Commit graph

305 commits

Author SHA1 Message Date
eugene
9c91ffc684
psbt: bounds check SumUtxoInputValues with NonWitness.TxOut indexing
Otherwise, a malformed packet would panic on this check since the
NonWitness.TxOut field did not have the required TxOuts necessary.
2021-05-14 12:23:16 -04:00
Josh Bleecher Snyder
a53e38424c base58: allocate less in Encode
* calculate maximum output length more precisely
  to avoid allocation in the append
* use big.Int.Sign instead of needing bigZero

name                 old time/op    new time/op    delta
Base58Encode_5K-8      5.86ms ± 3%    5.79ms ± 2%   -1.27%  (p=0.035 n=9+10)
Base58Encode_100K-8     2.23s ± 1%     2.23s ± 0%     ~     (p=0.074 n=9+8)
Base58Decode_5K-8       281µs ± 1%     282µs ± 1%     ~     (p=0.720 n=9+10)
Base58Decode_100K-8    89.4ms ± 7%    88.3ms ± 7%     ~     (p=0.123 n=10+10)

name                 old speed      new speed      delta
Base58Encode_5K-8     854kB/s ± 3%   864kB/s ± 2%     ~     (p=0.134 n=9+10)
Base58Encode_100K-8  40.0kB/s ± 0%  40.0kB/s ± 0%     ~     (all equal)
Base58Decode_5K-8    24.3MB/s ± 1%  24.2MB/s ± 1%     ~     (p=0.644 n=9+10)
Base58Decode_100K-8  1.53MB/s ± 7%  1.55MB/s ± 7%     ~     (p=0.218 n=10+10)

name                 old alloc/op   new alloc/op   delta
Base58Encode_5K-8      28.7kB ± 0%    19.2kB ± 0%  -33.03%  (p=0.000 n=10+10)
Base58Encode_100K-8     557kB ± 0%     385kB ± 0%  -30.88%  (p=0.000 n=10+10)
Base58Decode_5K-8       349kB ± 0%     349kB ± 0%     ~     (all equal)
Base58Decode_100K-8     133MB ± 0%     133MB ± 0%     ~     (p=0.183 n=10+10)

name                 old allocs/op  new allocs/op  delta
Base58Encode_5K-8        5.00 ± 0%      4.00 ± 0%  -20.00%  (p=0.000 n=10+10)
Base58Encode_100K-8      5.00 ± 0%      4.00 ± 0%  -20.00%  (p=0.000 n=10+10)
Base58Decode_5K-8         129 ± 0%       129 ± 0%     ~     (all equal)
Base58Decode_100K-8     2.51k ± 0%     2.51k ± 0%     ~     (p=0.321 n=10+10)

When Go 1.16 is released, performance will improve
significantly due to improvements to math/big.Int's division implementation.
2020-12-08 09:37:02 -05:00
Dave Collins
d63d9f2b44 bech32: Add base256 conversion convenience funcs.
Since bech32 itself works with data encoded with 5 bits per byte (aka
base32) padded out to the nearest byte boundary, the existing functions
for Encode and Decode accept and return data encoded that way.

However, the most common way to use bech32 is to encode data that is
already encoded with 8 bits per byte (aka base256) without padding which
means it is up to the caller to use the ConvertBits function properly to
convert between the two encodings.

Consequently, this introduces two convenience functions for working
directly with base256-encoded data named EncodeFromBase256 and
DecodeToBase256 along with a full set of tests to ensure they work
expected.
2020-12-01 09:42:36 -05:00
Dave Collins
36377a3c8c bech32: Ensure HRP is lowercase when encoding.
BIP173 specifically calls out that encoders must always output an all
lowercase bech32 string and that the lowercase form is used when
determining a character's value for calculating the checksum.

Currently, the implementation does not respect either of those
requirements.

This modifies the Encode function to convert the provided HRP to
lowercase to ensure the requirements are satisfied and adds tests
accordingly.
2020-12-01 09:42:36 -05:00
Anirudha Bose
f281d151bb bech32: back port improvements from decred/dcrd@9b88dd0
This commit brings a host of improvements to the bech32 package. The
public interface of the package remains unchanged.

Summary of changes:
* Improved error handling using dedicated error types. Programmatically
  detect if the errors produced are the expected ones.
* Improve test coverage to test more corner cases. Added test vectors
  from Bitcoin Core.
* Add a benchmark for a full encode/decode cycle of a bech32 string.
* Add a new function DecodeNoLimit, for decoding large bech32 encoded
  strings. It does NOT validate against the BIP-173 maximum length
  allowed for bech32 strings.
* Automatically convert the HRP to lowercase in Encode function.
* Improve performance of encode/decode functions by using
  strings.Builder.
* Improve memory allocation in ConvertBits function.
* Updated documentation.

