Bitcoin Core 28.0.0
P2P Digital Currency
Loading...
Searching...
No Matches
miniscript.cpp
Go to the documentation of this file.
1// Copyright (c) 2019-2022 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <string>
6#include <vector>
7#include <script/script.h>
8#include <script/miniscript.h>
9#include <serialize.h>
10
11#include <assert.h>
12
13namespace miniscript {
14namespace internal {
15
16Type SanitizeType(Type e) {
17 int num_types = (e << "K"_mst) + (e << "V"_mst) + (e << "B"_mst) + (e << "W"_mst);
18 if (num_types == 0) return ""_mst; // No valid type, don't care about the rest
19 assert(num_types == 1); // K, V, B, W all conflict with each other
20 assert(!(e << "z"_mst) || !(e << "o"_mst)); // z conflicts with o
21 assert(!(e << "n"_mst) || !(e << "z"_mst)); // n conflicts with z
22 assert(!(e << "n"_mst) || !(e << "W"_mst)); // n conflicts with W
23 assert(!(e << "V"_mst) || !(e << "d"_mst)); // V conflicts with d
24 assert(!(e << "K"_mst) || (e << "u"_mst)); // K implies u
25 assert(!(e << "V"_mst) || !(e << "u"_mst)); // V conflicts with u
26 assert(!(e << "e"_mst) || !(e << "f"_mst)); // e conflicts with f
27 assert(!(e << "e"_mst) || (e << "d"_mst)); // e implies d
28 assert(!(e << "V"_mst) || !(e << "e"_mst)); // V conflicts with e
29 assert(!(e << "d"_mst) || !(e << "f"_mst)); // d conflicts with f
30 assert(!(e << "V"_mst) || (e << "f"_mst)); // V implies f
31 assert(!(e << "K"_mst) || (e << "s"_mst)); // K implies s
32 assert(!(e << "z"_mst) || (e << "m"_mst)); // z implies m
33 return e;
34}
35
36Type ComputeType(Fragment fragment, Type x, Type y, Type z, const std::vector<Type>& sub_types, uint32_t k,
37 size_t data_size, size_t n_subs, size_t n_keys, MiniscriptContext ms_ctx) {
38 // Sanity check on data
39 if (fragment == Fragment::SHA256 || fragment == Fragment::HASH256) {
40 assert(data_size == 32);
41 } else if (fragment == Fragment::RIPEMD160 || fragment == Fragment::HASH160) {
42 assert(data_size == 20);
43 } else {
44 assert(data_size == 0);
45 }
46 // Sanity check on k
47 if (fragment == Fragment::OLDER || fragment == Fragment::AFTER) {
48 assert(k >= 1 && k < 0x80000000UL);
49 } else if (fragment == Fragment::MULTI || fragment == Fragment::MULTI_A) {
50 assert(k >= 1 && k <= n_keys);
51 } else if (fragment == Fragment::THRESH) {
52 assert(k >= 1 && k <= n_subs);
53 } else {
54 assert(k == 0);
55 }
56 // Sanity check on subs
57 if (fragment == Fragment::AND_V || fragment == Fragment::AND_B || fragment == Fragment::OR_B ||
58 fragment == Fragment::OR_C || fragment == Fragment::OR_I || fragment == Fragment::OR_D) {
59 assert(n_subs == 2);
60 } else if (fragment == Fragment::ANDOR) {
61 assert(n_subs == 3);
62 } else if (fragment == Fragment::WRAP_A || fragment == Fragment::WRAP_S || fragment == Fragment::WRAP_C ||
63 fragment == Fragment::WRAP_D || fragment == Fragment::WRAP_V || fragment == Fragment::WRAP_J ||
64 fragment == Fragment::WRAP_N) {
65 assert(n_subs == 1);
66 } else if (fragment != Fragment::THRESH) {
67 assert(n_subs == 0);
68 }
69 // Sanity check on keys
70 if (fragment == Fragment::PK_K || fragment == Fragment::PK_H) {
71 assert(n_keys == 1);
72 } else if (fragment == Fragment::MULTI) {
73 assert(n_keys >= 1 && n_keys <= MAX_PUBKEYS_PER_MULTISIG);
74 assert(!IsTapscript(ms_ctx));
75 } else if (fragment == Fragment::MULTI_A) {
76 assert(n_keys >= 1 && n_keys <= MAX_PUBKEYS_PER_MULTI_A);
77 assert(IsTapscript(ms_ctx));
78 } else {
79 assert(n_keys == 0);
80 }
81
82 // Below is the per-fragment logic for computing the expression types.
