Commit graph

352 commits

Author SHA1 Message Date
João Barbosa
12dd101345 scripted-diff: Remove trailing whitespaces
-BEGIN VERIFY SCRIPT-

sed --in-place'' --regexp-extended 's/[[:space:]]+$//g' $(git grep -I --files-with-matches --extended-regexp '[[:space:]]+$' -- src test  ':!*.svg' ':!src/crypto/sha256_sse4*' ':!src/leveldb' ':!src/qt/locale' ':!src/secp256k1' ':!src/univalue')

-END VERIFY SCRIPT-
2018-07-24 20:46:23 +01:00
Wladimir J. van der Laan
c0a47da725
Merge #13719: Avoid creating a temporary vector for size-prefixed elements
84547fa6d4 Avoid creating a temporary vector for size-prefixed elements (Pieter Wuille)

Pull request description:

  This is a simple improvement to the PSBT serialization code, avoiding the need for temporary vectors everywhere.

Tree-SHA512: 9f7243b7169ec8ba00ffad31af03c016ab84e4f76ebac810167f91f5e8008f3827ad59fbcee0cb2bd2334fc26466eb222404af24e7fb6ec040fd78229ebe0fd1
2018-07-23 12:52:53 +02:00
Ben Woosley
984d72ec65
Return the script type from Solver
Because false is synonymous with TX_NONSTANDARD, this conveys the same
information and makes the handling explicitly based on script type,
simplifying each call site.

Prior to this change it was common for the return value to be ignored,
or for the return value and TX_NONSTANDARD to be redundantly handled.
2018-07-22 21:37:00 -04:00
Wladimir J. van der Laan
6deac922e3
Merge #13633: Drop dead code from Stacks
5617840392 Drop dead code from Stacks (Ben Woosley)

Pull request description:

  Stacks is local to this file, and only used in DataFromTransaction, so
  it's easy to confirm this code is unused.

Tree-SHA512: cc680c99f9b31cb56db70f453087d642f83906ce594c07a6bf3e61427cfbee41441495d440b240419ba3386582cf0670c0999b2f51e7fd56b00e0a0f3f618845
2018-07-22 16:20:07 +02:00
MarcoFalke
62baa28787
Merge #13691: Remove redundant variables, statements and forward declarations
3dee4cc509 Remove redundant statement (practicalswift)
99be644966 Remove redundant unused variables (practicalswift)
66ed242343 Remove redundant forward declaration (practicalswift)

Pull request description:

  Remove redundant …
  * ~access modifiers,~
  * forward declarations,
  * unused variables,
  * statements, and
  * ~return types from lambdas.~

Tree-SHA512: 328bb7d9c45398e44ecbee32095b6376879470dfddbc2180e037620d8390d524b51d7fda112fd58a078715e04432b24dd6998a2459f3550aa0498aa68de866d4
2018-07-22 09:38:10 -04:00
Andrew Chow
fad231ad41 Fix merging of global unknown data in PSBTs
Actually merge the global unknown key-value pairs.

Add a test for merging unknown key-value pairs.
2018-07-19 18:49:51 -07:00
Andrew Chow
41df035ee1 Check that PSBT keys are the correct length
Checks that all of the one byte type keys are actually one byte and
throw an error if they are not.

Add tests for each type to check for this behavior.
2018-07-19 18:29:25 -07:00
Pieter Wuille
84547fa6d4 Avoid creating a temporary vector for size-prefixed elements 2018-07-19 16:16:37 -07:00
Wladimir J. van der Laan
b654723461
Merge #13557: BIP 174 PSBT Serializations and RPCs
020628e3a4 Tests for PSBT (Andrew Chow)
a4b06fb42e Create wallet RPCs for PSBT (Andrew Chow)
c27fe419ef Create utility RPCs for PSBT (Andrew Chow)
8b5ef27937 SignPSBTInput wrapper function (Andrew Chow)
58a8e28918 Refactor transaction creation and transaction funding logic (Andrew Chow)
e9d86a43ad Methods for interacting with PSBT structs (Andrew Chow)
12bcc64f27 Add pubkeys and whether input was witness to SignatureData (Andrew Chow)
41c607f09b Implement PSBT Structures and un/serialization methods per BIP 174 (Andrew Chow)

Pull request description:

  This Pull Request fully implements the [updated](https://github.com/bitcoin/bips/pull/694) BIP 174 specification. It is based upon #13425 which implements the majority of the signing logic.

  BIP 174 specifies a binary transaction format which contains the information necessary for a signer to produce signatures for the transaction and holds the signatures for an input while the input does not have a complete set of signatures.

  This PR contains structs for PSBT, serialization, and deserialzation code. Some changes to `SignatureData` have been made to support detection of UTXO type and storing public keys.

  ***

  Many RPCs have been added to handle PSBTs.

  `walletprocesspsbt` takes a PSBT format transaction, updates the PSBT with any inputs related to this wallet, signs, and finalizes the transaction. There is also an option to not sign and just update.

  `walletcreatefundedpsbt` creates a PSBT from user provided data in the same form as createrawtransaction. It also funds the transaction and takes an options argument in the same form as `fundrawtransaction`. The resulting PSBT is blank with no input or output data filled in. It is analogous to a combination of `createrawtransaction` and `fundrawtransaction`

  `decodepsbt` takes a PSBT and decodes it to JSON. It is analogous to `decoderawtransaction`

  `combinepsbt` takes multiple PSBTs for the same tx and combines them. It is analogous to `combinerawtransaction`

  `finalizepsbt` takes a PSBT and finalizes the inputs. If all inputs are final, it extracts the network serialized transaction and returns that instead of a PSBT unless instructed otherwise.

  `createpsbt` is like `createrawtransaction` but for PSBTs instead of raw transactions.

  `convertpsbt` takes a network serialized transaction and converts it into a psbt. The resulting psbt will lose all signature data and an explicit flag must be set to allow transactions with signature data to be converted.

  ***

  This supersedes #12136

Tree-SHA512: 1ac7a79e5bc669933f0a6fcc93ded55263fdde9e8c144a30266b13ef9f62aacf43edd4cbca1ffbe003090b067e9643c9298c79be69d7c1b10231b32acafb6338
2018-07-18 20:25:44 +02:00
practicalswift
99be644966 Remove redundant unused variables 2018-07-18 09:39:31 +02:00
Andrew Chow
a4b06fb42e Create wallet RPCs for PSBT
walletprocesspsbt takes a PSBT format transaction, updates the
PSBT with any inputs related to this wallet, signs, and finalizes
the transaction. There is also an option to not sign and just
update.

walletcreatefundedpsbt creates a PSBT from user provided data
in the same form as createrawtransaction. It also funds the transaction
and takes an options argument in the same form as fundrawtransaction.
The resulting PSBT is blank with no input or output data filled
in.
2018-07-16 16:08:24 -07:00
Andrew Chow
8b5ef27937 SignPSBTInput wrapper function
The SignPSBTInput function takes a PSBTInput, SignatureData, SigningProvider,
and other data necessary for signing. It fills the SignatureData with data from
the PSBTInput, retrieves the UTXO from the PSBTInput, signs and finalizes the
input if possible, and then extracts the results from the SignatureData and
puts them back into the PSBTInput.
2018-07-13 14:27:31 -07:00
Andrew Chow
e9d86a43ad Methods for interacting with PSBT structs
Added methods which move data to/from SignaturData objects to
PSBTInput and PSBTOutput objects.

