phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-04-29 14:59:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

consensus: Add OP_CHECKCONTRACTVERIFY

Browse source
This commit is contained in:
Salvatore Ingala 2025-03-03 01:46:29 +01:00
parent 2c1deefedc
commit 77c8c9ebb8
No known key found for this signature in database
GPG key ID: 74060FF81B33E4F8
12 changed files with 288 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
src/pubkey.cpp
View file

@ -273,6 +273,40 @@ std::optional<std::pair<XOnlyPubKey, bool>> XOnlyPubKey::CreateTapTweak(const ui
return ret;
}
bool XOnlyPubKey::CheckDoubleTweak(const XOnlyPubKey& naked_key, const std::vector<unsigned char>& data, const uint256* merkle_root) const
{
int parity;
secp256k1_xonly_pubkey internal_xonly;
if (data.empty()) {
// No data tweak; the internal key is the naked key
if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &internal_xonly, naked_key.data())) return false;
} else {
// Compute the sha256 of naked_key || data
uint256 data_tweak = (HashWriter{} << naked_key << MakeUCharSpan(data)).GetSHA256();
secp256k1_xonly_pubkey naked_key_parsed;
if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &naked_key_parsed, naked_key.data())) return false;
secp256k1_pubkey internal;
if (!secp256k1_xonly_pubkey_tweak_add(secp256k1_context_static, &internal, &naked_key_parsed, data_tweak.data())) return false;
if (!secp256k1_xonly_pubkey_from_pubkey(secp256k1_context_static, &internal_xonly, &parity, &internal)) return false;
}
secp256k1_xonly_pubkey expected_xonly;
if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &expected_xonly, m_keydata.data())) return false;
if (merkle_root != nullptr) {
// Compute the taptweak based on merkle_root
unsigned char pubkey_bytes[32];
secp256k1_xonly_pubkey_serialize(secp256k1_context_static, pubkey_bytes, &internal_xonly);
XOnlyPubKey internal_key = XOnlyPubKey(pubkey_bytes);
uint256 tweak = internal_key.ComputeTapTweakHash(merkle_root);
secp256k1_pubkey result;
if (!secp256k1_xonly_pubkey_tweak_add(secp256k1_context_static, &result, &internal_xonly, tweak.begin())) return false;
secp256k1_xonly_pubkey result_xonly;
if (!secp256k1_xonly_pubkey_from_pubkey(secp256k1_context_static, &result_xonly, &parity, &result)) return false;
return secp256k1_xonly_pubkey_cmp(secp256k1_context_static, &result_xonly, &expected_xonly) == 0;
} else {
// If merkle_root is nullptr, compare internal_xonly with expected_xonly
return secp256k1_xonly_pubkey_cmp(secp256k1_context_static, &internal_xonly, &expected_xonly) == 0;
}
}
bool CPubKey::Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) const {
if (!IsValid())

6
src/pubkey.h
View file

@ -282,6 +282,12 @@ public:
/** Construct a Taproot tweaked output point with this point as internal key. */
std::optional<std::pair<XOnlyPubKey, bool>> CreateTapTweak(const uint256* merkle_root) const;
/** Verify that this key is obtained from the x-only pubkey `naked` after applying in sequence:
* - the tweak with `data` (this tweak is skipped if `data` is empty);
* - the taptweak with `merkle_root` (unless it's null).
*/
bool CheckDoubleTweak(const XOnlyPubKey& naked_key, const std::vector<unsigned char>& data, const uint256* merkle_root) const;
/** Returns a list of CKeyIDs for the CPubKeys that could have been used to create this XOnlyPubKey.
* This is needed for key lookups since keys are indexed by CKeyID.
*/