83 // It heavily relies on Type's << operator (where "X << a_mst" means
84 // "X has all properties listed in a").
85 switch (fragment) {
86 case Fragment::PK_K: return "Konudemsxk"_mst;
87 case Fragment::PK_H: return "Knudemsxk"_mst;
88 case Fragment::OLDER: return
89 "g"_mst.If(k & CTxIn::SEQUENCE_LOCKTIME_TYPE_FLAG) |
90 "h"_mst.If(!(k & CTxIn::SEQUENCE_LOCKTIME_TYPE_FLAG)) |
91 "Bzfmxk"_mst;
92 case Fragment::AFTER: return
93 "i"_mst.If(k >= LOCKTIME_THRESHOLD) |
94 "j"_mst.If(k < LOCKTIME_THRESHOLD) |
95 "Bzfmxk"_mst;
96 case Fragment::SHA256: return "Bonudmk"_mst;
97 case Fragment::RIPEMD160: return "Bonudmk"_mst;
98 case Fragment::HASH256: return "Bonudmk"_mst;
99 case Fragment::HASH160: return "Bonudmk"_mst;
100 case Fragment::JUST_1: return "Bzufmxk"_mst;
101 case Fragment::JUST_0: return "Bzudemsxk"_mst;
102 case Fragment::WRAP_A: return
103 "W"_mst.If(x << "B"_mst) | // W=B_x
104 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
105 (x & "udfems"_mst) | // u=u_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x
106 "x"_mst; // x
107 case Fragment::WRAP_S: return
108 "W"_mst.If(x << "Bo"_mst) | // W=B_x*o_x
109 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
110 (x & "udfemsx"_mst); // u=u_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x, x=x_x
111 case Fragment::WRAP_C: return
112 "B"_mst.If(x << "K"_mst) | // B=K_x
113 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
114 (x & "ondfem"_mst) | // o=o_x, n=n_x, d=d_x, f=f_x, e=e_x, m=m_x
115 "us"_mst; // u, s
116 case Fragment::WRAP_D: return
117 "B"_mst.If(x << "Vz"_mst) | // B=V_x*z_x
118 "o"_mst.If(x << "z"_mst) | // o=z_x
119 "e"_mst.If(x << "f"_mst) | // e=f_x
120 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
121 (x & "ms"_mst) | // m=m_x, s=s_x
122 // NOTE: 'd:' is 'u' under Tapscript but not P2WSH as MINIMALIF is only a policy rule there.
123 "u"_mst.If(IsTapscript(ms_ctx)) |
124 "ndx"_mst; // n, d, x
125 case Fragment::WRAP_V: return
126 "V"_mst.If(x << "B"_mst) | // V=B_x
127 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
128 (x & "zonms"_mst) | // z=z_x, o=o_x, n=n_x, m=m_x, s=s_x
129 "fx"_mst; // f, x
130 case Fragment::WRAP_J: return
131 "B"_mst.If(x << "Bn"_mst) | // B=B_x*n_x
132 "e"_mst.If(x << "f"_mst) | // e=f_x
133 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
134 (x & "oums"_mst) | // o=o_x, u=u_x, m=m_x, s=s_x
135 "ndx"_mst; // n, d, x
136 case Fragment::WRAP_N: return
137 (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x
138 (x & "Bzondfems"_mst) | // B=B_x, z=z_x, o=o_x, n=n_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x
139 "ux"_mst; // u, x
140 case Fragment::AND_V: return
141 (y & "KVB"_mst).If(x << "V"_mst) | // B=V_x*B_y, V=V_x*V_y, K=V_x*K_y
142 (x & "n"_mst) | (y & "n"_mst).If(x << "z"_mst) | // n=n_x+z_x*n_y
143 ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y
144 (x & y & "dmz"_mst) | // d=d_x*d_y, m=m_x*m_y, z=z_x*z_y
145 ((x | y) & "s"_mst) | // s=s_x+s_y
146 "f"_mst.If((y << "f"_mst) || (x << "s"_mst)) | // f=f_y+s_x
147 (y & "ux"_mst) | // u=u_y, x=x_y
148 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
149 "k"_mst.If(((x & y) << "k"_mst) &&
150 !(((x << "g"_mst) && (y << "h"_mst)) ||
151 ((x << "h"_mst) && (y << "g"_mst)) ||
