Bitcoin Core 28.99.0
P2P Digital Currency
sign_transaction.cpp
Go to the documentation of this file.
1// Copyright (c) 2023 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <addresstype.h>
6#include <bench/bench.h>
7#include <coins.h>
8#include <key.h>
9#include <primitives/transaction.h>
10#include <pubkey.h>
11#include <script/interpreter.h>
12#include <script/script.h>
13#include <script/sign.h>
14#include <script/signingprovider.h>
15#include <span.h>
16#include <test/util/random.h>
17#include <uint256.h>
18#include <util/translation.h>
19
20#include <cassert>
21#include <map>
22#include <vector>
23
24enum class InputType {
25 P2WPKH, // segwitv0, witness-pubkey-hash (ECDSA signature)
26 P2TR, // segwitv1, taproot key-path spend (Schnorr signature)
27};
28
29static void SignTransactionSingleInput(benchmark::Bench& bench, InputType input_type)
30{
31 ECC_Context ecc_context{};
32
33 FlatSigningProvider keystore;
34 std::vector<CScript> prev_spks;
35
36 // Create a bunch of keys / UTXOs to avoid signing with the same key repeatedly
37 for (int i = 0; i < 32; i++) {
38 CKey privkey = GenerateRandomKey();
39 CPubKey pubkey = privkey.GetPubKey();
40 CKeyID key_id = pubkey.GetID();
41 keystore.keys.emplace(key_id, privkey);
42 keystore.pubkeys.emplace(key_id, pubkey);
43
44 // Create specified locking script type
45 CScript prev_spk;
46 switch (input_type) {
47 case InputType::P2WPKH: prev_spk = GetScriptForDestination(WitnessV0KeyHash(pubkey)); break;
48 case InputType::P2TR: prev_spk = GetScriptForDestination(WitnessV1Taproot(XOnlyPubKey{pubkey})); break;
49 default: assert(false);
50 }
51 prev_spks.push_back(prev_spk);
52 }
53
54 // Simple 1-input tx with artificial outpoint
55 // (note that for the purpose of signing with SIGHASH_ALL we don't need any outputs)
56 COutPoint prevout{/*hashIn=*/Txid::FromUint256(uint256::ONE), /*nIn=*/1337};
57 CMutableTransaction unsigned_tx;
58 unsigned_tx.vin.emplace_back(prevout);
59
60 // Benchmark.
61 int iter = 0;
62 bench.minEpochIterations(100).run([&] {
63 CMutableTransaction tx{unsigned_tx};
64 std::map<COutPoint, Coin> coins;
65 const CScript& prev_spk = prev_spks[(iter++) % prev_spks.size()];
66 coins[prevout] = Coin(CTxOut(10000, prev_spk), /*nHeightIn=*/100, /*fCoinBaseIn=*/false);
67 std::map<int, bilingual_str> input_errors;
68 bool complete = SignTransaction(tx, &keystore, coins, SIGHASH_ALL, input_errors);
69 assert(complete);
70 });
71}
72
73static void SignTransactionECDSA(benchmark::Bench& bench) { SignTransactionSingleInput(bench, InputType::P2WPKH); }
74static void SignTransactionSchnorr(benchmark::Bench& bench) { SignTransactionSingleInput(bench, InputType::P2TR); }
75
76static void SignSchnorrTapTweakBenchmark(benchmark::Bench& bench, bool use_null_merkle_root)
77{
78 FastRandomContext rng;
79 ECC_Context ecc_context{};
80
81 auto key = GenerateRandomKey();
82 auto msg = rng.rand256();
83 auto merkle_root = use_null_merkle_root ? uint256() : rng.rand256();
84 auto aux = rng.rand256();
85 std::vector<unsigned char> sig(64);
86
87 bench.minEpochIterations(100).run([&] {
88 bool success = key.SignSchnorr(msg, sig, &merkle_root, aux);
89 assert(success);
90 });
91}
92
93static void SignSchnorrWithMerkleRoot(benchmark::Bench& bench)
94{
95 SignSchnorrTapTweakBenchmark(bench, /*use_null_merkle_root=*/false);
96}
97
98static void SignSchnorrWithNullMerkleRoot(benchmark::Bench& bench)
99{
100 SignSchnorrTapTweakBenchmark(bench, /*use_null_merkle_root=*/true);
101}
102
103BENCHMARK(SignTransactionECDSA, benchmark::PriorityLevel::HIGH);
104BENCHMARK(SignTransactionSchnorr, benchmark::PriorityLevel::HIGH);
105BENCHMARK(SignSchnorrWithMerkleRoot, benchmark::PriorityLevel::HIGH);
106BENCHMARK(SignSchnorrWithNullMerkleRoot, benchmark::PriorityLevel::HIGH);
GetScriptForDestination
CScript GetScriptForDestination(const CTxDestination &dest)
Generate a Bitcoin scriptPubKey for the given CTxDestination.
