5#include <test/data/script_tests.json.h>
6#include <test/data/bip341_wallet_vectors.json.h>
31#include <boost/test/unit_test.hpp>
102 BOOST_ERROR(
"Unknown scripterror enumeration value, update script_errors in script_tests.cpp.");
111 BOOST_ERROR(
"Unknown scripterror \"" <<
name <<
"\" in test description");
130 for (
int i = 0; i < 16; ++i) {
132 uint32_t combined_flags{
expect ? (
flags & ~extra_flags) : (
flags | extra_flags)};
136 BOOST_CHECK_MESSAGE(
VerifyScript(scriptSig, scriptPubKey, &scriptWitness, combined_flags,
MutableTransactionSignatureChecker(&tx, 0, txCredit.
vout[0].nValue,
MissingDataBehavior::ASSERT_FAIL), &err) ==
expect, message +
strprintf(
" (with flags %x)", combined_flags));
143 std::vector<unsigned char> r,
s;
144 r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
145 s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
148 static const unsigned char order[33] = {
150 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
151 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
152 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
153 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
155 while (
s.size() < 33) {
156 s.insert(
s.begin(), 0x00);
159 for (
int p = 32; p >= 1; p--) {
160 int n = (int)order[p] -
s[p] - carry;
161 s[p] = (n + 256) & 0xFF;
165 if (
s.size() > 1 &&
s[0] == 0 &&
s[1] < 0x80) {
171 vchSig.push_back(0x30);
172 vchSig.push_back(4 + r.size() +
s.size());
173 vchSig.push_back(0x02);
174 vchSig.push_back(r.size());
175 vchSig.insert(vchSig.end(), r.begin(), r.end());
176 vchSig.push_back(0x02);
177 vchSig.push_back(
s.size());
178 vchSig.insert(vchSig.end(),
s.begin(),
s.end());
183const unsigned char vchKey0[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1};
184const unsigned char vchKey1[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0};
185const unsigned char vchKey2[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0};
189 CKey key0, key0C, key1, key1C, key2, key2C;
190 CPubKey pubkey0, pubkey0C, pubkey0H;
196 key0.
Set(vchKey0, vchKey0 + 32,
false);
197 key0C.
Set(vchKey0, vchKey0 + 32,
true);
201 *
const_cast<unsigned char*
>(pubkey0H.
data()) = 0x06 | (pubkey0H[64] & 1);
203 key1.
Set(vchKey1, vchKey1 + 32,
false);
204 key1C.
Set(vchKey1, vchKey1 + 32,
true);
208 key2.
Set(vchKey2, vchKey2 + 32,
false);
209 key2C.
Set(vchKey2, vchKey2 + 32,
true);
215enum class WitnessMode {
233 bool havePush{
false};
234 std::vector<unsigned char> push;
243 spendTx.
vin[0].scriptSig << push;
248 void DoPush(
const std::vector<unsigned char>&
data)
256 TestBuilder(
const CScript& script_,
const std::string& comment_, uint32_t flags_,
bool P2SH =
false, WitnessMode wm =
WitnessMode::NONE,
int witnessversion = 0,
CAmount nValue_ = 0) :
script(script_), comment(comment_),
flags(flags_), nValue(nValue_)
259 if (wm == WitnessMode::PKH) {
264 }
else if (wm == WitnessMode::SH) {
265 witscript = scriptPubKey;
271 redeemscript = scriptPubKey;
287 spendTx.
vin[0].scriptSig << _op;
291 TestBuilder&
Num(
int num)
294 spendTx.
vin[0].scriptSig << num;
298 TestBuilder& Push(
const std::string& hex)
304 TestBuilder& Push(
const CScript& _script)
306 DoPush(std::vector<unsigned char>(_script.
begin(), _script.
end()));
313 std::vector<unsigned char> vchSig, r,
s;
316 key.