Added sanity checks for PSBTs as a whole which are done immediately
after deserialization.

Added Merge methods to merge a PSBT into another one.
2018-07-13 14:27:31 -07:00
Andrew Chow
12bcc64f27 Add pubkeys and whether input was witness to SignatureData
Stores pubkeys in SignatureData and retrieves them when using GetPubKey().

Stores whether the signatures in a SignatureData are for a witness input.
2018-07-13 14:27:31 -07:00
Andrew Chow
41c607f09b Implement PSBT Structures and un/serialization methods per BIP 174 2018-07-13 14:27:31 -07:00
Thomas Kerin
417b6c1d29 bitcoinconsensus: invalid flags should be set to bitcoinconsensus_error type, add test cases covering bitcoinconsensus error codes 2018-07-13 22:13:10 +01:00
Ben Woosley
5617840392
Drop dead code from Stacks
Stacks is local to this file, and only used in DataFromTransaction, so
it's easy to confirm this code is unused.
2018-07-12 18:44:33 -04:00
practicalswift
bd9d0690dc Remove unused argument to WitnessSigOps(...) 2018-07-10 18:12:57 +02:00
practicalswift
6ad0328f1c Don't assert(foo()) where foo has side effects 2018-07-07 10:08:49 +02:00
Wladimir J. van der Laan
028b0d963c
Merge #13425: Moving final scriptSig construction from CombineSignatures to ProduceSignature (PSBT signer logic)
b81560029 Remove CombineSignatures and replace tests (Andrew Chow)
ed94c8b55 Replace CombineSignatures with ProduceSignature (Andrew Chow)
0422beb9b Make SignatureData able to store signatures and scripts (Andrew Chow)
b6edb4f5e Inline Sign1 and SignN (Andrew Chow)

Pull request description:

  Currently CombineSignatures is used to create the final scriptSig or an input. However ProduceSignature is capable of doing this itself. Using both CombineSignatures and ProduceSignature results in code duplication which is unnecessary.

  To move the scriptSig construction to ProduceSignatures, the SignatureData class contains two maps to hold pubkeys mapped to signatures, and script ids mapped to scripts. DataFromTransaction is extended to be able to extract signatures, their public keys, and scripts from existing ScriptSigs.

  The SignaureData are then passed down to SignStep which can use the aforementioned maps to get the signatures, pubkeys, and scripts that it needs, falling back to the actual SigningProvider and SignatureCreator if the data are not available in the SignatureData.

  Additionally, Sign1 and SignN have been removed and their functionality inlined into SignStep since Sign1 is really just a wrapper around CreateSig.

  Since ProduceSignature can produce the final scriptSig or scriptWitness by using SignatureData which has extracted data from the transaction, CombineSignatures is unnecessary as ProduceSignature is able to replicate all of CombineSignatures' functionality.

  This also furthers BIP 174 support and begins moving towards a BIP 174 style backend.

  The tests have also been updated to use the new combining methodology.

Tree-SHA512: 78cd58a4ebe37f79229bd5eee2958a0bb45cd7f36d0e993eee13ff685b3665dd76ef2dfd5f47d34678995bb587f5594100ee5f6c09b1c69ee96d3684d470d01e
2018-07-05 17:18:50 +02:00
Andrew Chow
b815600295 Remove CombineSignatures and replace tests
Removes CombineSignatures and replaces its use in tests with
ProduceSignature to test the same behavior for ProduceSignature.
2018-07-03 17:19:23 -07:00
Andrew Chow
ed94c8b556 Replace CombineSignatures with ProduceSignature
Instead of using CombineSignatures to create the final scriptSig or
scriptWitness of an input, use ProduceSignature itself.

To allow for ProduceSignature to place signatures, pubkeys, and scripts
that it does not know about, we pass down the SignatureData to SignStep
which pulls out the information that it needs from the SignatureData.
2018-07-03 17:19:23 -07:00
Andrew Chow
0422beb9bd Make SignatureData able to store signatures and scripts
In addition to having the scriptSig and scriptWitness, have SignatureData
also be able to store just the signatures (pubkeys mapped to sigs) and
scripts (script ids mapped to scripts).

Also have DataFromTransaction be able to extract signatures and scripts
from the scriptSig and scriptWitness of an input to put them in SignatureData.

Adds a new SignatureChecker which takes a SignatureData and puts pubkeys
and signatures into it when it successfully verifies a signature.

Adds a new field in SignatureData which stores whether the SignatureData
was complete. This allows us to also update the scriptSig and
scriptWitness to the final one when updating a SignatureData with another
one.
2018-07-03 17:18:52 -07:00
Andrew Chow
b6edb4f5e6 Inline Sign1 and SignN
Sign1 and SignN are kind of redundant so remove them and inline their
behavior into SignStep
2018-06-29 17:32:32 -07:00
Pieter Wuille
bb582a59c7 Add P2WSH destination helper and use it instead of manual hashing 2018-06-17 19:44:50 -07:00
Pieter Wuille
e6b9730c49 Do not expose invalidity from IsMine 2018-06-17 16:28:04 -07:00
Wladimir J. van der Laan
f0fd39f376
Merge #13269: refactoring: Drop UpdateTransaction in favor of UpdateInput
6aa33feadb Drop UpdateTransaction in favor of UpdateInput (Ben Woosley)

Pull request description:

  Updating the input explicitly requires the caller to present a mutable
  input, which more clearly communicates the effects and intent of the call
  (and, often, the enclosing loop).

  In most cases, this input is already immediately available and need not be
  looked up.

Tree-SHA512: 8c7914a8b7ae975d8ad0e9d760e3c5da65776a5f79d060b8ffb6b3ff7a32235f71ad705f2185b368d9263742d7796bb562395d22b806d90e8502d8c496011e57
2018-06-05 19:06:16 +02:00
MarcoFalke
2140f6cbc5
Merge #13351: wallet: Prevent segfault when sending to unspendable witness
fa36aa7965 wallet: Prevent segfault when sending to unspendable witness (MarcoFalke)

Pull request description:

  Previously we wouldn't care about the `txnouttype`, but after 4e91820531 we `switch` on the type.

