave Collins
9918e2a561
multi: Update markdown files for GFM changes.
The github markdown interpreter has been changed such that it no longer
allows spaces in between the brackets and parenthesis of links and now
requires a newline in between anchors and other formatting.  This
updates all of the markdown files accordingly.

While here, it also corrects a couple of inconsistencies in some of the
README.md files.
2017-05-25 12:06:16 -05:00
Dave Collins
f8673776ab
database: Update overview documentation in doc.go.
This updates the overview documentation to remove reference of the
outside Namespace bits.
2017-05-21 18:22:33 -05:00
Steven Roose
45967f8641 btcctl: Inherit notls config from btcd.conf 2017-05-18 12:18:30 -05:00
Dave Collins
1fee394e08
btcjson: Update GetNetworkInfoResult.
This updates the GetNetworkInfoResult structure to include the latest
fields added to Core for compatibility purposes.

While here, also move the definitions of the subtypes for the result
before their use for consistency.
2017-05-18 09:12:05 -05:00
Dave Collins
7d3ca6df7b
chaincfg: Remove bitseed.xf2.org DNS seed.
This DNS seed does not appear to resolve IPv6 and the returned addresses
rarely seem correspond to functioning nodes.
2017-05-18 05:27:55 -05:00
Steven Roose
53f55a4634 config: Add user agent comments flag --uacomment
Just like Core's -uacomment, this flag allows to specify user agent
comments like defined in BIP 14.
2017-05-17 13:22:26 +02:00
Dave Collins
40f4997b95
addrmgr: Fix a couple of typos in overview doc. 2017-05-15 14:26:18 -05:00
Dave Collins
b85d2dc7f0
peer: Use prng to generate self detection nonce.
This changes the nonce generated to detect self connections over to use
pseudo randoms instead of a cryptographically random nonce.

There is really not a good reason for it to be cryptographically strong,
using the prng is much faster, and the prng also doesn't burn entropy.
2017-05-15 14:20:57 -05:00
Dave Collins
8efd6b15ed
peer: Remove unused version sent field.
This removes the field that tracks whether the version has been sent
since it is no longer used after the version negotiation was separated
from the main read and write code.
2017-05-13 03:48:14 -05:00
Dave Collins
1ae306021e
rpctest: Make subpackage of integration.
This makes the rpctest package a subpackage of the integration package
since its primary purpose is for integration testing.
2017-05-11 15:17:29 -05:00
Olaoluwa Osuntokun
89728419b0
integration: add integration tests for the CSV-package soft-fork 2017-05-10 15:37:19 -07:00
Olaoluwa Osuntokun
75569f599f
blockchain: enforce CSV soft-fork validation based on versionbits state
This commit modifies the existing block validation logic to examine the
current version bits state of the CSV soft-fork, enforcing the new
validation rules (BIPs 68, 112, and 113) accordingly based on the
current `ThesholdState`.
2017-05-10 15:37:11 -07:00
Olaoluwa Osuntokun
7d0b8081dc
rpcserver: add csv case for getblockchaininfo 2017-05-10 15:37:07 -07:00
Olaoluwa Osuntokun
d767af1509
blockchain: update calcSequenceLocks test to activate CSV first 2017-05-10 15:37:04 -07:00
Olaoluwa Osuntokun
ca5e14da6a
rpctest: publicly export the CreateBlock funciton
This commit publicly exports the CreateBlock function as it can be very
useful for generating blocks for tests. Additionally, the behavior of
the function has been modified slightly to build off of the genesis
block for the specified chain if the `prevBlock` paramter is nil.
2017-05-10 15:37:00 -07:00
Olaoluwa Osuntokun
528cc07a00
chaincfg: add BIP0009 deployment parameters for the CSV soft-fork
This commit adds BIP-9 deployment parameters for all registered
networks for the CSV soft-fork package.

The mainnet and testnet parameters have been set in accordance to the
finalized BIPs.

For simnet, and the regression net, the activation date is back-dated
in order to allow signaling for the soft-fork at any time. Additionally
the expiration time for simnet and regrets has been set to
math.MaxInt64, meaning they’ll never expire.
2017-05-10 15:36:55 -07:00
Dave Collins
0ea4a6ebd4
multi: Switch to upstream golang.org/x/crypto.
Now that glide is used for version management and a specific commit of
the upstream repository can be locked it is no longer necessary to
maintain a fork of the package specifically to keep a stable dependency.

While here, update the glide dependency for btcutil as well since it was
switched to use the upstream path as well.
2017-05-09 11:35:01 -05:00