Sign(hash, vchSig,
false, iter++);
317 if ((lenS == 33) != (vchSig[5 + vchSig[3]] == 33)) {
320 r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
321 s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
322 }
while (lenR != r.size() || lenS !=
s.size());
323 vchSig.push_back(
static_cast<unsigned char>(nHashType));
332 return PushSig(key, nHashType, lenR, lenS, sigversion, amount).AsWit();
335 TestBuilder& Push(
const CPubKey& pubkey)
337 DoPush(std::vector<unsigned char>(pubkey.
begin(), pubkey.
end()));
341 TestBuilder& PushRedeem()
343 DoPush(std::vector<unsigned char>(redeemscript.
begin(), redeemscript.
end()));
347 TestBuilder& PushWitRedeem()
349 DoPush(std::vector<unsigned char>(witscript.
begin(), witscript.
end()));
353 TestBuilder& EditPush(
unsigned int pos,
const std::string& hexin,
const std::string& hexout)
356 std::vector<unsigned char> datain =
ParseHex(hexin);
357 std::vector<unsigned char> dataout =
ParseHex(hexout);
358 assert(pos + datain.size() <= push.size());
359 BOOST_CHECK_MESSAGE(std::vector<unsigned char>(push.begin() + pos, push.begin() + pos + datain.size()) == datain, comment);
360 push.erase(push.begin() + pos, push.begin() + pos + datain.size());
361 push.insert(push.begin() + pos, dataout.begin(), dataout.end());
365 TestBuilder& DamagePush(
unsigned int pos)
368 assert(pos < push.size());
375 TestBuilder copy = *
this;
377 test.
DoTest(creditTx->vout[0].scriptPubKey, spendTx.
vin[0].scriptSig, scriptWitness,
flags, comment, scriptError, nValue);
385 scriptWitness.
stack.push_back(push);
394 if (!scriptWitness.
stack.empty()) {
396 for (
unsigned i = 0; i < scriptWitness.
stack.size(); i++) {
400 array.push_back(std::move(wit));
403 array.push_back(
FormatScript(creditTx->vout[0].scriptPubKey));
406 array.push_back(comment);
410 std::string GetComment()
const
416std::string JSONPrettyPrint(
const UniValue& univalue)
418 std::string
ret = univalue.
write(4);
421 while ((pos =
ret.find(
" \n", pos)) != std::string::npos) {
422 ret.replace(pos, 2,
"\n");
435 std::vector<TestBuilder> tests;
439 ).PushSig(keys.key0));
446 ).PushSig(keys.key1).Push(keys.pubkey1C));
448 "P2PKH, bad pubkey", 0
452 "P2PK anyonecanpay", 0
455 "P2PK anyonecanpay marked with normal hashtype", 0
460 ).PushSig(keys.key0).PushRedeem());
467 ).PushSig(keys.key0).Push(keys.pubkey0).PushRedeem());
469 "P2SH(P2PKH), bad sig but no VERIFY_P2SH", 0,
true
470 ).PushSig(keys.key0).DamagePush(10).PushRedeem());
477 ).Num(0).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
484 ).Num(0).PushSig(keys.key1).PushSig(keys.key2).PushRedeem());
490 "P2PK with too much R padding but no DERSIG", 0
491 ).PushSig(keys.key1,
SIGHASH_ALL, 31, 32).EditPush(1,
"43021F",
"44022000"));
496 "P2PK with too much S padding but no DERSIG", 0
497 ).PushSig(keys.key1,
SIGHASH_ALL).EditPush(1,
"44",
"45").EditPush(37,
"20",
"2100"));
502 "P2PK with too little R padding but no DERSIG", 0
503 ).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
508 "P2PK NOT with bad sig with too much R padding but no DERSIG", 0
509 ).PushSig(keys.key2,
SIGHASH_ALL, 31, 32).EditPush(1,
"43021F",
"44022000").DamagePush(10));
514 "P2PK NOT with too much R padding but no DERSIG", 0
521 "BIP66 example 1, without DERSIG", 0
522 ).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
527 "BIP66 example 2, without DERSIG", 0
533 "BIP66 example 3, without DERSIG", 0
539 "BIP66 example 4, without DERSIG", 0
545 "BIP66 example 5, without DERSIG", 0
551 "BIP66 example 6, without DERSIG", 0
557 "BIP66 example 7, without DERSIG", 0
558 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").PushSig(keys.key2));
563 "BIP66 example 8, without DERSIG", 0
569 "BIP66 example 9, without DERSIG", 0
575 "BIP66 example 10, without DERSIG", 0
576 ).Num(0).Num(0).PushSig(keys.key2,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
581 "BIP66 example 11, without DERSIG", 0
587 "BIP66 example 12, without DERSIG", 0
588 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").Num(0));
591 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").Num(0));
593 "P2PK with multi-byte hashtype, without DERSIG", 0
594 ).PushSig(keys.key2,
SIGHASH_ALL).EditPush(70,
"01",
"0101"));
600 "P2PK with high S but no LOW_S", 0
607 "P2PK with hybrid pubkey but no STRICTENC", 0
