Bitcoin Core 31.99.0
P2P Digital Currency
sign.h
Go to the documentation of this file.
1// Copyright (c) 2009-2010 Satoshi Nakamoto
2// Copyright (c) 2009-present The Bitcoin Core developers
3// Distributed under the MIT software license, see the accompanying
4// file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6#ifndef BITCOIN_SCRIPT_SIGN_H
7#define BITCOIN_SCRIPT_SIGN_H
8
9#include <attributes.h>
10#include <consensus/amount.h>
11#include <pubkey.h>
12#include <script/interpreter.h>
13#include <script/keyorigin.h>
14#include <script/script.h>
15#include <script/signingprovider.h>
16#include <uint256.h>
17
18#include <cstdint>
19#include <map>
20#include <optional>
21#include <set>
22#include <utility>
23#include <vector>
24
25class COutPoint;
26class CTxIn;
27class CTxOut;
28class Coin;
29
30struct bilingual_str;
31struct CMutableTransaction;
32struct SignatureData;
33
34struct SignOptions {
35 int sighash_type{SIGHASH_DEFAULT};
36};
37
39class BaseSignatureCreator {
40public:
41 virtual ~BaseSignatureCreator() = default;
42 virtual const BaseSignatureChecker& Checker() const =0;
43
45 virtual bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const =0;
46 virtual bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const =0;
47 virtual std::vector<uint8_t> CreateMuSig2Nonce(const SigningProvider& provider, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion, const SignatureData& sigdata) const =0;
48 virtual bool CreateMuSig2PartialSig(const SigningProvider& provider, uint256& partial_sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const =0;
49 virtual bool CreateMuSig2AggregateSig(const std::vector<CPubKey>& participants, std::vector<uint8_t>& sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const =0;
50};
51
53class MutableTransactionSignatureCreator : public BaseSignatureCreator
54{
55 const CMutableTransaction& m_txto;
56 unsigned int nIn;
57 SignOptions m_options;
58 CAmount amount;
59 const MutableTransactionSignatureChecker checker;
60 const PrecomputedTransactionData* m_txdata;
61
62 std::optional<uint256> ComputeSchnorrSignatureHash(const uint256* leaf_hash, SigVersion sigversion) const;
63
64public:
65 MutableTransactionSignatureCreator(const CMutableTransaction& tx LIFETIMEBOUND, unsigned int input_idx, const CAmount& amount, const SignOptions& options);
66 MutableTransactionSignatureCreator(const CMutableTransaction& tx LIFETIMEBOUND, unsigned int input_idx, const CAmount& amount, const PrecomputedTransactionData* txdata, const SignOptions& options);
67 const BaseSignatureChecker& Checker() const override { return checker; }
68 bool CreateSig(const SigningProvider& provider, std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, SigVersion sigversion) const override;
69 bool CreateSchnorrSig(const SigningProvider& provider, std::vector<unsigned char>& sig, const XOnlyPubKey& pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion) const override;
70 std::vector<uint8_t> CreateMuSig2Nonce(const SigningProvider& provider, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const uint256* merkle_root, SigVersion sigversion, const SignatureData& sigdata) const override;
71 bool CreateMuSig2PartialSig(const SigningProvider& provider, uint256& partial_sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const CPubKey& part_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const override;
72 bool CreateMuSig2AggregateSig(const std::vector<CPubKey>& participants, std::vector<uint8_t>& sig, const CPubKey& aggregate_pubkey, const CPubKey& script_pubkey, const uint256* leaf_hash, const std::vector<std::pair<uint256, bool>>& tweaks, SigVersion sigversion, const SignatureData& sigdata) const override;
73};
74
76extern const BaseSignatureChecker& DUMMY_CHECKER;
78extern const BaseSignatureCreator& DUMMY_SIGNATURE_CREATOR;
80extern const BaseSignatureCreator& DUMMY_MAXIMUM_SIGNATURE_CREATOR;
81
82typedef std::pair<CPubKey, std::vector<unsigned char>> SigPair;
83
84// This struct contains information from a transaction input and also contains signatures for that input.
85// The information contained here can be used to create a signature and is also filled by ProduceSignature
86// in order to construct final scriptSigs and scriptWitnesses.