179
src/script/interpreter.cpp
View file

@ -14,6 +14,15 @@
typedef std::vector<unsigned char> valtype;
//! Flag to mark an OP_CHECKCONTRACVERIFY as referring to an input.
const int CCV_MODE_CHECK_INPUT = -1;
//! Flag to specify that an OP_CHECKCONTRACVERIFY which refers to an output, with the default amount logic.
const int CCV_MODE_CHECK_OUTPUT = 0;
//! Flag to specify that an OP_CHECKCONTRACVERIFY which refers to an output does not check the output amount.
const int CCV_MODE_CHECK_OUTPUT_IGNORE_AMOUNT = 1;
//! Flag to specify that an OP_CHECKCONTRACVERIFY referring to an output deducts the amount of its output from the current input amount for future calls.
const int CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT = 2;
namespace {
inline bool set_success(ScriptError* ret)
@ -1101,6 +1110,51 @@ bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript&
}
break;
case OP_CHECKCONTRACTVERIFY:
{
// OP_CHECKCONTRACTVERIFY is only available in Tapscript
if (sigversion == SigVersion::BASE || sigversion == SigVersion::WITNESS_V0) return set_error(serror, SCRIPT_ERR_BAD_OPCODE);
// we expect at least the flag to be on the stack
if (stack.empty())
return set_error(serror, SCRIPT_ERR_INVALID_STACK_OPERATION);
// initially, read only a single parameter at the top of stack
int flags = CScriptNum(stacktop(-1), fRequireMinimal).getint();
if (flags < -1 || flags > CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT) {
// undefined values of the flags; keep OP_SUCCESS behavior
// in order to enable future upgrades via soft-fork
stack = { {1} };
return set_success(serror);
}
// all currently defined versions require exactly 5 stack elements
// (data index pk taptree flags -- )
if (stack.size() < 5)
return set_error(serror, SCRIPT_ERR_INVALID_STACK_OPERATION);
valtype& data = stacktop(-5);
int index = CScriptNum(stacktop(-4), fRequireMinimal).getint();
valtype& pk = stacktop(-3);
valtype& taptree = stacktop(-2);
if (!pk.empty() && pk != std::vector<unsigned char>{0x81} && pk.size() != 32) {
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
}
if (!checker.CheckContract(flags, index, pk, data, taptree, execdata, serror, tx_exec_data)) {
return false; // serror is set
}
popstack(stack);
popstack(stack);
popstack(stack);
popstack(stack);
popstack(stack);
}
break;
case OP_CHECKMULTISIG:
case OP_CHECKMULTISIGVERIFY:
{
@ -1781,6 +1835,116 @@ bool GenericTransactionSignatureChecker<T>::CheckSequence(const CScriptNum& nSeq
return true;
}
template <class T>
bool GenericTransactionSignatureChecker<T>::CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const
{
assert(ScriptExecutionData.m_internal_key.has_value());
assert(ScriptExecutionData.m_taproot_merkle_root.has_value());
assert(tx_exec_data != nullptr);
if (!(txdata->m_bip341_taproot_ready && txdata->m_spent_outputs_ready)) {
return HandleMissingData(m_mdb);
}
bool use_current_taptree = taptree.size() == 1 && taptree.data()[0] == 0x81;
bool use_current_pubkey = pubkey.size() == 1 && pubkey.data()[0] == 0x81;
uint256 merkle_tree;
const uint256 *merkle_tree_ptr = nullptr;
if (taptree.empty()) {
// no taptweak, leave nullptr
} else if (use_current_taptree) {
merkle_tree_ptr = &ScriptExecutionData.m_taproot_merkle_root.value();
} else if (taptree.size() == 32) {
merkle_tree = uint256(taptree);
merkle_tree_ptr = &merkle_tree;
} else {
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
}
XOnlyPubKey initialXOnlyKey;
if (use_current_pubkey) {
initialXOnlyKey = ScriptExecutionData.m_internal_key.value();
} else if (pubkey.empty()) {
initialXOnlyKey = XOnlyPubKey::NUMS_H;
} else {
initialXOnlyKey = XOnlyPubKey{std::span<const unsigned char>{pubkey.data(), pubkey.data() + 32}};
}
if (index == -1) {
index = nIn;
}
auto indexLimit = (mode == CCV_MODE_CHECK_INPUT ? txTo->vin.size() : txTo->vout.size());
if (index < 0 || index >= static_cast<int>(indexLimit)) {
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS);
}
CScript scriptPubKey = (mode == CCV_MODE_CHECK_INPUT) ? txdata->m_spent_outputs[index].scriptPubKey : txTo->vout.at(index).scriptPubKey;
if (scriptPubKey.size() != 1 + 1 + 32 || scriptPubKey[0] != OP_1 || scriptPubKey[1] != 32) {
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS);
}
const XOnlyPubKey finalXOnlyKey{std::span<const unsigned char>{scriptPubKey.data() + 2, scriptPubKey.data() + 34}};
if (!finalXOnlyKey.CheckDoubleTweak(initialXOnlyKey, data, merkle_tree_ptr)) {
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH);
}
if (!ScriptExecutionData.m_ccv_amount_init) {
ScriptExecutionData.m_ccv_amount = amount;
ScriptExecutionData.m_ccv_amount_init = true;
}
{
LOCK(tx_exec_data->m_mutex);