613 "P2PK NOT with hybrid pubkey but no STRICTENC", 0
619 "P2PK NOT with invalid hybrid pubkey but no STRICTENC", 0
625 "1-of-2 with the second 1 hybrid pubkey and no STRICTENC", 0
635 "P2PK with undefined hashtype but no STRICTENC", 0
636 ).PushSig(keys.key1, 5));
641 "P2PK NOT with invalid sig and undefined hashtype but no STRICTENC", 0
642 ).PushSig(keys.key1, 5).DamagePush(10));
648 "3-of-3 with nonzero dummy but no NULLDUMMY", 0
649 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
654 "3-of-3 NOT with invalid sig and nonzero dummy but no NULLDUMMY", 0
655 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10));
658 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10).ScriptError(
SCRIPT_ERR_SIG_NULLDUMMY));
661 "2-of-2 with two identical keys and sigs pushed using OP_DUP but no SIGPUSHONLY", 0
662 ).Num(0).PushSig(keys.key1).Opcode(
OP_DUP));
667 "P2SH(P2PK) with non-push scriptSig but no P2SH or SIGPUSHONLY", 0,
true
668 ).PushSig(keys.key2).Opcode(
OP_NOP8).PushRedeem());
670 "P2PK with non-push scriptSig but with P2SH validation", 0
671 ).PushSig(keys.key2).Opcode(
OP_NOP8));
680 ).Num(0).PushSig(keys.key1).PushSig(keys.key1));
683 ).Num(11).PushSig(keys.key0));
689 ).Num(11).PushSig(keys.key0).PushRedeem());
695 ).PushSig(keys.key0).PushRedeem());
699 0, 1).PushWitSig(keys.key0).PushWitRedeem());
702 0, 1).PushWitSig(keys.key0).Push(keys.pubkey0).AsWit());
705 0, 1).PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
708 0, 1).PushWitSig(keys.key0).Push(keys.pubkey0).AsWit().PushRedeem());
722 "Basic P2WSH with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
false, WitnessMode::SH
723 ).PushWitSig(keys.key0).PushWitRedeem());
725 "Basic P2WPKH with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
false, WitnessMode::PKH
726 ).PushWitSig(keys.key0).Push(keys.pubkey1).AsWit());
728 "Basic P2SH(P2WSH) with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
true, WitnessMode::SH
729 ).PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
731 "Basic P2SH(P2WPKH) with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
true, WitnessMode::PKH
732 ).PushWitSig(keys.key0).Push(keys.pubkey1).AsWit().PushRedeem());
744 0, 0).PushWitSig(keys.key0, 1).Push(keys.pubkey0).AsWit().PushRedeem().ScriptError(
SCRIPT_ERR_EVAL_FALSE));
754 std::vector<unsigned char> hashBytes =
ToByteVector(hash);
755 hashBytes.pop_back();
756 tests.push_back(TestBuilder(
CScript() <<
OP_0 << hashBytes,
765 tests.push_back(TestBuilder(witscript,
785 0, 1).PushWitSig(keys.key0C).PushWitRedeem());
788 0, 1).PushWitSig(keys.key0C).Push(keys.pubkey0C).AsWit());
791 0, 1).PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
794 0, 1).PushWitSig(keys.key0C).Push(keys.pubkey0C).AsWit().PushRedeem());
813 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
816 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
819 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem());
822 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem().PushRedeem());
827 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0).PushWitRedeem());
830 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
839 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem());
842 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem().PushRedeem());
852 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
855 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
858 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
861 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
864 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1).PushWitRedeem());
867 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1).PushWitRedeem().PushRedeem());
875 std::set<std::string> tests_set;
880 for (
unsigned int idx = 0; idx < json_tests.
size(); idx++) {
881 const UniValue& tv = json_tests[idx];
882 tests_set.insert(JSONPrettyPrint(tv.
get_array()));
886#ifdef UPDATE_JSON_TESTS
889 for (TestBuilder& test : tests) {
891 std::string str = JSONPrettyPrint(test.GetJSON());
892#ifdef UPDATE_JSON_TESTS
893 strGen += str +
",\n";
895 if (tests_set.count(str) == 0) {
896 BOOST_CHECK_MESSAGE(
false,
"Missing auto script_valid test: " + test.GetComment());
901#ifdef UPDATE_JSON_TESTS
903 fputs(strGen.c_str(), file);
919 for (
unsigned int idx = 0; idx < tests.