Tree-SHA512: 6b597aba80cb43881671ad7b3a4ad97753864e8005a05c23fdd8ee79953483c08f241b5c392a9b494298eadc5cfba895b0480d916ef4f11d122fd6196f31b84a
2018-06-05 11:38:09 -04:00
Wladimir J. van der Laan
36fc8052f6
Merge #13309: Directly operate with CMutableTransaction in SignSignature
6b8b63af14 Generic TransactionSignatureCreator works with both CTransaction and CMutableTransaction (Martin Ankerl)

Pull request description:

  Refactored `TransactionSignatureCreator` into a templated `GenericTransactionSignatureCreator` that works with both `CMutableTransaction` and `CTransaction`.

  The advantage is that now in `SignSignature`, the `MutableTransactionSignatureCreator` can now operate directly with the `CMutableTransaction` without the need to copy the data into a `CTransaction`.

  Running all unit tests brings a very noticable speedup on my machine:

      48.4 sec before this change
      36.4 sec with this change
      --------
      12.0 seconds saved

  running only `--run_test=transaction_tests/test_big_witness_transaction`:

      16.7 sec before this change
       5.9 sec with this change
      --------
      10.8 seconds saved

  This relates to my first attempt with the const_cast hack #13202, and to the slow unit test issue #10026.

  Also see #13050 which modifies the tests but not the production code (like this PR) to get a speedup.

Tree-SHA512: 2cff0e9699f484f26120a40e431a24c8bc8f9e780fd89cb0ecf20c5be3eab6c43f9c359cde244abd9f3620d06c7c354e3b9dd3da41fa2ca1ac1e09386fea25fb
2018-05-31 10:40:11 +02:00
MarcoFalke
fa36aa7965
wallet: Prevent segfault when sending to unspendable witness 2018-05-30 15:46:06 -04:00
Wladimir J. van der Laan
fd96d54f39
Merge #13194: Remove template matching and pseudo opcodes
c814e2e7e8 Remove template matching and pseudo opcodes (Pieter Wuille)

Pull request description:

  The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one.

  The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement.

  As a side-effect, it also gets rid of the pseudo opcodes hack.

Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
2018-05-30 16:50:43 +02:00
Martin Ankerl
6b8b63af14 Generic TransactionSignatureCreator works with both CTransaction and CMutableTransaction
Templated version so that no copying of CMutableTransaction into a CTransaction is
necessary. This speeds up the test case transaction_tests/test_big_witness_transaction
from 7.9 seconds to 3.1 seconds on my machine.
2018-05-30 16:01:36 +02:00
Pieter Wuille
c814e2e7e8 Remove template matching and pseudo opcodes
The current code contains a rather complex script template matching engine,
which is only used for 3 particular script types (P2PK, P2PKH, multisig).
The first two of these are trivial to match for otherwise, and a specialized
matcher for multisig is both more compact and more efficient than a generic
one.

The goal is being more flexible, so that for example larger standard multisigs
inside SegWit outputs are more easy to implement.

As a side-effect, it also gets rid of the pseudo opcodes hack.
2018-05-29 14:40:18 -07:00
Wladimir J. van der Laan
56fe3dc235
Merge #13142: Separate IsMine from solvability
c004ffc9b4 Make handling of invalid in IsMine more uniform (Pieter Wuille)
a53f0feff8 Add some checks for invalid recursion in IsMine (Pieter Wuille)
b5802a9f5f Simplify IsMine logic (Pieter Wuille)
4e91820531 Make IsMine stop distinguishing solvable/unsolvable (Pieter Wuille)
6d714c3419 Make coincontrol use IsSolvable to determine solvability (Pieter Wuille)

Pull request description:

  Our current `IsMine` logic does several things with outputs:
  * Determine "spendability" (roughly corresponding to "could we sign for this")
  * Determine "watching" (is this an output directly or indirectly a watched script)
  * Determine invalidity (is this output definitely not legally spendable, detecting accidental uncompressed pubkeys in witnesses)
  * Determine "solvability" (would we be able to sign for this ignoring the fact that we may be missing some private keys).

  The last item (solvability) is mostly unrelated and only rarely needed (there is just one instance, inside the wallet's coin control logic). This PR changes that instance to use the separate `IsSolvable` function, and stop `IsMine` from distinguishing between solvable and unsolvable.

  As an extra, this also simplifies the `IsMine` logic and adds some extra checks (which wouldn't be hit unless someone adds already invalid scripts to their wallet).

Tree-SHA512: 95a6ef75fbf2eedc5ed938c48a8e5d77dcf09c933372acdd0333129fb7301994a78498f9aacce2c8db74275e19260549dd67a83738e187d40b5090cc04f33adf
2018-05-29 15:12:16 +02:00
Pieter Wuille
c004ffc9b4 Make handling of invalid in IsMine more uniform 2018-05-24 10:29:02 -07:00
Ben Woosley
6aa33feadb
Drop UpdateTransaction in favor of UpdateInput
Updating the input explicitly requires the caller to present a mutable
input, which more clearly communicates the effects and intent of the method.

In most cases, this input is already immediately available and need not be
looked up.
2018-05-18 11:08:13 -07:00
Johnson Lau
9dabfe49c0 Add constant scriptCode policy in non-segwit scripts
This disables OP_CODESEPARATOR in non-segwit scripts (even in an unexecuted branch), and makes a positive FindAndDelete result invalid. This ensures that the scriptCode serialized in SignatureHash() is always the same as the script passing to the EvalScript.
2018-05-05 04:26:12 +08:00
Pieter Wuille
a53f0feff8 Add some checks for invalid recursion in IsMine 2018-05-03 11:02:01 -07:00
Pieter Wuille
b5802a9f5f Simplify IsMine logic 2018-05-03 11:02:01 -07:00
Pieter Wuille
4e91820531 Make IsMine stop distinguishing solvable/unsolvable 2018-05-03 11:02:01 -07:00
Wladimir J. van der Laan
487dcbe80c
Merge #13002: Do not treat bare multisig outputs as IsMine unless watched
7d0f80b Use anonymous namespace instead of static functions (Pieter Wuille)
b61fb71 Mention removal of bare multisig IsMine in release notes (Pieter Wuille)
9c2a8b8 Do not treat bare multisig as IsMine (Pieter Wuille)
08f3228 Optimization: only test for witness scripts at top level (Pieter Wuille)
3619735 Track difference between scriptPubKey and P2SH execution in IsMine (Pieter Wuille)
ac6ec62 Switch to a private version of SigVersion inside IsMine (Pieter Wuille)
19fc973 Do not expose SigVersion argument to IsMine (Pieter Wuille)
fb1dfbb Remove unused IsMine overload (Pieter Wuille)
952d821 Make CScript -> CScriptID conversion explicit (Pieter Wuille)

Pull request description:

  Currently our wallet code will treat bare multisig outputs (meaning scriptPubKeys with multiple public keys + `OP_CHECKMULTISIG` operator in it) as ours without the user asking for it, as long as all private keys in it are in our wallet.

  This is a pointless feature. As it only works when all private keys are in one place, it's useless compared to single key outputs (P2PK, P2PKH, P2WPKH, P2SH-P2WPKH), and worse in terms of space, cost, UTXO size, and ability to test (due to lack of address format for them).