if (tx_exec_data->m_error.has_value()) {
// an error related to tx_exec_data already occurred while validating the transaction
return set_error(serror, tx_exec_data->m_error.value());
}
switch (mode) {
case CCV_MODE_CHECK_OUTPUT:
if (tx_exec_data->m_ccv_output_checked_deduct[index]) {
tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
}
tx_exec_data->m_ccv_output_checked_default[index] = true;
tx_exec_data->m_ccv_output_min_amount[index] += ScriptExecutionData.m_ccv_amount;
ScriptExecutionData.m_ccv_amount = 0;
if (txTo->vout[index].nValue < tx_exec_data->m_ccv_output_min_amount[index]) {
tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
}
break;
case CCV_MODE_CHECK_OUTPUT_IGNORE_AMOUNT:
// amount checking is disabled
break;
case CCV_MODE_CHECK_OUTPUT_DEDUCT_AMOUNT:
if (tx_exec_data->m_ccv_output_checked_default[index] || tx_exec_data->m_ccv_output_checked_deduct[index]) {
tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
}
tx_exec_data->m_ccv_output_checked_deduct[index] = true;
// subtract amount from input
if (txTo->vout[index].nValue > ScriptExecutionData.m_ccv_amount) {
tx_exec_data->m_error = SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT;
return set_error(serror, SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT);
}
ScriptExecutionData.m_ccv_amount -= txTo->vout[index].nValue;
break;
default:
break;
}
}
return true;
}
// explicit instantiation
template class GenericTransactionSignatureChecker<CTransaction>;
template class GenericTransactionSignatureChecker<CMutableTransaction>;
@ -1789,6 +1953,8 @@ static bool ExecuteWitnessScript(const std::span<const valtype>& stack_span, con
{
std::vector<valtype> stack{stack_span.begin(), stack_span.end()};
const bool is_checkcontractverify_active = (flags & SCRIPT_VERIFY_CHECKCONTRACTVERIFY);
if (sigversion == SigVersion::TAPSCRIPT) {
// OP_SUCCESSx processing overrides everything, including stack element size limits
CScript::const_iterator pc = exec_script.begin();
@ -1799,7 +1965,9 @@ static bool ExecuteWitnessScript(const std::span<const valtype>& stack_span, con
return set_error(serror, SCRIPT_ERR_BAD_OPCODE);
}
// New opcodes will be listed here. May use a different sigversion to modify existing opcodes.
if (IsOpSuccess(opcode)) {
if (is_checkcontractverify_active && opcode == OP_CHECKCONTRACTVERIFY) {
continue;
} else if (IsOpSuccess(opcode)) {
if (flags & SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS) {
return set_error(serror, SCRIPT_ERR_DISCOURAGE_OP_SUCCESS);
}
@ -1856,18 +2024,19 @@ uint256 ComputeTaprootMerkleRoot(std::span<const unsigned char> control, const u
return k;
}
static bool VerifyTaprootCommitment(const std::vector<unsigned char>& control, const std::vector<unsigned char>& program, const uint256& tapleaf_hash)
static bool VerifyTaprootCommitment(const std::vector<unsigned char>& control, const std::vector<unsigned char>& program, const uint256& tapleaf_hash, std::optional<XOnlyPubKey>& internal_key, std::optional<uint256>& merkle_root)
{
assert(control.size() >= TAPROOT_CONTROL_BASE_SIZE);
assert(program.size() >= uint256::size());
//! The internal pubkey (x-only, so no Y coordinate parity).
const XOnlyPubKey p{std::span{control}.subspan(1, TAPROOT_CONTROL_BASE_SIZE - 1)};
internal_key = p;
//! The output pubkey (taken from the scriptPubKey).
const XOnlyPubKey q{program};
// Compute the Merkle root from the leaf and the provided path.
const uint256 merkle_root = ComputeTaprootMerkleRoot(control, tapleaf_hash);
merkle_root = ComputeTaprootMerkleRoot(control, tapleaf_hash);
// Verify that the output pubkey matches the tweaked internal pubkey, after correcting for parity.
return q.CheckTapTweak(p, merkle_root, control[0] & 1);
return q.CheckTapTweak(p, merkle_root.value(), control[0] & 1);
}
static bool VerifyWitnessProgram(const CScriptWitness& witness, int witversion, const std::vector<unsigned char>& program, unsigned int flags, const BaseSignatureChecker& checker, ScriptError* serror, bool is_p2sh, TransactionExecutionData* tx_exec_data = nullptr)
@ -1927,7 +2096,7 @@ static bool VerifyWitnessProgram(const CScriptWitness& witness, int witversion,
return set_error(serror, SCRIPT_ERR_TAPROOT_WRONG_CONTROL_SIZE);
}
execdata.m_tapleaf_hash = ComputeTapleafHash(control[0] & TAPROOT_LEAF_MASK, script);
if (!VerifyTaprootCommitment(control, program, execdata.m_tapleaf_hash)) {
if (!VerifyTaprootCommitment(control, program, execdata.m_tapleaf_hash, execdata.m_internal_key, execdata.m_taproot_merkle_root)) {
return set_error(serror, SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH);
}
execdata.m_tapleaf_hash_init = true;

