Line data Source code
1 : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : // Copyright (c) 2009-2021 The Bitcoin Core developers
3 : // Distributed under the MIT software license, see the accompanying
4 : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 :
6 : #ifndef BITCOIN_SCRIPT_INTERPRETER_H
7 : #define BITCOIN_SCRIPT_INTERPRETER_H
8 :
9 : #include <consensus/amount.h>
10 : #include <primitives/transaction.h>
11 : #include <script/script_error.h> // IWYU pragma: export
12 : #include <span.h>
13 : #include <uint256.h>
14 :
15 : #include <cstddef>
16 : #include <cstdint>
17 : #include <vector>
18 :
19 : class CPubKey;
20 : class CScript;
21 : class CScriptNum;
22 : class XOnlyPubKey;
23 :
24 : /** Signature hash types/flags */
25 : enum
26 : {
27 : SIGHASH_ALL = 1,
28 : SIGHASH_NONE = 2,
29 : SIGHASH_SINGLE = 3,
30 : SIGHASH_ANYONECANPAY = 0x80,
31 : };
32 :
33 : /** Script verification flags.
34 : *
35 : * All flags are intended to be soft forks: the set of acceptable scripts under
36 : * flags (A | B) is a subset of the acceptable scripts under flag (A).
37 : */
38 : enum : uint32_t {
39 : SCRIPT_VERIFY_NONE = 0,
40 :
41 : // Evaluate P2SH subscripts (BIP16).
42 : SCRIPT_VERIFY_P2SH = (1U << 0),
43 :
44 : // Passing a non-strict-DER signature or one with undefined hashtype to a checksig operation causes script failure.
45 : // Evaluating a pubkey that is not (0x04 + 64 bytes) or (0x02 or 0x03 + 32 bytes) by checksig causes script failure.
46 : // (not used or intended as a consensus rule).
47 : SCRIPT_VERIFY_STRICTENC = (1U << 1),
48 :
49 : // Passing a non-strict-DER signature to a checksig operation causes script failure (BIP62 rule 1)
50 : SCRIPT_VERIFY_DERSIG = (1U << 2),
51 :
52 : // Passing a non-strict-DER signature or one with S > order/2 to a checksig operation causes script failure
53 : // (BIP62 rule 5).
54 : SCRIPT_VERIFY_LOW_S = (1U << 3),
55 :
56 : // verify dummy stack item consumed by CHECKMULTISIG is of zero-length (BIP62 rule 7).
57 : SCRIPT_VERIFY_NULLDUMMY = (1U << 4),
58 :
59 : // Using a non-push operator in the scriptSig causes script failure (BIP62 rule 2).
60 : SCRIPT_VERIFY_SIGPUSHONLY = (1U << 5),
61 :
62 : // Require minimal encodings for all push operations (OP_0... OP_16, OP_1NEGATE where possible, direct
63 : // pushes up to 75 bytes, OP_PUSHDATA up to 255 bytes, OP_PUSHDATA2 for anything larger). Evaluating
64 : // any other push causes the script to fail (BIP62 rule 3).
65 : // In addition, whenever a stack element is interpreted as a number, it must be of minimal length (BIP62 rule 4).
66 : SCRIPT_VERIFY_MINIMALDATA = (1U << 6),
67 :
68 : // Discourage use of NOPs reserved for upgrades (NOP1-10)
69 : //
70 : // Provided so that nodes can avoid accepting or mining transactions
71 : // containing executed NOP's whose meaning may change after a soft-fork,
72 : // thus rendering the script invalid; with this flag set executing
73 : // discouraged NOPs fails the script. This verification flag will never be
74 : // a mandatory flag applied to scripts in a block. NOPs that are not
75 : // executed, e.g. within an unexecuted IF ENDIF block, are *not* rejected.
76 : // NOPs that have associated forks to give them new meaning (CLTV, CSV)
77 : // are not subject to this rule.
78 : SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS = (1U << 7),
79 :
80 : // Require that only a single stack element remains after evaluation. This changes the success criterion from
81 : // "At least one stack element must remain, and when interpreted as a boolean, it must be true" to
82 : // "Exactly one stack element must remain, and when interpreted as a boolean, it must be true".
83 : // (BIP62 rule 6)
84 : // Note: CLEANSTACK should never be used without P2SH.
85 : SCRIPT_VERIFY_CLEANSTACK = (1U << 8),
86 :
87 : // Verify CHECKLOCKTIMEVERIFY
88 : //
89 : // See BIP65 for details.
90 : SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1U << 9),
91 :
92 : // support CHECKSEQUENCEVERIFY opcode
93 : //
94 : // See BIP112 for details
95 : SCRIPT_VERIFY_CHECKSEQUENCEVERIFY = (1U << 10),
96 :
97 : // Signature(s) must be empty vector if a CHECK(MULTI)SIG operation failed
98 : //
99 : SCRIPT_VERIFY_NULLFAIL = (1U << 14),
100 :
101 : // DIP0020_OPCODES - ignored.
102 : // Was used to enable the opcodes listed in DIP0020
103 : // (OP_CAT, OP_AND, OP_OR, OP_XOR, OP_DIV, OP_MOD, OP_SPLIT, OP_BIN2NUM,
104 : // OP_NUM2BIN, OP_CHECKDATASIG, OP_CHECKDATASIGVERIFY).
