31#include <boost/test/unit_test.hpp>
100 BOOST_ERROR(
"Unknown scripterror enumeration value, update script_errors in script_tests.cpp.");
109 BOOST_ERROR(
"Unknown scripterror \"" <<
name <<
"\" in test description");
130 for (
int i = 0; i < 16; ++i) {
132 uint32_t combined_flags{
expect ? (
flags & ~extra_flags) : (
flags | extra_flags)};
136 BOOST_CHECK_MESSAGE(
VerifyScript(scriptSig, scriptPubKey, &scriptWitness, combined_flags,
MutableTransactionSignatureChecker(&tx, 0, txCredit.
vout[0].nValue,
MissingDataBehavior::ASSERT_FAIL), &err) ==
expect, message +
strprintf(
" (with flags %x)", combined_flags));
142 std::vector<unsigned char> r, s;
143 r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
144 s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
147 static const unsigned char order[33] = {
149 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
150 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
151 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
152 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
154 while (s.size() < 33) {
155 s.insert(s.begin(), 0x00);
158 for (
int p = 32; p >= 1; p--) {
159 int n = (int)order[p] - s[p] - carry;
160 s[p] = (n + 256) & 0xFF;
164 if (s.size() > 1 && s[0] == 0 && s[1] < 0x80) {
170 vchSig.push_back(0x30);
171 vchSig.push_back(4 + r.size() + s.size());
172 vchSig.push_back(0x02);
173 vchSig.push_back(r.size());
174 vchSig.insert(vchSig.end(), r.begin(), r.end());
175 vchSig.push_back(0x02);
176 vchSig.push_back(s.size());
177 vchSig.insert(vchSig.end(), s.begin(), s.end());
182const unsigned char vchKey0[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1};
183const unsigned char vchKey1[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0};
184const unsigned char vchKey2[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0};
188 CKey key0, key0C, key1, key1C, key2, key2C;
189 CPubKey pubkey0, pubkey0C, pubkey0H;
195 key0.
Set(vchKey0, vchKey0 + 32,
false);
196 key0C.
Set(vchKey0, vchKey0 + 32,
true);
200 *
const_cast<unsigned char*
>(pubkey0H.
data()) = 0x06 | (pubkey0H[64] & 1);
202 key1.
Set(vchKey1, vchKey1 + 32,
false);
203 key1C.
Set(vchKey1, vchKey1 + 32,
true);
207 key2.
Set(vchKey2, vchKey2 + 32,
false);
208 key2C.
Set(vchKey2, vchKey2 + 32,
true);
214enum class WitnessMode {
232 bool havePush{
false};
233 std::vector<unsigned char> push;
242 spendTx.
vin[0].scriptSig << push;
247 void DoPush(
const std::vector<unsigned char>& data)
255 TestBuilder(
const CScript& script_,
const std::string& comment_, uint32_t flags_,
bool P2SH =
false, WitnessMode wm = WitnessMode::NONE,
int witnessversion = 0,
CAmount nValue_ = 0) :
script(script_), comment(comment_),
flags(flags_), nValue(nValue_)
258 if (wm == WitnessMode::PKH) {
263 }
else if (wm == WitnessMode::SH) {
264 witscript = scriptPubKey;
270 redeemscript = scriptPubKey;
286 spendTx.
vin[0].scriptSig << _op;
290 TestBuilder&
Num(
int num)
293 spendTx.
vin[0].scriptSig << num;
297 TestBuilder& Push(
const std::string& hex)
303 TestBuilder& Push(
const CScript& _script)
305 DoPush(std::vector<unsigned char>(_script.
begin(), _script.
end()));
312 std::vector<unsigned char> vchSig, r, s;
315 key.
Sign(hash, vchSig,
false, iter++);
316 if ((lenS == 33) != (vchSig[5 + vchSig[3]] == 33)) {
319 r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
320 s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
321 }
while (lenR != r.size() || lenS != s.size());
322 vchSig.push_back(
static_cast<unsigned char>(nHashType));
331 return PushSig(key, nHashType, lenR, lenS, sigversion, amount).AsWit();
334 TestBuilder& Push(
const CPubKey& pubkey)
336 DoPush(std::vector<unsigned char>(pubkey.
begin(), pubkey.
end()));
340 TestBuilder& PushRedeem()
342 DoPush(std::vector<unsigned char>(redeemscript.
begin(), redeemscript.
