| blob | a85c3710a3dfede9c4e9e2afd3cac1a52989e5a4 |
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Distributed under the MIT/X11 software license, see the accompanying
3 // file license.txt or http://www.opensource.org/licenses/mit-license.php.
7 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType);
23 {
26 // Get rid of extra leading zeros
28 }
31 {
33 {
35 {
36 // Can be negative zero
40 }
41 }
43 }
46 {
47 // Lengthen the shorter one
52 }
56 //
57 // Script is a stack machine (like Forth) that evaluates a predicate
58 // returning a bool indicating valid or not. There are no loops.
59 //
60 #define stacktop(i) (stack.at(stack.size()+(i)))
61 #define altstacktop(i) (altstack.at(altstack.size()+(i)))
63 {
67 }
70 bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, int nHashType)
71 {
72 CAutoBN_CTX pctx;
76 opcodetype opcode;
77 valtype vchPushValue;
85 try
86 {
88 {
91 //
92 // Read instruction
93 //
122 {
123 //
124 // Push value
125 //
143 {
144 // ( -- value)
147 }
151 //
152 // Control
153 //
161 {
162 // <expression> if [statements] [else [statements]] endif
165 {
173 }
175 }
179 {
183 }
187 {
191 }
195 {
196 // (true -- ) or
197 // (false -- false) and return
203 else
205 }
209 {
211 }
215 //
216 // Stack ops
217 //
219 {
224 }
228 {
233 }
237 {
238 // (x1 x2 -- )
243 }
247 {
248 // (x1 x2 -- x1 x2 x1 x2)
255 }
259 {
260 // (x1 x2 x3 -- x1 x2 x3 x1 x2 x3)
269 }
273 {
274 // (x1 x2 x3 x4 -- x1 x2 x3 x4 x1 x2)
281 }
285 {
286 // (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
294 }
298 {
299 // (x1 x2 x3 x4 -- x3 x4 x1 x2)
304 }
308 {
309 // (x - 0 | x x)
315 }
319 {
320 // -- stacksize
323 }
327 {
328 // (x -- )
332 }
336 {
337 // (x -- x x)
342 }
346 {
347 // (x1 x2 -- x2)
351 }
355 {
356 // (x1 x2 -- x1 x2 x1)
361 }
366 {
367 // (xn ... x2 x1 x0 n - xn ... x2 x1 x0 xn)
368 // (xn ... x2 x1 x0 n - ... x2 x1 x0 xn)
379 }
383 {
384 // (x1 x2 x3 -- x2 x3 x1)
385 // x2 x1 x3 after first swap
386 // x2 x3 x1 after second swap
391 }
395 {
396 // (x1 x2 -- x2 x1)
400 }
404 {
405 // (x1 x2 -- x2 x1 x2)
410 }
414 //
415 // Splice ops
416 //
418 {
419 // (x1 x2 -- out)
428 }
432 {
433 // (in begin size -- out)
449 }
454 {
455 // (in size -- out)
466 else
469 }
473 {
474 // (in -- in size)
479 }
483 //
484 // Bitwise logic
485 //
487 {
488 // (in - out)
494 }
500 {
501 // (x1 x2 - out)
508 {
511 }
513 {
516 }
518 {
521 }
523 }
528 //case OP_NOTEQUAL: // use OP_NUMNOTEQUAL
529 {
530 // (x1 x2 - bool)
536 // OP_NOTEQUAL is disabled because it would be too easy to say
537 // something like n != 1 and have some wiseguy pass in 1 with extra
538 // zero bytes after it (numerically, 0x01 == 0x0001 == 0x000001)
539 //if (opcode == OP_NOTEQUAL)
540 // fEqual = !fEqual;
545 {
548 else
550 }
551 }
555 //
556 // Numeric
557 //
566 {
567 // (in -- out)
572 {
581 }
584 }
605 {
606 // (x1 x2 -- out)
611 CBigNum bn;
613 {
660 }
666 {
669 else
671 }
672 }
676 {
677 // (x min max -- out)
688 }
692 //
693 // Crypto
694 //
700 {
701 // (in -- hash)
705 valtype vchHash((opcode == OP_RIPEMD160 || opcode == OP_SHA1 || opcode == OP_HASH160) ? 20 : 32);
713 {
716 }
718 {
721 }
724 }
728 {
729 // Hash starts after the code separator
731 }
736 {
737 // (sig pubkey -- bool)
744 ////// debug print
745 //PrintHex(vchSig.begin(), vchSig.end(), "sig: %s\n");
