Commit graph

36 commits

Author SHA1 Message Date
Jimmy Song
d5cc72dc27 use btcec structs instead of ecdsa structs 2014-10-12 23:47:09 -05:00
Dave Collins
c0c3d860d6 Convert all StackErrX to ErrStackX.
This commit changes all stack errors from the form of StackErrX to
ErrStackX which is the expected form for standard Go code.
2014-10-12 17:24:00 -05:00
Jonathan Gillham
37ad7042b6 Made hashType typed as SigHashType. 2014-10-11 20:55:28 +01:00
David Hill
2803ea17c2 Remove the use of go-spew. 2014-08-29 16:06:17 -04:00
Dave Collins
95cd1b97fa Make the OP_FALSE constant untyped.
This makes it consistent with the rest of the opcode constants.
2014-08-13 00:32:16 -05:00
David Hill
ef0ca7dff5 sync bitcoind script tests 2014-08-01 13:40:56 -04:00
Dave Collins
5beafbd2d8 goimports -w . 2014-07-02 19:37:49 -05:00
David Hill
a591c7ec03 Add new ScriptFlag ScriptStrictMultiSig.
ScriptStrictMultiSig verifies that the stack item used by CHECKMULTISIG
is zero length.
2014-05-29 10:55:35 -04:00
Owain G. Ainsworth
03dd134305 adapt for btcec changes. 2014-04-09 19:30:59 +01:00
Owain G. Ainsworth
dab2a7cb0f Don't possibly dereference bad signatures in OP_CHECKMULTISIG.
We do all the preprocessing in one loop. Fixes a bug introduced a while ago to
handle invalid signatures. Found by more tests from bitcoind.
2014-03-17 17:46:56 +00:00
Owain G. Ainsworth
d6d755e411 Always return reserved opcode for always-illegal ops. 2014-03-14 21:06:08 +00:00
Owain G. Ainsworth
8beb0dec54 Make opcode.Exec run a bunch of unconditional checks
Add push length and number of operations to this to match bitcoind behaviour.
found that we differed here by their negative tests.
2014-03-14 21:06:05 +00:00
Owain G. Ainsworth
f80c3255a3 PopInt now guarantees that number will be 32 bit.
So remove later checks that need this.
2014-03-14 21:05:29 +00:00
Owain G. Ainsworth
a5e7e9ebb6 Disabled opcodes are `fail if pc passes' not fail if execute.
Detected by bitcoind negative tests.
2014-03-14 21:04:59 +00:00
Owain G. Ainsworth
8df0af32d6 Encountering OP_VERIF and OP_VERNOTIF in execution is always an error.
I honestly thought we already handled this, but some tests dhill is
working on shows that we didn't.
2014-03-14 20:28:23 +00:00
Dave Collins
1d360509f4 Correct handling for multi-sig zero signatures.
It is possible for a multisignature transaction to require zero
signatures.  For example, input 2 of testnet transaction
b2d93dfd0b2c1a380e55e76a8d9cb3075dec9f4474e9485be008c337fd62c1f7
in block number 185117.

Previously the code was pushing a false to the stack when no
valid signatures were found.  This commit remedies that by pushing true
when no valid signatures were found, but none are required.  Otherwise it
still pushes false when no valid signatures were found, but some are
required.

Fixes #7.

ok @owainga
2014-02-19 15:03:32 -06:00
Dave Collins
13ba8607f7 Gofmt. 2014-02-04 11:22:51 -06:00
Owain G. Ainsworth
e8881196d6 Fix a number of bugs in signature checking
When given badly formatted  signature or pubkeys like in block
0000000000000001e4241fd0b3469a713f41c5682605451c05d3033288fb2244, transaction
fd9b541d23f6e9bddb34ede15c7684eeec36231118796b691ae525f95578acf1 we could fail
on strange scripts because we returned an error instead of failing the
opcode and putting a FALSE on the stack.