152 ((x << "i"_mst) && (y << "j"_mst)) ||
153 ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*!(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y)
154 case Fragment::AND_B: return
155 (x & "B"_mst).If(y << "W"_mst) | // B=B_x*W_y
156 ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y
157 (x & "n"_mst) | (y & "n"_mst).If(x << "z"_mst) | // n=n_x+z_x*n_y
158 (x & y & "e"_mst).If((x & y) << "s"_mst) | // e=e_x*e_y*s_x*s_y
159 (x & y & "dzm"_mst) | // d=d_x*d_y, z=z_x*z_y, m=m_x*m_y
160 "f"_mst.If(((x & y) << "f"_mst) || (x << "sf"_mst) || (y << "sf"_mst)) | // f=f_x*f_y + f_x*s_x + f_y*s_y
161 ((x | y) & "s"_mst) | // s=s_x+s_y
162 "ux"_mst | // u, x
163 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
164 "k"_mst.If(((x & y) << "k"_mst) &&
165 !(((x << "g"_mst) && (y << "h"_mst)) ||
166 ((x << "h"_mst) && (y << "g"_mst)) ||
167 ((x << "i"_mst) && (y << "j"_mst)) ||
168 ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*!(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y)
169 case Fragment::OR_B: return
170 "B"_mst.If(x << "Bd"_mst && y << "Wd"_mst) | // B=B_x*d_x*W_x*d_y
171 ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y
172 (x & y & "m"_mst).If((x | y) << "s"_mst && (x & y) << "e"_mst) | // m=m_x*m_y*e_x*e_y*(s_x+s_y)
173 (x & y & "zse"_mst) | // z=z_x*z_y, s=s_x*s_y, e=e_x*e_y
174 "dux"_mst | // d, u, x
175 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
176 (x & y & "k"_mst); // k=k_x*k_y
177 case Fragment::OR_D: return
178 (y & "B"_mst).If(x << "Bdu"_mst) | // B=B_y*B_x*d_x*u_x
179 (x & "o"_mst).If(y << "z"_mst) | // o=o_x*z_y
180 (x & y & "m"_mst).If(x << "e"_mst && (x | y) << "s"_mst) | // m=m_x*m_y*e_x*(s_x+s_y)
181 (x & y & "zs"_mst) | // z=z_x*z_y, s=s_x*s_y
182 (y & "ufde"_mst) | // u=u_y, f=f_y, d=d_y, e=e_y
183 "x"_mst | // x
184 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
185 (x & y & "k"_mst); // k=k_x*k_y
186 case Fragment::OR_C: return
187 (y & "V"_mst).If(x << "Bdu"_mst) | // V=V_y*B_x*u_x*d_x
188 (x & "o"_mst).If(y << "z"_mst) | // o=o_x*z_y
189 (x & y & "m"_mst).If(x << "e"_mst && (x | y) << "s"_mst) | // m=m_x*m_y*e_x*(s_x+s_y)
190 (x & y & "zs"_mst) | // z=z_x*z_y, s=s_x*s_y
191 "fx"_mst | // f, x
192 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
193 (x & y & "k"_mst); // k=k_x*k_y
194 case Fragment::OR_I: return
195 (x & y & "VBKufs"_mst) | // V=V_x*V_y, B=B_x*B_y, K=K_x*K_y, u=u_x*u_y, f=f_x*f_y, s=s_x*s_y
196 "o"_mst.If((x & y) << "z"_mst) | // o=z_x*z_y
197 ((x | y) & "e"_mst).If((x | y) << "f"_mst) | // e=e_x*f_y+f_x*e_y
198 (x & y & "m"_mst).If((x | y) << "s"_mst) | // m=m_x*m_y*(s_x+s_y)
199 ((x | y) & "d"_mst) | // d=d_x+d_y
200 "x"_mst | // x
201 ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y
202 (x & y & "k"_mst); // k=k_x*k_y
203 case Fragment::ANDOR: return
204 (y & z & "BKV"_mst).If(x << "Bdu"_mst) | // B=B_x*d_x*u_x*B_y*B_z, K=B_x*d_x*u_x*K_y*K_z, V=B_x*d_x*u_x*V_y*V_z
205 (x & y & z & "z"_mst) | // z=z_x*z_y*z_z
206 ((x | (y & z)) & "o"_mst).If((x | (y & z)) << "z"_mst) | // o=o_x*z_y*z_z+z_x*o_y*o_z
207 (y & z & "u"_mst) | // u=u_y*u_z
208 (z & "f"_mst).If((x << "s"_mst) || (y << "f"_mst)) | // f=(s_x+f_y)*f_z
209 (z & "d"_mst) | // d=d_z
