sign_8h_source.html

// Copyright (c) 2009-2010 Satoshi Nakamoto

// Copyright (c) 2009-2022 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#ifndef BITCOIN_SCRIPT_SIGN_H

#define BITCOIN_SCRIPT_SIGN_H


#include <attributes.h>

#include <coins.h>

#include <hash.h>

#include <pubkey.h>

#include <script/interpreter.h>

#include <script/keyorigin.h>

#include <script/signingprovider.h>

#include <uint256.h>


class CKey;

class CKeyID;

class CScript;

class CTransaction;

class SigningProvider;


struct bilingual_str;

struct CMutableTransaction;

struct SignatureData;


class BaseSignatureCreator {

public:

    virtual ~BaseSignatureCreator() = default;

    virtual const BaseSignatureChecker& Checker() const =0;


    virtual bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const =0;

    virtual bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const =0;

    virtual std::vector<uint8_t> CreateMuSig2Nonce(const SigningProvider& provider, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion, const SignatureData& sigdata) const =0;

    virtual bool CreateMuSig2PartialSig(const SigningProvider& provider, uint256& partial_sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const =0;

    virtual bool CreateMuSig2AggregateSig(const std::vector<CPubKey>& participants, std::vector<uint8_t>& sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const =0;

};


class MutableTransactionSignatureCreator : public BaseSignatureCreator

{

    const CMutableTransaction& m_txto;

    unsigned int nIn;

    int nHashType;

    CAmount amount;

    const MutableTransactionSignatureChecker checker;

    const PrecomputedTransactionData* m_txdata;


    std::optional<uint256> ComputeSchnorrSignatureHash(const uint256* leaf_hash, SigVersion sigversion) const;


public:

    MutableTransactionSignatureCreator(const CMutableTransaction& tx LIFETIMEBOUND, unsigned int input_idx, const CAmount& amount, int hash_type);

    MutableTransactionSignatureCreator(const CMutableTransaction& tx LIFETIMEBOUND, unsigned int input_idx, const CAmount& amount, const PrecomputedTransactionData* txdata, int hash_type);

    const BaseSignatureChecker& Checker() const override { return checker; }

    bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const override;

    bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const override;

    std::vector<uint8_t> CreateMuSig2Nonce(const SigningProvider& provider, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion, const SignatureData& sigdata) const override;

    bool CreateMuSig2PartialSig(const SigningProvider& provider, uint256& partial_sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const override;

    bool CreateMuSig2AggregateSig(const std::vector<CPubKey>& participants, std::vector<uint8_t>& sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const override;

};


extern const BaseSignatureChecker& DUMMY_CHECKER;

extern const BaseSignatureCreator& DUMMY_SIGNATURE_CREATOR;

extern const BaseSignatureCreator& DUMMY_MAXIMUM_SIGNATURE_CREATOR;


typedef std::pair<CPubKey, std::vector<unsigned char>> SigPair;


// This struct contains information from a transaction input and also contains signatures for that input.

// The information contained here can be used to create a signature and is also filled by ProduceSignature

// in order to construct final scriptSigs and scriptWitnesses.

struct SignatureData {

    bool complete = false;

    bool witness = false;

    CScript scriptSig;

    CScript redeem_script;

    CScript witness_script;

    CScriptWitness scriptWitness;

    TaprootSpendData tr_spenddata;

    std::optional<TaprootBuilder> tr_builder;

    std::map<CKeyID, SigPair> signatures;

    std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>> misc_pubkeys;

    std::vector<unsigned char> taproot_key_path_sig;

    std::map<std::pair<XOnlyPubKey, uint256>, std::vector<unsigned char>> taproot_script_sigs;

    std::map<XOnlyPubKey, std::pair<std::set<uint256>, KeyOriginInfo>> taproot_misc_pubkeys;

    std::map<CKeyID, XOnlyPubKey> tap_pubkeys;

    std::vector<CKeyID> missing_pubkeys;

    std::vector<CKeyID> missing_sigs;

    uint160 missing_redeem_script;