size(); idx++) {
921 std::string strTest = test.
write();
924 unsigned int pos = 0;
927 for (i = 0; i < test[pos].
size()-1; i++) {
933 if (test.
size() < 4 + pos)
935 if (test.
size() != 1) {
936 BOOST_ERROR(
"Bad test: " << strTest);
940 std::string scriptSigString = test[pos++].
get_str();
942 std::string scriptPubKeyString = test[pos++].
get_str();
947 DoTest(scriptPubKey, scriptSig, witness, scriptflags, strTest, scriptError, nValue);
955 static const unsigned char direct[] = { 1, 0x5a };
956 static const unsigned char pushdata1[] = {
OP_PUSHDATA1, 1, 0x5a };
957 static const unsigned char pushdata2[] = {
OP_PUSHDATA2, 1, 0, 0x5a };
958 static const unsigned char pushdata4[] = {
OP_PUSHDATA4, 1, 0, 0, 0, 0x5a };
961 std::vector<std::vector<unsigned char> > directStack;
965 std::vector<std::vector<unsigned char> > pushdata1Stack;
970 std::vector<std::vector<unsigned char> > pushdata2Stack;
975 std::vector<std::vector<unsigned char> > pushdata4Stack;
980 const std::vector<unsigned char> pushdata1_trunc{
OP_PUSHDATA1, 1};
981 const std::vector<unsigned char> pushdata2_trunc{
OP_PUSHDATA2, 1, 0};
982 const std::vector<unsigned char> pushdata4_trunc{
OP_PUSHDATA4, 1, 0, 0, 0};
984 std::vector<std::vector<unsigned char>> stack_ignore;
997 std::vector<std::vector<unsigned char>> stack_ignore;
1018 for (
const CKey &key : keys)
1020 std::vector<unsigned char> vchSig;
1030 std::vector<CKey> keys;
1051 txTo12.
vout[0].nValue = 2;
1078 std::vector<CKey> keys;
1079 keys.push_back(key1); keys.push_back(key2);
1085 keys.push_back(key1); keys.push_back(key3);
1091 keys.push_back(key2); keys.push_back(key3);
1097 keys.push_back(key2); keys.push_back(key2);
1103 keys.push_back(key2); keys.push_back(key1);
1109 keys.push_back(key3); keys.push_back(key2);
1115 keys.push_back(key4); keys.push_back(key2);
1121 keys.push_back(key1); keys.push_back(key4);
1136 data.MergeSignatureData(scriptSig1);
1137 data.MergeSignatureData(scriptSig2);
1146 std::vector<CKey> keys;
1147 std::vector<CPubKey> pubkeys;
1148 for (
int i = 0; i < 3; i++)
1151 keys.push_back(key);
1158 CScript& scriptPubKey = txFrom.
vout[0].scriptPubKey;
1192 scriptSigCopy = scriptSig;
1211 std::vector<unsigned char> sig1;
1215 std::vector<unsigned char> sig2;
1219 std::vector<unsigned char> sig3;
1271 const auto invalid_pubkey{
"173d36c8c9c9c9ffffffffffff0200000000021e1e37373721361818181818181e1e1e1e19000000000000000000b19292929292926b006c9b9b9292"_hex_u8};
1273 builder.
Add(0, {invalid_pubkey}, 0xc0);
1299 for (
int i=0; i<67000; i++) {
1302 BOOST_CHECK_MESSAGE(
script.IsPushOnly(),
"Number " << i <<
" is not pure push.");
1308 std::vector<unsigned char>
data(i,
'\111');
1311 BOOST_CHECK_MESSAGE(
script.IsPushOnly(),
"Length " << i <<
" is not pure push.");
1324 static const unsigned char direct[] = { 1 };
1335 std::string derSig(
"304502207fa7a6d1e0ee81132a269ad84e68d695483745cde8b541e3bf630749894e342a022100c1f7ab20e13e22fb95281a870f3dcf38d782e53023ee313d741ad0cfbc0c5090");
1336 std::string pubKey(
"03b0da749730dc9b4b1f4a14d6902877a92541f5368778853d9c4a0cb7802dcfb2");
1358template <
typename T>
1362 return {span.begin(), span.end()};
1372 const CScript scriptPubKey1 =
CScript() <<
"04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f"_hex_v_u8 <<
OP_CHECKSIG;
1373 const CScript scriptPubKey2 =
CScript() <<
"04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f"_hex <<
OP_CHECKSIG;
1490 script =
ToScript(
"76a9141234567890abcdefa1a2a3a4a5a6a7a8a9a0aaab88ac"_hex);
1492 script =
ToScript(
"76a914ff34567890abcdefa1a2a3a4a5a6a7a8a9a0aaab88ac"_hex);
1510 std::vector<CTxOut> prevouts;
1511 for (
size_t i = 0; i < univalue.
