1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Distributed under the MIT/X11 software license, see the accompanying
3 // file license.txt or http://www.opensource.org/licenses/mit-license.php.
7 bool CheckSig(vector
<unsigned char> vchSig
, vector
<unsigned char> vchPubKey
, CScript scriptCode
, const CTransaction
& txTo
, unsigned int nIn
, int nHashType
);
11 typedef vector
<unsigned char> valtype
;
12 static const valtype
vchFalse(0);
13 static const valtype
vchZero(0);
14 static const valtype
vchTrue(1, 1);
15 static const CBigNum
bnZero(0);
16 static const CBigNum
bnOne(1);
17 static const CBigNum
bnFalse(0);
18 static const CBigNum
bnTrue(1);
19 static const size_t nMaxNumSize
= 4;
22 CBigNum
CastToBigNum(const valtype
& vch
)
24 if (vch
.size() > nMaxNumSize
)
25 throw runtime_error("CastToBigNum() : overflow");
26 // Get rid of extra leading zeros
27 return CBigNum(CBigNum(vch
).getvch());
30 bool CastToBool(const valtype
& vch
)
32 for (int i
= 0; i
< vch
.size(); i
++)
36 // Can be negative zero
37 if (i
== vch
.size()-1 && vch
[i
] == 0x80)
45 void MakeSameSize(valtype
& vch1
, valtype
& vch2
)
47 // Lengthen the shorter one
48 if (vch1
.size() < vch2
.size())
49 vch1
.resize(vch2
.size(), 0);
50 if (vch2
.size() < vch1
.size())
51 vch2
.resize(vch1
.size(), 0);
57 // Script is a stack machine (like Forth) that evaluates a predicate
58 // returning a bool indicating valid or not. There are no loops.
60 #define stacktop(i) (stack.at(stack.size()+(i)))
61 #define altstacktop(i) (altstack.at(altstack.size()+(i)))
62 static inline void popstack(vector
<valtype
>& stack
)
65 throw runtime_error("popstack() : stack empty");
70 bool EvalScript(vector
<vector
<unsigned char> >& stack
, const CScript
& script
, const CTransaction
& txTo
, unsigned int nIn
, int nHashType
)
73 CScript::const_iterator pc
= script
.begin();
74 CScript::const_iterator pend
= script
.end();
75 CScript::const_iterator pbegincodehash
= script
.begin();
79 vector
<valtype
> altstack
;
80 if (script
.size() > 10000)
89 bool fExec
= !count(vfExec
.begin(), vfExec
.end(), false);
94 if (!script
.GetOp(pc
, opcode
, vchPushValue
))
96 if (vchPushValue
.size() > 520)
98 if (opcode
> OP_16
&& ++nOpCount
> 201)
101 if (opcode
== OP_CAT
||
102 opcode
== OP_SUBSTR
||
104 opcode
== OP_RIGHT
||
105 opcode
== OP_INVERT
||
114 opcode
== OP_LSHIFT
||
118 if (fExec
&& 0 <= opcode
&& opcode
<= OP_PUSHDATA4
)
119 stack
.push_back(vchPushValue
);
120 else if (fExec
|| (OP_IF
<= opcode
&& opcode
<= OP_ENDIF
))
145 CBigNum
bn((int)opcode
- (int)(OP_1
- 1));
146 stack
.push_back(bn
.getvch());
155 case OP_NOP1
: case OP_NOP2
: case OP_NOP3
: case OP_NOP4
: case OP_NOP5
:
156 case OP_NOP6
: case OP_NOP7
: case OP_NOP8
: case OP_NOP9
: case OP_NOP10
:
162 // <expression> if [statements] [else [statements]] endif
166 if (stack
.size() < 1)
168 valtype
& vch
= stacktop(-1);
169 fValue
= CastToBool(vch
);
170 if (opcode
== OP_NOTIF
)
174 vfExec
.push_back(fValue
);
182 vfExec
.back() = !vfExec
.back();
197 // (false -- false) and return
198 if (stack
.size() < 1)
200 bool fValue
= CastToBool(stacktop(-1));
220 if (stack
.size() < 1)
222 altstack
.push_back(stacktop(-1));
227 case OP_FROMALTSTACK
:
229 if (altstack
.size() < 1)
231 stack