Credits: @matheusd

Closes #152 and #168.
2020-12-01 09:42:36 -05:00
Egon Elbre
4031bdc69d base58: add new testcases from github.com/bitcoin 2020-11-24 13:21:44 -05:00
Egon Elbre
594180da5d base58: optimize Decode
Before:
    BenchmarkBase58Decode_5K-32     266      4373774 ns/op  1.56 MB/s
    BenchmarkBase58Decode_100K-32   1     1516196700 ns/op  0.09 MB/s

After:
    BenchmarkBase58Decode_5K-32     3868      277944 ns/op  24.57 MB/s
    BenchmarkBase58Decode_100K-32   13      83772100 ns/op   1.63 MB/s
2020-11-24 13:21:44 -05:00
Egon Elbre
ed1fc7ad99 base58: optimize Encode
Before:
    BenchmarkBase58Encode_5K-32     46      23934763 ns/op  0.21 MB/s
    BenchmarkBase58Encode_100K-32    1    9351948600 ns/op  0.01 MB/s

After:
    BenchmarkBase58Encode_5K-32    501       2419129 ns/op  2.07 MB/s
    BenchmarkBase58Encode_100K-32    2     923507950 ns/op  0.11 MB/s
2020-11-24 13:21:44 -05:00
Olaoluwa Osuntokun
a21f014935
Merge pull request #182 from lightning-signer/bip32-zeros
Correct BIP-32 derivation issue
2020-11-03 16:44:01 -08:00
David Hill
88fd8b3dc6 go.mod: bump to go 1.14, latest supported version 2020-10-26 09:48:59 -04:00
David Hill
d32feb0a8e build: replace travis with github ci 2020-10-26 09:48:59 -04:00
Devrandom
dde9e31e50 hdkeychain: correct BIP-32 derivation issue
fixes issue #172
2020-10-21 13:21:55 +02:00
Pascal S. de Kloe
24e673ae72 FIX: integers incorrectly encoded as a rune with append. Go no longer allows it. 2020-10-15 09:23:55 -04:00
Anirudha Bose
063c4115b3 hdkeychain: add CloneWithVersion to set custom HD version bytes
This adds a new method to the ExtendedKey type that allows cloning the
extended key with custom HD version bytes. It does not mutate the
original extended key on which the method is called.