size(); ++i) {
1514 prevouts.push_back(std::move(txout));
1523 for (
size_t i = 0; i < univalue.
size(); ++i) {
1524 auto bytes =
ParseHex(univalue[i].get_str());
1525 scriptwitness.
stack.push_back(std::move(bytes));
1527 return scriptwitness;
1532 std::vector<unsigned int>
ret;
1534 for (
unsigned int i = 0; i < 128; ++i) {
1535 unsigned int flag = 0;
1549 ret.push_back(flag);
1563 const std::vector<CTxOut> prevouts =
TxOutsFromJSON(test[
"prevouts"]);
1565 size_t idx = test[
"index"].
getInt<int64_t>();
1569 if (test.
exists(
"success")) {
1570 mtx.
vin[idx].scriptSig =
ScriptFromHex(test[
"success"][
"scriptSig"].get_str());
1574 txdata.
Init(tx, std::vector<CTxOut>(prevouts));
1580 if (fin || ((
flags & test_flags) ==
flags)) {
1581 bool ret =
VerifyScript(tx.
vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.
vin[idx].scriptWitness,
flags, txcheck,
nullptr);
1587 if (test.
exists(
"failure")) {
1588 mtx.
vin[idx].scriptSig =
ScriptFromHex(test[
"failure"][
"scriptSig"].get_str());
1592 txdata.
Init(tx, std::vector<CTxOut>(prevouts));
1597 if ((
flags & test_flags) == test_flags) {
1598 bool ret =
VerifyScript(tx.
vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.
vin[idx].scriptWitness,
flags, txcheck,
nullptr);
1611 const char* dir = std::getenv(
"DIR_UNIT_TEST_DATA");
1612 BOOST_WARN_MESSAGE(dir !=
nullptr,
"Variable DIR_UNIT_TEST_DATA unset, skipping script_assets_test");
1613 if (dir ==
nullptr)
return;
1614 auto path =
fs::path(dir) /
"script_assets_test.json";
1616 BOOST_WARN_MESSAGE(
exists,
"File $DIR_UNIT_TEST_DATA/script_assets_test.json not found, skipping script_assets_test");
1618 std::ifstream file{path};
1620 file.seekg(0, std::ios::end);
1621 size_t length = file.tellg();
1622 file.seekg(0, std::ios::beg);
1623 std::string
data(length,
'\0');
1624 file.read(
data.data(),
data.size());
1629 for (
size_t i = 0; i < tests.
size(); i++) {
1638 tests.
read(json_tests::bip341_wallet_vectors);
1640 const auto& vectors = tests[
"keyPathSpending"];
1642 for (
const auto& vec : vectors.getValues()) {
1643 auto txhex =
ParseHex(vec[
"given"][
"rawUnsignedTx"].get_str());
1646 std::vector<CTxOut> utxos;
1647 for (
const auto& utxo_spent : vec[
"given"][
"utxosSpent"].getValues()) {
1648 auto script_bytes =
ParseHex(utxo_spent[
"scriptPubKey"].get_str());
1650 CAmount amount{utxo_spent[
"amountSats"].getInt<
int>()};
1651 utxos.emplace_back(amount,
script);
1655 txdata.
Init(tx, std::vector<CTxOut>{utxos},
true);
1664 for (
const auto& input : vec[
"inputSpending"].getValues()) {
1665 int txinpos = input[
"given"][
"txinIndex"].getInt<
int>();
1666 int hashtype = input[
"given"][
"hashType"].getInt<
int>();
1669 auto privkey =
ParseHex(input[
"given"][
"internalPrivkey"].get_str());
1671 key.
Set(privkey.begin(), privkey.end(),
true);
1675 if (!input[
"given"][
"merkleRoot"].isNull()) {
1676 merkle_root =
uint256{
ParseHex(input[
"given"][
"merkleRoot"].get_str())};
1687 std::vector<unsigned char> signature;
1692 BOOST_CHECK_EQUAL(
HexStr(pubkey.ComputeTapTweakHash(merkle_root.
