 |
Bitcoin Core
22.99.0
P2P Digital Currency
|
Go to the documentation of this file.
15 typedef std::vector<unsigned char>
valtype;
37 for (
unsigned int i = 0; i < vch.size(); i++)
42 if (i == vch.size()-1 && vch[i] == 0x80)
54 #define stacktop(i) (stack.at(stack.size()+(i)))
55 #define altstacktop(i) (altstack.at(altstack.size()+(i)))
56 static inline void popstack(std::vector<valtype>& stack)
59 throw std::runtime_error(
"popstack(): stack empty");
68 if (vchPubKey[0] == 0x04) {
73 }
else if (vchPubKey[0] == 0x02 || vchPubKey[0] == 0x03) {
90 if (vchPubKey[0] != 0x02 && vchPubKey[0] != 0x03) {
121 if (sig.size() < 9)
return false;
122 if (sig.size() > 73)
return false;
125 if (sig[0] != 0x30)
return false;
128 if (sig[1] != sig.size() - 3)
return false;
131 unsigned int lenR = sig[3];
134 if (5 + lenR >= sig.size())
return false;
137 unsigned int lenS = sig[5 + lenR];
141 if ((
size_t)(lenR + lenS + 7) != sig.size())
return false;
144 if (sig[2] != 0x02)
return false;
147 if (lenR == 0)
return false;
150 if (sig[4] & 0x80)
return false;
154 if (lenR > 1 && (sig[4] == 0x00) && !(sig[5] & 0x80))
return false;
157 if (sig[lenR + 4] != 0x02)
return false;
160 if (lenS == 0)
return false;
163 if (sig[lenR + 6] & 0x80)
return false;
167 if (lenS > 1 && (sig[lenR + 6] == 0x00) && !(sig[lenR + 7] & 0x80))
return false;
179 std::vector<unsigned char> vchSigCopy(vchSig.begin(), vchSig.begin() + vchSig.size() - 1);
190 if (vchSig.size() == 0) {
203 if (vchSig.size() == 0) {
231 if (data.size() == 0) {
233 return opcode ==
OP_0;
234 }
else if (data.size() == 1 && data[0] >= 1 && data[0] <= 16) {
237 }
else if (data.size() == 1 && data[0] == 0x81) {
240 }
else if (data.size() <= 75) {
242 return opcode == data.size();
243 }
else if (data.size() <= 255) {
246 }
else if (data.size() <= 65535) {
264 while (
static_cast<size_t>(end - pc) >= b.
size() && std::equal(b.
begin(), b.
end(), pc))
271 while (script.
GetOp(pc, opcode));
275 script = std::move(result);
297 class ConditionStack {
300 static constexpr uint32_t NO_FALSE = std::numeric_limits<uint32_t>::max();
303 uint32_t m_stack_size = 0;
305 uint32_t m_first_false_pos = NO_FALSE;
308 bool empty()
const {
return m_stack_size == 0; }
309 bool all_true()
const {
return m_first_false_pos == NO_FALSE; }
310 void push_back(
bool f)
312 if (m_first_false_pos == NO_FALSE && !f) {
315 m_first_false_pos = m_stack_size;
323 if (m_first_false_pos == m_stack_size) {
325 m_first_false_pos = NO_FALSE;
331 if (m_first_false_pos == NO_FALSE) {
333 m_first_false_pos = m_stack_size - 1;
334 }
else if (m_first_false_pos == m_stack_size - 1) {
336 m_first_false_pos = NO_FALSE;
350 CScript scriptCode(pbegincodehash, pend);
381 success = !sig.empty();
391 if (pubkey.size() == 0) {
393 }
else if (pubkey.size() == 32) {
418 switch (sigversion) {
437 static const valtype vchFalse(0);
439 static const valtype vchTrue(1, 1);
449 ConditionStack vfExec;
450 std::vector<valtype> altstack;
457 uint32_t opcode_pos = 0;
463 for (; pc < pend; ++opcode_pos) {
464 bool fExec = vfExec.all_true();
469 if (!script.