    uint256 missing_witness_script;

    std::map<std::vector<uint8_t>, std::vector<uint8_t>> sha256_preimages;

    std::map<std::vector<uint8_t>, std::vector<uint8_t>> hash256_preimages;

    std::map<std::vector<uint8_t>, std::vector<uint8_t>> ripemd160_preimages;

    std::map<std::vector<uint8_t>, std::vector<uint8_t>> hash160_preimages;

    std::map<CPubKey, std::vector<CPubKey>> musig2_pubkeys;

    std::map<std::pair<CPubKey, uint256>, std::map<CPubKey, std::vector<uint8_t>>> musig2_pubnonces;

    std::map<std::pair<CPubKey, uint256>, std::map<CPubKey, uint256>> musig2_partial_sigs;


    SignatureData() = default;

    explicit SignatureData(const CScript& script) : scriptSig(script) {}

    void MergeSignatureData(SignatureData sigdata);

};


bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& scriptPubKey, SignatureData& sigdata);


SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn, const CTxOut& txout);

void UpdateInput(CTxIn& input, const SignatureData& data);


bool IsSegWitOutput(const SigningProvider& provider, const CScript& script);


bool SignTransaction(CMutableTransaction& mtx, const SigningProvider* provider, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, bilingual_str>& input_errors);


#endif // BITCOIN_SCRIPT_SIGN_H

CAmount
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12

attributes.h

LIFETIMEBOUND
#define LIFETIMEBOUND
Definition: attributes.h:16

BaseSignatureChecker
Definition: interpreter.h:275

BaseSignatureCreator
Interface for signature creators.
Definition: sign.h:29

BaseSignatureCreator::Checker
virtual const BaseSignatureChecker & Checker() const =0

BaseSignatureCreator::CreateSchnorrSig
virtual bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const =0

BaseSignatureCreator::CreateSig
virtual bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const =0
Create a singular (non-script) signature.

BaseSignatureCreator::CreateMuSig2AggregateSig
virtual bool CreateMuSig2AggregateSig(const std::vector< CPubKey > &participants, std::vector< uint8_t > &sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const =0

BaseSignatureCreator::CreateMuSig2PartialSig
virtual bool CreateMuSig2PartialSig(const SigningProvider &provider, uint256 &partial_sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const =0

BaseSignatureCreator::~BaseSignatureCreator
virtual ~BaseSignatureCreator()=default

BaseSignatureCreator::CreateMuSig2Nonce
virtual std::vector< uint8_t > CreateMuSig2Nonce(const SigningProvider &provider, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion, const SignatureData &sigdata) const =0

CKey
An encapsulated private key.
Definition: key.h:36

CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:24

CPubKey
An encapsulated public key.
Definition: pubkey.h:34

CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:413

CTransaction
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:296

CTxIn
An input of a transaction.
Definition: transaction.h:67

CTxOut
An output of a transaction.
Definition: transaction.h:150

GenericTransactionSignatureChecker
Definition: interpreter.h:314

MutableTransactionSignatureCreator
A signature creator for transactions.
Definition: sign.h:44

MutableTransactionSignatureCreator::CreateMuSig2Nonce
std::vector< uint8_t > CreateMuSig2Nonce(const SigningProvider &provider, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:105

MutableTransactionSignatureCreator::CreateSchnorrSig
bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const override
Definition: sign.cpp:88

MutableTransactionSignatureCreator::CreateMuSig2AggregateSig
bool CreateMuSig2AggregateSig(const std::vector< CPubKey > &participants, std::vector< uint8_t > &sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:177

MutableTransactionSignatureCreator::nIn
unsigned int nIn
Definition: sign.h:46

MutableTransactionSignatureCreator::nHashType
int nHashType
Definition: sign.h:47

MutableTransactionSignatureCreator::MutableTransactionSignatureCreator
MutableTransactionSignatureCreator(const CMutableTransaction &tx LIFETIMEBOUND, unsigned int input_idx, const CAmount &amount, int hash_type)