210 (z & "e"_mst).If(x << "s"_mst || y << "f"_mst) | // e=e_z*(s_x+f_y)
211 (x & y & z & "m"_mst).If(x << "e"_mst && (x | y | z) << "s"_mst) | // m=m_x*m_y*m_z*e_x*(s_x+s_y+s_z)
212 (z & (x | y) & "s"_mst) | // s=s_z*(s_x+s_y)
213 "x"_mst | // x
214 ((x | y | z) & "ghij"_mst) | // g=g_x+g_y+g_z, h=h_x+h_y+h_z, i=i_x+i_y+i_z, j=j_x+j_y_j_z
215 "k"_mst.If(((x & y & z) << "k"_mst) &&
216 !(((x << "g"_mst) && (y << "h"_mst)) ||
217 ((x << "h"_mst) && (y << "g"_mst)) ||
218 ((x << "i"_mst) && (y << "j"_mst)) ||
219 ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*k_z* !(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y)
220 case Fragment::MULTI: {
221 return "Bnudemsk"_mst;
222 }
223 case Fragment::MULTI_A: {
224 return "Budemsk"_mst;
225 }
226 case Fragment::THRESH: {
227 bool all_e = true;
228 bool all_m = true;
229 uint32_t args = 0;
230 uint32_t num_s = 0;
231 Type acc_tl = "k"_mst;
232 for (size_t i = 0; i < sub_types.size(); ++i) {
233 Type t = sub_types[i];
234 static constexpr auto WDU{"Wdu"_mst}, BDU{"Bdu"_mst};
235 if (!(t << (i ? WDU : BDU))) return ""_mst; // Require Bdu, Wdu, Wdu, ...
236 if (!(t << "e"_mst)) all_e = false;
237 if (!(t << "m"_mst)) all_m = false;
238 if (t << "s"_mst) num_s += 1;
239 args += (t << "z"_mst) ? 0 : (t << "o"_mst) ? 1 : 2;
240 acc_tl = ((acc_tl | t) & "ghij"_mst) |
241 // Thresh contains a combination of timelocks if it has threshold > 1 and
242 // it contains two different children that have different types of timelocks
243 // Note how if any of the children don't have "k", the parent also does not have "k"
244 "k"_mst.If(((acc_tl & t) << "k"_mst) && ((k <= 1) ||
245 ((k > 1) && !(((acc_tl << "g"_mst) && (t << "h"_mst)) ||
246 ((acc_tl << "h"_mst) && (t << "g"_mst)) ||
247 ((acc_tl << "i"_mst) && (t << "j"_mst)) ||
248 ((acc_tl << "j"_mst) && (t << "i"_mst))))));
249 }
250 return "Bdu"_mst |
251 "z"_mst.If(args == 0) | // z=all z
252 "o"_mst.If(args == 1) | // o=all z except one o
253 "e"_mst.If(all_e && num_s == n_subs) | // e=all e and all s
254 "m"_mst.If(all_e && all_m && num_s >= n_subs - k) | // m=all e, >=(n-k) s
255 "s"_mst.If(num_s >= n_subs - k + 1) | // s= >=(n-k+1) s
256 acc_tl; // timelock info
257 }
258 }
259 assert(false);
260}
261
262size_t ComputeScriptLen(Fragment fragment, Type sub0typ, size_t subsize, uint32_t k, size_t n_subs,
263 size_t n_keys, MiniscriptContext ms_ctx) {
264 switch (fragment) {
265 case Fragment::JUST_1:
266 case Fragment::JUST_0: return 1;
267 case Fragment::PK_K: return IsTapscript(ms_ctx) ? 33 : 34;
268 case Fragment::PK_H: return 3 + 21;
269 case Fragment::OLDER:
270 case Fragment::AFTER: return 1 + BuildScript(k).size();
271 case Fragment::HASH256:
272 case Fragment::SHA256: return 4 + 2 + 33;
273 case Fragment::HASH160:
274 case Fragment::RIPEMD160: return 4 + 2 + 21;
275 case Fragment::MULTI: return 1 + BuildScript(n_keys).size() + BuildScript(k).size() + 34 * n_keys;
276 case Fragment::MULTI_A: return (1 + 32 + 1) * n_keys + BuildScript(k).size() + 1;
277 case Fragment::AND_V: return subsize;
278 case Fragment::WRAP_V: return subsize + (sub0typ << "x"_mst);
279 case Fragment::WRAP_S:
280 case Fragment::WRAP_C:
281 case Fragment::WRAP_N:
282 case Fragment::AND_B:
283 case Fragment::OR_B: return subsize + 1;
