This commit tightens the check for a pay-to-pubkey script by ensuring the
length of the pubkey is one of the two valid values of 33 or 65. This
mirrors the checks in the multisig script type check as well.
ok @owainga
Also, unexport the functions to generate script types. Everything should
(and is) be using PayToAddrScript() with an address type instead of
throwing bytes around.
discussed with #@davecgh
This commit adds a new ScriptBuilder interface that can be used to build
custom scripts. It currently is fairly basic, but it allows you to push
raw opcodes, ints, and data while respecting canonical encoding. These
primitives are sufficient to build any script.
This could be improved upon with quite a few things. One example would be
functions for certain opcodes that take properly typed parameters to make
it harder to create invalid scripts.
For now though, it is already quite useful since it handles all of the
opcode selection for canonical data pushes and integer encoding.
The initial discussion took place in #5.
This commit builds off the previous commit which fixed the execution of
multi-signature scripts with zero required signatures.
It introduces the concept of a "small int" which is one of OP_0 or OP_1 -
OP_16. All areas of code that deal with multi-sig transactions now make
use of these to ensure consistent handling.
This fixes a few issues surrounding multi-sig zero required signature
transactions included proper detection as a multi-sig script, signature
counting for script statistics, and
ok @owainga
It is possible for a multisignature transaction to require zero
signatures. For example, input 2 of testnet transaction
b2d93dfd0b2c1a380e55e76a8d9cb3075dec9f4474e9485be008c337fd62c1f7
in block number 185117.
Previously the code was pushing a false to the stack when no
valid signatures were found. This commit remedies that by pushing true
when no valid signatures were found, but none are required. Otherwise it
still pushes false when no valid signatures were found, but some are
required.
Fixes#7.
ok @owainga
When given badly formatted signature or pubkeys like in block
0000000000000001e4241fd0b3469a713f41c5682605451c05d3033288fb2244, transaction
fd9b541d23f6e9bddb34ede15c7684eeec36231118796b691ae525f95578acf1 we could fail
on strange scripts because we returned an error instead of failing the
opcode and putting a FALSE on the stack.
Fixes chainfork issue on the aforementioned block.
This commit significantly changes the address extraction code. The
original code was written before some of the other newer code was written
and as a result essentially duplicated some of the logic for handling
standard scripts which is used elsewhere in the package.
The following is a summary of what has changed:
- CalcPkScriptAddrHashes, ScriptToAddrHash, and ScriptToAddrHashes have
been replaced by ExtractPkScriptAddresses
- The ScriptType type has been removed in favor of the existing
ScriptClass type
- The new function returns a slice of btcutil.Addresses instead of raw
hashes that the caller then needs to figure out what to do with to
convert them to proper addressses
- The new function makes use of the existing ScriptClass instead of an
nearly duplicate ScriptType
- The new function hooks into the existing infrastructure for parsing
scripts and identifying scripts of standard forms
- The new function only works with pkscripts to match the behavior of the
reference implementation - do note that the redeeming script from a p2sh
script is still considered a pkscript
- The logic combines extraction for all script types instead of using a
separate function for multi-signature transactions
- The new function ignores addresses which are invalid for some reason
such as invalid public keys
This commit modifies the names of opcdoes shown in the oneline script
disassembly to match the reference implementation. In particular
OP_1NEGATE, and OP_0 through OP_16 are changed to the raw numbers
they represent when doing oneline disassembly. When doing full
disassembly, the full opcode names are still shown.
ok @owainga.
Rather than returning an empty string from DisasmString if a script fails
to parse, return the disassembly up to the point of the failure along with
[error] appended. The error is still returned in case the caller wants
more information about the script parse failure.
This commit adds two new functions named PayToScriptHashScript and
PayToAddrScript. The first one creates and returns a public-key script
which pays to the provided script hash and conforms to BIP0016.
The second function takes the new btcutil.Address interface type and
returns an appropriate script to pay to the address type in the interface.
It currently works for btcutil.AddressPubKeyHash and
btcutil.AddressScriptHash.
Fixed up bad function comment headers
Added a small set of tests for the ScriptToAddrHashes function to test
functionality of a couple real multisig cases as well as error checking
This commit modifies the code to use the new btcec Signature.Serialize API
instead of the internal sigDER which has now been removed. This closes#3.
ok @owainga
The allows the tests to run without showing warning for malformed bits
(which are intentionally malformed for testing purposes). Also, the
tests would not compile since the new btclog backend was switched out.
This commit resolves that.
This change updates the doc.go documentation file with the correct use
of the new (since 8eead5217d) API used
for passing additional options when creating new script engines.
Spotted by davec@
This removes the bip16 bool from NewScript and adds it to flags (with
the constant ScriptBip16), and also adds a new flag,
ScriptCanonicalSignatures, which will call btcec.ParseDERSignature
parsing a signature during an Execute. This is needed to emulate
bitcoind behavior, as bitcoind performs canonical signature validation
(DER format) in some places (like mempool acceptance) but not others
(like block validation).
Updated tests and test coverage file to reflect changes.