NOP1 through NOP10 are reserved for future soft-fork upgrades. When
such an upgrade occurs, the NOP argument will then require verification.
Rejecting transactions that contain these NOPs into the mempool will
discourage those transactions from being mined elsewhere and ensure
btcd will never mine such transactions. This prevents now
invalid scripts (according to the majority of hashing power) even if the
client has not yet upgraded.
Non-executed upgradable NOPs are still allowed as they will still be
valid post-upgrade.
Mimics Bitcoin Core commit 03914234b3c9c35d66b51d580fe727a0707394ca
It is possible for a multisignature transaction to require zero
signatures. For example, input 2 of testnet transaction
b2d93dfd0b2c1a380e55e76a8d9cb3075dec9f4474e9485be008c337fd62c1f7
in block number 185117.
Previously the code was pushing a false to the stack when no
valid signatures were found. This commit remedies that by pushing true
when no valid signatures were found, but none are required. Otherwise it
still pushes false when no valid signatures were found, but some are
required.
Fixes#7.
ok @owainga
When given badly formatted signature or pubkeys like in block
0000000000000001e4241fd0b3469a713f41c5682605451c05d3033288fb2244, transaction
fd9b541d23f6e9bddb34ede15c7684eeec36231118796b691ae525f95578acf1 we could fail
on strange scripts because we returned an error instead of failing the
opcode and putting a FALSE on the stack.
Fixes chainfork issue on the aforementioned block.
This commit modifies the names of opcdoes shown in the oneline script
disassembly to match the reference implementation. In particular
OP_1NEGATE, and OP_0 through OP_16 are changed to the raw numbers
they represent when doing oneline disassembly. When doing full
disassembly, the full opcode names are still shown.
ok @owainga.
This removes the bip16 bool from NewScript and adds it to flags (with
the constant ScriptBip16), and also adds a new flag,
ScriptCanonicalSignatures, which will call btcec.ParseDERSignature
parsing a signature during an Execute. This is needed to emulate
bitcoind behavior, as bitcoind performs canonical signature validation
(DER format) in some places (like mempool acceptance) but not others
(like block validation).
Updated tests and test coverage file to reflect changes.
So add entries for them that disassemble and parse ok, but will fail
when executed with the appropriate error. Add a full suite of tests to confirm
that this happens.
Found by a strange transaction in testnet.
PayToPubKeyHashScript generates a new pay to pubkey hash script to use
as the pkScript when creating new transactions. If the passed pubkey
hash is an invalid size, StackErrInvalidOpcode will be returned as an
error.
SignatureScript returns the signature script necessary to validate a
single input of a transaction.
This also adds sanity checking for serializing scripts into byte
slices. If the length of a serialized opcode does not equal the
expected length, StackErrInvalidOpcode will be returned when unparsing
a []parsedOpcode.
New internal tests were added to verify checks for valid and invalid
parsed opcodes.
Removing from the bottom of a stack (nipN(depth)) would leak the first
entry in the array by slicing [1:], leaving array[0] dangling an
inaccessible (but unable to be freed until the whole slice is gone). We
left it like this for a while, but best not to leak the memory. Happens
rarely so the performance hit shouldn't matter that much. Do the same
thing for condstack.
When we do append loops, make an educated guess as to the size and make an array
with that capacity to avoid extra copying.
Doesn't affect the speed of the tests, over 4 runs the difference was lost in
the noise.
We were counting the number of push ops instead of the number of non
push ops. Add tests that found this (checking tha the max operations
check fires).