284 case Fragment::WRAP_A:
285 case Fragment::OR_C: return subsize + 2;
286 case Fragment::WRAP_D:
287 case Fragment::OR_D:
288 case Fragment::OR_I:
289 case Fragment::ANDOR: return subsize + 3;
290 case Fragment::WRAP_J: return subsize + 4;
291 case Fragment::THRESH: return subsize + n_subs + BuildScript(k).size();
292 }
293 assert(false);
294}
295
296InputStack& InputStack::SetAvailable(Availability avail) {
297 available = avail;
298 if (avail == Availability::NO) {
299 stack.clear();
300 size = std::numeric_limits<size_t>::max();
301 has_sig = false;
302 malleable = false;
303 non_canon = false;
304 }
305 return *this;
306}
307
308InputStack& InputStack::SetWithSig() {
309 has_sig = true;
310 return *this;
311}
312
313InputStack& InputStack::SetNonCanon() {
314 non_canon = true;
315 return *this;
316}
317
318InputStack& InputStack::SetMalleable(bool x) {
319 malleable = x;
320 return *this;
321}
322
323InputStack operator+(InputStack a, InputStack b) {
324 a.stack = Cat(std::move(a.stack), std::move(b.stack));
325 if (a.available != Availability::NO && b.available != Availability::NO) a.size += b.size;
326 a.has_sig |= b.has_sig;
327 a.malleable |= b.malleable;
328 a.non_canon |= b.non_canon;
329 if (a.available == Availability::NO || b.available == Availability::NO) {
330 a.SetAvailable(Availability::NO);
331 } else if (a.available == Availability::MAYBE || b.available == Availability::MAYBE) {
332 a.SetAvailable(Availability::MAYBE);
333 }
334 return a;
335}
336
337InputStack operator|(InputStack a, InputStack b) {
338 // If only one is invalid, pick the other one. If both are invalid, pick an arbitrary one.
339 if (a.available == Availability::NO) return b;
340 if (b.available == Availability::NO) return a;
341 // If only one of the solutions has a signature, we must pick the other one.
342 if (!a.has_sig && b.has_sig) return a;
343 if (!b.has_sig && a.has_sig) return b;
344 if (!a.has_sig && !b.has_sig) {
345 // If neither solution requires a signature, the result is inevitably malleable.
346 a.malleable = true;
347 b.malleable = true;
348 } else {
349 // If both options require a signature, prefer the non-malleable one.
350 if (b.malleable && !a.malleable) return a;
351 if (a.malleable && !b.malleable) return b;
352 }
353 // Between two malleable or two non-malleable solutions, pick the smaller one between
354 // YESes, and the bigger ones between MAYBEs. Prefer YES over MAYBE.
355 if (a.available == Availability::YES && b.available == Availability::YES) {
356 return std::move(a.size <= b.size ? a : b);
357 } else if (a.available == Availability::MAYBE && b.available == Availability::MAYBE) {
358 return std::move(a.size >= b.size ? a : b);
359 } else if (a.available == Availability::YES) {
360 return a;
361 } else {
362 return b;
363 }
364}
365
366std::optional<std::vector<Opcode>> DecomposeScript(const CScript& script)
367{
368 std::vector<Opcode> out;
369 CScript::const_iterator it = script.begin(), itend = script.end();
370 while (it != itend) {
371 std::vector<unsigned char> push_data;
372 opcodetype opcode;
373 if (!script.GetOp(it, opcode, push_data)) {
374 return {};
375 } else if (opcode >= OP_1 && opcode <= OP_16) {
376 // Deal with OP_n (GetOp does not turn them into pushes).