87struct SignatureData {
88 bool complete = false;
89 bool witness = false;
90 CScript scriptSig;
91 CScript redeem_script;
92 CScript witness_script;
93 CScriptWitness scriptWitness;
94 TaprootSpendData tr_spenddata;
95 std::optional<TaprootBuilder> tr_builder;
96 std::map<CKeyID, SigPair> signatures;
97 std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>> misc_pubkeys;
98 std::vector<unsigned char> taproot_key_path_sig;
99 std::map<std::pair<XOnlyPubKey, uint256>, std::vector<unsigned char>> taproot_script_sigs;
100 std::map<XOnlyPubKey, std::pair<std::set<uint256>, KeyOriginInfo>> taproot_misc_pubkeys;
101 std::map<CKeyID, XOnlyPubKey> tap_pubkeys;
102 std::vector<CKeyID> missing_pubkeys;
103 std::vector<CKeyID> missing_sigs;
104 uint160 missing_redeem_script;
105 uint256 missing_witness_script;
106 std::map<std::vector<uint8_t>, std::vector<uint8_t>> sha256_preimages;
107 std::map<std::vector<uint8_t>, std::vector<uint8_t>> hash256_preimages;
108 std::map<std::vector<uint8_t>, std::vector<uint8_t>> ripemd160_preimages;
109 std::map<std::vector<uint8_t>, std::vector<uint8_t>> hash160_preimages;
111 std::map<CPubKey, std::vector<CPubKey>> musig2_pubkeys;
113 std::map<std::pair<CPubKey, uint256>, std::map<CPubKey, std::vector<uint8_t>>> musig2_pubnonces;
115 std::map<std::pair<CPubKey, uint256>, std::map<CPubKey, uint256>> musig2_partial_sigs;
116
117 SignatureData() = default;
118 explicit SignatureData(const CScript& script) : scriptSig(script) {}
119 void MergeSignatureData(SignatureData sigdata);
120};
121
123bool ProduceSignature(const SigningProvider& provider, const BaseSignatureCreator& creator, const CScript& scriptPubKey, SignatureData& sigdata);
124
126SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn, const CTxOut& txout);
127void UpdateInput(CTxIn& input, const SignatureData& data);
128
130bool IsSegWitOutput(const SigningProvider& provider, const CScript& script);
131
133bool SignTransaction(CMutableTransaction& mtx, const SigningProvider* provider, const std::map<COutPoint, Coin>& coins, const SignOptions& options, std::map<int, bilingual_str>& input_errors);
134
135#endif // BITCOIN_SCRIPT_SIGN_H
CAmount
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
LIFETIMEBOUND
#define LIFETIMEBOUND
Definition: attributes.h:16
BaseSignatureCreator
Interface for signature creators.
Definition: sign.h:39
BaseSignatureCreator::Checker
virtual const BaseSignatureChecker & Checker() const =0
BaseSignatureCreator::CreateSchnorrSig
virtual bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const =0
BaseSignatureCreator::CreateSig
virtual bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const =0
Create a singular (non-script) signature.
BaseSignatureCreator::CreateMuSig2AggregateSig
virtual bool CreateMuSig2AggregateSig(const std::vector< CPubKey > &participants, std::vector< uint8_t > &sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const =0
BaseSignatureCreator::CreateMuSig2PartialSig
virtual bool CreateMuSig2PartialSig(const SigningProvider &provider, uint256 &partial_sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const =0
BaseSignatureCreator::~BaseSignatureCreator
virtual ~BaseSignatureCreator()=default
BaseSignatureCreator::CreateMuSig2Nonce
virtual std::vector< uint8_t > CreateMuSig2Nonce(const SigningProvider &provider, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion, const SignatureData &sigdata) const =0
CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:24
COutPoint
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
CPubKey
An encapsulated public key.
Definition: pubkey.h:32
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:406
CTxIn
An input of a transaction.
Definition: transaction.h:62
CTxOut
An output of a transaction.
Definition: transaction.h:140
Coin
A UTXO entry.
Definition: coins.h:35
MutableTransactionSignatureCreator
A signature creator for transactions.
