260 lines
8.9 KiB
C++
260 lines
8.9 KiB
C++
/*
|
|
* This file is part of the Flowee project
|
|
* Copyright (C) 2009-2010 Satoshi Nakamoto
|
|
* Copyright (C) 2009-2015 The Bitcoin Core developers
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef FLOWEE_SCRIPT_INTERPRETER_H
|
|
#define FLOWEE_SCRIPT_INTERPRETER_H
|
|
|
|
#include "script_error.h"
|
|
#include "../primitives/Tx.h"
|
|
#include <cstdint>
|
|
#include <vector>
|
|
|
|
class PublicKey;
|
|
class CScript;
|
|
class CScriptNum;
|
|
class CTransaction;
|
|
class uint256;
|
|
|
|
/** Signature hash types/flags */
|
|
enum
|
|
{
|
|
SIGHASH_ALL = 1,
|
|
SIGHASH_NONE = 2,
|
|
SIGHASH_SINGLE = 3,
|
|
SIGHASH_UTXOS = 0x20,
|
|
SIGHASH_FORKID = 0x40,
|
|
SIGHASH_ANYONECANPAY = 0x80,
|
|
};
|
|
|
|
/** Script verification flags */
|
|
enum
|
|
{
|
|
SCRIPT_VERIFY_NONE = 0,
|
|
|
|
// Evaluate P2SH subscripts (softfork safe, BIP16).
|
|
SCRIPT_VERIFY_P2SH = (1U << 0),
|
|
|
|
// Passing a non-strict-DER signature or one with undefined hashtype to a checksig operation causes script failure.
|
|
// Evaluating a pubkey that is not (0x04 + 64 bytes) or (0x02 or 0x03 + 32 bytes) by checksig causes script failure.
|
|
// (softfork safe, but not used or intended as a consensus rule).
|
|
SCRIPT_VERIFY_STRICTENC = (1U << 1),
|
|
|
|
// Passing a non-strict-DER signature to a checksig operation causes script failure (softfork safe, BIP62 rule 1)
|
|
SCRIPT_VERIFY_DERSIG = (1U << 2),
|
|
|
|
// Passing a non-strict-DER signature or one with S > order/2 to a checksig operation causes script failure
|
|
// (softfork safe, BIP62 rule 5).
|
|
SCRIPT_VERIFY_LOW_S = (1U << 3),
|
|
|
|
// verify dummy stack item consumed by CHECKMULTISIG is of zero-length (softfork safe, BIP62 rule 7).
|
|
SCRIPT_VERIFY_NULLDUMMY = (1U << 4),
|
|
|
|
// Using a non-push operator in the scriptSig causes script failure (softfork safe, BIP62 rule 2).
|
|
SCRIPT_VERIFY_SIGPUSHONLY = (1U << 5),
|
|
|
|
// Require minimal encodings for all push operations (OP_0... OP_16, OP_1NEGATE where possible, direct
|
|
// pushes up to 75 bytes, OP_PUSHDATA up to 255 bytes, OP_PUSHDATA2 for anything larger). Evaluating
|
|
// any other push causes the script to fail (BIP62 rule 3).
|
|
// In addition, whenever a stack element is interpreted as a number, it must be of minimal length (BIP62 rule 4).
|
|
// (softfork safe)
|
|
SCRIPT_VERIFY_MINIMALDATA = (1U << 6),
|
|
|
|
// Discourage use of NOPs reserved for upgrades (NOP1-10)
|
|
//
|
|
// Provided so that nodes can avoid accepting or mining transactions
|
|
// containing executed NOP's whose meaning may change after a soft-fork,
|
|
// thus rendering the script invalid; with this flag set executing
|
|
// discouraged NOPs fails the script. This verification flag will never be
|
|
// a mandatory flag applied to scripts in a block. NOPs that are not
|
|
// executed, e.g. within an unexecuted IF ENDIF block, are *not* rejected.