MutableTransactionSignatureCreator::ComputeSchnorrSignatureHash
std::optional< uint256 > ComputeSchnorrSignatureHash(const uint256 *leaf_hash, SigVersion sigversion) const
Definition: sign.cpp:64

MutableTransactionSignatureCreator::MutableTransactionSignatureCreator
MutableTransactionSignatureCreator(const CMutableTransaction &tx LIFETIMEBOUND, unsigned int input_idx, const CAmount &amount, const PrecomputedTransactionData *txdata, int hash_type)

MutableTransactionSignatureCreator::Checker
const BaseSignatureChecker & Checker() const override
Definition: sign.h:57

MutableTransactionSignatureCreator::amount
CAmount amount
Definition: sign.h:48

MutableTransactionSignatureCreator::m_txto
const CMutableTransaction & m_txto
Definition: sign.h:45

MutableTransactionSignatureCreator::CreateSig
bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const override
Create a singular (non-script) signature.
Definition: sign.cpp:39

MutableTransactionSignatureCreator::m_txdata
const PrecomputedTransactionData * m_txdata
Definition: sign.h:50

MutableTransactionSignatureCreator::CreateMuSig2PartialSig
bool CreateMuSig2PartialSig(const SigningProvider &provider, uint256 &partial_sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:133

MutableTransactionSignatureCreator::checker
const MutableTransactionSignatureChecker checker
Definition: sign.h:49

SigningProvider
An interface to be implemented by keystores that support signing.
Definition: signingprovider.h:157

XOnlyPubKey
Definition: pubkey.h:231

uint160
160-bit opaque blob.
Definition: uint256.h:184

uint256
256-bit opaque blob.
Definition: uint256.h:196

interpreter.h

SigVersion
SigVersion
Definition: interpreter.h:201

keyorigin.h

script
Definition: parsing.cpp:13

test_vectors_musig2_generate.data
data
Definition: test_vectors_musig2_generate.py:98

pubkey.h

UpdateInput
void UpdateInput(CTxIn &input, const SignatureData &data)
Definition: sign.cpp:904

IsSegWitOutput
bool IsSegWitOutput(const SigningProvider &provider, const CScript &script)
Check whether a scriptPubKey is known to be segwit.
Definition: sign.cpp:992

SigPair
std::pair< CPubKey, std::vector< unsigned char > > SigPair
Definition: sign.h:72

DUMMY_MAXIMUM_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_MAXIMUM_SIGNATURE_CREATOR
A signature creator that just produces 72-byte empty signatures.
Definition: sign.cpp:990

DataFromTransaction
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn, const CTxOut &txout)
Extract signature data from a transaction input, and insert it.
Definition: sign.cpp:839

DUMMY_CHECKER
const BaseSignatureChecker & DUMMY_CHECKER
A signature checker that accepts all signatures.
Definition: sign.cpp:939

DUMMY_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_SIGNATURE_CREATOR
A signature creator that just produces 71-byte empty signatures.
Definition: sign.cpp:989

ProduceSignature
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &scriptPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
Definition: sign.cpp:731

SignTransaction
bool SignTransaction(CMutableTransaction &mtx, const SigningProvider *provider, const std::map< COutPoint, Coin > &coins, int sighash, std::map< int, bilingual_str > &input_errors)
Sign the CMutableTransaction.
Definition: sign.cpp:1011

signingprovider.h

CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:378

CScriptWitness
Definition: script.h:585

KeyOriginInfo
Definition: keyorigin.h:12

PrecomputedTransactionData
Definition: interpreter.h:164

SignatureData
Definition: sign.h:77

SignatureData::missing_redeem_script
uint160 missing_redeem_script
ScriptID of the missing redeemScript (if any)
Definition: sign.h:94

SignatureData::missing_sigs
std::vector< CKeyID > missing_sigs
KeyIDs of pubkeys for signatures which could not be found.
Definition: sign.h:93

SignatureData::ripemd160_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > ripemd160_preimages
Mapping from a RIPEMD160 hash to its preimage provided to solve a Script.
Definition: sign.h:98