Definition: sign.h:54
MutableTransactionSignatureCreator::CreateMuSig2Nonce
std::vector< uint8_t > CreateMuSig2Nonce(const SigningProvider &provider, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:117
MutableTransactionSignatureCreator::MutableTransactionSignatureCreator
MutableTransactionSignatureCreator(const CMutableTransaction &tx LIFETIMEBOUND, unsigned int input_idx, const CAmount &amount, const SignOptions &options)
MutableTransactionSignatureCreator::CreateSchnorrSig
bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const override
Definition: sign.cpp:102
MutableTransactionSignatureCreator::CreateMuSig2AggregateSig
bool CreateMuSig2AggregateSig(const std::vector< CPubKey > &participants, std::vector< uint8_t > &sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:191
MutableTransactionSignatureCreator::ComputeSchnorrSignatureHash
std::optional< uint256 > ComputeSchnorrSignatureHash(const uint256 *leaf_hash, SigVersion sigversion) const
Definition: sign.cpp:78
MutableTransactionSignatureCreator::MutableTransactionSignatureCreator
MutableTransactionSignatureCreator(const CMutableTransaction &tx LIFETIMEBOUND, unsigned int input_idx, const CAmount &amount, const PrecomputedTransactionData *txdata, const SignOptions &options)
MutableTransactionSignatureCreator::Checker
const BaseSignatureChecker & Checker() const override
Definition: sign.h:67
MutableTransactionSignatureCreator::m_txto
const CMutableTransaction & m_txto
Definition: sign.h:55
MutableTransactionSignatureCreator::CreateSig
bool CreateSig(const SigningProvider &provider, std::vector< unsigned char > &vchSig, const CKeyID &keyid, const CScript &scriptCode, SigVersion sigversion) const override
Create a singular (non-script) signature.
Definition: sign.cpp:53
MutableTransactionSignatureCreator::m_txdata
const PrecomputedTransactionData * m_txdata
Definition: sign.h:60
MutableTransactionSignatureCreator::CreateMuSig2PartialSig
bool CreateMuSig2PartialSig(const SigningProvider &provider, uint256 &partial_sig, const CPubKey &aggregate_pubkey, const CPubKey &script_pubkey, const CPubKey &part_pubkey, const uint256 *leaf_hash, const std::vector< std::pair< uint256, bool > > &tweaks, SigVersion sigversion, const SignatureData &sigdata) const override
Definition: sign.cpp:145
MutableTransactionSignatureCreator::checker
const MutableTransactionSignatureChecker checker
Definition: sign.h:59
SigningProvider
An interface to be implemented by keystores that support signing.
Definition: signingprovider.h:169
uint160
160-bit opaque blob.
Definition: uint256.h:184
uint256
256-bit opaque blob.
Definition: uint256.h:196
SigVersion
SigVersion
Definition: interpreter.h:202
SIGHASH_DEFAULT
@ SIGHASH_DEFAULT
Taproot only; implied when sighash byte is missing, and equivalent to SIGHASH_ALL.
Definition: interpreter.h:37
test_vectors_musig2_generate.data
data
Definition: test_vectors_musig2_generate.py:98
UpdateInput
void UpdateInput(CTxIn &input, const SignatureData &data)
Definition: sign.cpp:918
IsSegWitOutput
bool IsSegWitOutput(const SigningProvider &provider, const CScript &script)
Check whether a scriptPubKey is known to be segwit.
Definition: sign.cpp:1006
SigPair
std::pair< CPubKey, std::vector< unsigned char > > SigPair
Definition: sign.h:82
SignTransaction
bool SignTransaction(CMutableTransaction &mtx, const SigningProvider *provider, const std::map< COutPoint, Coin > &coins, const SignOptions &options, std::map< int, bilingual_str > &input_errors)
Sign the CMutableTransaction.
Definition: sign.cpp:1025
DUMMY_MAXIMUM_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_MAXIMUM_SIGNATURE_CREATOR
A signature creator that just produces 72-byte empty signatures.
Definition: sign.cpp:1004
DataFromTransaction
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn, const CTxOut &txout)
Extract signature data from a transaction input, and insert it.
Definition: sign.cpp:853
DUMMY_CHECKER
const BaseSignatureChecker & DUMMY_CHECKER
A signature checker that accepts all signatures.
Definition: sign.cpp:953
DUMMY_SIGNATURE_CREATOR
const BaseSignatureCreator & DUMMY_SIGNATURE_CREATOR
A signature creator that just produces 71-byte empty signatures.
Definition: sign.cpp:1003
ProduceSignature
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &scriptPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
Definition: sign.cpp:745
CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:358
SignOptions::sighash_type
int sighash_type
Definition: sign.h:35
SignatureData::missing_redeem_script
uint160 missing_redeem_script
ScriptID of the missing redeemScript (if any)
Definition: sign.h:104
SignatureData::missing_sigs
std::vector< CKeyID > missing_sigs
KeyIDs of pubkeys for signatures which could not be found.