GetOp(pc, opcode, vchPushValue))
506 stack.push_back(vchPushValue);
533 stack.push_back(bn.
getvch());
553 if (stack.size() < 1)
592 if (stack.size() < 1)
634 if (stack.size() < 1)
641 if (vch.size() > 1 || (vch.size() == 1 && vch[0] != 1)) {
649 if (vch.size() == 1 && vch[0] != 1)
657 vfExec.push_back(fValue);
681 if (stack.size() < 1)
703 if (stack.size() < 1)
712 if (altstack.size() < 1)
722 if (stack.size() < 2)
732 if (stack.size() < 2)
736 stack.push_back(vch1);
737 stack.push_back(vch2);
744 if (stack.size() < 3)
749 stack.push_back(vch1);
750 stack.push_back(vch2);
751 stack.push_back(vch3);
758 if (stack.size() < 4)
762 stack.push_back(vch1);
763 stack.push_back(vch2);
770 if (stack.size() < 6)
774 stack.erase(stack.end()-6, stack.end()-4);
775 stack.push_back(vch1);
776 stack.push_back(vch2);
783 if (stack.size() < 4)
793 if (stack.size() < 1)
797 stack.push_back(vch);
805 stack.push_back(bn.
getvch());
812 if (stack.size() < 1)
821 if (stack.size() < 1)
824 stack.push_back(vch);
831 if (stack.size() < 2)
833 stack.erase(stack.end() - 2);
840 if (stack.size() < 2)
843 stack.push_back(vch);
852 if (stack.size() < 2)
856 if (n < 0 || n >= (
int)stack.size())
860 stack.erase(stack.end()-n-1);
861 stack.push_back(vch);
870 if (stack.size() < 3)
880 if (stack.size() < 2)
889 if (stack.size() < 2)
892 stack.insert(stack.end()-2, vch);
900 if (stack.size() < 1)
903 stack.push_back(bn.
getvch());
916 if (stack.size() < 2)
920 bool fEqual = (vch1 == vch2);
928 stack.push_back(fEqual ? vchTrue : vchFalse);
951 if (stack.size() < 1)
956 case OP_1ADD: bn += bnOne;
break;
957 case OP_1SUB: bn -= bnOne;
break;
959 case OP_ABS:
if (bn < bnZero) bn = -bn;
break;
960 case OP_NOT: bn = (bn == bnZero);
break;
962 default:
assert(!
"invalid opcode");
break;
965 stack.push_back(bn.
getvch());
984 if (stack.size() < 2)
999 case OP_BOOLAND: bn = (bn1 != bnZero && bn2 != bnZero);
break;
1000 case OP_BOOLOR: bn = (bn1 != bnZero || bn2 != bnZero);
break;
1008 case OP_MIN: bn = (bn1 < bn2 ? bn1 : bn2);
break;
1009 case OP_MAX: bn = (bn1 > bn2 ? bn1 : bn2);
break;
1010 default:
assert(!
"invalid opcode");
break;
1014 stack.push_back(bn.
getvch());
1029 if (stack.size() < 3)
1034 bool fValue = (bn2 <= bn1 && bn1 < bn3);
1038 stack.push_back(fValue ? vchTrue : vchFalse);
1053 if (stack.size() < 1)
1068 stack.push_back(vchHash);
1078 pbegincodehash = pc;
1087 if (stack.size() < 2)
1093 bool fSuccess =
true;
1094 if (!
EvalChecksig(vchSig, vchPubKey, pbegincodehash, pend, execdata,
flags, checker, sigversion, serror, fSuccess))
return false;
1097 stack.push_back(fSuccess ? vchTrue : vchFalse);
1120 bool success =
true;
1121 if (!