Definition: addresstype.cpp:166
ecc_context
ECC_Context ecc_context
Definition: bitcoin-wallet.cpp:135
CKey
An encapsulated private key.
Definition: key.h:35
CKey::GetPubKey
CPubKey GetPubKey() const
Compute the public key from a private key.
Definition: key.cpp:182
CKeyID
A reference to a CKey: the Hash160 of its serialized public key.
Definition: pubkey.h:24
COutPoint
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
CPubKey
An encapsulated public key.
Definition: pubkey.h:34
CPubKey::GetID
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
Definition: pubkey.h:164
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:415
CTxOut
An output of a transaction.
Definition: transaction.h:150
Coin
A UTXO entry.
Definition: coins.h:33
ECC_Context
RAII class initializing and deinitializing global state for elliptic curve support.
Definition: key.h:322
FastRandomContext
Fast randomness source.
Definition: random.h:377
RandomMixin::rand256
uint256 rand256() noexcept
generate a random uint256.
Definition: random.h:308
ankerl::nanobench::Bench
Main entry point to nanobench's benchmarking facility.
Definition: nanobench.h:627
ankerl::nanobench::Bench::run
Bench & run(char const *benchmarkName, Op &&op)
Repeatedly calls op() based on the configuration, and performs measurements.
Definition: nanobench.h:1234
ankerl::nanobench::Bench::minEpochIterations
ANKERL_NANOBENCH(NODISCARD) std Bench & minEpochIterations(uint64_t numIters) noexcept
Sets the minimum number of iterations each epoch should take.
transaction_identifier< false >::FromUint256
static transaction_identifier FromUint256(const uint256 &id)
Definition: transaction_identifier.h:40
uint256
256-bit opaque blob.
Definition: uint256.h:190
uint256::ONE
static const uint256 ONE
Definition: uint256.h:199
SIGHASH_ALL
@ SIGHASH_ALL
Definition: interpreter.h:30
GenerateRandomKey
CKey GenerateRandomKey(bool compressed) noexcept
Definition: key.cpp:352
benchmark::HIGH
@ HIGH
Definition: bench.h:48
tests_wycheproof_generate.msg
def msg
Definition: tests_wycheproof_generate.py:56
SignTransaction
void SignTransaction(CMutableTransaction &mtx, const SigningProvider *keystore, const std::map< COutPoint, Coin > &coins, const UniValue &hashType, UniValue &result)
Sign a transaction with the given keystore and previous transactions.
Definition: rawtransaction_util.cpp:305
SignTransactionSingleInput
static void SignTransactionSingleInput(benchmark::Bench &bench, InputType input_type)
Definition: sign_transaction.cpp:29
SignTransactionECDSA
static void SignTransactionECDSA(benchmark::Bench &bench)
Definition: sign_transaction.cpp:73
SignSchnorrWithMerkleRoot
static void SignSchnorrWithMerkleRoot(benchmark::Bench &bench)
Definition: sign_transaction.cpp:93
InputType
InputType
Definition: sign_transaction.cpp:24
InputType::P2WPKH
@ P2WPKH
InputType::P2TR
@ P2TR
SignTransactionSchnorr
static void SignTransactionSchnorr(benchmark::Bench &bench)
Definition: sign_transaction.cpp:74
SignSchnorrTapTweakBenchmark
static void SignSchnorrTapTweakBenchmark(benchmark::Bench &bench, bool use_null_merkle_root)
Definition: sign_transaction.cpp:76
BENCHMARK
BENCHMARK(SignTransactionECDSA, benchmark::PriorityLevel::HIGH)
SignSchnorrWithNullMerkleRoot
static void SignSchnorrWithNullMerkleRoot(benchmark::Bench &bench)
Definition: sign_transaction.cpp:98
CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:378
CMutableTransaction::vin
std::vector< CTxIn > vin
Definition: transaction.h:379
FlatSigningProvider::pubkeys
std::map< CKeyID, CPubKey > pubkeys
Definition: signingprovider.h:210
FlatSigningProvider::keys
std::map< CKeyID, CKey > keys
Definition: signingprovider.h:212
assert
assert(!tx.IsCoinBase())
Generated on Wed Dec 18 2024 20:00:09 for Bitcoin Core by doxygen 1.9.4