Commit Graph

29 Commits

Author SHA1 Message Date
Dave Collins
ee5b56ba72
txscript: Implement CheckSequenceVerify
This modifies the script engine to replace OP_NOP3 with
OP_CHECKSEQUENCEVERIFY and adds a flag to selectively enable its
enforcement.

The new opcode examines the top item on the stack and compares it
against the sequence number of the associated transaction input in order
to allow scripts to conditionally enforce the inclusion of relative time
locks to the transaction.

The following is an overview of the changes:

- Introduce a new flag named ScriptVerifyCheckSequenceVerify to
  provide conditional enforcement of the new opcode
- Introduce a constant named OP_CHECKSEQUENCEVERIFY which has the same
  value as OP_NOP3 since it is replacing it
  - Update opcode to name mappings accordingly
- Abstract the logic that deals with time lock verification since it is
  the same for both the new opcode and OP_CHECKLOCKTIMEVERIFY
- Implement the required opcode semantics
- Add tests to ensure the opcode works as expected including when used
  both correctly and incorrectly
2017-09-21 15:58:48 -05:00
Dave Collins
bd78208c37
txscript: Revert upstream CSV merge.
This reverts the changes related to the CheckSequenceVerify opcode that
were merged from upstream since additional changes are needed and it's
much cleaner to implement all of code related to the sequence locks in
the same PR which will be referenced by the DCP as opposed to being
split up in multiple.
2017-09-21 11:17:58 -05:00
Dave Collins
11ae59977a
txscript: Introduce OP_SHA256.
This modifies the script engine to replace OP_UNKNOWN192 with OP_SHA256
along with a flag named ScriptVerifySHA256 to selectively enable its
enforcement.

The new opcode consumes the top item from the data stack, computes its
SHA-256, and pushes the resulting digest back to the data stack.

Since it requires an item on the data stack, execution will terminate
with an error when the stack is empty.  This behavior differs from
OP_UNKNOWN192 which does not consume any elements from the data stack
and therefore makes this is hard-forking change when interpreted with
the new semantics due to the ScriptVerifySHA256 flag being set.  Code to
selectively enable the opcode based on the result of an agenda vote will
be added in a separate commit.

This also includes tests to ensure the opcode works as expected
including when used both correctly and incorrectly.
2017-09-14 11:33:48 -05:00
Dave Collins
7c3ff8279e
txscript: Rename OP_SHA256 to OP_BLAKE256.
Decred updated the semantics of this opcode to use blake256, but did not
rename the opcode to reflect that.  This renames the opcode so that it
is clear that a blake256 hash is produced instead of a sha256 hash.
2017-09-08 12:40:39 -05:00
Dave Collins
c47ee87673
txscript: Implement CheckSequenceVerify
Upstream commit a6bf1d9850.

The merge commit modifies all of the encoded transactions in the test
data to use Decred native format and contains some other minor
modifications necessary to integrate with Decred.
2017-08-28 12:23:34 -05:00
Dave Collins
fdb25c2f43
txscript: Use native encoding in json test data.
This modifies the valid and invalid JSON transaction test data to use
natively-encoded transactions instead of the legacy Bitcoin format.
2017-08-03 23:43:37 -05:00
Dave Collins
5baa16baa3
txscript: Update signatures in json test data.
This modifies the signatures of all the transactions in the invalid
transaction data which involve checking signatures to ensure that they
are not failing for the wrong reason.

In order to make it easier for future updates, it introduces three
well-known private keys, 1, 2, and 3, that are used for signing all of
the transactions and adds them to the comments in the test data.  The
first one is used for regular CHECKSIG while all three are used for
CHECKMULTISIG.
2017-08-03 23:43:00 -05:00
Dave Collins
3a243c6bc1
txscript: Remove max money from json test data.
This removes the tests related to max money checks since txscript does
not do sanity checking on the monetary amounts as that is done by the
consensus rules in blockchain.

While here, update dcrscript -> txscript in the comments to reflect
reality.