|
|
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS = (1U << 7),
|
|
|
|
// Require that only a single stack element remains after evaluation. This changes the success criterion from
|
|
// "At least one stack element must remain, and when interpreted as a boolean, it must be true" to
|
|
// "Exactly one stack element must remain, and when interpreted as a boolean, it must be true".
|
|
// (softfork safe, BIP62 rule 6)
|
|
// Note: CLEANSTACK should never be used without P2SH.
|
|
SCRIPT_VERIFY_CLEANSTACK = (1U << 8),
|
|
|
|
// Verify CHECKLOCKTIMEVERIFY
|
|
//
|
|
// See BIP65 for details.
|
|
SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1U << 9),
|
|
|
|
// support CHECKSEQUENCEVERIFY opcode
|
|
//
|
|
// See BIP112 for details
|
|
SCRIPT_VERIFY_CHECKSEQUENCEVERIFY = (1U << 10),
|
|
|
|
// Signature(s) must be empty vector if an CHECK(MULTI)SIG operation failed
|
|
//
|
|
SCRIPT_VERIFY_NULLFAIL = (1U << 14),
|
|
|
|
// Do we accept signature using SIGHASH_FORKID
|
|
//
|
|
SCRIPT_ENABLE_SIGHASH_FORKID = (1U << 16),
|
|
|
|
// If OP_CHECKDATASIG* are allowed.
|
|
SCRIPT_ENABLE_CHECKDATASIG = (1U << 17),
|
|
|
|
SCRIPT_ENABLE_SCHNORR = (1U << 18),
|
|
|
|
SCRIPT_ENABLE_SCHNORR_MULTISIG = (1U << 19),
|
|
|
|
// Allows the miner to appropriate coins sent to p2sh segwit addresses
|
|
SCRIPT_ALLOW_SEGWIT_RECOVERY = (1U << 20),
|
|
|
|
// Whether the new OP_REVERSEBYTES opcode can be used.
|
|
SCRIPT_ENABLE_OP_REVERSEBYTES = (1U << 21),
|
|
|
|
// Enable pay-to-script-hash using OP_HASH256 with a 32-byte script hash.
|
|
SCRIPT_ENABLE_P2SH_32 = (1U << 22),
|
|
|
|
// Enable CHIP-2024-07-BigInt high-precision script integer arithmetic.
|
|
SCRIPT_ENABLE_MAY2025 = (1U << 23),
|
|
|
|
// Enable May 2022 native transaction introspection opcodes.
|
|
SCRIPT_ENABLE_NATIVE_INTROSPECTION = (1U << 24),
|
|
|
|
// Enable May 2023 SIGHASH_UTXOS signing serialization.
|
|
SCRIPT_ENABLE_SIGHASH_UTXOS = (1U << 25),
|
|
|
|
// Enable May 2023 CashTokens script introspection.
|
|
SCRIPT_ENABLE_CASHTOKENS = (1U << 26),
|
|
|
|
// Use May 2025 VM-limit relay costing rules.
|
|
SCRIPT_VM_LIMITS_STANDARD = (1U << 27),
|
|
|
|
// Enable May 2026 script upgrades.
|
|
SCRIPT_ENABLE_MAY2026 = (1U << 28),
|
|
|
|
// Enable May 2022 64-bit script integer arithmetic.