SignatureData::MergeSignatureData
void MergeSignatureData(SignatureData sigdata)
Definition: sign.cpp:910

SignatureData::tap_pubkeys
std::map< CKeyID, XOnlyPubKey > tap_pubkeys
Misc Taproot pubkeys involved in this input, by hash. (Equivalent of misc_pubkeys but for Taproot....
Definition: sign.h:91

SignatureData::signatures
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
Definition: sign.h:86

SignatureData::tr_spenddata
TaprootSpendData tr_spenddata
Taproot spending data.
Definition: sign.h:84

SignatureData::witness
bool witness
Stores whether the input this SigData corresponds to is a witness input.
Definition: sign.h:79

SignatureData::misc_pubkeys
std::map< CKeyID, std::pair< CPubKey, KeyOriginInfo > > misc_pubkeys
Definition: sign.h:87

SignatureData::tr_builder
std::optional< TaprootBuilder > tr_builder
Taproot tree used to build tr_spenddata.
Definition: sign.h:85

SignatureData::SignatureData
SignatureData()=default

SignatureData::scriptSig
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
Definition: sign.h:80

SignatureData::sha256_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > sha256_preimages
Mapping from a SHA256 hash to its preimage provided to solve a Script.
Definition: sign.h:96

SignatureData::taproot_key_path_sig
std::vector< unsigned char > taproot_key_path_sig
Definition: sign.h:88

SignatureData::musig2_pubnonces
std::map< std::pair< CPubKey, uint256 >, std::map< CPubKey, std::vector< uint8_t > > > musig2_pubnonces
Mapping from pair of MuSig2 aggregate pubkey, and tapleaf hash to map of MuSig2 participant pubkeys t...
Definition: sign.h:103

SignatureData::taproot_script_sigs
std::map< std::pair< XOnlyPubKey, uint256 >, std::vector< unsigned char > > taproot_script_sigs
Schnorr signature for key path spending.
Definition: sign.h:89

SignatureData::taproot_misc_pubkeys
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > taproot_misc_pubkeys
Miscellaneous Taproot pubkeys involved in this input along with their leaf script hashes and key orig...
Definition: sign.h:90

SignatureData::hash256_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash256_preimages
Mapping from a HASH256 hash to its preimage provided to solve a Script.
Definition: sign.h:97

SignatureData::redeem_script
CScript redeem_script
The redeemScript (if any) for the input.
Definition: sign.h:81

SignatureData::musig2_partial_sigs
std::map< std::pair< CPubKey, uint256 >, std::map< CPubKey, uint256 > > musig2_partial_sigs
Mapping from pair of MuSig2 aggregate pubkey, and tapleaf hash to map of MuSig2 participant pubkeys t...
Definition: sign.h:105

SignatureData::missing_witness_script
uint256 missing_witness_script
SHA256 of the missing witnessScript (if any)
Definition: sign.h:95

SignatureData::missing_pubkeys
std::vector< CKeyID > missing_pubkeys
KeyIDs of pubkeys which could not be found.
Definition: sign.h:92

SignatureData::witness_script
CScript witness_script
The witnessScript (if any) for the input. witnessScripts are used in P2WSH outputs.
Definition: sign.h:82

SignatureData::musig2_pubkeys
std::map< CPubKey, std::vector< CPubKey > > musig2_pubkeys
Map MuSig2 aggregate pubkeys to its participants.
Definition: sign.h:101

SignatureData::scriptWitness
CScriptWitness scriptWitness
The scriptWitness of an input. Contains complete signatures or the traditional partial signatures for...
Definition: sign.h:83

SignatureData::SignatureData
SignatureData(const CScript &script)
Definition: sign.h:108

SignatureData::complete
bool complete
Stores whether the scriptSig and scriptWitness are complete.
Definition: sign.h:78

SignatureData::hash160_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash160_preimages
Mapping from a HASH160 hash to its preimage provided to solve a Script.
Definition: sign.h:99

TaprootSpendData
Definition: signingprovider.h:32

bilingual_str
Bilingual messages:
Definition: translation.h:24

uint256.h