When given badly formatted signature or pubkeys like in block
0000000000000001e4241fd0b3469a713f41c5682605451c05d3033288fb2244, transaction
fd9b541d23f6e9bddb34ede15c7684eeec36231118796b691ae525f95578acf1 we could fail
on strange scripts because we returned an error instead of failing the
opcode and putting a FALSE on the stack.
Fixes chainfork issue on the aforementioned block.
This commit significantly changes the address extraction code. The
original code was written before some of the other newer code was written
and as a result essentially duplicated some of the logic for handling
standard scripts which is used elsewhere in the package.
The following is a summary of what has changed:
- CalcPkScriptAddrHashes, ScriptToAddrHash, and ScriptToAddrHashes have
been replaced by ExtractPkScriptAddresses
- The ScriptType type has been removed in favor of the existing
ScriptClass type
- The new function returns a slice of btcutil.Addresses instead of raw
hashes that the caller then needs to figure out what to do with to
convert them to proper addressses
- The new function makes use of the existing ScriptClass instead of an
nearly duplicate ScriptType
- The new function hooks into the existing infrastructure for parsing
scripts and identifying scripts of standard forms
- The new function only works with pkscripts to match the behavior of the
reference implementation - do note that the redeeming script from a p2sh
script is still considered a pkscript
- The logic combines extraction for all script types instead of using a
separate function for multi-signature transactions
- The new function ignores addresses which are invalid for some reason
such as invalid public keys
This commit modifies the names of opcdoes shown in the oneline script
disassembly to match the reference implementation. In particular
OP_1NEGATE, and OP_0 through OP_16 are changed to the raw numbers
they represent when doing oneline disassembly. When doing full
disassembly, the full opcode names are still shown.
ok @owainga.
Rather than returning an empty string from DisasmString if a script fails
to parse, return the disassembly up to the point of the failure along with
[error] appended. The error is still returned in case the caller wants
more information about the script parse failure.
This commit adds two new functions named PayToScriptHashScript and
PayToAddrScript. The first one creates and returns a public-key script
which pays to the provided script hash and conforms to BIP0016.
The second function takes the new btcutil.Address interface type and
returns an appropriate script to pay to the address type in the interface.
It currently works for btcutil.AddressPubKeyHash and
btcutil.AddressScriptHash.
Fixed up bad function comment headers
Added a small set of tests for the ScriptToAddrHashes function to test
functionality of a couple real multisig cases as well as error checking
This commit modifies the code to use the new btcec Signature.Serialize API
instead of the internal sigDER which has now been removed. This closes#3.
ok @owainga
The allows the tests to run without showing warning for malformed bits
(which are intentionally malformed for testing purposes). Also, the
tests would not compile since the new btclog backend was switched out.
This commit resolves that.
This change updates the doc.go documentation file with the correct use
of the new (since 8eead5217d) API used
for passing additional options when creating new script engines.
Spotted by davec@
This removes the bip16 bool from NewScript and adds it to flags (with
the constant ScriptBip16), and also adds a new flag,
ScriptCanonicalSignatures, which will call btcec.ParseDERSignature
parsing a signature during an Execute. This is needed to emulate
bitcoind behavior, as bitcoind performs canonical signature validation
(DER format) in some places (like mempool acceptance) but not others
(like block validation).
Updated tests and test coverage file to reflect changes.
The stack data is normally sliced from the actual script and btcscript is not
supposed to ever change the tx passed into it.
Add a test (and fix the other leading zeros tests) to stop this happening again.
So add entries for them that disassemble and parse ok, but will fail
when executed with the appropriate error. Add a full suite of tests to confirm
that this happens.
Found by a strange transaction in testnet.
PayToPubKeyHashScript generates a new pay to pubkey hash script to use
as the pkScript when creating new transactions. If the passed pubkey
hash is an invalid size, StackErrInvalidOpcode will be returned as an
error.
SignatureScript returns the signature script necessary to validate a
single input of a transaction.
This also adds sanity checking for serializing scripts into byte
slices. If the length of a serialized opcode does not equal the
expected length, StackErrInvalidOpcode will be returned when unparsing
a []parsedOpcode.
New internal tests were added to verify checks for valid and invalid
parsed opcodes.
This commit adds an exported function, IsPushOnlyScript, which can be used
to tell whether or not a script only pushes data (only contains opcodes
that push data).
Removing from the bottom of a stack (nipN(depth)) would leak the first
entry in the array by slicing [1:], leaving array[0] dangling an
inaccessible (but unable to be freed until the whole slice is gone). We
left it like this for a while, but best not to leak the memory. Happens
rarely so the performance hit shouldn't matter that much. Do the same
thing for condstack.
When we do append loops, make an educated guess as to the size and make an array
with that capacity to avoid extra copying.
Doesn't affect the speed of the tests, over 4 runs the difference was lost in
the noise.