end()));
346 TestBuilder& PushWitRedeem()
348 DoPush(std::vector<unsigned char>(witscript.
begin(), witscript.
end()));
352 TestBuilder& EditPush(
unsigned int pos,
const std::string& hexin,
const std::string& hexout)
355 std::vector<unsigned char> datain =
ParseHex(hexin);
356 std::vector<unsigned char> dataout =
ParseHex(hexout);
357 assert(pos + datain.size() <= push.size());
358 BOOST_CHECK_MESSAGE(std::vector<unsigned char>(push.begin() + pos, push.begin() + pos + datain.size()) == datain, comment);
359 push.erase(push.begin() + pos, push.begin() + pos + datain.size());
360 push.insert(push.begin() + pos, dataout.begin(), dataout.end());
364 TestBuilder& DamagePush(
unsigned int pos)
367 assert(pos < push.size());
374 TestBuilder copy = *
this;
376 DoTest(creditTx->vout[0].scriptPubKey, spendTx.
vin[0].scriptSig, scriptWitness, flags, comment, scriptError, nValue);
384 scriptWitness.
stack.push_back(push);
393 if (!scriptWitness.
stack.empty()) {
395 for (
unsigned i = 0; i < scriptWitness.
stack.size(); i++) {
399 array.push_back(std::move(wit));
402 array.push_back(
FormatScript(creditTx->vout[0].scriptPubKey));
405 array.push_back(comment);
409 std::string GetComment()
const
415std::string JSONPrettyPrint(
const UniValue& univalue)
417 std::string
ret = univalue.
write(4);
420 while ((pos =
ret.find(
" \n", pos)) != std::string::npos) {
421 ret.replace(pos, 2,
"\n");
432 std::vector<TestBuilder> tests;
436 ).PushSig(keys.key0));
443 ).PushSig(keys.key1).Push(keys.pubkey1C));
445 "P2PKH, bad pubkey", 0
449 "P2PK anyonecanpay", 0
452 "P2PK anyonecanpay marked with normal hashtype", 0
457 ).PushSig(keys.key0).PushRedeem());
464 ).PushSig(keys.key0).Push(keys.pubkey0).PushRedeem());
466 "P2SH(P2PKH), bad sig but no VERIFY_P2SH", 0,
true
467 ).PushSig(keys.key0).DamagePush(10).PushRedeem());
474 ).Num(0).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
481 ).Num(0).PushSig(keys.key1).PushSig(keys.key2).PushRedeem());
487 "P2PK with too much R padding but no DERSIG", 0
488 ).PushSig(keys.key1,
SIGHASH_ALL, 31, 32).EditPush(1,
"43021F",
"44022000"));
493 "P2PK with too much S padding but no DERSIG", 0
494 ).PushSig(keys.key1,
SIGHASH_ALL).EditPush(1,
"44",
"45").EditPush(37,
"20",
"2100"));
499 "P2PK with too little R padding but no DERSIG", 0
500 ).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
505 "P2PK NOT with bad sig with too much R padding but no DERSIG", 0
506 ).PushSig(keys.key2,
SIGHASH_ALL, 31, 32).EditPush(1,
"43021F",
"44022000").DamagePush(10));
511 "P2PK NOT with too much R padding but no DERSIG", 0
518 "BIP66 example 1, without DERSIG", 0
519 ).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
524 "BIP66 example 2, without DERSIG", 0
530 "BIP66 example 3, without DERSIG", 0
536 "BIP66 example 4, without DERSIG", 0
542 "BIP66 example 5, without DERSIG", 0
548 "BIP66 example 6, without DERSIG", 0
554 "BIP66 example 7, without DERSIG", 0
555 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").PushSig(keys.key2));
560 "BIP66 example 8, without DERSIG", 0
566 "BIP66 example 9, without DERSIG", 0
572 "BIP66 example 10, without DERSIG", 0
573 ).Num(0).Num(0).PushSig(keys.key2,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220"));
578 "BIP66 example 11, without DERSIG", 0
584 "BIP66 example 12, without DERSIG", 0
585 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").Num(0));
588 ).Num(0).PushSig(keys.key1,
SIGHASH_ALL, 33, 32).EditPush(1,
"45022100",
"440220").Num(0));
590 "P2PK with multi-byte hashtype, without DERSIG", 0
591 ).PushSig(keys.key2,
SIGHASH_ALL).EditPush(70,
"01",
"0101"));
597 "P2PK with high S but no LOW_S", 0
604 "P2PK with hybrid pubkey but no STRICTENC", 0
610 "P2PK NOT with hybrid pubkey but no STRICTENC", 0
616 "P2PK NOT with invalid hybrid pubkey but no STRICTENC", 0
