Commit Graph

83 Commits

Author SHA1 Message Date
Brandon Dahler
51ed9ec971 Cleanup code using forward declarations.
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
2013-11-10 09:36:28 -06:00
Peter Todd
22de68dffc
Relay OP_RETURN TxOut as standard transaction type
Also fix decoderawtransaction to not show reqSigs or addresses for
nulldata txouts. (Previous version also left reqSigs uninitialized
mistakenly)
2013-10-24 04:32:35 -04:00
Gavin Andresen
be484db274 Merge pull request #2738 from jgarzik/op_return
Relay OP_RETURN data TxOut as standard transaction type.
2013-10-21 22:47:24 -07:00
Pieter Wuille
9b1200c23b
Merge pull request #3119
db0e8cc Bump Year Number to 2013 (super3)
2013-10-20 22:25:44 +02:00
super3
db0e8ccd90 Bump Year Number to 2013 2013-10-20 15:25:06 -04:00
Jeff Garzik
a79342479f Relay OP_RETURN data TxOut as standard transaction type 2013-10-02 11:49:43 -04:00
Pieter Wuille
f5857e5cb5 Inline signature serializer
Instead of building a full copy of a CTransaction being signed, and
then modifying bits and pieces until its fits the form necessary
for computing the signature hash, use a wrapper serializer that
only serializes the necessary bits on-the-fly.

This makes it easier to see which data is actually being hash,
reduces load on the heap, and also marginally improves performances
(around 3-4us/sigcheck here). The performance improvements are much
larger for large transactions, though.

The old implementation of SignatureHash is moved to a unit tests,
to test whether the old and new algorithm result in the same value
for randomly-constructed transactions.
2013-09-28 18:37:00 +02:00
Gavin Andresen
881a85a22d Replace printf with LogPrintf / LogPrint 2013-09-18 20:39:25 +10:00
Gavin Andresen
b62dc051aa Merge pull request #2938 from petertodd/op-reserved-weirdness
Document and test OP_RESERVED weirdness
2013-08-25 18:17:59 -07:00
Peter Todd
214d45b6b9
Document and test OP_RESERVED weirdness
Seems it was forgotten about when IsPushOnly() and the unittests were
written. A particular oddity is that OP_RESERVED doesn't count towards
the >201 opcode limit unlike every other named opcode.
2013-08-25 12:37:07 -04:00
Jeff Garzik
3d86e7cd48 Merge pull request #2618 from fcicq/solaris-support
Partial solaris support
2013-08-24 20:19:24 -07:00
Pieter Wuille
a81cd96805 Only create signatures with even S, and verification mode to check.
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)

The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.

This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
2013-08-16 00:17:50 +02:00
Gavin Andresen
050d2e953f Remove #define loop from util.h
Replace the loop macro with while (true). The #define caused
problems for Qt.
2013-07-31 14:06:44 +10:00
fcicq
c391f9a47b Fix boost uint type bug by reordering the includes 2013-07-17 16:50:51 +08:00
Pieter Wuille
acc775c554 Add ExtractAffectedKeys to script
This function finds all keys affected by a particular output script,
supporting everything ExtractDestinations supports (pay-to-pubkey,
pay-to-pubkeyhash, multisig) and recurses into subscripts (P2SH).
2013-06-22 16:49:30 +02:00
Eric Lombrozo
48343a0a50 Removed script.cpp's dependence on main.h 2013-06-05 23:15:20 -07:00
Pieter Wuille
896185d7ed Make signature cache store CPubKeys 2013-05-30 05:20:23 +02:00
Pieter Wuille
dfa23b94c2 CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-30 05:20:21 +02:00
Pieter Wuille
5d891489ab Make CPubKey statically allocated 2013-05-30 05:18:42 +02:00
Gavin Andresen
bce697d7fa Remove implementation of disabled opcodes
So we stop getting pull requests (like #2604) fixing problems with disabled Script opcodes.
A hard fork would be required to re-enable these, and if we ever did that we'd require extensive review and testing.
2013-05-02 17:33:57 -04:00
Gavin Andresen
c429f2b062 Merge pull request #2114 from sipa/strictstrict
Make IsCanonicalScript() check the hash type more thoroughly
2013-01-23 07:08:55 -08:00
Matt Corallo
192cc910ec Replace 520 constant with MAX_SCRIPT_ELEMENT_SIZE 2013-01-18 13:55:18 -05:00
Pieter Wuille
ef0f422519 Remove contention on signature cache during block validation
Since block validation happens in parallel, multiple threads may be
accessing the signature cache simultaneously. To prevent contention:
* Turn the signature cache lock into a shared mutex
* Make reading from the cache only acquire a shared lock
* Let block validations not store their results in the cache
2013-01-08 02:00:59 +01:00
Pieter Wuille
f1136200a6 Move VerifySignature to main 2013-01-08 01:49:14 +01:00
Pieter Wuille
bffc744444 Make IsCanonicalScript() check the hash type more thoroughly
0 and 128 were previously accepted as standard hash type.