377 push_data.assign(1, CScript::DecodeOP_N(opcode));
378 } else if (opcode == OP_CHECKSIGVERIFY) {
379 // Decompose OP_CHECKSIGVERIFY into OP_CHECKSIG OP_VERIFY
380 out.emplace_back(OP_CHECKSIG, std::vector<unsigned char>());
381 opcode = OP_VERIFY;
382 } else if (opcode == OP_CHECKMULTISIGVERIFY) {
383 // Decompose OP_CHECKMULTISIGVERIFY into OP_CHECKMULTISIG OP_VERIFY
384 out.emplace_back(OP_CHECKMULTISIG, std::vector<unsigned char>());
385 opcode = OP_VERIFY;
386 } else if (opcode == OP_EQUALVERIFY) {
387 // Decompose OP_EQUALVERIFY into OP_EQUAL OP_VERIFY
388 out.emplace_back(OP_EQUAL, std::vector<unsigned char>());
389 opcode = OP_VERIFY;
390 } else if (opcode == OP_NUMEQUALVERIFY) {
391 // Decompose OP_NUMEQUALVERIFY into OP_NUMEQUAL OP_VERIFY
392 out.emplace_back(OP_NUMEQUAL, std::vector<unsigned char>());
393 opcode = OP_VERIFY;
394 } else if (IsPushdataOp(opcode)) {
395 if (!CheckMinimalPush(push_data, opcode)) return {};
396 } else if (it != itend && (opcode == OP_CHECKSIG || opcode == OP_CHECKMULTISIG || opcode == OP_EQUAL || opcode == OP_NUMEQUAL) && (*it == OP_VERIFY)) {
397 // Rule out non minimal VERIFY sequences
398 return {};
399 }
400 out.emplace_back(opcode, std::move(push_data));
401 }
402 std::reverse(out.begin(), out.end());
403 return out;
404}
405
406std::optional<int64_t> ParseScriptNumber(const Opcode& in) {
407 if (in.first == OP_0) {
408 return 0;
409 }
410 if (!in.second.empty()) {
411 if (IsPushdataOp(in.first) && !CheckMinimalPush(in.second, in.first)) return {};
412 try {
413 return CScriptNum(in.second, true).GetInt64();
414 } catch(const scriptnum_error&) {}
415 }
416 return {};
417}
418
419int FindNextChar(Span<const char> sp, const char m)
420{
421 for (int i = 0; i < (int)sp.size(); ++i) {
422 if (sp[i] == m) return i;
423 // We only search within the current parentheses
424 if (sp[i] == ')') break;
425 }
426 return -1;
427}
428
429} // namespace internal
430} // namespace miniscript
args
ArgsManager & args
Definition bitcoind.cpp:270
CScript
Serialized script, used inside transaction inputs and outputs.
Definition script.h:414
CScript::DecodeOP_N
static int DecodeOP_N(opcodetype opcode)
Encode/decode small integers:
Definition script.h:506
CScriptNum::GetInt64
int64_t GetInt64() const
Definition script.h:341
CTxIn::SEQUENCE_LOCKTIME_TYPE_FLAG
static const uint32_t SEQUENCE_LOCKTIME_TYPE_FLAG
If CTxIn::nSequence encodes a relative lock-time and this flag is set, the relative lock-time has uni...
Definition transaction.h:104
Span
A Span is an object that can refer to a contiguous sequence of objects.
Definition span.h:98
Span::size
constexpr std::size_t size() const noexcept
Definition span.h:187
miniscript::Type
This type encapsulates the miniscript type system properties.
Definition miniscript.h:122
miniscript::Type::If
constexpr Type If(bool x) const
The empty type if x is false, itself otherwise.
Definition miniscript.h:149
prevector::const_iterator
Definition prevector.h:101
prevector::size
size_type size() const
Definition prevector.h:296
scriptnum_error
Definition script.h:220
miniscript::internal::ComputeScriptLen
size_t ComputeScriptLen(Fragment fragment, Type sub0typ, size_t subsize, uint32_t k, size_t n_subs, size_t n_keys, MiniscriptContext ms_ctx)
Helper function for Node::CalcScriptLen.