  Furthermore, they are problematic in that producing a list of all `scriptPubKeys` we accept is not tractable (it involves all combinations of all public keys that are ours). In further wallet changes I'd like to move to a model where all scriptPubKeys that are treated as ours are explicit, rather than defined by whatever keys we have. The current behavior of the wallet is very hard to model in such a design, so I'd like to get rid of it.

  I think there are two options:
  * Remove it entirely (do not ever accept bare multisig outputs as ours, unless watched)
  * Only accept bare multisig outputs in situations where the P2SH version of that output would also be acceptable

  This PR implements the first option. The second option was explored in #12874.

Tree-SHA512: 917ed45b3cac864cee53e27f9a3e900390c576277fbd6751b1250becea04d692b3b426fa09065a3399931013bd579c4f3dbeeb29d51d19ed0c64da75d430ad9a
2018-04-26 20:10:12 +02:00
Pieter Wuille
7d0f80bbf4 Use anonymous namespace instead of static functions 2018-04-19 21:06:47 -07:00
Pieter Wuille
9c2a8b8d34 Do not treat bare multisig as IsMine
Such outputs can still be watched, and signed for, but they aren't treated as valid payments.
That means they won't cause transactions to appear in listtransactions, their outputs to be
shown under listunspent, or affect balances.
2018-04-19 21:05:14 -07:00
Pieter Wuille
08f3228654 Optimization: only test for witness scripts at top level
Inside P2SH scripts we already know that the P2SH script version of witness keys/scripts
are acceptable, so there is no need to test for it again.
2018-04-19 21:05:14 -07:00
Pieter Wuille
3619735b09 Track difference between scriptPubKey and P2SH execution in IsMine
Inside IsMine we care about the distinction between scriptPubKey execution
and P2SH redeemScript execution. The consensus code does not care about this
distinction, and thus SigVersion does not have a field for P2SH. As the IsMine
code will care, it uses a separate enum with more fields.
2018-04-19 21:05:04 -07:00
Pieter Wuille
ac6ec62522 Switch to a private version of SigVersion inside IsMine
This will allow us to have the consensus code and IsMine code diverge.
2018-04-19 20:53:18 -07:00
Pieter Wuille
19fc973097 Do not expose SigVersion argument to IsMine
Only IsMine's internal code needs this, as part of a recursion into P2SH and P2WSH
scripts. The exposed functions always operate on actual scriptPubKeys and not on
redeemScripts or witness scripts.
2018-04-19 20:52:47 -07:00
Pieter Wuille
fb1dfbbec0 Remove unused IsMine overload 2018-04-18 17:08:53 -07:00
Pieter Wuille
952d8213a6 Make CScript -> CScriptID conversion explicit 2018-04-18 17:08:50 -07:00
Pieter Wuille
54a5a21158 [MOVEONLY] Turn CScript::GetOp2 into a function and move to cpp 2018-04-13 09:07:29 -07:00
Pieter Wuille
6a7456ad60 [MOVEONLY] Move CSCript::FindAndDelete to interpreter 2018-04-13 09:07:27 -07:00
Pieter Wuille
33a8ecfbce Delete unused non-const-iterator CSCript::GetOp overloads 2018-04-13 09:06:35 -07:00
Pieter Wuille
2fb168b55d Make iterators in CScript::FindAndDelete const 2018-04-13 09:06:35 -07:00
Ben Woosley
8cbc5c4be4
Drop dead code CScript::Find
Last use removed in 922e8e2929 (2012!)
2018-04-12 18:57:23 -07:00
Wladimir J. van der Laan
8480d41e0f
Merge #12803: Make BaseSignatureCreator a pure interface
be67831 Make DummySignatureCreator a singleton (Pieter Wuille)
190b8d2 Make BaseSignatureCreator a pure interface (Pieter Wuille)

Pull request description:

  * Removes the `m_provider` field from `BaseSignatureCreator`. Instead both a `SigningProvider` (which provides keys and scripts) and a `BaseSignatureCreator` (which implements the transaction-specific (or other) signing logic) are passed into and down in `ProduceSignature`, making the two concepts orthogonal.
  * Makes `BaseSignatureCreator` a pure interface without constructor, making it easier to implement new derivations of it (for example for message signing).
  * As `DummySignatureCreator` now becomes a stateless object, turn it into a singleton `DUMMY_SIGNATURE_CREATOR`.

Tree-SHA512: 5f1f4512e4ea7d02a31df7b9ede55008efa716c5b74a2630ca1c2fc6599584d8bf5f5641487266127f4b3788033803539fbd22b03ef1219c83c10da2d3da3dcd
2018-04-12 22:55:56 +02:00
Ben Woosley
3450a9b25c
Extract consts for WITNESS_V0 hash sizes 2018-04-10 20:13:32 -07:00
Wladimir J. van der Laan
0a8054e7cd
Merge #12731: Support serialization as another type without casting
818dc74 Support serialization as another type without casting (Pieter Wuille)

Pull request description:

  This adds a `READWRITEAS(type, obj)` macro which serializes `obj` as if it were converted to `const type&` when `const`, and to `type&` when non-`const`. No actual cast is involved, so this only works when this conversion can be done automatically.

  This makes it usable in serialization code that uses a single implementation for both serialization and deserializing, which doesn't know the constness of the object involved.

  This is a redo of #12712, using a slightly different interface.

Tree-SHA512: 262f0257284ff99b5ffaec9b997c194e221522ba35c3ac8eaa9bb344449d7ea0a314de254dc77449fa7aaa600f8cd9a24da65aade8c1ec6aa80c6e9a7bba5ca7
2018-04-10 20:54:33 +02:00
Pieter Wuille
be67831210 Make DummySignatureCreator a singleton 2018-04-10 09:29:17 -07:00
Pieter Wuille
190b8d2dcf Make BaseSignatureCreator a pure interface 2018-04-10 09:29:17 -07:00
Pieter Wuille
88430cbab4
Merge #12167: Make segwit failure due to CLEANSTACK violation return a SCRIPT_ERR_CLEANSTACK error code
1e747e3c1e Make segwit failure due to CLEANSTACK violation return a SCRIPT_ERR_CLEANSTACK error code. (Mark Friedenbach)

Pull request description:

  If a segwit script terminates with a stack size not equal to one, the current error code is EVAL_FALSE. This is semantically wrong, and prevents explicitly checking CLEANSTACK violations in the unit tests. This PR changes the error code (and affected unit tests) to use SCRIPT_ERROR_CLEANSTACK instead of SCRIPT_ERROR_EVAL_FALSE.

Tree-SHA512: 8f7b1650f7a23a942cde1070e3e56420be456b4a7be42515b237e95557bf2bd5e7ba9aabd213c8092bea28c165dbe73f5a3486300089aeb01e698151b42484b1
2018-04-04 17:30:24 -07:00
MarcoFalke
bfaed1ab2e
Merge #12460: Assert CPubKey::ValidLength to the pubkey's header-relevant size
f8c249ab91 Assert CPubKey::ValidLength to the pubkey's header-relevent size (Ben Woosley)

Pull request description:

  A pubkey's length is specific to its type which is indicated by its header value. GetLen returns the header-indicated length, so this change ensures that a key matches its header-indicated length.