746 //PrintHex(vchPubKey.begin(), vchPubKey.end(), "pubkey: %s\n");
748 // Subset of script starting at the most recent codeseparator
751 // Drop the signature, since there's no way for a signature to sign itself
760 {
763 else
765 }
766 }
771 {
772 // ([sig ...] num_of_signatures [pubkey ...] num_of_pubkeys -- bool)
797 // Subset of script starting at the most recent codeseparator
800 // Drop the signatures, since there's no way for a signature to sign itself
802 {
805 }
809 {
813 // Check signature
815 {
816 isig++;
817 nSigsCount--;
818 }
819 ikey++;
820 nKeysCount--;
822 // If there are more signatures left than keys left,
823 // then too many signatures have failed
826 }
833 {
836 else
838 }
839 }
844 }
846 // Size limits
849 }
850 }
852 {
854 }
861 }
871 uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType)
872 {
874 {
877 }
880 // In case concatenating two scripts ends up with two codeseparators,
881 // or an extra one at the end, this prevents all those possible incompatibilities.
884 // Blank out other inputs' signatures
889 // Blank out some of the outputs
891 {
892 // Wildcard payee
895 // Let the others update at will
899 }
901 {
902 // Only lockin the txout payee at same index as txin
905 {
908 }
913 // Let the others update at will
917 }
919 // Blank out other inputs completely, not recommended for open transactions
921 {
924 }
926 // Serialize and hash
931 }
934 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode,
936 {
937 CKey key;
941 // Hash type is one byte tacked on to the end of the signature
951 }
963 {
964 // Templates
967 {
968 // Standard tx, sender provides pubkey, receiver adds signature
971 // Bitcoin address tx, sender provides hash of pubkey, receiver provides signature and pubkey
972 vTemplates.push_back(CScript() << OP_DUP << OP_HASH160 << OP_PUBKEYHASH << OP_EQUALVERIFY << OP_CHECKSIG);
973 }
975 // Scan templates
978 {
983 // Compare
986 loop
987 {
989 {
990 // Found a match
993 }
999 {
1003 }
1005 {
1009 }
1011 {
1013 }
1014 }
1015 }
1019 }
1023 {
1030 // Compile solution
1032 {
1034 {
1036 {
1037 // Sign
1042 {
1048 }
1049 }
1051 {
1052 // Sign and give pubkey
1060 {
1066 }
1067 }
1068 else
1069 {
1071 }
1072 }
1073 }
1076 }
1080 {
1083 }
1087 {
1088 CScript scriptSig;
1090 }
1093 bool ExtractPubKey(const CScript& scriptPubKey, bool fMineOnly, vector<unsigned char>& vchPubKeyRet)
1094 {
1102 {
1104 {
1105 valtype vchPubKey;
1107 {
1109 }
1111 {
1116 }
1118 {
1121 }
1122 }
1123 }
1125 }
1129 {
1137 {
1139 {
1142 }
1143 }
1145 }
1148 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, int nHashType)
1149 {
1158 }
1161 bool SignSignature(const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType, CScript scriptPrereq)
1162 {
1168 // Leave out the signature from the hash, since a signature can't sign itself.
1169 // The checksig op will also drop the signatures from its hash.
1177 // Test solution
1183 }
1186 bool VerifySignature(const CTransaction& txFrom, const CTransaction& txTo, unsigned int nIn, int nHashType)
1187 {
1200 // Anytime a signature is successfully verified, it's proof the outpoint is spent,
1201 // so lets update the wallet spent flag if it doesn't know due to wallet.dat being
1202 // restored from backup or the user making copies of wallet.dat.
1206 }