Definition miniscript.cpp:262
miniscript::internal::FindNextChar
int FindNextChar(Span< const char > sp, const char m)
Definition miniscript.cpp:419
miniscript::internal::ParseScriptNumber
std::optional< int64_t > ParseScriptNumber(const Opcode &in)
Determine whether the passed pair (created by DecomposeScript) is pushing a number.
Definition miniscript.cpp:406
miniscript::internal::SanitizeType
Type SanitizeType(Type e)
A helper sanitizer/checker for the output of CalcType.
Definition miniscript.cpp:16
miniscript::internal::DecomposeScript
std::optional< std::vector< Opcode > > DecomposeScript(const CScript &script)
Decode a script into opcode/push pairs.
Definition miniscript.cpp:366
miniscript::internal::operator+
InputStack operator+(InputStack a, InputStack b)
Definition miniscript.cpp:323
miniscript::internal::operator|
InputStack operator|(InputStack a, InputStack b)
Definition miniscript.cpp:337
miniscript::internal::ComputeType
Type ComputeType(Fragment fragment, Type x, Type y, Type z, const std::vector< Type > &sub_types, uint32_t k, size_t data_size, size_t n_subs, size_t n_keys, MiniscriptContext ms_ctx)
Helper function for Node::CalcType.
Definition miniscript.cpp:36
miniscript::Opcode
std::pair< opcodetype, std::vector< unsigned char > > Opcode
Definition miniscript.h:184
miniscript::IsTapscript
constexpr bool IsTapscript(MiniscriptContext ms_ctx)
Whether the context Tapscript, ensuring the only other possibility is P2WSH.
Definition miniscript.h:240
miniscript::Fragment
Fragment
The different node types in miniscript.
Definition miniscript.h:194
miniscript::Fragment::OR_I
@ OR_I
OP_IF [X] OP_ELSE [Y] OP_ENDIF.
miniscript::Fragment::MULTI_A
@ MULTI_A
[key_0] OP_CHECKSIG ([key_n] OP_CHECKSIGADD)* [k] OP_NUMEQUAL (only within Tapscript ctx)
miniscript::Fragment::RIPEMD160
@ RIPEMD160
OP_SIZE 32 OP_EQUALVERIFY OP_RIPEMD160 [hash] OP_EQUAL.
miniscript::Fragment::HASH160
@ HASH160
OP_SIZE 32 OP_EQUALVERIFY OP_HASH160 [hash] OP_EQUAL.
miniscript::Fragment::OR_B
@ OR_B
[X] [Y] OP_BOOLOR
miniscript::Fragment::WRAP_A
@ WRAP_A
OP_TOALTSTACK [X] OP_FROMALTSTACK.
miniscript::Fragment::WRAP_V
@ WRAP_V
[X] OP_VERIFY (or -VERIFY version of last opcode in X)
miniscript::Fragment::ANDOR
@ ANDOR
[X] OP_NOTIF [Z] OP_ELSE [Y] OP_ENDIF
miniscript::Fragment::THRESH
@ THRESH
[X1] ([Xn] OP_ADD)* [k] OP_EQUAL
miniscript::Fragment::WRAP_N
@ WRAP_N
[X] OP_0NOTEQUAL
miniscript::Fragment::WRAP_S
@ WRAP_S
OP_SWAP [X].
miniscript::Fragment::OR_C
@ OR_C
[X] OP_NOTIF [Y] OP_ENDIF
miniscript::Fragment::HASH256
@ HASH256
OP_SIZE 32 OP_EQUALVERIFY OP_HASH256 [hash] OP_EQUAL.
miniscript::Fragment::OLDER
@ OLDER
[n] OP_CHECKSEQUENCEVERIFY
miniscript::Fragment::SHA256
@ SHA256
OP_SIZE 32 OP_EQUALVERIFY OP_SHA256 [hash] OP_EQUAL.
miniscript::Fragment::WRAP_J
@ WRAP_J
OP_SIZE OP_0NOTEQUAL OP_IF [X] OP_ENDIF.
miniscript::Fragment::AFTER
@ AFTER
[n] OP_CHECKLOCKTIMEVERIFY
miniscript::Fragment::OR_D
@ OR_D
[X] OP_IFDUP OP_NOTIF [Y] OP_ENDIF
miniscript::Fragment::WRAP_D
@ WRAP_D
OP_DUP OP_IF [X] OP_ENDIF.