  And replace some magic values with their constant equivalents.

Tree-SHA512: b727b39a631babe0932326396fc4d796ade8ec1e37454ff0c709ae9b78ecbd0cfdf59d84089ba8415e6efa7bc180e3cd39a14ddaf0871cbac54b96851e1b7b44
2018-04-04 17:50:32 -04:00
MarcoFalke
0c5f67b8e5
Merge #12757: Clarify include guard naming convention
3bcc0059b8 Add lint-include-guards.sh which checks include guard consistency (practicalswift)
8fd6af89a0 Fix missing or inconsistent include guards (practicalswift)
8af65d96f4 Document include guard convention (practicalswift)

Pull request description:

  * **Documentation**: Document include guard convention
  * **Fix**: Fix missing or inconsistent include guards
  * **Regression test**: Add `lint-include-guards.sh` which checks include guard consistency

Tree-SHA512: 8171878f60fd08ccbea943a11e835195750592abb9d7ab74eaa4265ae7fac523b1da9d31ca13d6ab73dd596e49986bfb7593c696e5f39567c93e610165bc2acc
2018-04-01 18:30:21 -04:00
Wladimir J. van der Laan
bf8fc7d352
Merge #12714: Introduce interface for signing providers
d40f06a Introduce interface for signing providers (Pieter Wuille)

Pull request description:

  `CKeyStore` is a rich interface that provides many features, including knowledge of scripts and pubkeys for solving, private keys for signing, in addition to watch-only keys and scripts, and distinguishing lack of keys from them just being encrypted.

  The signing logic in script/sign does not actually need most of these features. Here we introduce a simpler interface (`SigningProvider`) which *only* provides keys and scripts. This is actually sufficient for signing.

  In addtion, we swap the dependency between keystore and script/sign (keystore now depends on script/script with `CKeyStore` deriving from `SigningProvider`, rather than `CKeyStore` being the interface that signing relies on).

  This is a very early step towards the design in https://gist.github.com/sipa/125cfa1615946d0c3f3eec2ad7f250a2, separating the concern between deciding what outputs are ours and signing.

Tree-SHA512: d511b7b03eec0e513530db1d9ae5aacf6d0bfa1d3e1c03d06c5bde396bafb5824c4491b227d32bcda9288530caf49835da18e846ccf66538d6c0cc6ae27291c9
2018-03-27 20:20:55 +02:00
Wladimir J. van der Laan
3de01268b7
Merge #10742: scripted-diff: Use scoped enumerations (C++11, "enum class")
1f45e21 scripted-diff: Convert 11 enums into scoped enums (C++11) (practicalswift)

Pull request description:

  Rationale (from Bjarne Stroustrup's ["C++11 FAQ"](http://www.stroustrup.com/C++11FAQ.html#enum)):

  >
  > The enum classes ("new enums", "strong enums") address three problems with traditional C++ enumerations:
  >
  > * conventional enums implicitly convert to int, causing errors when someone does not want an enumeration to act as an integer.
  > * conventional enums export their enumerators to the surrounding scope, causing name clashes.
  > * the underlying type of an enum cannot be specified, causing confusion, compatibility problems, and makes forward declaration impossible.
  >
  > The new enums are "enum class" because they combine aspects of traditional enumerations (names values) with aspects of classes (scoped members and absence of conversions).

Tree-SHA512: 9656e1cf4c3cabd4378c7a38d0c2eaf79e4a54d204a3c5762330840e55ee7e141e188a3efb2b4daf0ef3110bbaff80d8b9253abf2a9b015cdc4d60b49ac2b914
2018-03-27 16:38:14 +02:00
Pieter Wuille
d40f06a3da Introduce interface for signing providers
CKeyStore is a rich interface that provides many features, including knowledge
of scripts and pubkeys for solving, private keys for signing, in addition to
watch-only keys and scripts, and distinguishing lack of keys from them just
being encrypted.

The signing logic in script/sign does not actually need most of these features.
Here we introduce a simpler interface (SigningProvider) which *only* provides
keys and scripts. This is actually sufficient for signing.

In addtion, we swap the dependency between keystore and script/sign
(keystore now depends on script/script with CKeyStore deriving from
SigningProvider, rather than CKeyStore being the interface that signing
relies on).
2018-03-25 13:26:57 -07:00
practicalswift
8fd6af89a0 Fix missing or inconsistent include guards 2018-03-22 16:23:04 +01:00
Dimitris Apostolou
4d9b4256d8 Fix typos 2018-03-21 08:34:44 +02:00
Pieter Wuille
818dc74ba2 Support serialization as another type without casting
This adds a READWRITEAS(type, obj) macro which serializes obj as if it
were casted to (const type&) when const, and to (type&) when non-const.

This makes it usable in serialization code that uses a single
implementation for both serialization and deserializing, which doesn't
know the constness of the object involved.
2018-03-20 17:08:06 -07:00
Pieter Wuille
7be9a9a570
Merge #12683: Fix more constness violations in serialization code
172f5fa738 Support deserializing into temporaries (Pieter Wuille)
2761bca997 Merge READWRITEMANY into READWRITE (Pieter Wuille)

Pull request description:

  This is another fragment of improvements from #10785.

  The current serialization code does not support serializing/deserializing from/to temporaries (like `s >> CFlatData(script)`). As a result, there are many invocations of the `REF` macro which in addition to changing the reference type also changes the constness. This is unnecessary in C++11 as we can use rvalue references now instead.

  The first commit is an extra simplification we can make that removes the duplication of code between `READWRITE` and `READWRITEMANY` (and related functions).

Tree-SHA512: babfa9cb268cc3bc39917e4f0a90e4651c33d85032161e16547a07f3b257b7ca7940e0cbfd69f09439d26fafbb1a6cf6359101043407e2c7aeececf7f20b6eed
2018-03-15 16:57:55 -07:00
Pieter Wuille
172f5fa738 Support deserializing into temporaries
Currently, the READWRITE macro cannot be passed any non-const temporaries, as
the SerReadWrite function only accepts lvalue references.

Deserializing into a temporary is very common, however. See for example
things like 's >> VARINT(n)'. The VARINT macro produces a temporary wrapper
that holds a reference to n.

Fix this by accepting non-const rvalue references instead of lvalue references.
We don't propagate the rvalue-ness down, as there are no useful optimizations
that only apply to temporaries.