622 "1-of-2 with the second 1 hybrid pubkey and no STRICTENC", 0
632 "P2PK with undefined hashtype but no STRICTENC", 0
633 ).PushSig(keys.key1, 5));
638 "P2PK NOT with invalid sig and undefined hashtype but no STRICTENC", 0
639 ).PushSig(keys.key1, 5).DamagePush(10));
645 "3-of-3 with nonzero dummy but no NULLDUMMY", 0
646 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2));
651 "3-of-3 NOT with invalid sig and nonzero dummy but no NULLDUMMY", 0
652 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10));
655 ).Num(1).PushSig(keys.key0).PushSig(keys.key1).PushSig(keys.key2).DamagePush(10).ScriptError(
SCRIPT_ERR_SIG_NULLDUMMY));
658 "2-of-2 with two identical keys and sigs pushed using OP_DUP but no SIGPUSHONLY", 0
659 ).Num(0).PushSig(keys.key1).Opcode(
OP_DUP));
664 "P2SH(P2PK) with non-push scriptSig but no P2SH or SIGPUSHONLY", 0,
true
665 ).PushSig(keys.key2).Opcode(
OP_NOP8).PushRedeem());
667 "P2PK with non-push scriptSig but with P2SH validation", 0
668 ).PushSig(keys.key2).Opcode(
OP_NOP8));
677 ).Num(0).PushSig(keys.key1).PushSig(keys.key1));
680 ).Num(11).PushSig(keys.key0));
686 ).Num(11).PushSig(keys.key0).PushRedeem());
692 ).PushSig(keys.key0).PushRedeem());
696 0, 1).PushWitSig(keys.key0).PushWitRedeem());
699 0, 1).PushWitSig(keys.key0).Push(keys.pubkey0).AsWit());
702 0, 1).PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
705 0, 1).PushWitSig(keys.key0).Push(keys.pubkey0).AsWit().PushRedeem());
719 "Basic P2WSH with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
false, WitnessMode::SH
720 ).PushWitSig(keys.key0).PushWitRedeem());
722 "Basic P2WPKH with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
false, WitnessMode::PKH
723 ).PushWitSig(keys.key0).Push(keys.pubkey1).AsWit());
725 "Basic P2SH(P2WSH) with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
true, WitnessMode::SH
726 ).PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
728 "Basic P2SH(P2WPKH) with the wrong key but no WITNESS",
SCRIPT_VERIFY_P2SH,
true, WitnessMode::PKH
729 ).PushWitSig(keys.key0).Push(keys.pubkey1).AsWit().PushRedeem());
741 0, 0).PushWitSig(keys.key0, 1).Push(keys.pubkey0).AsWit().PushRedeem().ScriptError(
SCRIPT_ERR_EVAL_FALSE));
751 std::vector<unsigned char> hashBytes =
ToByteVector(hash);
752 hashBytes.pop_back();
753 tests.push_back(TestBuilder(
CScript() <<
OP_0 << hashBytes,
782 0, 1).PushWitSig(keys.key0C).PushWitRedeem());
785 0, 1).PushWitSig(keys.key0C).Push(keys.pubkey0C).AsWit());
788 0, 1).PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
791 0, 1).PushWitSig(keys.key0C).Push(keys.pubkey0C).AsWit().PushRedeem());
810 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
813 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
816 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem());
819 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem().PushRedeem());
824 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0).PushWitRedeem());
827 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0).PushWitRedeem().PushRedeem());
836 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem());
839 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1C).PushWitRedeem().PushRedeem());
849 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
852 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
855 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem());
858 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key0C).PushWitRedeem().PushRedeem());
861 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1).PushWitRedeem());
864 0, 1).Push(
CScript()).AsWit().PushWitSig(keys.key1).PushWitRedeem().PushRedeem());
872 std::set<std::string> tests_set;
877 for (
unsigned int idx = 0; idx <
json_tests.size(); idx++) {
879 tests_set.insert(JSONPrettyPrint(tv.