EvalChecksig(sig, pubkey, pbegincodehash, pend, execdata,
flags, checker, sigversion, serror, success))
return false;
1125 stack.push_back((num + (success ? 1 : 0)).getvch());
1137 if ((
int)stack.size() < i)
1143 nOpCount += nKeysCount;
1149 int ikey2 = nKeysCount + 2;
1151 if ((
int)stack.size() < i)
1155 if (nSigsCount < 0 || nSigsCount > nKeysCount)
1159 if ((
int)stack.size() < i)
1163 CScript scriptCode(pbegincodehash, pend);
1166 for (
int k = 0;
k < nSigsCount;
k++)
1176 bool fSuccess =
true;
1177 while (fSuccess && nSigsCount > 0)
1203 if (nSigsCount > nKeysCount)
1223 if (stack.size() < 1)
1229 stack.push_back(fSuccess ? vchTrue : vchFalse);
1255 if (!vfExec.empty())
1258 return set_success(serror);
1264 return EvalScript(stack, script,
flags, checker, sigversion, execdata, serror);
1274 class CTransactionSignatureSerializer
1279 const unsigned int nIn;
1280 const bool fAnyoneCanPay;
1281 const bool fHashSingle;
1282 const bool fHashNone;
1285 CTransactionSignatureSerializer(
const T& txToIn,
const CScript& scriptCodeIn,
unsigned int nInIn,
int nHashTypeIn) :
1286 txTo(txToIn), scriptCode(scriptCodeIn), nIn(nInIn),
1292 template<
typename S>
1293 void SerializeScriptCode(
S &s)
const {
1297 unsigned int nCodeSeparators = 0;
1298 while (scriptCode.
GetOp(it, opcode)) {
1304 while (scriptCode.
GetOp(it, opcode)) {
1306 s.write(
AsBytes(
Span{&itBegin[0], size_t(it - itBegin - 1)}));
1310 if (itBegin != scriptCode.
end())
1311 s.write(
AsBytes(
Span{&itBegin[0], size_t(it - itBegin)}));
1315 template<
typename S>
1316 void SerializeInput(
S &s,
unsigned int nInput)
const {
1327 SerializeScriptCode(s);
1329 if (nInput != nIn && (fHashSingle || fHashNone))
1337 template<
typename S>
1338 void SerializeOutput(
S &s,
unsigned int nOutput)
const {
1339 if (fHashSingle && nOutput != nIn)
1347 template<
typename S>
1352 unsigned int nInputs = fAnyoneCanPay ? 1 : txTo.vin.size();
1354 for (
unsigned int nInput = 0; nInput < nInputs; nInput++)
1355 SerializeInput(s, nInput);
1357 unsigned int nOutputs = fHashNone ? 0 : (fHashSingle ? nIn+1 : txTo.vout.size());
1359 for (
unsigned int nOutput = 0; nOutput < nOutputs; nOutput++)
1360 SerializeOutput(s, nOutput);
1368 uint256 GetPrevoutsSHA256(
const T& txTo)
1371 for (
const auto& txin : txTo.vin) {
1374 return ss.GetSHA256();
1379 uint256 GetSequencesSHA256(
const T& txTo)
1382 for (
const auto& txin : txTo.vin) {
1383 ss << txin.nSequence;
1385 return ss.GetSHA256();
1390 uint256 GetOutputsSHA256(
const T& txTo)
1393 for (
const auto& txout : txTo.vout) {
1396 return ss.GetSHA256();
1400 uint256 GetSpentAmountsSHA256(
const std::vector<CTxOut>& outputs_spent)
1403 for (
const auto& txout : outputs_spent) {
1406 return ss.GetSHA256();
1410 uint256 GetSpentScriptsSHA256(
const std::vector<CTxOut>& outputs_spent)
1413 for (
const auto& txout : outputs_spent) {
1414 ss << txout.scriptPubKey;
1416 return ss.GetSHA256();
1434 bool uses_bip143_segwit = force;
1435 bool uses_bip341_taproot = force;
1436 for (
size_t inpos = 0; inpos < txTo.vin.size() && !(uses_bip143_segwit && uses_bip341_taproot); ++inpos) {
1437 if (!txTo.vin[inpos].scriptWitness.IsNull()) {
1444 uses_bip341_taproot =
true;
1449 uses_bip143_segwit =
true;
1452 if (uses_bip341_taproot && uses_bip143_segwit)
break;
1455 if (uses_bip143_segwit || uses_bip341_taproot) {
1461 if (uses_bip143_segwit) {
1467 if (uses_bip341_taproot) {
1499 assert(!