48
src/script/interpreter.h
View file

@ -9,6 +9,7 @@
#include <consensus/amount.h>
#include <hash.h>
#include <primitives/transaction.h>
#include <pubkey.h>
#include <script/script_error.h> // IWYU pragma: export
#include <span.h>
#include <sync.h>
@ -145,6 +146,9 @@ enum : uint32_t {
// Making unknown public key versions (in BIP 342 scripts) non-standard
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = (1U << 20),
// OP_CHECKCONTRACTVERIFY
SCRIPT_VERIFY_CHECKCONTRACTVERIFY = (1U << 21),
// Constants to point to the highest flag in use. Add new flags above this line.
//
SCRIPT_VERIFY_END_MARKER
@ -203,6 +207,10 @@ struct ScriptExecutionData
bool m_tapleaf_hash_init = false;
//! The tapleaf hash.
uint256 m_tapleaf_hash;
//! The taproot internal key.
std::optional<XOnlyPubKey> m_internal_key = std::nullopt;
//! The merkle root of the taproot tree.
std::optional<uint256> m_taproot_merkle_root = std::nullopt;
//! Whether m_codeseparator_pos is initialized.
bool m_codeseparator_pos_init = false;
@ -223,22 +231,46 @@ struct ScriptExecutionData
//! The hash of the corresponding output
std::optional<uint256> m_output_hash;
//! Whether m_ccv_amount is initialized.
bool m_ccv_amount_init = false;
//! Residual amount of the current input according to CHECKCONTRACTVERIFY semantics.
CAmount m_ccv_amount;
};
/** The state of the script interpreter that persists across inputs of a single transaction.
*
* As access happens across different worker threads, it is crucial that access to this struct
* is properly synchronized. Code accessing its members must hold the m_mutex lock. */
* is properly synchronized. Code accessing its members must hold the m_mutex lock.
* Currently only used for OP_CHECKCONTRACTVERIFY. */
struct TransactionExecutionData {
const CTransaction* m_tx;
Mutex m_mutex;
// members related to the validation state of this transaction
// that need to persist across inputs will be added here,
// protected by m_mutex.
// If an error occurs during the evaluation of a condition related to the access to this
// struct, it must be stored here.
// The caller _must_ check if this field has value immediately after acquiring the lock,
// and return the corresponding script error if it does.
// This makes sure that the checks are idempotent if repeated with the same instance
// of TransactionExecutionData. This is necessary because the checks might mutate the
// state of the struct, and the check might be repeated multiple times.
std::optional<ScriptError> m_error GUARDED_BY(m_mutex) = std::nullopt;
// For each output, the minimum amount of that output in order for the transaction
// to be considered valid. Accumulated during the evaluation of OP_CHECKCONTRACTVERIFY
// with the 'default' semantics.
std::vector<CAmount> m_ccv_output_min_amount GUARDED_BY(m_mutex);
// Set to true if this output has been checked with OP_CHECKCONTRACTVERIFY
// with the 'default' semantics.
std::vector<bool> m_ccv_output_checked_default GUARDED_BY(m_mutex);
// Set to true if this output has been checked with OP_CHECKCONTRACTVERIFY
// with the 'deduct' semantics.
std::vector<bool> m_ccv_output_checked_deduct GUARDED_BY(m_mutex);
TransactionExecutionData(const CTransaction* tx)
: m_tx(tx)
: m_ccv_output_min_amount(tx ? tx->vout.size() : 0, 0),
m_ccv_output_checked_default(tx ? tx->vout.size() : 0, false),
m_ccv_output_checked_deduct(tx ? tx->vout.size() : 0, false)
{
assert(tx != nullptr); // Ensure the transaction pointer is valid
}
@ -310,6 +342,11 @@ public:
return false;
}
virtual bool CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const
{
return false;
}
virtual ~BaseSignatureChecker() = default;
};
@ -346,6 +383,7 @@ public:
bool CheckSchnorrSignature(std::span<const unsigned char> sig, std::span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override;
bool CheckLockTime(const CScriptNum& nLockTime) const override;
bool CheckSequence(const CScriptNum& nSequence) const override;
bool CheckContract(int mode, int index, const std::vector<unsigned char>& pubkey, const std::vector<unsigned char>& data, const std::vector<unsigned char>& taptree, ScriptExecutionData& ScriptExecutionData, ScriptError* serror, TransactionExecutionData* tx_exec_data) const override;
};
using TransactionSignatureChecker = GenericTransactionSignatureChecker<CTransaction>;