get_array()));
883#ifdef UPDATE_JSON_TESTS
886 for (TestBuilder& test : tests) {
888 std::string str = JSONPrettyPrint(test.GetJSON());
889#ifdef UPDATE_JSON_TESTS
890 strGen += str +
",\n";
892 if (tests_set.count(str) == 0) {
893 BOOST_CHECK_MESSAGE(
false,
"Missing auto script_valid test: " + test.GetComment());
898#ifdef UPDATE_JSON_TESTS
900 fputs(strGen.c_str(), file);
916 for (
unsigned int idx = 0; idx < tests.
size(); idx++) {
918 std::string strTest = test.
write();
921 unsigned int pos = 0;
924 for (i = 0; i < test[pos].
size()-1; i++) {
930 if (test.
size() < 4 + pos)
932 if (test.
size() != 1) {
933 BOOST_ERROR(
"Bad test: " << strTest);
937 std::string scriptSigString = test[pos++].
get_str();
939 std::string scriptPubKeyString = test[pos++].
get_str();
944 DoTest(scriptPubKey, scriptSig, witness, scriptflags, strTest, scriptError, nValue);
952 static const unsigned char direct[] = { 1, 0x5a };
953 static const unsigned char pushdata1[] = {
OP_PUSHDATA1, 1, 0x5a };
954 static const unsigned char pushdata2[] = {
OP_PUSHDATA2, 1, 0, 0x5a };
955 static const unsigned char pushdata4[] = {
OP_PUSHDATA4, 1, 0, 0, 0, 0x5a };
958 std::vector<std::vector<unsigned char> > directStack;
962 std::vector<std::vector<unsigned char> > pushdata1Stack;
967 std::vector<std::vector<unsigned char> > pushdata2Stack;
972 std::vector<std::vector<unsigned char> > pushdata4Stack;
977 const std::vector<unsigned char> pushdata1_trunc{
OP_PUSHDATA1, 1};
978 const std::vector<unsigned char> pushdata2_trunc{
OP_PUSHDATA2, 1, 0};
979 const std::vector<unsigned char> pushdata4_trunc{
OP_PUSHDATA4, 1, 0, 0, 0};
981 std::vector<std::vector<unsigned char>> stack_ignore;
994 std::vector<std::vector<unsigned char>> stack_ignore;
1015 for (
const CKey &key : keys)
1017 std::vector<unsigned char> vchSig;
1027 std::vector<CKey> keys;
1048 txTo12.
vout[0].nValue = 2;
1075 std::vector<CKey> keys;
1076 keys.push_back(key1); keys.push_back(key2);
1082 keys.push_back(key1); keys.push_back(key3);
1088 keys.push_back(key2); keys.push_back(key3);
1094 keys.push_back(key2); keys.push_back(key2);
1100 keys.push_back(key2); keys.push_back(key1);
1106 keys.push_back(key3); keys.push_back(key2);
1112 keys.push_back(key4); keys.push_back(key2);
1118 keys.push_back(key1); keys.push_back(key4);
1143 std::vector<CKey> keys;
1144 std::vector<CPubKey> pubkeys;
1145 for (
int i = 0; i < 3; i++)
1148 keys.push_back(key);
1155 CScript& scriptPubKey = txFrom.
vout[0].scriptPubKey;
1189 scriptSigCopy = scriptSig;
1208 std::vector<unsigned char> sig1;
1212 std::vector<unsigned char> sig2;
1216 std::vector<unsigned char> sig3;
1268 const auto invalid_pubkey{
ParseHex(
"173d36c8c9c9c9ffffffffffff0200000000021e1e37373721361818181818181e1e1e1e19000000000000000000b19292929292926b006c9b9b9292")};
1270 builder.