Then use this new functionality to get rid of many (but not all) uses of the
'REF' macro (which casts away constness).
2018-03-13 17:04:31 -07:00
Andrew Chow
12ec29d3bb Calculate and store the number of bytes required to spend an input 2018-03-09 21:15:36 -05:00
practicalswift
1f45e2164a scripted-diff: Convert 11 enums into scoped enums (C++11)
-BEGIN VERIFY SCRIPT-

sed -i 's/enum DBErrors/enum class DBErrors/g' src/wallet/walletdb.h
git grep -l DB_ | xargs sed -i 's/DB_\(LOAD_OK\|CORRUPT\|NONCRITICAL_ERROR\|TOO_NEW\|LOAD_FAIL\|NEED_REWRITE\)/DBErrors::\1/g'
sed -i 's/^    DBErrors::/    /g' src/wallet/walletdb.h

sed -i 's/enum VerifyResult/enum class VerifyResult/g' src/wallet/db.h
sed -i 's/\(VERIFY_OK\|RECOVER_OK\|RECOVER_FAIL\)/VerifyResult::\1/g' src/wallet/db.cpp

sed -i 's/enum ThresholdState/enum class ThresholdState/g' src/versionbits.h
git grep -l THRESHOLD_ | xargs sed -i 's/THRESHOLD_\(DEFINED\|STARTED\|LOCKED_IN\|ACTIVE\|FAILED\)/ThresholdState::\1/g'
sed -i 's/^    ThresholdState::/    /g' src/versionbits.h

sed -i 's/enum SigVersion/enum class SigVersion/g' src/script/interpreter.h
git grep -l SIGVERSION_ | xargs sed -i 's/SIGVERSION_\(BASE\|WITNESS_V0\)/SigVersion::\1/g'
sed -i 's/^    SigVersion::/    /g' src/script/interpreter.h

sed -i 's/enum RetFormat {/enum class RetFormat {/g' src/rest.cpp
sed -i 's/RF_\(UNDEF\|BINARY\|HEX\|JSON\)/RetFormat::\1/g' src/rest.cpp
sed -i 's/^    RetFormat::/    /g' src/rest.cpp

sed -i 's/enum HelpMessageMode {/enum class HelpMessageMode {/g' src/init.h
git grep -l HMM_ | xargs sed -i 's/HMM_BITCOIN/HelpMessageMode::BITCOIN/g'
sed -i 's/^    HelpMessageMode::/    /g' src/init.h

sed -i 's/enum FeeEstimateHorizon/enum class FeeEstimateHorizon/g' src/policy/fees.h

sed -i 's/enum RBFTransactionState/enum class RBFTransactionState/g' src/policy/rbf.h
git grep -l RBF_ | xargs sed -i 's/RBF_TRANSACTIONSTATE_\(UNKNOWN\|REPLACEABLE_BIP125\|FINAL\)/RBFTransactionState::\1/g'
sed -i 's/^    RBFTransactionState::/    /g' src/policy/rbf.h

sed -i 's/enum BlockSource {/enum class BlockSource {/g' src/qt/clientmodel.h
git grep -l BLOCK_SOURCE_ | xargs sed -i 's/BLOCK_SOURCE_\(NONE\|REINDEX\|DISK\|NETWORK\)/BlockSource::\1/g'
sed -i 's/^    BlockSource::/    /g' src/qt/clientmodel.h

sed -i 's/enum FlushStateMode {/enum class FlushStateMode {/g' src/validation.cpp
sed -i 's/FLUSH_STATE_\(NONE\|IF_NEEDED\|PERIODIC\|ALWAYS\)/FlushStateMode::\1/g' src/validation.cpp
sed -i 's/^    FlushStateMode::/    /g' src/validation.cpp

sed -i 's/enum WitnessMode {/enum class WitnessMode {/g' src/test/script_tests.cpp
sed -i 's/WITNESS_\(NONE\|PKH\|SH\)/WitnessMode::\1/g' src/test/script_tests.cpp
sed -i 's/^    WitnessMode::/    /g' src/test/script_tests.cpp

-END VERIFY SCRIPT-
2018-03-09 15:03:40 +01:00
Wladimir J. van der Laan
842f61a675
Merge #11900: [script] simplify CheckMinimalPush checks, add safety assert
0749808a7 CheckMinimalPush comments are prescriptive (Gregory Sanders)
176db6147 simplify CheckMinimalPush checks, add safety assert (Gregory Sanders)

Pull request description:

  the two conditions could simply never be hit as `true`, as those opcodes have a push payload of size 0 in `data`.

  Added the assert for clarity for future readers(matching the gating in the interpreter) and safety for future use.

  This effects policy only.

Tree-SHA512: f49028a1d5e907ef697b9bf5104c81ba8f6a331dbe5d60d8d8515ac17d2d6bfdc9dcc856a7e3dbd54814871b7d0695584d28da6553e2d9d7715430223f0b3690
2018-03-07 17:18:14 +01:00
Gregory Sanders
0749808a7f CheckMinimalPush comments are prescriptive 2018-03-07 10:57:00 -05:00
Wladimir J. van der Laan
47a7666dbe
Merge #11889: Drop extra script variable in ProduceSignature
9360f5032 Drop extra script variable in ProduceSignature (Russell Yanofsky)

Pull request description:

  Was slightly confusing.

Tree-SHA512: 1d18f92c133772ffc8eb71826c8d778988839a14bcefc50f9c591111b0a5f81ebc12bca0f1ab25d5fdd02d3d50c2325c04cbfcbdcd18a7b80ca112d049c2327d
2018-03-05 19:12:37 +01:00
Ben Woosley
f8c249ab91
Assert CPubKey::ValidLength to the pubkey's header-relevent size
Previously this was an inline test where the specificity was probably judged
overly specific. As a class method it makes sense to maintain consistency.

And replace some magic values with their constant equivalents.
2018-02-16 12:30:26 -08:00
practicalswift
11376b5583 Fix a-vs-an typos 2018-02-11 10:48:15 +01:00
Wladimir J. van der Laan
a1ffddb90d
Merge #12298: Refactor HaveKeys to early return on false result
5bdbbdc Refactor HaveKeys to early return on false result (João Barbosa)

Pull request description:

  This consists in a trivial change where the return type of `HaveKeys()` is now `bool` meaning that it returns whether all keys are in the keystore, and early returns when one isn't.

Tree-SHA512: 03e35ea8486404b84884b49f6905c9f4fc161a3eeef080b06482d77985d5242a2bdd57a34b8d16abe19ee8c6cfa3e6fbcb935c73197d53f4cd468a2c7c0b889b
2018-02-08 13:31:22 +01:00
MarcoFalke
0277173b1d
Merge #10498: Use static_cast instead of C-style casts for non-fundamental types
9ad6746ccd Use static_cast instead of C-style casts for non-fundamental types (practicalswift)

Pull request description:

  A C-style cast is equivalent to try casting in the following order:

  1. `const_cast(...)`
  2. `static_cast(...)`
  3. `const_cast(static_cast(...))`
  4. `reinterpret_cast(...)`
  5. `const_cast(reinterpret_cast(...))`

  By using `static_cast<T>(...)` explicitly we avoid the possibility of an unintentional and dangerous `reinterpret_cast`. Furthermore `static_cast<T>(...)` allows for easier grepping of casts.