"Unknown MissingDataBehavior value");
1502 template<
typename T>
1505 uint8_t ext_flag, key_version;
1506 switch (sigversion) {
1522 assert(in_pos < tx_to.vin.size());
1530 static constexpr uint8_t EPOCH = 0;
1536 if (!(hash_type <= 0x03 || (hash_type >= 0x81 && hash_type <= 0x83)))
return false;
1541 ss << tx_to.nLockTime;
1555 const uint8_t spend_type = (ext_flag << 1) + (have_annex ? 1 : 0);
1558 ss << tx_to.vin[in_pos].prevout;
1560 ss << tx_to.vin[in_pos].nSequence;
1570 if (in_pos >= tx_to.vout.size())
return false;
1573 sha_single_output << tx_to.vout[in_pos];
1595 assert(nIn < txTo.vin.size());
1614 }
else if ((nHashType & 0x1f) ==
SIGHASH_SINGLE && nIn < txTo.vout.size()) {
1616 ss << txTo.vout[nIn];
1629 ss << txTo.vin[nIn].prevout;
1632 ss << txTo.vin[nIn].nSequence;
1636 ss << txTo.nLockTime;
1645 if (nIn >= txTo.vout.size()) {
1652 CTransactionSignatureSerializer<T> txTmp(txTo, scriptCode, nIn, nHashType);
1656 ss << txTmp << nHashType;
1663 return pubkey.
Verify(sighash, vchSig);
1680 std::vector<unsigned char> vchSig(vchSigIn);
1683 int nHashType = vchSig.back();
1689 uint256 sighash =
SignatureHash(scriptCode, *txTo, nIn, nHashType, amount, sigversion, this->txdata);
1691 if (!VerifyECDSASignature(vchSig, pubkey, sighash))
1712 if (sig.
size() == 65) {
1718 if (!
SignatureHashSchnorr(sighash, execdata, *txTo, nIn, hashtype, sigversion, *this->txdata, m_mdb)) {
1743 if (nLockTime > (int64_t)txTo->nLockTime)
1767 const int64_t txToSequence = (int64_t)txTo->vin[nIn].nSequence;
1771 if (
static_cast<uint32_t
>(txTo->nVersion) < 2)
1784 const int64_t txToSequenceMasked = txToSequence & nLockTimeMask;
1785 const CScriptNum nSequenceMasked = nSequence & nLockTimeMask;
1803 if (nSequenceMasked > txToSequenceMasked)
1815 std::vector<valtype> stack{stack_span.
begin(), stack_span.
end()};
1820 while (pc < exec_script.
end()) {
1822 if (!exec_script.
GetOp(pc, opcode)) {
1831 return set_success(serror);
1840 for (
const valtype& elem : stack) {
1845 if (!
EvalScript(stack, exec_script,
flags, checker, sigversion, execdata, serror))
return false;
1862 for (
int i = 0; i < path_len; ++i) {
1865 if (std::lexicographical_compare(
k.begin(),
k.end(),
node.begin(),
node.end())) {
1866 ss_branch <<
k <<
node;
1868 ss_branch <<
node <<
k;
1870 k = ss_branch.GetSHA256();
1886 return q.CheckTapTweak(p, merkle_root, control[0] & 1);
1895 if (witversion == 0) {
1898 if (stack.size() == 0) {
1902 exec_script =
CScript(script_bytes.begin(), script_bytes.end());
1905 if (memcmp(hash_exec_script.
begin(), program.data(), 32)) {
1911 if (stack.size() != 2) {
1923 if (stack.size() >= 2 && !stack.back().empty() && stack.back()[0] ==
ANNEX_TAG) {
1932 if (stack.size() == 1) {
1937 return set_success(serror);
1942 exec_script =
CScript(script_bytes.begin(), script_bytes.end());
1960 return set_success(serror);
1975 if (witness ==
nullptr) {
1976 witness = &emptyWitness;
1978 bool hadWitness =
false;
1988 std::vector<std::vector<unsigned char> > stack, stackCopy;
2004 std::vector<unsigned char> witnessprogram;
2008 if (scriptSig.