Add(0, {invalid_pubkey}, 0xc0);
1296 for (
int i=0; i<67000; i++) {
1299 BOOST_CHECK_MESSAGE(
script.IsPushOnly(),
"Number " << i <<
" is not pure push.");
1305 std::vector<unsigned char> data(i,
'\111');
1308 BOOST_CHECK_MESSAGE(
script.IsPushOnly(),
"Length " << i <<
" is not pure push.");
1321 static const unsigned char direct[] = { 1 };
1332 std::string derSig(
"304502207fa7a6d1e0ee81132a269ad84e68d695483745cde8b541e3bf630749894e342a022100c1f7ab20e13e22fb95281a870f3dcf38d782e53023ee313d741ad0cfbc0c5090");
1333 std::string pubKey(
"03b0da749730dc9b4b1f4a14d6902877a92541f5368778853d9c4a0cb7802dcfb2");
1357 std::vector<unsigned char> data =
ParseHex(str);
1358 return CScript(data.begin(), data.end());
1494 std::vector<CTxOut> prevouts;
1495 for (
size_t i = 0; i < univalue.
size(); ++i) {
1498 prevouts.push_back(std::move(txout));
1507 for (
size_t i = 0; i < univalue.
size(); ++i) {
1508 auto bytes =
ParseHex(univalue[i].get_str());
1509 scriptwitness.
stack.push_back(std::move(bytes));
1511 return scriptwitness;
1516 std::vector<unsigned int>
ret;
1518 for (
unsigned int i = 0; i < 128; ++i) {
1519 unsigned int flag = 0;
1533 ret.push_back(flag);
1547 const std::vector<CTxOut> prevouts =
TxOutsFromJSON(test[
"prevouts"]);
1549 size_t idx = test[
"index"].
getInt<int64_t>();
1553 if (test.
exists(
"success")) {
1554 mtx.
vin[idx].scriptSig =
ScriptFromHex(test[
"success"][
"scriptSig"].get_str());
1558 txdata.
Init(tx, std::vector<CTxOut>(prevouts));
1564 if (fin || ((
flags & test_flags) ==
flags)) {
1565 bool ret =
VerifyScript(tx.
vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.
vin[idx].scriptWitness,
flags, txcheck,
nullptr);
1571 if (test.
exists(
"failure")) {
1572 mtx.
vin[idx].scriptSig =
ScriptFromHex(test[
"failure"][
"scriptSig"].get_str());
1576 txdata.
Init(tx, std::vector<CTxOut>(prevouts));
1581 if ((
flags & test_flags) == test_flags) {
1582 bool ret =
VerifyScript(tx.
vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.
vin[idx].scriptWitness,
flags, txcheck,
nullptr);
1595 const char* dir = std::getenv(
"DIR_UNIT_TEST_DATA");
1596 BOOST_WARN_MESSAGE(dir !=
nullptr,
"Variable DIR_UNIT_TEST_DATA unset, skipping script_assets_test");
1597 if (dir ==
nullptr)
return;
1598 auto path =
fs::path(dir) /
"script_assets_test.json";
1600 BOOST_WARN_MESSAGE(exists,
"File $DIR_UNIT_TEST_DATA/script_assets_test.json not found, skipping script_assets_test");
1601 if (!exists)
return;
1602 std::ifstream file{path};
1604 file.seekg(0, std::ios::end);
1605 size_t length = file.tellg();
1606 file.seekg(0, std::ios::beg);
1607 std::string data(length,
'\0');
1608 file.read(data.data(), data.size());
1613 for (
size_t i = 0; i < tests.
size(); i++) {
1624 const auto& vectors = tests[
"keyPathSpending"];
1626 for (
const auto& vec : vectors.getValues()) {
1627 auto txhex =
ParseHex(vec[
"given"][
"rawUnsignedTx"].get_str());
1630 std::vector<CTxOut> utxos;
1631 for (
const auto& utxo_spent : vec[
"given"][
"utxosSpent"].getValues()) {
1632 auto script_bytes =
ParseHex(utxo_spent[
"scriptPubKey"].get_str());
1634 CAmount amount{utxo_spent[
"amountSats"].getInt<
int>()};
1635 utxos.emplace_back(amount,
script);
1639 txdata.
Init(tx, std::vector<CTxOut>{utxos},
true);
1648 for (
const auto& input : vec[
"inputSpending"].getValues()) {
1649 int txinpos = input[
"given"][
"txinIndex"].getInt<
int>();
1650 int hashtype = input[
"given"][
"hashType"].getInt<
int>();
1653 auto privkey =
ParseHex(input[
"given"][
"internalPrivkey"].get_str());
1655 key.
Set(privkey.begin(), privkey.end(),
true);
1659 if (!input[
"given"][
"merkleRoot"].isNull()) {
1660 merkle_root =
uint256{
ParseHex(input[
"given"][
"merkleRoot"].get_str())};
1671 std::vector<unsigned char> signature;
1676 BOOST_CHECK_EQUAL(
HexStr(pubkey.ComputeTapTweakHash(merkle_root.