IsNull() ?
nullptr : &merkle_root)), input[
"intermediary"][
"tweak"].get_str());
1711 constexpr uint256 hash1{
"8ad69ec7cf41c2a4001fd1f738bf1e505ce2277acdcaa63fe4765192497f47a7"};
1712 constexpr uint256 hash2{
"f224a923cd0021ab202ab139cc56802ddb92dcfc172b9212261a539df79a112a"};
1713 constexpr uint256 result{
"a64c5b7b943315f9b805d7a7296bedfcfd08919270a1f7a1466e98f8693d8cd9"};
1719 constexpr uint8_t
script[6] = {
'f',
'o',
'o',
'b',
'a',
'r'};
1720 constexpr uint256 tlc0{
"edbc10c272a1215dcdcc11d605b9027b5ad6ed97cd45521203f136767b5b9c06"};
1721 constexpr uint256 tlc2{
"8b5c4f90ae6bf76e259dbef5d8a59df06359c391b59263741b25eca76451b27a"};
CScript GetScriptForDestination(const CTxDestination &dest)
Generate a Bitcoin scriptPubKey for the given CTxDestination.
int64_t CAmount
Amount in satoshis (Can be negative)
static CAmount AmountFromValue(const UniValue &value)
#define Assert(val)
Identity function.
A hasher class for Bitcoin's 160-bit hash (SHA-256 + RIPEMD-160).
void Finalize(Span< unsigned char > output)
CHash160 & Write(Span< const unsigned char > input)
An encapsulated private key.
bool Sign(const uint256 &hash, std::vector< unsigned char > &vchSig, bool grind=true, uint32_t test_case=0) const
Create a DER-serialized signature.
CPubKey GetPubKey() const
Compute the public key from a private key.
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
An outpoint - a combination of a transaction hash and an index n into its vout.
An encapsulated public key.
const unsigned char * data() const
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
const unsigned char * end() const
const unsigned char * begin() const
A hasher class for SHA-256.
void Finalize(unsigned char hash[OUTPUT_SIZE])
CSHA256 & Write(const unsigned char *data, size_t len)
Serialized script, used inside transaction inputs and outputs.
A reference to a CScript: the Hash160 of its serialization.
The basic transaction that is broadcasted on the network and contained in blocks.
const std::vector< CTxIn > vin
An output of a transaction.
Fillable signing provider that keeps keys in an address->secret map.
virtual bool AddCScript(const CScript &redeemScript)
virtual bool AddKey(const CKey &key)
A writer stream (for serialization) that computes a 256-bit hash.
A signature creator for transactions.
bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const override
uint64_t randbits(int bits) noexcept
Generate a random (bits)-bit integer.
Valid signature cache, to avoid doing expensive ECDSA signature checking twice for every transaction ...
A Span is an object that can refer to a contiguous sequence of objects.
Minimal stream for reading from an existing byte array by Span.
Utility class to construct Taproot outputs from internal key and script tree.
WitnessV1Taproot GetOutput()
Compute scriptPubKey (after Finalize()).
TaprootSpendData GetSpendData() const
Compute spending data (after Finalize()).
TaprootBuilder & Add(int depth, Span< const unsigned char > script, int leaf_version, bool track=true)
Add a new script at a certain depth in the tree.
TaprootBuilder & Finalize(const XOnlyPubKey &internal_key)
Finalize the construction.
const std::string & get_str() const
std::string write(unsigned int prettyIndent=0, unsigned int indentLevel=0) const
bool read(std::string_view raw)
const UniValue & get_array() const
bool exists(const std::string &key) const
static const XOnlyPubKey NUMS_H
Nothing Up My Sleeve point H Used as an internal key for provably disabling the key path spend see BI...
constexpr bool IsNull() const
constexpr unsigned char * begin()
Path class wrapper to block calls to the fs::path(std::string) implicit constructor and the fs::path:...
void push_back(const T &value)
CScript ParseScript(const std::string &s)
std::string FormatScript(const CScript &script)
std::string ScriptToAsmStr(const CScript &script, const bool fAttemptSighashDecode=false)
Create the assembly string representation of a CScript object.