Note that this function is not active in the current verification
code.
2012-12-22 18:39:36 +01:00
Gavin Andresen
a91efb2d8d Add assert and comment for subtle pay-to-script-hash logic 2012-11-21 13:58:10 -05:00
Pieter Wuille
99d0d0f356 Introduce script verification flags
These flags select features to be enabled/disabled during script
evaluation/checking, instead of several booleans passed along.
Currently these flags are defined:
* SCRIPT_VERIFY_P2SH: enable BIP16-style subscript evaluation
* SCRIPT_VERIFY_STRICTENC: enforce strict adherence to pubkey/sig encoding standards.
2012-11-15 23:00:16 +01:00
Pieter Wuille
f50fb5470b Merge pull request #1936 from sipa/morehashwriter
Use CHashWriter also in SignatureHash(), and for message signing
2012-10-20 14:53:43 -07:00
Pieter Wuille
450cbb0944 Ultraprune
This switches bitcoin's transaction/block verification logic to use a
"coin database", which contains all unredeemed transaction output scripts,
amounts and heights.

The name ultraprune comes from the fact that instead of a full transaction
index, we only (need to) keep an index with unspent outputs. For now, the
blocks themselves are kept as usual, although they are only necessary for
serving, rescanning and reorganizing.

The basic datastructures are CCoins (representing the coins of a single
transaction), and CCoinsView (representing a state of the coins database).
There are several implementations for CCoinsView. A dummy, one backed by
the coins database (coins.dat), one backed by the memory pool, and one
that adds a cache on top of it. FetchInputs, ConnectInputs, ConnectBlock,
DisconnectBlock, ... now operate on a generic CCoinsView.

The block switching logic now builds a single cached CCoinsView with
changes to be committed to the database before any changes are made.
This means no uncommitted changes are ever read from the database, and
should ease the transition to another database layer which does not
support transactions (but does support atomic writes), like LevelDB.

For the getrawtransaction() RPC call, access to a txid-to-disk index
would be preferable. As this index is not necessary or even useful
for any other part of the implementation, it is not provided. Instead,
getrawtransaction() uses the coin database to find the block height,
and then scans that block to find the requested transaction. This is
slow, but should suffice for debug purposes.
2012-10-20 23:08:57 +02:00
Pieter Wuille
69fc8047a9 Compact serialization for scripts
Special serializers for script which detect common cases and encode
them much more efficiently. 3 special cases are defined:
* Pay to pubkey hash (encoded as 21 bytes)
* Pay to script hash (encoded as 21 bytes)
* Pay to pubkey starting with 0x02, 0x03 or 0x04 (encoded as 33 bytes)