Definition: sign.h:103
SignatureData::ripemd160_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > ripemd160_preimages
Mapping from a RIPEMD160 hash to its preimage provided to solve a Script.
Definition: sign.h:108
SignatureData::MergeSignatureData
void MergeSignatureData(SignatureData sigdata)
Definition: sign.cpp:924
SignatureData::tap_pubkeys
std::map< CKeyID, XOnlyPubKey > tap_pubkeys
Misc Taproot pubkeys involved in this input, by hash. (Equivalent of misc_pubkeys but for Taproot....
Definition: sign.h:101
SignatureData::signatures
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
Definition: sign.h:96
SignatureData::tr_spenddata
TaprootSpendData tr_spenddata
Taproot spending data.
Definition: sign.h:94
SignatureData::witness
bool witness
Stores whether the input this SigData corresponds to is a witness input.
Definition: sign.h:89
SignatureData::misc_pubkeys
std::map< CKeyID, std::pair< CPubKey, KeyOriginInfo > > misc_pubkeys
Definition: sign.h:97
SignatureData::tr_builder
std::optional< TaprootBuilder > tr_builder
Taproot tree used to build tr_spenddata.
Definition: sign.h:95
SignatureData::SignatureData
SignatureData()=default
SignatureData::scriptSig
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
Definition: sign.h:90
SignatureData::sha256_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > sha256_preimages
Mapping from a SHA256 hash to its preimage provided to solve a Script.
Definition: sign.h:106
SignatureData::taproot_key_path_sig
std::vector< unsigned char > taproot_key_path_sig
Definition: sign.h:98
SignatureData::musig2_pubnonces
std::map< std::pair< CPubKey, uint256 >, std::map< CPubKey, std::vector< uint8_t > > > musig2_pubnonces
Mapping from pair of MuSig2 aggregate pubkey, and tapleaf hash to map of MuSig2 participant pubkeys t...
Definition: sign.h:113
SignatureData::taproot_script_sigs
std::map< std::pair< XOnlyPubKey, uint256 >, std::vector< unsigned char > > taproot_script_sigs
Schnorr signature for key path spending.
Definition: sign.h:99
SignatureData::taproot_misc_pubkeys
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > taproot_misc_pubkeys
Miscellaneous Taproot pubkeys involved in this input along with their leaf script hashes and key orig...
Definition: sign.h:100
SignatureData::hash256_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash256_preimages
Mapping from a HASH256 hash to its preimage provided to solve a Script.
Definition: sign.h:107
SignatureData::redeem_script
CScript redeem_script
The redeemScript (if any) for the input.
Definition: sign.h:91
SignatureData::musig2_partial_sigs
std::map< std::pair< CPubKey, uint256 >, std::map< CPubKey, uint256 > > musig2_partial_sigs
Mapping from pair of MuSig2 aggregate pubkey, and tapleaf hash to map of MuSig2 participant pubkeys t...
Definition: sign.h:115
SignatureData::missing_witness_script
uint256 missing_witness_script
SHA256 of the missing witnessScript (if any)
Definition: sign.h:105
SignatureData::missing_pubkeys
std::vector< CKeyID > missing_pubkeys
KeyIDs of pubkeys which could not be found.
Definition: sign.h:102
SignatureData::witness_script
CScript witness_script
The witnessScript (if any) for the input. witnessScripts are used in P2WSH outputs.
Definition: sign.h:92
SignatureData::musig2_pubkeys
std::map< CPubKey, std::vector< CPubKey > > musig2_pubkeys
Map MuSig2 aggregate pubkeys to its participants.
Definition: sign.h:111
SignatureData::scriptWitness
CScriptWitness scriptWitness
The scriptWitness of an input. Contains complete signatures or the traditional partial signatures for...
Definition: sign.h:93
SignatureData::SignatureData
SignatureData(const CScript &script)
Definition: sign.h:118
SignatureData::complete
bool complete
Stores whether the scriptSig and scriptWitness are complete.
Definition: sign.h:88
SignatureData::hash160_preimages
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash160_preimages
Mapping from a HASH160 hash to its preimage provided to solve a Script.
Definition: sign.h:109
bilingual_str
Bilingual messages:
Definition: translation.h:24
Generated on Sun Jun 14 2026 20:00:32 for Bitcoin Core by doxygen 1.9.4