As an aside, the existing tests were invalid anyways since the
signatures were invalid and thus the tests were failing for the wrong
reason.
2017-08-03 22:31:22 -05:00
Dave Collins
6a0c530a46
txscript: Remove multisigdummy from json test data.
This removes the test for the original Bitcoin bug in CHECKMULTISIG that
required an additional argument since that has been fixed in Decred and
the test therefore no longer applies.

As an aside, the existing test was invalid anyways since the signature
was invalid and thus the test would've failed for the wrong reason.
2017-08-03 20:30:09 -05:00
Dave Collins
4acee5b61a
txscript: Replace CODESEPARATOR json test data.
This replaces the tests for CODESEPARATOR in the invalid transaction
JSON data to be correct for Decred.  It is always invalid to pass over
the CODESEPARATOR opcode in Decred as opposed to the Bitcoin behavior
where it changes what is hashed for the signature hash calculation.

As an aside, the previous tests were invalid anyways since they included
a signature that was invalid so the test would've failed for the wrong
reason.  For all of these tests it's important for them to pass other
than the specific failure condition they are intended to trigger.
2017-08-03 16:39:29 -05:00
Dave Collins
c11117aa77
txscript: Correct p2sh hashes in json test data.
This corrects the hashes for the p2sh scripts in the invalid transaction
JSON data.  This helps ensure the transactions are failing for the
intended reason as opposed to the p2sh script never being run because
the script hashes don't match.
2017-08-03 11:21:09 -05:00
David Hill
a6bf1d9850 txscript: Implement CheckSequenceVerify (BIP0112) 2016-10-19 12:06:44 -04:00
Dave Collins
fe65e81af0 Apply various upstream comment fixes.
Contains the following upstream commits:
- 87182a2ddf
  - This commit does not apply to Decred so it has been reverted
- 89af747603
  - This commit has already been cherry picked and is a NOOP
- d0cdd53720
  - This commit has already been cherry picked and is a NOOP
- df20c1074c
- ff0c787237
- 6e133b58da
- 34a94b7d0b
- 14ccab80e7
2016-05-27 00:35:06 -05:00
John C. Vernaleo
5076a00512 Initial Decred Commit.
Includes work by cjepson, ay-p, jolan, and jcv.

Initial conceptual framework by tacotime.
2016-02-07 14:00:12 -05:00
David Hill
34a94b7d0b txscript: sync Bitcoin Core script tests 2015-12-30 09:38:16 -05:00
Rune T. Aune
b691a222d5 Add signature hash calculation tests from Bitcoin Core.
500 tests with various transactions and scripts, verifying that
calcSignatureHash generates the expected hash in each case.

This requires changing SigHashType to uint32; that won't affect the
standard use-cases, but will make calcSignatureHash behave more like the
Core counterpart for non-standard SigHashType settings, like those in
some of these tests.
2015-11-15 16:39:00 -05:00
David Hill
2e6e896aa6 txscript: Sync Bitcoin Core tests. 2015-10-22 16:10:29 -04:00
David Hill
4c3ad4987b txscript: Implement CheckLockTimeVerify (BIP0065)
See https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki for
more information.

This commit mimics Bitcoin Core commit bc60b2b4b401f0adff5b8b9678903ff8feb5867b
and includes additional tests from Bitcoin Core commit
cb54d17355864fa08826d6511a0d7692b21ef2c9
2015-10-14 13:19:49 -04:00
Dave Collins
edc0d15882 txscript: Consensus audit.
This commit contains fixes from the results of a thorough audit of
txscript to find any cases of script evaluation which doesn't match the
required consensus behavior.  These conditions are fairly obscure and
highly unlikely to happen in any real scripts, but they could have
nevertheless been used by a clever attacker with malicious intent to
cause a fork.