Other scripts up to 121 bytes require 1 byte + script length. Above
that, scripts up to 16505 bytes require 2 bytes + script length.
2012-10-20 23:08:56 +02:00
Jeff Garzik
dee0ee2ac9 Merge pull request #1742 from sipa/canonical
Check for canonical public keys and signatures
2012-10-20 10:56:04 -07:00
Pieter Wuille
8980a50924 Use CHashWriter also in SignatureHash(), and for message signing 2012-10-19 23:18:07 +02:00
Mark Friedenbach
95d7f00295 Documented bug in sign-extension behavior of opcodes OP_AND, OP_OR, and OP_XOR.
Due to a bug in the implementation of MakeSameSize(), using OP_AND, OP_OR, or OP_XOR with signed values of unequal size will result in the sign-value becoming part of the smaller integer, with nonsensical results. This patch documents the unexpected behavior and provides the basis of a solution should decision be made to fix the bug in the future.
2012-09-25 16:40:34 -07:00
Pieter Wuille
58bc86e37f Check for canonical public keys and signatures
Only enabled inside tests for now.
2012-09-21 01:24:25 +02:00
Gregory Maxwell
bdab0cf58c Avoid leaving return types or function attributes on their own lines. 2012-08-24 02:48:19 -04:00
Luke Dashjr
b49f1398a1 Bugfix: Correct English grammar regarding "'s" 2012-08-01 17:50:00 +00:00
Luke Dashjr
814efd6f1f Bugfix: Fix a variety of misspellings 2012-08-01 17:49:51 +00:00
Gavin Andresen
dab9fa7f91 Use unsigned ints to fix signed/unsigned warnings 2012-07-05 13:26:27 -04:00
Gavin Andresen
a2709fad7f Implement raw transaction RPC calls
Implement listunspent / getrawtransaction / createrawtransaction /
signrawtransaction, to support creation and
signing-on-multiple-device multisignature transactions.
2012-07-05 12:50:09 -04:00
Gavin Andresen
34420d655d Refactor: SignSignature/VerifyScript
Minor refactor to support signrawtx signing/verifying transactions
when it might only have the previous transaction's txid and
txOut.
2012-07-05 12:42:25 -04:00
Pieter Wuille
1025440184 Refactor: split CKeyID/CScriptID/CTxDestination from CBitcoinAddress
This introduces internal types:
* CKeyID: reference (hash160) of a key
* CScriptID: reference (hash160) of a script
* CTxDestination: a boost::variant of the former two

CBitcoinAddress is retrofitted to be a Base58 encoding of a
CTxDestination. This allows all internal code to only use the
internal types, and only have RPC and GUI depend on the base58 code.

Furthermore, the header dependencies are a lot saner now. base58.h is
at the top (right below rpc and gui) instead of at the bottom. For the
rest: wallet -> script -> keystore -> key. Only keystore still requires
a forward declaration of CScript. Solving that would require splitting
script into two layers.
2012-05-24 20:26:19 +02:00
Pieter Wuille
fd61d6f506 Encapsulate public keys in CPubKey 2012-05-24 19:58:12 +02:00
Gavin Andresen
acf513cfe7 Move signature cache from CKey::Verify to CheckSig in script.cpp
More than doubles the speed of verifying already-cached signatures
that use compressed pubkeys:
Before: ~200 microseconds
After:  ~80 microseconds
(no caching at all: ~3,300 microseconds per signature)

Also encapsulates the signature cache code in a class
and fixes a signed/unsigned comparison warning.
2012-05-22 14:15:11 -04:00
Fordy
3a25a2b9b0 Update License in File Headers
I originally created a pull to replace the "COPYING" in crypter.cpp and
crypter.h, but it turned out that COPYING was actually the correct
file.
2012-05-18 22:02:28 +08:00
Jeff Garzik
024fa1cb44 EvalScript(): cast to avoid signed/unsigned warning 2012-05-01 17:57:12 -04:00
Gavin Andresen
08e663d7e2 Undo part of c2e8c8ac to fix issue#1148 2012-04-26 10:18:35 -04:00
Jeff Garzik
1d8c7a9557 Add casts for unavoidable signed/unsigned comparisons
At these code sites, it is preferable to cast rather than change
a variable's type.
2012-04-23 14:14:36 -04:00
Jeff Garzik
7bd9c3a3cf SigOp and orphan-tx constants and counts are always unsigned.
Fixes several sign-comparison warnings.
2012-04-23 14:14:03 -04:00
Jeff Garzik
faf705a42a Prefer 'unsigned int' for loop index variables tested against ::size()
C++ STL ::size() generally returns unsigned, which implies that "int idx"
style of loop variable will generate a signed-vs-unsigned comparison warning
when testing the loop exit condition "idx < blah.size()"

Update areas of the bitcoin code where loop variables may be more properly and
correctly defined as unsigned.
2012-04-22 13:22:39 -04:00
Pieter Wuille
6b6aaa1698 Further reduce header dependencies
This commit removes the dependency of serialize.h on PROTOCOL_VERSION,
and makes this parameter required instead of implicit. This is much saner,
as it makes the places where changing a version number can have an
influence obvious.
2012-04-17 20:03:42 +02:00