size() != 0) {
2029 swap(stack, stackCopy);
2036 const valtype& pubKeySerialized = stack.back();
2037 CScript pubKey2(pubKeySerialized.begin(), pubKeySerialized.end());
2052 if (scriptSig !=
CScript() << std::vector<unsigned char>(pubKey2.
begin(), pubKey2.
end())) {
2075 if (stack.size() != 1) {
2085 if (!hadWitness && !witness->
IsNull()) {
2090 return set_success(serror);
2095 if (witversion == 0) {
2119 std::vector<unsigned char> witnessprogram;
2121 return WitnessSigOps(witnessversion, witnessprogram, witness ? *witness : witnessEmpty);
2126 std::vector<unsigned char> data;
2127 while (pc < scriptSig.
end()) {
2129 scriptSig.
GetOp(pc, opcode, data);
2131 CScript subscript(data.begin(), data.end());
2133 return WitnessSigOps(witnessversion, witnessprogram, witness ? *witness : witnessEmpty);
size_t GetSerializeSize(const T &t, int nVersion=0)
uint256 m_prevouts_single_hash
size_t CountWitnessSigOps(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags)
static constexpr size_t WITNESS_V0_KEYHASH_SIZE
bool VerifySchnorr(const uint256 &msg, Span< const unsigned char > sigbytes) const
Verify a Schnorr signature against this public key.
@ SCRIPT_ERR_WITNESS_MALLEATED_P2SH
iterator insert(iterator pos, const T &value)
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
int FindAndDelete(CScript &script, const CScript &b)
static constexpr size_t WITNESS_V0_SCRIPTHASH_SIZE
Signature hash sizes.
@ SCRIPT_ERR_NEGATIVE_LOCKTIME
@ SCRIPT_ERR_INVALID_ALTSTACK_OPERATION
const CHashWriter HASHER_TAPBRANCH
Hasher with tag "TapBranch" pre-fed to it.
CSHA256 & Write(const unsigned char *data, size_t len)
A hasher class for RIPEMD-160.
if(na.IsAddrV1Compatible())
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
@ BASE
Bare scripts and BIP16 P2SH-wrapped redeemscripts.
@ SCRIPT_VERIFY_CLEANSTACK
@ SCRIPT_VERIFY_MINIMALIF
CHash256 & Write(Span< const unsigned char > input)
MissingDataBehavior
Enum to specify what *TransactionSignatureChecker's behavior should be when dealing with missing tran...
static constexpr size_t TAPROOT_CONTROL_BASE_SIZE
static constexpr int64_t VALIDATION_WEIGHT_OFFSET
bool CheckECDSASignature(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const override
uint256 m_spent_amounts_single_hash
std::vector< CTxOut > m_spent_outputs
void Finalize(unsigned char hash[OUTPUT_SIZE])
static constexpr unsigned int ANNEX_TAG
@ SCRIPT_ERR_TAPROOT_WRONG_CONTROL_SIZE
@ SCRIPT_ERR_SIG_NULLFAIL
T & SpanPopBack(Span< T > &span)
Pop the last element off a span, and return a reference to that element.
virtual bool CheckECDSASignature(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const
static void popstack(std::vector< valtype > &stack)
uint256 m_sequences_single_hash
static constexpr unsigned int SIZE
secp256k1:
@ SCRIPT_ERR_WITNESS_UNEXPECTED
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION
uint256 GetSHA256()
Compute the SHA256 hash of all data written to this object.
uint32_t m_codeseparator_pos
Opcode position of the last executed OP_CODESEPARATOR (or 0xFFFFFFFF if none executed).
bool IsWitnessProgram(int &version, std::vector< unsigned char > &program) const
static constexpr unsigned int size()
static constexpr int64_t VALIDATION_WEIGHT_PER_SIGOP_PASSED
@ SCRIPT_ERR_SIG_PUSHONLY
opcodetype
Script opcodes.
void Finalize(unsigned char hash[OUTPUT_SIZE])
bool m_bip143_segwit_ready
Whether the 3 fields above are initialized.