UniValue ValueFromAmount(const CAmount amount)
BOOST_FIXTURE_TEST_SUITE(cuckoocache_tests, BasicTestingSetup)
Test Suite for CuckooCache.
BOOST_AUTO_TEST_SUITE_END()
std::string HexStr(const Span< const uint8_t > s)
Convert a span of bytes to a lower-case hexadecimal string.
bool SignatureHashSchnorr(uint256 &hash_out, ScriptExecutionData &execdata, const T &tx_to, uint32_t in_pos, uint8_t hash_type, SigVersion sigversion, const PrecomputedTransactionData &cache, MissingDataBehavior mdb)
int FindAndDelete(CScript &script, const CScript &b)
uint256 SignatureHash(const CScript &scriptCode, const T &txTo, unsigned int nIn, int32_t nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
uint256 ComputeTapleafHash(uint8_t leaf_version, Span< const unsigned char > script)
Compute the BIP341 tapleaf hash from leaf version & script.
uint256 ComputeTapbranchHash(Span< const unsigned char > a, Span< const unsigned char > b)
Compute the BIP341 tapbranch hash from two branches.
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror)
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
const HashWriter HASHER_TAPSIGHASH
Hasher with tag "TapSighash" pre-fed to it.
@ TAPROOT
Witness v1 with 32-byte program, not BIP16 P2SH-wrapped, key path spending; see BIP 341.
@ BASE
Bare scripts and BIP16 P2SH-wrapped redeemscripts.
@ WITNESS_V0
Witness v0 (P2WPKH and P2WSH); see BIP 141.
GenericTransactionSignatureChecker< CMutableTransaction > MutableTransactionSignatureChecker
@ SCRIPT_VERIFY_NULLDUMMY
@ SCRIPT_VERIFY_SIGPUSHONLY
@ SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY
@ SCRIPT_VERIFY_WITNESS_PUBKEYTYPE
@ SCRIPT_VERIFY_STRICTENC
@ SCRIPT_VERIFY_CLEANSTACK
@ SCRIPT_VERIFY_MINIMALDATA
@ SCRIPT_VERIFY_CHECKSEQUENCEVERIFY
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
@ SIGHASH_DEFAULT
Taproot only; implied when sighash byte is missing, and equivalent to SIGHASH_ALL.
@ ASSERT_FAIL
Abort execution through assertion failure (for consensus code)
@ FAIL
Just act as if the signature was invalid.
UniValue read_json(std::string_view jsondata)
CKey GenerateRandomKey(bool compressed) noexcept
static bool exists(const path &p)
FILE * fopen(const fs::path &p, const char *mode)
std::pair< opcodetype, std::vector< unsigned char > > Opcode
""_hex is a compile-time user-defined literal returning a std::array<std::byte>, equivalent to ParseH...
#define BOOST_CHECK_EQUAL(v1, v2)
#define BOOST_CHECK(expr)
static constexpr TransactionSerParams TX_NO_WITNESS
static constexpr TransactionSerParams TX_WITH_WITNESS
static CTransactionRef MakeTransactionRef(Tx &&txIn)
std::shared_ptr< const CTransaction > CTransactionRef
static const unsigned int MAX_SCRIPT_ELEMENT_SIZE
opcodetype
Script opcodes.