|
|
SCRIPT_ENABLE_64_BIT_INTEGERS = (1U << 29),
|
|
};
|
|
|
|
uint256 SignatureHash(const CScript &scriptCode, const CTransaction& txTo, unsigned int nIn, int64_t amount, int nHashType,
|
|
uint32_t flags = SCRIPT_ENABLE_SIGHASH_FORKID, const std::vector<Tx::Output> *spentOutputs = nullptr,
|
|
size_t *bytesHashed = nullptr);
|
|
|
|
class BaseSignatureChecker
|
|
{
|
|
public:
|
|
virtual bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey,
|
|
const CScript& scriptCode, uint32_t flags, size_t *bytesHashed = nullptr) const
|
|
{
|
|
if (bytesHashed)
|
|
*bytesHashed = 0;
|
|
return false;
|
|
}
|
|
|
|
virtual bool CheckLockTime(const CScriptNum& nLockTime) const
|
|
{
|
|
return false;
|
|
}
|
|
|
|
virtual bool CheckSequence(const CScriptNum& nSequence) const
|
|
{
|
|
return false;
|
|
}
|
|
|
|
virtual bool hasTransactionContext() const
|
|
{
|
|
return false;
|
|
}
|
|
|
|
virtual const CTransaction* transaction() const
|
|
{
|
|
return nullptr;
|
|
}
|
|
|
|
virtual Tx tx() const
|
|
{
|
|
return Tx();
|
|
}
|
|
|
|
virtual unsigned int inputIndex() const
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
virtual bool isLimitedContext() const
|
|
{
|
|
return true;
|
|
}
|
|
|
|
virtual bool spentOutput(unsigned int, Tx::Output&) const
|
|
{
|
|
return false;
|
|
}
|
|
|
|
virtual ~BaseSignatureChecker() {}
|
|
};
|
|
|
|
class TransactionSignatureChecker : public BaseSignatureChecker
|
|
{
|
|
private:
|
|
const CTransaction* oldTxTo;
|
|
const Tx &txTo;
|
|
unsigned int nIn;
|
|
int64_t amount;
|
|
const std::vector<Tx::Output> *spentOutputs;
|
|
|
|
protected:
|
|
virtual bool VerifySignature(const std::vector<unsigned char>& vchSig, const PublicKey& vchPubKey, const uint256& sighash, uint32_t flags) const;
|
|
|
|
public:
|
|
TransactionSignatureChecker(const CTransaction* oldTxToIn, const Tx &txToIn, unsigned int nInIn, int64_t amountIn,
|
|
const std::vector<Tx::Output> *spentOutputsIn = nullptr)
|
|
: oldTxTo(oldTxToIn), txTo(txToIn), nIn(nInIn), amount(amountIn), spentOutputs(spentOutputsIn) {}
|
|
bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey,
|
|
const CScript& scriptCode, uint32_t flags, size_t *bytesHashed = nullptr) const override;
|
|
bool CheckLockTime(const CScriptNum& nLockTime) const override;
|
|
bool CheckSequence(const CScriptNum& nSequence) const override;
|
|
bool hasTransactionContext() const override;
|
|
const CTransaction* transaction() const override;
|
|
Tx tx() const override;
|
|
unsigned int inputIndex() const override;
|
|
bool isLimitedContext() const override;
|
|
bool spentOutput(unsigned int index, Tx::Output &output) const override;
|
|
};
|
|
|
|
|
|
namespace Script {
|
|
struct State {
|
|
State() = default;
|
|
State(uint32_t flags) : flags(flags) {}
|
|
uint32_t flags = SCRIPT_VERIFY_NONE; // validation flags
|
|
uint32_t sigCheckCount = 0;
|
|
uint64_t vmLimitScriptSigSize = 0;
|
|
int64_t opCost = 0;
|
|
int64_t hashDigestIterations = 0;
|
|
ScriptError error = SCRIPT_ERR_OK;
|
|
|
|
const char* errorString() const;
|
|
};
|
|
|
|
bool eval(std::vector<std::vector<unsigned char> > &stack, const CScript &script, const BaseSignatureChecker &checker, Script::State &state);
|
|
bool verify(const CScript& scriptSig, const CScript& scriptPubKey, const BaseSignatureChecker& checker, Script::State &state);
|
|
|
|
bool checkTransactionSignatureEncoding(const std::vector<unsigned char> &vchSig, State &state);
|
|
}
|
|
|
|
|
|
#endif
|