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS
bool m_annex_present
Whether an annex is present.
PrecomputedTransactionData()=default
bool IsPayToScriptHash() const
@ SCRIPT_ERR_CHECKMULTISIGVERIFY
static const int MAX_SCRIPT_SIZE
@ SCRIPT_VERIFY_SIGPUSHONLY
@ FAIL
Just act as if the signature was invalid.
static const int MAX_PUBKEYS_PER_MULTISIG
void Serialize(Stream &, char)=delete
int64_t m_validation_weight_left
How much validation weight is left (decremented for every successful non-empty signature check).
@ TAPROOT
Witness v1 with 32-byte program, not BIP16 P2SH-wrapped, key path spending; see BIP 341.
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
static const uint32_t SEQUENCE_LOCKTIME_MASK
If CTxIn::nSequence encodes a relative lock-time, this mask is applied to extract that lock-time from...
The basic transaction that is broadcasted on the network and contained in blocks.
virtual bool CheckSchnorrSignature(Span< const unsigned char > sig, Span< const unsigned char > pubkey, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror=nullptr) const
enum ScriptError_t ScriptError
@ SCRIPT_ERR_TAPSCRIPT_VALIDATION_WEIGHT
static bool HandleMissingData(MissingDataBehavior mdb)
static constexpr size_t TAPROOT_CONTROL_MAX_SIZE
static const uint32_t SEQUENCE_FINAL
Setting nSequence to this value for every input in a transaction disables nLockTime/IsFinalTx().
uint256 m_spent_scripts_single_hash
@ SCRIPT_ERR_SCHNORR_SIG_HASHTYPE
bool CheckMinimalPush(const valtype &data, opcodetype opcode)
bool IsPushOnly(const_iterator pc) const
Called by IsStandardTx and P2SH/BIP62 VerifyScript (which makes it consensus-critical).
constexpr std::size_t size() const noexcept
A Span is an object that can refer to a contiguous sequence of objects.
@ SCRIPT_ERR_DISABLED_OPCODE
static bool IsCompressedPubKey(const valtype &vchPubKey)
@ SCRIPT_ERR_WITNESS_PROGRAM_WITNESS_EMPTY
uint256 SHA256Uint256(const uint256 &input)
Single-SHA256 a 32-byte input (represented as uint256).
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION
bool CheckSchnorrSignature(Span< const unsigned char > sig, Span< const unsigned char > pubkey, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror=nullptr) const override
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE
uint256 ComputeTaprootMerkleRoot(Span< const unsigned char > control, const uint256 &tapleaf_hash)
Compute the BIP341 taproot script tree Merkle root from control block and leaf hash.
virtual bool VerifyECDSASignature(const std::vector< unsigned char > &vchSig, const CPubKey &vchPubKey, const uint256 &sighash) const
static bool EvalChecksig(const valtype &sig, const valtype &pubkey, CScript::const_iterator pbegincodehash, CScript::const_iterator pend, ScriptExecutionData &execdata, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptError *serror, bool &success)
Helper for OP_CHECKSIG, OP_CHECKSIGVERIFY, and (in Tapscript) OP_CHECKSIGADD.
@ SCRIPT_VERIFY_NULLDUMMY
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS
An output of a transaction.
#define S(a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p)
uint256 m_outputs_single_hash
CSHA1 & Write(const unsigned char *data, size_t len)
A hasher class for Bitcoin's 160-bit hash (SHA-256 + RIPEMD-160).
uint256 m_tapleaf_hash
The tapleaf hash.
bool Verify(const uint256 &hash, const std::vector< unsigned char > &vchSig) const
Verify a DER signature (~72 bytes).
bool m_annex_init
Whether m_annex_present and (when needed) m_annex_hash are initialized.
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
void WriteCompactSize(CSizeComputer &os, uint64_t nSize)
bool m_codeseparator_pos_init
Whether m_codeseparator_pos is initialized.
static constexpr uint8_t TAPROOT_LEAF_MASK
@ SCRIPT_VERIFY_CHECKSEQUENCEVERIFY
CRIPEMD160 & Write(const unsigned char *data, size_t len)
void Finalize(Span< unsigned char > output)
static const unsigned int MAX_SCRIPT_ELEMENT_SIZE
bool IsOpSuccess(const opcodetype &opcode)
Test for OP_SUCCESSx opcodes as defined by BIP342.
@ SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS
bool CheckLockTime(const CScriptNum &nLockTime) const override
@ SCRIPT_ERR_SIG_FINDANDDELETE
int64_t CAmount
Amount in satoshis (Can be negative)
constexpr C * begin() const noexcept
@ SCRIPT_ERR_DISCOURAGE_OP_SUCCESS
bool m_spent_outputs_ready
Whether m_spent_outputs is initialized.
static bool IsValidSignatureEncoding(const std::vector< unsigned char > &sig)
A canonical signature exists of: <30> <total len> <02> <len R> <R> <02> <len S> <hashtype> Where R a...
@ WITNESS_V0
Witness v0 (P2WPKH and P2WSH); see BIP 141.
void Finalize(Span< unsigned char > output)
@ SCRIPT_ERR_SIG_HASHTYPE
@ SCRIPT_ERR_INVALID_STACK_OPERATION
bool CheckSignatureEncoding(const std::vector< unsigned char > &vchSig, unsigned int flags, ScriptError *serror)
@ SCRIPT_VERIFY_MINIMALDATA
static constexpr unsigned int COMPRESSED_SIZE
static bool IsCompressedOrUncompressedPubKey(const valtype &vchPubKey)
void Finalize(unsigned char hash[OUTPUT_SIZE])
#define stacktop(i)
Script is a stack machine (like Forth) that evaluates a predicate returning a bool indicating valid o...
@ ASSERT_FAIL
Abort execution through assertion failure (for consensus code)
Serialized script, used inside transaction inputs and outputs.
static bool EvalChecksigPreTapscript(const valtype &vchSig, const valtype &vchPubKey, CScript::const_iterator pbegincodehash, CScript::const_iterator pend, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptError *serror, bool &fSuccess)
static const int MAX_OPS_PER_SCRIPT
@ SCRIPT_VERIFY_WITNESS_PUBKEYTYPE
@ SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH
static const unsigned int LOCKTIME_THRESHOLD
std::vector< unsigned char > getvch() const
Span< const std::byte > AsBytes(Span< T > s) noexcept
bool m_tapleaf_hash_init
Whether m_tapleaf_hash is initialized.
@ SCRIPT_ERR_OP_CODESEPARATOR
An encapsulated public key.
@ SCRIPT_ERR_SCHNORR_SIG_SIZE
@ SCRIPT_ERR_CHECKSIGVERIFY
@ SCRIPT_ERR_TAPSCRIPT_CHECKMULTISIG
const CHashWriter HASHER_TAPLEAF
Hasher with tag "TapLeaf" pre-fed to it.
uint256 SignatureHash(const CScript &scriptCode, const T &txTo, unsigned int nIn, int nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
static bool IsLowDERSignature(const valtype &vchSig, ScriptError *serror)
@ SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH
@ SCRIPT_ERR_UNBALANCED_CONDITIONAL
@ SCRIPT_ERR_PUBKEY_COUNT
@ TAPSCRIPT
Witness v1 with 32-byte program, not BIP16 P2SH-wrapped, script path spending, leaf version 0xc0; see...
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror)
unsigned int GetSigOpCount(bool fAccurate) const
Pre-version-0.6, Bitcoin always counted CHECKMULTISIGs as 20 sigops.
bool CheckSequence(const CScriptNum &nSequence) const override
static const uint32_t SEQUENCE_LOCKTIME_TYPE_FLAG
If CTxIn::nSequence encodes a relative lock-time and this flag is set, the relative lock-time has uni...
virtual bool CheckSequence(const CScriptNum &nSequence) const
const CHashWriter HASHER_TAPSIGHASH
Hasher with tag "TapSighash" pre-fed to it.
A writer stream (for serialization) that computes a 256-bit hash.