  For a more thorough discussion, see ["ES.49: If you must use a cast, use a named cast"](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#es49-if-you-must-use-a-cast-use-a-named-cast) in the C++ Core Guidelines (Stroustrup & Sutter).

Tree-SHA512: bd6349b7ea157da93a47b8cf238932af5dff84731374ccfd69b9f732fabdad1f9b1cdfca67497040f14eaa85346391404f4c0495e22c467f26ca883cd2de4d3c
2018-02-07 16:15:28 -05:00
João Barbosa
5bdbbdc096 Refactor HaveKeys to early return on false result 2018-01-29 23:45:25 +00:00
Mark Friedenbach
1e747e3c1e Make segwit failure due to CLEANSTACK violation return a SCRIPT_ERR_CLEANSTACK error code. 2018-01-12 16:31:22 +09:00
Jonas Schnelli
d889c036cd
Merge #11403: SegWit wallet support
b224a47a1 Add address_types test (Pieter Wuille)
7ee54fd7c Support downgrading after recovered keypool witness keys (Pieter Wuille)
940a21932 SegWit wallet support (Pieter Wuille)
f37c64e47 Implicitly know about P2WPKH redeemscripts (Pieter Wuille)
57273f2b3 [test] Serialize CTransaction with witness by default (Pieter Wuille)
cf2c0b6f5 Support P2WPKH and P2SH-P2WPKH in dumpprivkey (Pieter Wuille)
37c03d3e0 Support P2WPKH addresses in create/addmultisig (Pieter Wuille)
3eaa003c8 Extend validateaddress information for P2SH-embedded witness (Pieter Wuille)
30a27dc5b Expose method to find key for a single-key destination (Pieter Wuille)
985c79552 Improve witness destination types and use them more (Pieter Wuille)
cbe197470 [refactor] GetAccount{PubKey,Address} -> GetAccountDestination (Pieter Wuille)
0c8ea6380 Abstract out IsSolvable from Witnessifier (Pieter Wuille)

Pull request description:

  This implements a minimum viable implementation of SegWit wallet support, based on top of #11389, and includes part of the functionality from #11089.

  Two new configuration options are added:
  * `-addresstype`, with options `legacy`, `p2sh`, and `bech32`. It controls what kind of addresses are produced by `getnewaddress`, `getaccountaddress`, and `createmultisigaddress`.
  * `-changetype`, with the same options, and by default equal to `-addresstype`, that controls what kind of change is used.

  All wallet private and public keys can be used for any type of address. Support for address types dependent on different derivation paths will need a major overhaul of how our internal detection of outputs work. I expect that that will happen for a next major version.

  The above also applies to imported keys, as having a distinction there but not for normal operations is a disaster for testing, and probably for comprehension of users. This has some ugly effects, like needing to associate the provided label to `importprivkey` with each style address for the corresponding key.

  To deal with witness outputs requiring a corresponding redeemscript in wallet, three approaches are used:
  * All SegWit addresses created through `getnewaddress` or multisig RPCs explicitly get their redeemscripts added to the wallet file. This means that downgrading after creating a witness address will work, as long as the wallet file is up to date.
  * All SegWit keys in the wallet get an _implicit_ redeemscript added, without it being written to the file. This means recovery of an old backup will work, as long as you use new software.
  * All keypool keys that are seen used in transactions explicitly get their redeemscripts added to the wallet files. This means that downgrading after recovering from a backup that includes a witness address will work.

  These approaches correspond to solutions 3a, 1a, and 5a respectively from https://gist.github.com/sipa/125cfa1615946d0c3f3eec2ad7f250a2. As argued there, there is no full solution for dealing with the case where you both downgrade and restore a backup, so that's also not implemented.

  `dumpwallet`, `importwallet`, `importmulti`, `signmessage` and `verifymessage` don't work with SegWit addresses yet. They're remaining TODOs, for this PR or a follow-up. Because of that, several tests unexpectedly run with `-addresstype=legacy` for now.

Tree-SHA512: d425dbe517c0422061ab8dacdc3a6ae47da071450932ed992c79559d922dff7b2574a31a8c94feccd3761c1dffb6422c50055e6dca8e3cf94a169bc95e39e959
2018-01-10 20:55:41 -10:00
Pieter Wuille
3eaa003c88 Extend validateaddress information for P2SH-embedded witness
This adds new fields 'pubkeys' and 'embedded' to the RPC's output, and improves the
documentation for previously added 'witness_version' and 'witness_program' fields.
2018-01-03 05:43:06 -08:00
Pieter Wuille
985c79552c Improve witness destination types and use them more 2018-01-03 05:43:06 -08:00
Pieter Wuille
0c8ea6380c Abstract out IsSolvable from Witnessifier 2018-01-03 05:32:00 -08:00
Akira Takizawa
595a7bab23 Increment MIT Licence copyright header year on files modified in 2017 2018-01-03 02:26:56 +09:00
Wladimir J. van der Laan
79399c8cd0
Merge #10657: Utils: Improvements to ECDSA key-handling code
63179d0 Scope the ECDSA constant sizes to CPubKey / CKey classes (Jack Grigg)
1ce9f0a Ensure that ECDSA constant sizes are correctly-sized (Jack Grigg)
48abe78 Remove redundant `= 0` initialisations (Jack Grigg)
17fa391 Specify ECDSA constant sizes as constants (Jack Grigg)
e4a1086 Update Debian copyright list (Jack Grigg)
e181dbe Add comments (Jack Grigg)
a3603ac Fix potential overflows in ECDSA DER parsers (Jack Grigg)

Pull request description:

  Mostly trivial, but includes fixes to potential overflows in the ECDSA DER parsers.

  Cherry-picked from Zcash PR https://github.com/zcash/zcash/pull/2335

Tree-SHA512: 8fcbd51b0bd6723e5d33fa5d592f7cb68ed182796a9b837ecc8217991ad69d6c970258617dc00eb378c8caa4cec5d6b304d9d2c066acd40cda98e4da68e0caa4
2017-12-20 18:00:32 +01:00
Gregory Sanders
176db61474 simplify CheckMinimalPush checks, add safety assert 2017-12-14 14:04:47 -05:00
Russell Yanofsky
9360f50321 Drop extra script variable in ProduceSignature
Was slightly confusing.
2017-12-13 15:16:23 -05:00
Wladimir J. van der Laan
5d132e8b97
Merge #10574: Remove includes in .cpp files for things the corresponding .h file already included
a720b92 Remove includes in .cpp files for things the corresponding .h file already included (practicalswift)

Pull request description:

  Remove includes in .cpp files for things the corresponding .h file already included.

  Example case:
  * `addrdb.cpp` includes `addrdb.h` and `fs.h`
  * `addrdb.h` includes `fs.h`

  Then remove the direct inclusion of `fs.h` in `addrman.cpp` and rely on the indirect inclusion of `fs.h` via the included `addrdb.h`.