IsNull() ?
nullptr : &merkle_root)), input[
"intermediary"][
"tweak"].get_str());
1695 constexpr uint256 hash1{
"8ad69ec7cf41c2a4001fd1f738bf1e505ce2277acdcaa63fe4765192497f47a7"};
1696 constexpr uint256 hash2{
"f224a923cd0021ab202ab139cc56802ddb92dcfc172b9212261a539df79a112a"};
1697 constexpr uint256 result{
"a64c5b7b943315f9b805d7a7296bedfcfd08919270a1f7a1466e98f8693d8cd9"};
1703 constexpr uint8_t
script[6] = {
'f',
'o',
'o',
'b',
'a',
'r'};
1704 constexpr uint256 tlc0{
"edbc10c272a1215dcdcc11d605b9027b5ad6ed97cd45521203f136767b5b9c06"};
1705 constexpr uint256 tlc2{
"8b5c4f90ae6bf76e259dbef5d8a59df06359c391b59263741b25eca76451b27a"};
CScript GetScriptForDestination(const CTxDestination &dest)
Generate a Bitcoin scriptPubKey for the given CTxDestination.
int64_t CAmount
Amount in satoshis (Can be negative)
static CAmount AmountFromValue(const UniValue &value)
A hasher class for Bitcoin's 160-bit hash (SHA-256 + RIPEMD-160).
void Finalize(Span< unsigned char > output)
CHash160 & Write(Span< const unsigned char > input)
An encapsulated private key.
bool Sign(const uint256 &hash, std::vector< unsigned char > &vchSig, bool grind=true, uint32_t test_case=0) const
Create a DER-serialized signature.
CPubKey GetPubKey() const
Compute the public key from a private key.
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
An outpoint - a combination of a transaction hash and an index n into its vout.
An encapsulated public key.
const unsigned char * data() const
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
const unsigned char * end() const
const unsigned char * begin() const
A hasher class for SHA-256.
void Finalize(unsigned char hash[OUTPUT_SIZE])
CSHA256 & Write(const unsigned char *data, size_t len)
Serialized script, used inside transaction inputs and outputs.
A reference to a CScript: the Hash160 of its serialization.
The basic transaction that is broadcasted on the network and contained in blocks.
const std::vector< CTxIn > vin
An output of a transaction.
Fillable signing provider that keeps keys in an address->secret map.
virtual bool AddCScript(const CScript &redeemScript)
virtual bool AddKey(const CKey &key)
A writer stream (for serialization) that computes a 256-bit hash.
A signature creator for transactions.
bool CreateSchnorrSig(const SigningProvider &provider, std::vector< unsigned char > &sig, const XOnlyPubKey &pubkey, const uint256 *leaf_hash, const uint256 *merkle_root, SigVersion sigversion) const override
Valid signature cache, to avoid doing expensive ECDSA signature checking twice for every transaction ...
A Span is an object that can refer to a contiguous sequence of objects.
CONSTEXPR_IF_NOT_DEBUG Span< C > subspan(std::size_t offset) const noexcept
Minimal stream for reading from an existing byte array by Span.
Utility class to construct Taproot outputs from internal key and script tree.
WitnessV1Taproot GetOutput()
Compute scriptPubKey (after Finalize()).
TaprootSpendData GetSpendData() const
Compute spending data (after Finalize()).
TaprootBuilder & Add(int depth, Span< const unsigned char > script, int leaf_version, bool track=true)
Add a new script at a certain depth in the tree.
TaprootBuilder & Finalize(const XOnlyPubKey &internal_key)
Finalize the construction.
const std::string & get_str() const
std::string write(unsigned int prettyIndent=0, unsigned int indentLevel=0) const
bool read(std::string_view raw)
const UniValue & get_array() const
bool exists(const std::string &key) const
static const XOnlyPubKey NUMS_H
Nothing Up My Sleeve point H Used as an internal key for provably disabling the key path spend see BI...
constexpr bool IsNull() const
constexpr unsigned char * begin()
Path class wrapper to block calls to the fs::path(std::string) implicit constructor and the fs::path:...
void push_back(const T &value)
CScript ParseScript(const std::string &s)
std::string FormatScript(const CScript &script)
std::string ScriptToAsmStr(const CScript &script, const bool fAttemptSighashDecode=false)
Create the assembly string representation of a CScript object.