std::vector< unsigned char > ToByteVector(const T &in)
std::string ScriptErrorString(const ScriptError serror)
enum ScriptError_t ScriptError
@ SCRIPT_ERR_OP_CODESEPARATOR
@ SCRIPT_ERR_SIG_PUSHONLY
@ SCRIPT_ERR_NUMEQUALVERIFY
@ SCRIPT_ERR_DISABLED_OPCODE
@ SCRIPT_ERR_INVALID_ALTSTACK_OPERATION
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
@ SCRIPT_ERR_UNKNOWN_ERROR
@ SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH
@ SCRIPT_ERR_SIG_HASHTYPE
@ SCRIPT_ERR_CHECKSIGVERIFY
@ SCRIPT_ERR_WITNESS_MALLEATED_P2SH
@ SCRIPT_ERR_WITNESS_MALLEATED
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS
@ SCRIPT_ERR_INVALID_STACK_OPERATION
@ SCRIPT_ERR_WITNESS_UNEXPECTED
@ SCRIPT_ERR_NEGATIVE_LOCKTIME
@ SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH
@ SCRIPT_ERR_SIG_NULLFAIL
@ SCRIPT_ERR_SIG_NULLDUMMY
@ SCRIPT_ERR_CHECKMULTISIGVERIFY
@ SCRIPT_ERR_UNSATISFIED_LOCKTIME
@ SCRIPT_ERR_WITNESS_PUBKEYTYPE
@ SCRIPT_ERR_SIG_FINDANDDELETE
@ SCRIPT_ERR_PUBKEY_COUNT
@ SCRIPT_ERR_WITNESS_PROGRAM_WITNESS_EMPTY
@ SCRIPT_ERR_UNBALANCED_CONDITIONAL
static std::string FormatScriptError(ScriptError_t err)
static void NegateSignatureS(std::vector< unsigned char > &vchSig)
static ScriptError_t ParseScriptError(const std::string &name)
static CScript ScriptFromHex(const std::string &str)
SignatureData CombineSignatures(const CTxOut &txout, const CMutableTransaction &tx, const SignatureData &scriptSig1, const SignatureData &scriptSig2)
static ScriptErrorDesc script_errors[]
static CMutableTransaction TxFromHex(const std::string &str)
CScript ToScript(const T &byte_container)
static CScript sign_multisig(const CScript &scriptPubKey, const std::vector< CKey > &keys, const CTransaction &transaction)
unsigned int ParseScriptFlags(std::string strFlags)
static std::vector< unsigned int > AllConsensusFlags()
BOOST_AUTO_TEST_CASE(script_build)
std::string FormatScriptFlags(unsigned int flags)
static const unsigned int gFlags
static std::vector< CTxOut > TxOutsFromJSON(const UniValue &univalue)
static void AssetTest(const UniValue &test, SignatureCache &signature_cache)
static CScriptWitness ScriptWitnessFromJSON(const UniValue &univalue)
static const std::vector< unsigned int > ALL_CONSENSUS_FLAGS
Precomputed list of all valid combinations of consensus-relevant script validation flags.
static constexpr size_t DEFAULT_SIGNATURE_CACHE_BYTES
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &fromPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
static bool GetPubKey(const SigningProvider &provider, const SignatureData &sigdata, const CKeyID &address, CPubKey &pubkey)
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn, const CTxOut &txout)
Extract signature data from a transaction input, and insert it.
std::pair< CPubKey, std::vector< unsigned char > > SigPair
const SigningProvider & DUMMY_SIGNING_PROVIDER
CScript GetScriptForMultisig(int nRequired, const std::vector< CPubKey > &keys)
Generate a multisig script.
constexpr auto MakeUCharSpan(V &&v) -> decltype(UCharSpanCast(Span{std::forward< V >(v)}))
Like the Span constructor, but for (const) unsigned char member types only.
Span(T *, EndOrSize) -> Span< T >
std::vector< Byte > ParseHex(std::string_view hex_str)
Like TryParseHex, but returns an empty vector on invalid input.
A mutable version of CTransaction.
std::vector< CTxOut > vout
Txid GetHash() const
Compute the hash of this CMutableTransaction.
std::vector< std::vector< unsigned char > > stack
std::map< CKeyID, CKey > keys
A type to represent integers in the type system.
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
uint256 m_sequences_single_hash
bool m_bip341_taproot_ready
Whether the 5 fields above are initialized.
uint256 m_prevouts_single_hash
uint256 m_spent_amounts_single_hash
uint256 m_spent_scripts_single_hash
uint256 m_outputs_single_hash
bool m_annex_present
Whether an annex is present.
bool m_annex_init
Whether m_annex_present and (when needed) m_annex_hash are initialized.
void DoTest(const CScript &scriptPubKey, const CScript &scriptSig, const CScriptWitness &scriptWitness, uint32_t flags, const std::string &message, int scriptError, CAmount nValue=0)
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
TaprootSpendData tr_spenddata
Taproot spending data.
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
CMutableTransaction BuildSpendingTransaction(const CScript &scriptSig, const CScriptWitness &scriptWitness, const CTransaction &txCredit)
bool SignSignature(const SigningProvider &provider, const CScript &fromPubKey, CMutableTransaction &txTo, unsigned int nIn, const CAmount &amount, int nHashType, SignatureData &sig_data)
Produce a satisfying script (scriptSig or witness).
CMutableTransaction BuildCreditingTransaction(const CScript &scriptPubKey, int nValue)
std::optional< std::vector< Byte > > TryParseHex(std::string_view str)
Parse the hex string into bytes (uint8_t or std::byte).
1.9.4