miniscript::Fragment::AND_B
@ AND_B
[X] [Y] OP_BOOLAND
miniscript::Fragment::PK_H
@ PK_H
OP_DUP OP_HASH160 [keyhash] OP_EQUALVERIFY.
miniscript::Fragment::WRAP_C
@ WRAP_C
[X] OP_CHECKSIG
miniscript::Fragment::MULTI
@ MULTI
[k] [key_n]* [n] OP_CHECKMULTISIG (only available within P2WSH context)
CheckMinimalPush
bool CheckMinimalPush(const std::vector< unsigned char > &data, opcodetype opcode)
Definition script.cpp:366
LOCKTIME_THRESHOLD
static const unsigned int LOCKTIME_THRESHOLD
Definition script.h:46
opcodetype
opcodetype
Script opcodes.
Definition script.h:73
OP_CHECKMULTISIG
@ OP_CHECKMULTISIG
Definition script.h:191
OP_CHECKSIG
@ OP_CHECKSIG
Definition script.h:189
OP_16
@ OP_16
Definition script.h:98
OP_EQUAL
@ OP_EQUAL
Definition script.h:145
OP_NUMEQUAL
@ OP_NUMEQUAL
Definition script.h:170
OP_NUMEQUALVERIFY
@ OP_NUMEQUALVERIFY
Definition script.h:171
OP_1
@ OP_1
Definition script.h:82
OP_VERIFY
@ OP_VERIFY
Definition script.h:109
OP_CHECKMULTISIGVERIFY
@ OP_CHECKMULTISIGVERIFY
Definition script.h:192
OP_CHECKSIGVERIFY
@ OP_CHECKSIGVERIFY
Definition script.h:190
OP_0
@ OP_0
Definition script.h:75
OP_EQUALVERIFY
@ OP_EQUALVERIFY
Definition script.h:146
MAX_PUBKEYS_PER_MULTI_A
static constexpr unsigned int MAX_PUBKEYS_PER_MULTI_A
The limit of keys in OP_CHECKSIGADD-based scripts.
Definition script.h:36
BuildScript
CScript BuildScript(Ts &&... inputs)
Build a script by concatenating other scripts, or any argument accepted by CScript::operator<<.
Definition script.h:605
MAX_PUBKEYS_PER_MULTISIG
static const int MAX_PUBKEYS_PER_MULTISIG
Definition script.h:33
IsPushdataOp
constexpr bool IsPushdataOp(opcodetype opcode)
Definition solver.h:40
miniscript::internal::InputStack
An object representing a sequence of witness stack elements.
Definition miniscript.h:289
miniscript::internal::InputStack::malleable
bool malleable
Whether this stack is malleable (can be turned into an equally valid other stack by a third party).
Definition miniscript.h:299
miniscript::internal::InputStack::stack
std::vector< std::vector< unsigned char > > stack
Data elements.
Definition miniscript.h:306
miniscript::internal::InputStack::has_sig
bool has_sig
Whether this stack contains a digital signature.
Definition miniscript.h:297
miniscript::internal::InputStack::SetAvailable
InputStack & SetAvailable(Availability avail)
Change availability.
Definition miniscript.cpp:296
miniscript::internal::InputStack::available
Availability available
Whether this stack is valid for its intended purpose (satisfaction or dissatisfaction of a Node).
Definition miniscript.h:295
miniscript::internal::InputStack::SetMalleable
InputStack & SetMalleable(bool x=true)
Mark this input stack as malleable.
Definition miniscript.cpp:318
miniscript::internal::InputStack::size
size_t size
Serialized witness size.
Definition miniscript.h:304
miniscript::internal::InputStack::non_canon
bool non_canon
Whether this stack is non-canonical (using a construction known to be unnecessary for satisfaction).
Definition miniscript.h:302
miniscript::internal::InputStack::SetWithSig
InputStack & SetWithSig()
Mark this input stack as having a signature.
Definition miniscript.cpp:308
miniscript::internal::InputStack::SetNonCanon
InputStack & SetNonCanon()
Mark this input stack as non-canonical (known to not be necessary in non-malleable satisfactions).
Definition miniscript.cpp:313
assert
assert(!tx.IsCoinBase())
Cat
V Cat(V v1, V &&v2)
Concatenate two vectors, moving elements.
Definition vector.h:34
Generated on Thu Oct 3 2024 09:20:15 for Bitcoin Core by doxygen 1.12.0