UniValue ValueFromAmount(const CAmount amount)
BOOST_AUTO_TEST_SUITE_END()
std::string HexStr(const Span< const uint8_t > s)
Convert a span of bytes to a lower-case hexadecimal string.
bool SignatureHashSchnorr(uint256 &hash_out, ScriptExecutionData &execdata, const T &tx_to, uint32_t in_pos, uint8_t hash_type, SigVersion sigversion, const PrecomputedTransactionData &cache, MissingDataBehavior mdb)
int FindAndDelete(CScript &script, const CScript &b)
uint256 ComputeTapleafHash(uint8_t leaf_version, Span< const unsigned char > script)
Compute the BIP341 tapleaf hash from leaf version & script.
uint256 SignatureHash(const CScript &scriptCode, const T &txTo, unsigned int nIn, int nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
uint256 ComputeTapbranchHash(Span< const unsigned char > a, Span< const unsigned char > b)
Compute the BIP341 tapbranch hash from two branches.
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror)
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
const HashWriter HASHER_TAPSIGHASH
Hasher with tag "TapSighash" pre-fed to it.
@ TAPROOT
Witness v1 with 32-byte program, not BIP16 P2SH-wrapped, key path spending; see BIP 341.
@ BASE
Bare scripts and BIP16 P2SH-wrapped redeemscripts.
@ WITNESS_V0
Witness v0 (P2WPKH and P2WSH); see BIP 141.
GenericTransactionSignatureChecker< CMutableTransaction > MutableTransactionSignatureChecker
@ SCRIPT_VERIFY_NULLDUMMY
@ SCRIPT_VERIFY_SIGPUSHONLY
@ SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY
@ SCRIPT_VERIFY_WITNESS_PUBKEYTYPE
@ SCRIPT_VERIFY_STRICTENC
@ SCRIPT_VERIFY_CLEANSTACK
@ SCRIPT_VERIFY_MINIMALDATA
@ SCRIPT_VERIFY_CHECKSEQUENCEVERIFY
@ SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
@ SIGHASH_DEFAULT
Taproot only; implied when sighash byte is missing, and equivalent to SIGHASH_ALL.
@ ASSERT_FAIL
Abort execution through assertion failure (for consensus code)
@ FAIL
Just act as if the signature was invalid.
UniValue read_json(const std::string &jsondata)
CKey GenerateRandomKey(bool compressed) noexcept
static bool exists(const path &p)
FILE * fopen(const fs::path &p, const char *mode)
static const std::string bip341_wallet_vectors
static const std::string script_tests
std::pair< opcodetype, std::vector< unsigned char > > Opcode
#define BOOST_CHECK_EQUAL(v1, v2)
#define BOOST_CHECK(expr)
static constexpr TransactionSerParams TX_NO_WITNESS
static constexpr TransactionSerParams TX_WITH_WITNESS
static CTransactionRef MakeTransactionRef(Tx &&txIn)
std::shared_ptr< const CTransaction > CTransactionRef
static const unsigned int MAX_SCRIPT_ELEMENT_SIZE
opcodetype
Script opcodes.
