Commit graph

77 commits

Author SHA1 Message Date
Pieter Wuille
b6e03cc592 Add SCRIPT_VERIFY_CLEANSTACK (BIP62 rule 6)
Based on an earlier patch by Peter Todd, though the rules here are different
(P2SH scripts should not have a CLEANSTACK check before the P2SH evaluation).
2014-11-25 12:38:01 +01:00
Pieter Wuille
ae4151bbad No semantic change: reuse stack variable in P2SH evaluation 2014-11-25 12:35:32 +01:00
Cory Fields
322317951f libbitcoinconsensus: don't require any global constructors
These static objects are only used in once place, so declare them there instead.
2014-11-24 15:23:29 -05:00
Pieter Wuille
36fa4a78ac Split up crypto/sha2 2014-11-20 17:22:02 +01:00
Peter Todd
ca8158719b Test the exact order of CHECKMULTISIG sig/pubkey evaluation
Possible with STRICTENC
2014-11-20 15:29:28 +01:00
Pieter Wuille
98b135f97f Make STRICTENC invalid pubkeys fail the script rather than the opcode.
This turns STRICTENC turn into a softforking-safe change (even though it
is not intended as a consensus rule), and as a result guarantee that using
it for mempool validation only results in consensus-valid transactions in
the mempool.
2014-11-20 15:29:26 +01:00
Peter Todd
03914234b3
Discourage NOPs reserved for soft-fork upgrades
NOP1 to NOP10 are reserved for future soft-fork upgrades. In the event
of an upgrade such NOPs have *VERIFY behavior, meaning that if their
arguments are not correct the script fails. Discouraging these NOPs by
rejecting transactions containing them from the mempool ensures that
we'll never accept transactions, nor mine blocks, with scripts that are
now invalid according to the majority of hashing power even if we're not
yet upgraded. Previously this wasn't an issue as the IsStandard() rules
didn't allow upgradable NOPs anyway, but 7f3b4e95 relaxed the
IsStandard() rules for P2SH redemptions allowing any redeemScript to be
spent.

We *do* allow upgradable NOPs in scripts so long as they are not
executed. This is harmless as there is no opportunity for the script to
be invalid post-upgrade.
2014-11-17 22:22:33 -05:00
Cory Fields
ab9edbd6b6 script: create sane error return codes for script validation and remove logging
Attempt to codify the possible error statuses associated with script
validation. script/types.h has been created with the expectation that it will
be part of the public lib interface. The other flag enums will be moved here in
a future commit.

Logging has also been removed in order to drop the dependency on core.h. It can
be re-added to bitcoind as-needed. This makes script verification finally free
of application state and boost!
2014-11-14 16:25:53 -05:00
Michael Ford
b9a36b15bf Make comments in /src/script doxygen compatible 2014-11-10 14:51:55 +08:00
Cory Fields
d2e74c55bd boost: moveonly: split CPubKey and friends to new files 2014-10-31 01:19:37 -04:00
Cory Fields
900078aeb4 boost: moveonly: create eccryptoverify.h|cpp and move helper functions there
Eventually (after 0.10) these files will hold the logic for crypto
verification routines, and CKey/CPubKey will call into them.
2014-10-31 01:13:07 -04:00
Pieter Wuille
723c752636
Merge pull request #5100
99f41b9 MOVEONLY: core.o -> core/block.o (jtimon)
561e9e9 MOVEONLY: Move script/compressor out of script and put CTxOutCompressor (from core) with it (jtimon)
999a2ab MOVEONLY: separate CTxUndo out of core (jtimon)
4a3587d MOVEONLY: Separate CTransaction and dependencies from core (jtimon)
eda3733 MOVEONLY: Move CFeeRate and Amount constants to amount.o (jtimon)
2014-10-28 05:27:41 -07:00
jtimon
4a3587d8db MOVEONLY: Separate CTransaction and dependencies from core 2014-10-27 13:54:37 +01:00
Pieter Wuille
698c6abb25 Add SCRIPT_VERIFY_MINIMALDATA (BIP62 rules 3 and 4)
Also use the new flag as a standard rule, and replace the IsCanonicalPush
standardness check with it (as it is more complete).
2014-10-25 03:03:20 -07:00
Pieter Wuille
d752ba86c1 Add SCRIPT_VERIFY_SIGPUSHONLY (BIP62 rule 2) 2014-10-25 03:03:16 -07:00
Cory Fields
85c579e3a6 script: add a slew of includes all around and drop includes from script.h
Lots of files ended up with indirect includes from script.h.
2014-10-17 13:44:57 -04:00
Pieter Wuille
9df9cf5a9f Make SCRIPT_VERIFY_STRICTENC compatible with BIP62
* Delete canonical_tests.cpp, and move the tests to script_tests.cpp.
* Split off SCRIPT_VERIFY_DERSIG from SCRIPT_VERIFY_STRICTENC (the BIP62 part of it).
* Change signature STRICTENC/DERSIG semantics to fail the script entirely rather than the CHECKSIG result (softfork safety, and BIP62 requirement).
* Add many autogenerated tests for several odd cases.
* Mention specific BIP62 rules in the script verification flags.
2014-10-08 15:42:29 -07:00
Pieter Wuille
e790c370b5 Replace SCRIPT_VERIFY_NOCACHE by flag directly to checker 2014-10-02 20:26:58 +02:00
Pieter Wuille
5c1e798a8e Make signature cache optional 2014-10-02 20:26:17 +02:00
Pieter Wuille
c7829ea797 Abstract out SignatureChecker 2014-10-02 20:26:16 +02:00
Cory Fields
be6d87aa60 script: don't read past the end 2014-09-25 14:56:26 -04:00
ENikS
219372f1dd
script: Fix reference into empty vector run time exception
Edit by laanwj: `begin_ptr(sourcedata) + sourcedata.size()` -> `end_ptr(sourcedata)`
2014-09-25 11:46:52 +02:00
Wladimir J. van der Laan
438c7e4cd2
Merge pull request #4555
6dcfda2 Don't pass nHashType to EvalScript nor CheckSig (jtimon)
2b23a87 Don't pass nHashType to VerifyScript (jtimon)
ce3649fb Remove CScriptCheck::nHashType (was always 0) (jtimon)
358562b Remove unused function main:VerifySignature (jtimon)
2014-09-17 13:44:22 +02:00
Philip Kaufmann
2d79bba36b cleanup new script files (no code changes)
- add missing header end comments
- ensure alphabetical ordering
- update copyright year and license
2014-09-14 12:25:38 +02:00
jtimon
6dcfda2dc4 Don't pass nHashType to EvalScript nor CheckSig 2014-09-12 20:04:31 +02:00
jtimon
2b23a87599 Don't pass nHashType to VerifyScript 2014-09-12 20:04:31 +02:00
jtimon
da03e6ed7c Separate script/interpreter 2014-09-08 20:21:33 +02:00