Fixes chainfork issue on the aforementioned block.
2014-02-04 03:13:23 +00:00
Dave Collins
b11f1620e2 Remove warnings for errors that are returned.
ok @owainga.
2014-01-17 09:40:34 -06:00
Dave Collins
565f11409c Add 2014 to copyright dates. 2014-01-08 23:47:47 -06:00
Dave Collins
126991b60b Make opcode disasm names match reference impl.
This commit modifies the names of opcdoes shown in the oneline script
disassembly to match the reference implementation.  In particular
OP_1NEGATE, and OP_0 through OP_16 are changed to the raw numbers
they represent when doing oneline disassembly.  When doing full
disassembly, the full opcode names are still shown.

ok @owainga.
2014-01-07 12:07:54 -06:00
Dave Collins
2005fae908 Change OP_CHECK_MULTISIG -> OP_CHECKMULTISIG.
This change was made to match the reference implementation.
2014-01-04 15:23:51 -06:00
Marco Peereboom
aa3cdbe7b1 use fastsha256 2013-11-19 09:22:38 -06:00
Owain G. Ainsworth
f4a6449ad3 Actually just fail the opcode, not returning an error.
should fix some crazy script on testnet.
2013-11-07 18:23:20 +00:00
Owain G. Ainsworth
f0e7011b6f fix previous.
test patch, commit patch. Not the other way around, dumbass.
2013-11-07 17:32:11 +00:00
Owain G. Ainsworth
3aaafbd7fa handle op_checksig with an empty signature on the stack.
Crash found by jy-p, fix by me.
2013-11-07 17:09:22 +00:00
David Hill
8eead5217d Add flag bitmask to NewScript for canonical sig checks.
This removes the bip16 bool from NewScript and adds it to flags (with
the constant ScriptBip16), and also adds a new flag,
ScriptCanonicalSignatures, which will call btcec.ParseDERSignature
parsing a signature during an Execute.  This is needed to emulate
bitcoind behavior, as bitcoind performs canonical signature validation
(DER format) in some places (like mempool acceptance) but not others
(like block validation).

Updated tests and test coverage file to reflect changes.
2013-10-25 15:15:00 -04:00
Owain G. Ainsworth
52a1488eaf bitcoind only fails on invalid (undefined) opcodes when they are executed.
So add entries for them that disassemble and parse ok, but will fail
when executed with the appropriate error. Add a full suite of tests to confirm
that this happens.

Found by a strange transaction in testnet.
2013-10-08 00:16:23 +01:00
Josh Rickmar
a5f81fc545 Add PayToPubKeyHashScript and SignatureScript functions.
PayToPubKeyHashScript generates a new pay to pubkey hash script to use
as the pkScript when creating new transactions.  If the passed pubkey
hash is an invalid size, StackErrInvalidOpcode will be returned as an
error.

SignatureScript returns the signature script necessary to validate a
single input of a transaction.

This also adds sanity checking for serializing scripts into byte
slices.  If the length of a serialized opcode does not equal the
expected length, StackErrInvalidOpcode will be returned when unparsing
a []parsedOpcode.

New internal tests were added to verify checks for valid and invalid
parsed opcodes.
2013-10-01 12:50:22 -04:00
Owain G. Ainsworth
0a3e7f682b Avoid the risk of leaking small amounts of memory.
Removing from the bottom of a stack (nipN(depth)) would leak the first
entry in the array by slicing [1:], leaving array[0] dangling an
inaccessible (but unable to be freed until the whole slice is gone). We
left it like this for a while, but best not to leak the memory. Happens
rarely so the performance hit shouldn't matter that much. Do the same
thing for condstack.
2013-09-26 01:53:11 +01:00
Owain G. Ainsworth
a63edcd2dc preallocate a few arrays.
When we do append loops, make an educated guess as to the size and make an array
with that capacity to avoid extra copying.

Doesn't affect the speed of the tests, over 4 runs the difference was lost in
the noise.
2013-09-25 17:38:20 +01:00
Owain G. Ainsworth
87e976a732 Add comment explaining OP_RESERVED behaviour with push ops. 2013-09-25 17:37:36 +01:00
Owain G. Ainsworth
22c29c4316 Perform pushed length checks at exec time, not parse.
To match bitcoind behaviour. Fix tests to agree with this direction.
2013-07-29 22:00:57 +01:00
Owain G. Ainsworth
bac455cdd2 Fix reversed test bug with the max operations handling
We were counting the number of push ops instead of the number of non
push ops.  Add tests that found this (checking tha the max operations
check fires).
2013-06-20 00:30:34 +01:00
Dave Collins
2a8cf9f44f Use correct import path for btcec. 2013-06-13 15:18:58 -05:00
Dave Collins
1197770159 Initial implementation. 2013-06-13 14:59:46 -05:00