std::vector< unsigned char > ToByteVector(const T &in)
std::string ScriptErrorString(const ScriptError serror)
enum ScriptError_t ScriptError
@ SCRIPT_ERR_OP_CODESEPARATOR
@ SCRIPT_ERR_SIG_PUSHONLY
@ SCRIPT_ERR_NUMEQUALVERIFY
@ SCRIPT_ERR_DISABLED_OPCODE
@ SCRIPT_ERR_INVALID_ALTSTACK_OPERATION
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM
@ SCRIPT_ERR_UNKNOWN_ERROR
@ SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH
@ SCRIPT_ERR_SIG_HASHTYPE
@ SCRIPT_ERR_CHECKSIGVERIFY
@ SCRIPT_ERR_WITNESS_MALLEATED_P2SH
@ SCRIPT_ERR_WITNESS_MALLEATED
@ SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS
@ SCRIPT_ERR_INVALID_STACK_OPERATION
@ SCRIPT_ERR_WITNESS_UNEXPECTED
@ SCRIPT_ERR_NEGATIVE_LOCKTIME
@ SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH
@ SCRIPT_ERR_SIG_NULLFAIL
@ SCRIPT_ERR_SIG_NULLDUMMY
@ SCRIPT_ERR_CHECKMULTISIGVERIFY
@ SCRIPT_ERR_UNSATISFIED_LOCKTIME
@ SCRIPT_ERR_WITNESS_PUBKEYTYPE
@ SCRIPT_ERR_SIG_FINDANDDELETE
@ SCRIPT_ERR_PUBKEY_COUNT
@ SCRIPT_ERR_WITNESS_PROGRAM_WITNESS_EMPTY
@ SCRIPT_ERR_UNBALANCED_CONDITIONAL
static std::string FormatScriptError(ScriptError_t err)
static void NegateSignatureS(std::vector< unsigned char > &vchSig)
static ScriptError_t ParseScriptError(const std::string &name)
static CScript ScriptFromHex(const std::string &str)
SignatureData CombineSignatures(const CTxOut &txout, const CMutableTransaction &tx, const SignatureData &scriptSig1, const SignatureData &scriptSig2)
static ScriptErrorDesc script_errors[]
static CMutableTransaction TxFromHex(const std::string &str)
void DoTest(const CScript &scriptPubKey, const CScript &scriptSig, const CScriptWitness &scriptWitness, uint32_t flags, const std::string &message, int scriptError, CAmount nValue=0)
static CScript sign_multisig(const CScript &scriptPubKey, const std::vector< CKey > &keys, const CTransaction &transaction)
unsigned int ParseScriptFlags(std::string strFlags)
static std::vector< unsigned int > AllConsensusFlags()
BOOST_AUTO_TEST_CASE(script_build)
std::string FormatScriptFlags(unsigned int flags)
static const unsigned int gFlags
static std::vector< CTxOut > TxOutsFromJSON(const UniValue &univalue)
static void AssetTest(const UniValue &test, SignatureCache &signature_cache)
static CScriptWitness ScriptWitnessFromJSON(const UniValue &univalue)
static const std::vector< unsigned int > ALL_CONSENSUS_FLAGS
Precomputed list of all valid combinations of consensus-relevant script validation flags.
static constexpr size_t DEFAULT_SIGNATURE_CACHE_BYTES
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &fromPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
static bool GetPubKey(const SigningProvider &provider, const SignatureData &sigdata, const CKeyID &address, CPubKey &pubkey)
SignatureData DataFromTransaction(const CMutableTransaction &tx, unsigned int nIn, const CTxOut &txout)
Extract signature data from a transaction input, and insert it.
bool SignSignature(const SigningProvider &provider, const CScript &fromPubKey, CMutableTransaction &txTo, unsigned int nIn, const CAmount &amount, int nHashType, SignatureData &sig_data)
Produce a satisfying script (scriptSig or witness).
std::pair< CPubKey, std::vector< unsigned char > > SigPair
const SigningProvider & DUMMY_SIGNING_PROVIDER
CScript GetScriptForMultisig(int nRequired, const std::vector< CPubKey > &keys)
Generate a multisig script.
Span(T *, EndOrSize) -> Span< T >
std::vector< Byte > ParseHex(std::string_view hex_str)
Like TryParseHex, but returns an empty vector on invalid input.
A mutable version of CTransaction.
std::vector< CTxOut > vout
Txid GetHash() const
Compute the hash of this CMutableTransaction.
std::vector< std::vector< unsigned char > > stack
std::map< CKeyID, CKey > keys
A type to represent integers in the type system.
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
uint256 m_sequences_single_hash
bool m_bip341_taproot_ready
Whether the 5 fields above are initialized.
uint256 m_prevouts_single_hash
uint256 m_spent_amounts_single_hash
uint256 m_spent_scripts_single_hash
uint256 m_outputs_single_hash
bool m_annex_present
Whether an annex is present.
bool m_annex_init
Whether m_annex_present and (when needed) m_annex_hash are initialized.
void MergeSignatureData(SignatureData sigdata)
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
TaprootSpendData tr_spenddata
Taproot spending data.
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
static uint64_t InsecureRandBits(int bits)
CMutableTransaction BuildSpendingTransaction(const CScript &scriptSig, const CScriptWitness &scriptWitness, const CTransaction &txCredit)
CMutableTransaction BuildCreditingTransaction(const CScript &scriptPubKey, int nValue)
1.12.0