  In line with the header include guideline (see #10575).

Tree-SHA512: 8704b9de3011a4c234db336a39f7d2c139e741cf0f7aef08a5d3e05197e1e18286b863fdab25ae9638af4ff86b3d52e5cab9eed66bfa2476063aa5c79f9b0346
2017-12-12 14:56:25 +01:00
Wladimir J. van der Laan
c0902624b0
Merge #10699: Make all script validation flags backward compatible
01013f5 Simplify tx validation tests (Pieter Wuille)
2dd6f80 Add a test that all flags are softforks (Pieter Wuille)
2851b77 Make all script verification flags softforks (Pieter Wuille)

Pull request description:

  This change makes `SCRIPT_VERIFY_UPGRADABLE_NOPS` not apply to `OP_CHECKLOCKTIMEVERIFY` and `OP_CHECKSEQUENCEVERIFY`. This is a no-op as `UPGRADABLE_NOPS` is only set for mempool transactions, and those always have `SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY` and `SCRIPT_VERIFY_CHECKSEQUENCEVERIFY` set as well. The advantage is that setting more flags now always results in a reduction in acceptable scripts (=softfork).

  This results in a nice and testable property for validation, for which a new test is added.

  This also means that the introduction of a new definition for a NOP or witness version will likely need the following procedure (example OP_NOP8 here)
  * Remove OP_NOP8 from being affected by `SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS`.
  * Add a `SCRIPT_VERIFY_DISCOURAGE_NOP8`, which only applies to `OP_NOP8`.
  * Add a `SCRIPT_VERIFY_NOP8` which implements the new consensus logic.
  * Before activation, add `SCRIPT_VERIFY_DISCOURAGE_NOP8` to the mempool flags.
  * After activation, add `SCRIPT_VERIFY_NOP8` to both the mempool and consensus flags.

Tree-SHA512: d3b4538986ecf646aac9dba13a8d89318baf9e308e258547ca3b99e7c0509747f323edac6b1fea4e87e7d3c01b71193794b41679ae4f86f6e11ed6be3fd62c72
2017-12-12 10:11:00 +01:00
practicalswift
a720b928c8 Remove includes in .cpp files for things the corresponding .h file already included 2017-11-16 22:26:34 +01:00
MeshCollider
1a445343f6 scripted-diff: Replace #include "" with #include <> (ryanofsky)
-BEGIN VERIFY SCRIPT-
for f in \
  src/*.cpp \
  src/*.h \
  src/bench/*.cpp \
  src/bench/*.h \
  src/compat/*.cpp \
  src/compat/*.h \
  src/consensus/*.cpp \
  src/consensus/*.h \
  src/crypto/*.cpp \
  src/crypto/*.h \
  src/crypto/ctaes/*.h \
  src/policy/*.cpp \
  src/policy/*.h \
  src/primitives/*.cpp \
  src/primitives/*.h \
  src/qt/*.cpp \
  src/qt/*.h \
  src/qt/test/*.cpp \
  src/qt/test/*.h \
  src/rpc/*.cpp \
  src/rpc/*.h \
  src/script/*.cpp \
  src/script/*.h \
  src/support/*.cpp \
  src/support/*.h \
  src/support/allocators/*.h \
  src/test/*.cpp \
  src/test/*.h \
  src/wallet/*.cpp \
  src/wallet/*.h \
  src/wallet/test/*.cpp \
  src/wallet/test/*.h \
  src/zmq/*.cpp \
  src/zmq/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-
2017-11-16 08:23:01 +13:00
Wladimir J. van der Laan
17f2acedbe
Merge #9572: Skip witness sighash cache for non-segwit transactions
0da49b5 Skip precompute sighash for transactions without witness (Johnson Lau)

Pull request description:

  This saves unnecessary hash caching for non-segwit transactions, but I am not sure if the difference is noticeable.

Tree-SHA512: 5cd733a729a52a45781510b3572b26e76837a94155caa14311c6d23a27a12e9613ff278dfc2592e21f640202782f22c5ad00fca85c4de5efacaa617c48ccb08d
2017-10-05 19:49:42 +02:00
Wladimir J. van der Laan
339da9ca41
Merge #11411: script: Change SignatureHash input index check to an assert.
5ddf560 script: Change SignatureHash input index check to an assert. (Jim Posen)

Pull request description:

  In the SignatureHash function, the input index must refer to a valid index. This is not enforced equally in the segwit/non-segwit branches and should be an assertion rather than returning a error hash.

Tree-SHA512: a775fc9e9bd9835c0ab36368aa45ab3d53e38f31fd4d2b8684a77ee6028c854c363df038681a59358b30138957573ad63b71d4a722c16e0830fb4fa72669ef39
2017-10-02 15:10:40 +02:00
Wladimir J. van der Laan
10bee0dd4f
Merge #11284: Fix invalid memory access in CScript::operator+= (guidovranken, ajtowns)
d601f16 Fix invalid memory access in CScript::operator+= (Anthony Towns)

Pull request description:

  This is a fix for #11114 -- invoking "s += s" gets turned into "s.insert(s.end(), s.begin(), s.end())" which can result in an invalid memory access is s.capacity() < 2*s.size() (because s gets resized and possibly moved, so s.begin() and s.end() become invalid references when reading the values to be appended).

  The fix is straightforward: reserve enough space in advance, so that insert() doesn't need to resize and thus its arguments remain valid.

  A simple test case is added as well; though you probably need to run it via valgrind to actually catch the problem when it's not fixed...

Tree-SHA512: 4720d0c17463fdc43b344c45fe603423d20b30d48da1b9d85eeedc505d7f34db1ed5495ef1556459ae962a94717e3c6e8fc441763771901efea210d01322b7ef
2017-10-02 14:46:47 +02:00
Mark Friedenbach
cee28fbc3f Add error string for CLEANSTACK script violation, preventing an "unknown error" if the CLEANSTACK error condition is set. 2017-09-29 01:48:43 -07:00
Pieter Wuille
c091b99379 Implement BIP173 addresses and tests 2017-09-28 16:24:30 -07:00
Jim Posen
5ddf56045a script: Change SignatureHash input index check to an assert.
In the SignatureHash function, the input index must refer to a valid
index. This is not enforced equally in the segwit/non-segwit branches
and should be an assertion rather than returning a error hash.
2017-09-27 19:49:18 -07:00
practicalswift
9ad6746ccd Use static_cast instead of C-style casts for non-fundamental types
A C-style cast is equivalent to try casting in the following order:

1. const_cast(...)
2. static_cast(...)
3. const_cast(static_cast(...))
4. reinterpret_cast(...)
5. const_cast(reinterpret_cast(...))

By using static_cast<T>(...) explicitly we avoid the possibility
of an unintentional and dangerous reinterpret_cast. Furthermore
static_cast<T>(...) allows for easier grepping of casts.
2017-09-22 14:59:27 +02:00