105 : // SCRIPT_ENABLE_DIP0020_OPCODES = (1U << 15),
106 :
107 : // Making OP_CODESEPARATOR and FindAndDelete fail
108 : //
109 : SCRIPT_VERIFY_CONST_SCRIPTCODE = (1U << 16),
110 :
111 : // Constants to point to the highest flag in use. Add new flags above this line.
112 : //
113 : SCRIPT_VERIFY_END_MARKER
114 : };
115 :
116 : bool CheckSignatureEncoding(const std::vector<unsigned char> &vchSig, unsigned int flags, ScriptError* serror);
117 :
118 : struct PrecomputedTransactionData
119 : {
120 : uint256 hashPrevouts, hashSequence, hashOutputs;
121 79513 : bool m_ready = false;
122 : std::vector<CTxOut> m_spent_outputs;
123 :
124 238539 : PrecomputedTransactionData() = default;
125 :
126 : template <class T>
127 : void Init(const T& tx, std::vector<CTxOut>&& spent_outputs, bool force = false);
128 :
129 : template <class T>
130 : explicit PrecomputedTransactionData(const T& tx);
131 : };
132 :
133 : enum class SigVersion
134 : {
135 : BASE = 0,
136 : };
137 :
138 : template <class T>
139 : uint256 SignatureHash(const CScript& scriptCode, const T& txTo, unsigned int nIn, int nHashType, const CAmount& amount, SigVersion sigversion, const PrecomputedTransactionData* cache = nullptr);
140 :
141 : class BaseSignatureChecker
142 : {
143 : public:
144 0 : virtual bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const
145 : {
146 0 : return false;
147 : }
148 :
149 0 : virtual bool CheckLockTime(const CScriptNum& nLockTime) const
150 : {
151 0 : return false;
152 : }
153 :
154 0 : virtual bool CheckSequence(const CScriptNum& nSequence) const
155 : {
156 0 : return false;
157 : }
158 :
159 435397 : virtual ~BaseSignatureChecker() {}
160 : };
161 :
162 : /** Enum to specify what *TransactionSignatureChecker's behavior should be
163 : * when dealing with missing transaction data.
164 : */
165 : enum class MissingDataBehavior
166 : {
167 : ASSERT_FAIL, //!< Abort execution through assertion failure (for consensus code)
168 : FAIL, //!< Just act as if the signature was invalid
169 : };
170 :
171 : template <class T>
172 : class GenericTransactionSignatureChecker : public BaseSignatureChecker
173 : {
174 : private:
175 : const T* txTo;
176 : const MissingDataBehavior m_mdb;
177 : unsigned int nIn;
178 : const CAmount amount;
179 : const PrecomputedTransactionData* txdata;
180 :
181 : protected:
182 : virtual bool VerifySignature(const std::vector<unsigned char>& vchSig, const CPubKey& vchPubKey, const uint256& sighash) const;
183 :
184 : public:
185 47650 : GenericTransactionSignatureChecker(const T* txToIn, unsigned int nInIn, const CAmount& amountIn, MissingDataBehavior mdb) : txTo(txToIn), m_mdb(mdb), nIn(nInIn), amount(amountIn), txdata(nullptr) {}
186 78636 : GenericTransactionSignatureChecker(const T* txToIn, unsigned int nInIn, const CAmount& amountIn, const PrecomputedTransactionData& txdataIn, MissingDataBehavior mdb) : txTo(txToIn), m_mdb(mdb), nIn(nInIn), amount(amountIn), txdata(&txdataIn) {}
187 : bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override;
188 : bool CheckLockTime(const CScriptNum& nLockTime) const override;
189 : bool CheckSequence(const CScriptNum& nSequence) const override;
190 : };
191 :
192 : using TransactionSignatureChecker = GenericTransactionSignatureChecker<CTransaction>;
193 : using MutableTransactionSignatureChecker = GenericTransactionSignatureChecker<CMutableTransaction>;
194 :
195 : class DeferringSignatureChecker : public BaseSignatureChecker
196 : {
197 : protected:
198 : const BaseSignatureChecker& m_checker;
199 :
200 : public:
201 667 : DeferringSignatureChecker(const BaseSignatureChecker& checker) : m_checker(checker) {}
202 :
203 0 : bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
204 : {
205 0 : return m_checker.CheckSig(scriptSig, vchPubKey, scriptCode, sigversion);
206 : }
207 0 : bool CheckLockTime(const CScriptNum& nLockTime) const override
208 : {
209 0 : return m_checker.CheckLockTime(nLockTime);
210 : }
211 0 : bool CheckSequence(const CScriptNum& nSequence) const override
212 : {
213 0 : return m_checker.CheckSequence(nSequence);
214 : }
215 : };
216 :
217 : bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker, SigVersion sigversion, ScriptError* error = nullptr);
218 : bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker, ScriptError* error = nullptr);
219 :
220 : int FindAndDelete(CScript& script, const CScript& b);
221 :
222 : #endif // BITCOIN_SCRIPT_INTERPRETER_H
|