CHash160 & Write(Span< const unsigned char > input)
static const int MAX_STACK_SIZE
A hasher class for SHA-256.
static constexpr uint8_t TAPROOT_LEAF_TAPSCRIPT
static bool IsDefinedHashtypeSignature(const valtype &vchSig)
uint256 m_annex_hash
Hash of the annex data.
@ SCRIPT_ERR_NUMEQUALVERIFY
@ SCRIPT_ERR_TAPSCRIPT_MINIMALIF
static bool CheckPubKeyEncoding(const valtype &vchPubKey, unsigned int flags, const SigVersion &sigversion, ScriptError *serror)
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_PUBKEYTYPE
static constexpr size_t WITNESS_V1_TAPROOT_SIZE
std::vector< unsigned char > valtype
static constexpr size_t TAPROOT_CONTROL_NODE_SIZE
@ SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY
A hasher class for Bitcoin's 256-bit hash (double SHA-256).
static size_t WitnessSigOps(int witversion, const std::vector< unsigned char > &witprogram, const CScriptWitness &witness)
CHashWriter TaggedHash(const std::string &tag)
Return a CHashWriter primed for tagged hashes (as specified in BIP 340).
@ SCRIPT_ERR_SIG_NULLDUMMY
bool m_bip341_taproot_ready
Whether the 5 fields above are initialized.
static bool VerifyWitnessProgram(const CScriptWitness &witness, int witversion, const std::vector< unsigned char > &program, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror, bool is_p2sh)
A mutable version of CTransaction.
uint256 GetHash()
Compute the double-SHA256 hash of all data written to this object.
uint256 ComputeTapleafHash(uint8_t leaf_version, const CScript &script)
Compute the BIP341 tapleaf hash from leaf version & script.
bool SignatureHashSchnorr(uint256 &hash_out, ScriptExecutionData &execdata, const T &tx_to, uint32_t in_pos, uint8_t hash_type, SigVersion sigversion, const PrecomputedTransactionData &cache, MissingDataBehavior mdb)
@ SCRIPT_ERR_WITNESS_MALLEATED
@ SCRIPT_ERR_UNKNOWN_ERROR
static bool EvalChecksigTapscript(const valtype &sig, const valtype &pubkey, ScriptExecutionData &execdata, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptError *serror, bool &success)
@ SCRIPT_ERR_UNSATISFIED_LOCKTIME
@ SCRIPT_VERIFY_CONST_SCRIPTCODE
bool m_validation_weight_left_init
Whether m_validation_weight_left is initialized.
static bool ExecuteWitnessScript(const Span< const valtype > &stack_span, const CScript &exec_script, unsigned int flags, SigVersion sigversion, const BaseSignatureChecker &checker, ScriptExecutionData &execdata, ScriptError *serror)
std::optional< uint256 > m_output_hash
The hash of the corresponding output.
constexpr C * end() const noexcept
@ SCRIPT_ERR_WITNESS_PUBKEYTYPE
static bool VerifyTaprootCommitment(const std::vector< unsigned char > &control, const std::vector< unsigned char > &program, const uint256 &tapleaf_hash)
std::vector< std::vector< unsigned char > > stack
virtual bool CheckLockTime(const CScriptNum &nLockTime) const
static bool CheckLowS(const std::vector< unsigned char > &vchSig)
Check whether a signature is normalized (lower-S).
@ SCRIPT_VERIFY_STRICTENC
CONSTEXPR_IF_NOT_DEBUG Span< C > subspan(std::size_t offset) const noexcept
static const int PROTOCOL_VERSION
network protocol versioning
bool GetOp(const_iterator &pc, opcodetype &opcodeRet, std::vector< unsigned char > &vchRet) const
static const uint32_t SEQUENCE_LOCKTIME_DISABLE_FLAG
If this flag is set, CTxIn::nSequence is NOT interpreted as a relative lock-time.
bool CastToBool(const valtype &vch)
@ SIGHASH_DEFAULT
Taproot only; implied when sighash byte is missing, and equivalent to SIGHASH_ALL.
virtual bool VerifySchnorrSignature(Span< const unsigned char > sig, const XOnlyPubKey &pubkey, const uint256 &sighash) const