4
src/script/script.cpp
View file

@ -149,6 +149,8 @@ std::string GetOpName(opcodetype opcode)
// Opcode added by BIP 342 (Tapscript)
case OP_CHECKSIGADD : return "OP_CHECKSIGADD";
case OP_CHECKCONTRACTVERIFY : return "OP_CHECKCONTRACTVERIFY";
case OP_INVALIDOPCODE : return "OP_INVALIDOPCODE";
default:
@ -360,7 +362,7 @@ bool IsOpSuccess(const opcodetype& opcode)
return opcode == 80 || opcode == 98 || (opcode >= 126 && opcode <= 129) ||
(opcode >= 131 && opcode <= 134) || (opcode >= 137 && opcode <= 138) ||
(opcode >= 141 && opcode <= 142) || (opcode >= 149 && opcode <= 153) ||
(opcode >= 187 && opcode <= 254);
(opcode >= 188 && opcode <= 254);
}
bool CheckMinimalPush(const std::vector<unsigned char>& data, opcodetype opcode) {

2
src/script/script.h
View file

@ -209,6 +209,8 @@ enum opcodetype
// Opcode added by BIP 342 (Tapscript)
OP_CHECKSIGADD = 0xba,
OP_CHECKCONTRACTVERIFY = 0xbb,
OP_INVALIDOPCODE = 0xff,
};

8
src/script/script_error.cpp
View file

@ -111,6 +111,14 @@ std::string ScriptErrorString(const ScriptError serror)
return "OP_CHECKMULTISIG(VERIFY) is not available in tapscript";
case SCRIPT_ERR_TAPSCRIPT_MINIMALIF:
return "OP_IF/NOTIF argument must be minimal in tapscript";
case SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS:
return "Invalid arguments for OP_CHECKCONTRACTVERIFY";
case SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS:
return "Index of input/output out of bounds in OP_CHECKCONTRACTVERIFY";
case SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH:
return "Mismatching contract data or program";
case SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT:
return "Incorrect amount for OP_CHECKCONTRACTVERIFY";
case SCRIPT_ERR_OP_CODESEPARATOR:
return "Using OP_CODESEPARATOR in non-witness script";
case SCRIPT_ERR_SIG_FINDANDDELETE:

6
src/script/script_error.h
View file

@ -78,6 +78,12 @@ typedef enum ScriptError_t
SCRIPT_ERR_TAPSCRIPT_CHECKMULTISIG,
SCRIPT_ERR_TAPSCRIPT_MINIMALIF,
/* CHECKCONTRACTVERIFY */
SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_ARGS,
SCRIPT_ERR_CHECKCONTRACTVERIFY_OUT_OF_BOUNDS,
SCRIPT_ERR_CHECKCONTRACTVERIFY_MISMATCH,
SCRIPT_ERR_CHECKCONTRACTVERIFY_WRONG_AMOUNT,
/* Constant scriptCode */
SCRIPT_ERR_OP_CODESEPARATOR,
SCRIPT_ERR_SIG_FINDANDDELETE,

9
src/test/script_tests.cpp
View file

@ -1579,6 +1579,15 @@ static void AssetTest(const UniValue& test, SignatureCache& signature_cache)
// a subset of test_flags.
if (fin || ((flags & test_flags) == flags)) {
bool ret = VerifyScript(tx.vin[idx].scriptSig, prevouts[idx].scriptPubKey, &tx.vin[idx].scriptWitness, flags, txcheck, nullptr);
// HACK: Skip two failing tests due to 0xbb no longer being an op_success on regtest.
// This is of course just a workaround for the draft PR.
if (test["comment"].get_str().substr(0, 9) == "opsuccess" &&
tx.vin[idx].scriptWitness.stack.size() > 0 &&
(tx.vin[idx].scriptWitness.stack[0] == std::vector<unsigned char>{0xbb} ||
tx.vin[idx].scriptWitness.stack[0] == std::vector<unsigned char>{0x00, 0x63, 0xbb, 0x68})) {
continue;
}
BOOST_CHECK(ret);
}
}

1
src/test/transaction_tests.cpp
View file

@ -70,6 +70,7 @@ static std::map<std::string, unsigned int> mapFlagNames = {
{std::string("DISCOURAGE_UPGRADABLE_PUBKEYTYPE"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE},
{std::string("DISCOURAGE_OP_SUCCESS"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS},
{std::string("DISCOURAGE_UPGRADABLE_TAPROOT_VERSION"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION},
{std::string("CHECKCONTRACTVERIFY"), (unsigned int)SCRIPT_VERIFY_CHECKCONTRACTVERIFY},
};
unsigned int ParseScriptFlags(std::string strFlags)

5
src/validation.cpp
View file

@ -2230,11 +2230,8 @@ bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
// splitting the network between upgraded and
// non-upgraded nodes by banning CONSENSUS-failing
// data providers.
// TODO: Should we make a clone of *tx_exec_data before the first check above, or is it fine
// to pass nullptr?
// We cannot reuse tx_exec_data, as it might be modified
CScriptCheck check2(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i,
flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata, nullptr);
flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata, tx_exec_data);
auto mandatory_result = check2();
if (!mandatory_result.has_value()) {
return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("non-mandatory-script-verify-flag (%s)", ScriptErrorString(result->first)), result->second);

2
test/functional/test_framework/script.py
View file

@ -936,4 +936,4 @@ def taproot_construct(pubkey, scripts=None, treat_internal_as_infinity=False):
return TaprootInfo(CScript([OP_1, tweaked]), pubkey, negated + 0, tweak, leaves, h, tweaked)
def is_op_success(o):
return o == 0x50 or o == 0x62 or o == 0x89 or o == 0x8a or o == 0x8d or o == 0x8e or (o >= 0x7e and o <= 0x81) or (o >= 0x83 and o <= 0x86) or (o >= 0x95 and o <= 0x99) or (o >= 0xbb and o <= 0xfe)
return o == 0x50 or o == 0x62 or o == 0x89 or o == 0x8a or o == 0x8d or o == 0x8e or (o >= 0x7e and o <= 0x81) or (o >= 0x83 and o <= 0x86) or (o >= 0x95 and o <= 0x99) or (o >= 0xbc and o <= 0xfe)