Added some tests to demonstrate the utility of this method, i.e.,
conversion between standard and SLIP-0132 extended keys.
2020-09-21 09:54:55 -04:00
gipsy
4232759481 Tiny grammar correction
This function should only `by` used by applications that need to create custom ExtendedKeys. => This function should only `be` used by applications that need to create custom ExtendedKeys
2020-08-31 09:38:46 -04:00
Olaoluwa Osuntokun
5f93e33af2
Merge pull request #178 from guggero/psbt-vuln-fix
psbt: restore compatibility with wallets that patch CVE-2020-14199
2020-08-26 12:48:09 -07:00
Oliver Gugger
afbd53ee7e
psbt: test full scenario of CVE-2020-14199 patched wallet
We add a test that makes sure the full signing scenario of a wallet that
has the CVE-2020-14199 vulnerability patched is supported by this
library.
2020-07-20 15:02:06 +02:00
Oliver Gugger
c7b6a5aace
psbt: also check witness UTXO if both are set
A wallet that has patched the CVE-2020-14199 vulnerability will always
include a non-witness UTXO, even for witness inputs. In the signer, we
detect that the input we spend is a witness input and copy over the
TxOut to the witness UTXO field. Therefore it is possible that both UTXO
fields are set at the same time. We need to adjust the sanity checks
when adding a partial signature to account for that.
2020-07-20 15:02:05 +02:00
Oliver Gugger
b283b0eb92
psbt: don't remove non-witness UTXO for segwit v0
As a countermeasure to CVE-2020-14199 new HW wallet firmwares require
the full non-witness UTXO to be set even for witness inputs.
We therefore shouldn't remove it when signing.
2020-07-20 15:02:03 +02:00
Oliver Gugger
c5f199e40f
psbt: remove UTXO sanity check to allow fix for CVE
As described in CVE-2020-14199 it is unsafe to only rely on witness
UTXO information when signing. Hardware wallets fixed this by also
requiring the full non-witness UTXO to be present for a witness input.
To be compatible with those newer hardware wallet firmware, we need to
remove the sanity checks that disallowed setting witness and non-witness
UTXOs at the same time.
See https://github.com/bitcoin/bitcoin/pull/19215 for comparison which
removed the sanity checks in Bitcoin Core.
2020-07-20 15:02:02 +02:00
michael1011
4649e4b73b add test case for litecoin bech32 addresses 2020-07-13 09:59:11 -04:00
Anirudha Bose
f648594deb hdkeychain: Fix small wording issue in ChainCode() tests 2020-07-13 09:53:07 -04:00
Anirudha Bose
6c6f3fd3b7 hdkeychain: Remove duplicate ChildNum() method 2020-07-13 09:53:07 -04:00
Marko Bencun
5fadf96a72 hdkeychain: extend API with ChainCode(), ChildNum()
No way to access them otherwise. Handy for interoperability.
2020-07-13 09:53:07 -04:00
Anirudha Bose
c53e27f6f1 Fix OutOfRangeError checks in block_test.go 2020-07-13 09:48:38 -04:00
Yuchuan
e3017c9aab Update block.go
Fix bound check in block.tx(txNum int)
2020-07-13 09:48:38 -04:00
Kalle Rosenbaum
0af7fd2595 Assign returned values in correct order
This is basically a copy of PR #154, which is now obsolete due to refactorings. It also adds a test case for this issue.
2020-07-13 09:45:52 -04:00
Steven Roose
4443e04cb8 Fix error in base58check test 2020-07-13 09:35:42 -04:00
Anirudha Bose
6065135ba8 Improve test coverage of WIF decoder/encoder
Use subtests to split cases, and add new ones, notably for decoding
invalid WIFs.
2020-07-06 10:32:46 -04:00
shuai.qi
c78a7129bf Fix typo 2020-07-06 10:08:39 -04:00
johnta0
35f6653e0a hdkeychain: fix trivial typo 2020-07-06 10:08:01 -04:00
Akio Nakamura
63e5e276cd Fix some typos in docs
This PR fixes 'hardended'/'hardned' to 'hardened' in the godocs.
2020-07-06 10:06:32 -04:00
Olaoluwa Osuntokun
af92bbf499
Merge pull request #173 from guggero/psbt-util
psbt: add/export new utility functions and BIP 69 in-place sort
2020-06-25 00:45:29 -07:00
Oliver Gugger
0b85b11dcc
psbt: add BIP 69 in-place sort 2020-06-25 09:38:04 +02:00
Oliver Gugger
488d2cc834
psbt: add new utility functions 2020-06-25 09:38:03 +02:00
Oliver Gugger
8ec8bad266
psbt: export WriteTxWitness 2020-06-25 09:38:03 +02:00
Olaoluwa Osuntokun
7ddbb930fd
Merge pull request #165 from onyb/has-witness-nil-deference
Fix nil pointer dereference when WitnessHash is called before HasWitness
2020-06-22 16:30:30 -07:00
Olaoluwa Osuntokun
3beec01267
Merge pull request #171 from wpaulino/expose-extended-key-fields
hdkeychain: expose extended key's version and child index
2020-06-22 16:27:57 -07:00
Wilmer Paulino
d8c8794021
hdkeychain: expose extended key's version and child index 2020-06-17 16:31:20 -07:00
Anirudha Bose
29af078e7b
Fix nil pointer dereference when WitnessHash is called before HasWitness
Issue: btcsuite/btcd#1543
Related PR: btcsuite/btcutil#156
2020-05-05 09:28:57 +05:30
Olaoluwa Osuntokun
b2bf7f89d6
Merge pull request #163 from Crypt-iQ/psbt_fixes_0409
psbt: fix two deserialization bugs
2020-04-10 17:06:09 -07:00
nsa
f06d6af2f0 psbt: return ErrInvalidKeydata if value isn't a 32-bit uint
This commit fixes a panic when deserializing PSBTs in raw binary.
If the key type was SighashType and the value was not 4 bytes long,
the call to binary.LittleEndian.Uint32(value) would panic as the
function expects 4 bytes to parse into a uint32. We now perform a
sanity check that asserts that the value is 4 bytes long.
2020-04-08 17:54:59 -04:00
nsa
d08f03552c psbt: define MaxPsbtKeyLength and check against it when decoding
This commit defines MaxPsbtKeyLength and checks that decoding a
key from a PSBT blob doesn't attempt to allocate too much memory.
2020-04-08 17:53:06 -04:00
Olaoluwa Osuntokun
8bf941f570
Merge pull request #162 from guggero/psbt-empty-input
psbt: fix deserialization with zero inputs
2020-03-23 16:36:00 -07:00
Oliver Gugger
04442f8ef9
psbt: fix deserialization with zero inputs
This is a fix/workaround for a special case that's caused by
https://github.com/btcsuite/btcd/blob/master/wire/msgtx.go#L426.
When a wire format transaction with no inputs is serialized, the wire
package assumes it's a non-witness transaction (as there is indeed no
witness data present).
But when de-serializing the same transaction, the line mentioned above
assumes that for the special case of a zero input length, the
transaction must be in the witness format, which causes the
de-serialization  to fail.
The workaround in this commit fixes this special case by just trying
to deserialize the transaction in the non-witness format too.
2020-03-23 10:38:36 +01:00
Olaoluwa Osuntokun
02a4fd9de1
Merge pull request #155 from Roasbeef/psbt-refactor
psbt: refactor new PSBT library to match code style of project
2020-01-16 15:10:25 -08:00
Olaoluwa Osuntokun
8aa4d06cc2
psbt: create sub-module 2020-01-15 17:57:05 -08:00
Olaoluwa Osuntokun
f1575b5bfd
build: add top-level go mod file 2020-01-15 17:56:58 -08:00
Olaoluwa Osuntokun
959fe939ad
psbt: update tests to match new API changes 2020-01-15 17:56:53 -08:00
Olaoluwa Osuntokun
6bd3b8034f
psbt: refactor updater.go for consistent code style 2020-01-15 17:56:50 -08:00