Test cases which exercise these conditions have been added to the
reference tests and will contributed upstream to improve the quality for
the entire ecosystem.
2015-05-06 09:41:50 -05:00
Dave Collins
f284b9b394 txscript: Match Bitcoin Core OP_IFDUP behavior.
Unlike OP_IF and OP_NOTIF which interpret the top stack item as a
number, OP_IFDUP interprets it as a boolean.  This has important
consequences because numbers are imited to int32s while booleans can be
an arbitrary number of bytes.

The offending script was found and reported by Jonas Nick through the
use of fuzzing.
2015-05-05 15:06:20 -05:00
Dave Collins
8ef68dcc6e txscript: Cleanup and improve opcode tests.
- Remove all redundant opcode tests in favor of the JSON-based tests
  in the data directory.
- Remove duplicate stack nip test
- Add new tests to data/script_invalid.json to exercise additional
  negative error paths
- Remove old unneeded pubkey trace code from opcodeCheckSig
- Simplify and improve the disassembly print function
- Add new tests to directly test all individual opcode disassembly
- Add new tests to directly test opcode disabled function which does not
  get invoked during ordinary execution
- Improve test coverage of opcode.go
2015-04-28 03:19:00 -05:00
David Hill
abe74f1d4e txscript: sync Bitcoin Core tests.
From Bitcoin Core commit 437ada3e55df8ae6f801cb2aa2e79ec5bb5f1971
2015-04-09 12:24:12 -04:00
David Hill
369b352452 txscript: Add new flag ScriptVerifyLowS
The ScriptVerifyLowS flag defines that script signatures must
comply with the DER format as well as have an S value less than
or equal to the half order.
2015-03-14 13:40:03 -04:00
David Hill
9523345814 txscript: Add new flag ScriptVerifyCleanStack
The ScriptVerifyCleanStack flag requires that only a single
stack element remains after evaluation and that when interpreted
as a bool, it must be true.  This is BIP0062, rule 6.

This mimics Bitcoin Core commit b6e03cc59208305681745ad06f2056ffe6690597
2015-03-13 15:54:17 -04:00
David Hill
b3342510b7 txscript: sync Bitcoin Core tests. 2015-02-25 12:44:15 -05:00
David Hill
5a4312d9ca txscript: Add new flag ScriptVerifyMinimalData
The ScriptVerifyMinimalData enforces that all push operations use the
minimal data push required.  This is part of BIP0062.

This commit mimics Bitcoin Core commit
698c6abb25c1fbbc7fa4ba46b60e9f17d97332ef
2015-02-24 18:06:20 -05:00
David Hill
761381066d txscript: Add new verification flags.
This commit adds two new verification flags to txscript named
ScriptVerifyStrictEncoding and ScriptVerifyDerSignatures.

The ScriptVerifyStrictEncoding flag enforces signature scripts
and public keys to follow the strict encoding requirements.

The ScriptVerifyDerSignatures flag enforces signature scripts
to follow the strict encoding requirements.

These flags mimic Bitcoin Core's SCRIPT_VERIFY_STRICTENC and
SCRIPT_VERIFY_DERSIG flags and brings the Bitcoin Core test scripts up
to date.
2015-02-12 12:27:44 -05:00
Dave Collins
a8a26aabb6 txscript: Correct OP_CHECKMULTSIG handling.
This commit corrects a case in the OP_CHECKMULTISIG handling where it was
possible to improperly validate a transaction that had a combination of
valid and malformed signatures.

It also adds a new test to ensure this case is properly handled and nukes
a superfluous comment.

Fixes #293.
2015-02-10 05:07:15 -06:00
Dave Collins
cbda064842 Import btcscript repo into txscript directory.
This commit contains the entire btcscript repository along with several
changes needed to move all of the files into the txscript directory in
order to prepare it for merging.  This does NOT update btcd or any of the
other packages to use the new location as that will be done separately.

- All import paths in the old btcscript test files have been changed to the
  new location
- All references to btcscript as the package name have been chagned to
  txscript

This is ongoing work toward #214.
2015-01-30 10:30:16 -06:00