.push_back(altstacktop(-1));
239 if (stack
.size() < 2)
248 // (x1 x2 -- x1 x2 x1 x2)
249 if (stack
.size() < 2)
251 valtype vch1
= stacktop(-2);
252 valtype vch2
= stacktop(-1);
253 stack
.push_back(vch1
);
254 stack
.push_back(vch2
);
260 // (x1 x2 x3 -- x1 x2 x3 x1 x2 x3)
261 if (stack
.size() < 3)
263 valtype vch1
= stacktop(-3);
264 valtype vch2
= stacktop(-2);
265 valtype vch3
= stacktop(-1);
266 stack
.push_back(vch1
);
267 stack
.push_back(vch2
);
268 stack
.push_back(vch3
);
274 // (x1 x2 x3 x4 -- x1 x2 x3 x4 x1 x2)
275 if (stack
.size() < 4)
277 valtype vch1
= stacktop(-4);
278 valtype vch2
= stacktop(-3);
279 stack
.push_back(vch1
);
280 stack
.push_back(vch2
);
286 // (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
287 if (stack
.size() < 6)
289 valtype vch1
= stacktop(-6);
290 valtype vch2
= stacktop(-5);
291 stack
.erase(stack
.end()-6, stack
.end()-4);
292 stack
.push_back(vch1
);
293 stack
.push_back(vch2
);
299 // (x1 x2 x3 x4 -- x3 x4 x1 x2)
300 if (stack
.size() < 4)
302 swap(stacktop(-4), stacktop(-2));
303 swap(stacktop(-3), stacktop(-1));
310 if (stack
.size() < 1)
312 valtype vch
= stacktop(-1);
314 stack
.push_back(vch
);
321 CBigNum
bn(stack
.size());
322 stack
.push_back(bn
.getvch());
329 if (stack
.size() < 1)
338 if (stack
.size() < 1)
340 valtype vch
= stacktop(-1);
341 stack
.push_back(vch
);
348 if (stack
.size() < 2)
350 stack
.erase(stack
.end() - 2);
356 // (x1 x2 -- x1 x2 x1)
357 if (stack
.size() < 2)
359 valtype vch
= stacktop(-2);
360 stack
.push_back(vch
);
367 // (xn ... x2 x1 x0 n - xn ... x2 x1 x0 xn)
368 // (xn ... x2 x1 x0 n - ... x2 x1 x0 xn)
369 if (stack
.size() < 2)
371 int n
= CastToBigNum(stacktop(-1)).getint();
373 if (n
< 0 || n
>= stack
.size())
375 valtype vch
= stacktop(-n
-1);
376 if (opcode
== OP_ROLL
)
377 stack
.erase(stack
.end()-n
-1);
378 stack
.push_back(vch
);
384 // (x1 x2 x3 -- x2 x3 x1)
385 // x2 x1 x3 after first swap
386 // x2 x3 x1 after second swap
387 if (stack
.size() < 3)
389 swap(stacktop(-3), stacktop(-2));
390 swap(stacktop(-2), stacktop(-1));
397 if (stack
.size() < 2)
399 swap(stacktop(-2), stacktop(-1));
405 // (x1 x2 -- x2 x1 x2)
406 if (stack
.size() < 2)
408 valtype vch
= stacktop(-1);
409 stack
.insert(stack
.end()-2, vch
);
420 if (stack
.size() < 2)
422 valtype
& vch1
= stacktop(-2);
423 valtype
& vch2
= stacktop(-1);
424 vch1
.insert(vch1
.end(), vch2
.begin(), vch2
.end());
426 if (stacktop(-1).size() > 520)
433 // (in begin size -- out)
434 if (stack
.size() < 3)
436 valtype
& vch
= stacktop(-3);
437 int nBegin
= CastToBigNum(stacktop(-2)).getint();
438 int nEnd
= nBegin
+ CastToBigNum(stacktop(-1)).getint();
439 if (nBegin
< 0 || nEnd
< nBegin
)
441 if (nBegin
> vch
.size())
443 if (nEnd
> vch
.size())
445 vch
.erase(vch
.begin() + nEnd
, vch
.end());
446 vch
.erase(vch
.begin(), vch
.begin() + nBegin
);
456 if (stack
.size() < 2)
458 valtype
& vch
= stacktop(-2);
459 int nSize
= CastToBigNum(stacktop(-1)).getint();
462 if (nSize
> vch
.size())
464 if (opcode
== OP_LEFT
)
465 vch
.erase(vch
.begin() + nSize
, vch
.end());
467 vch
.erase(vch
.begin(), vch
.end() - nSize
);
475 if (stack
.size() < 1)
477 CBigNum
bn(stacktop(-1).size());
478 stack
.push_back(bn
.getvch());
489 if (stack
.size() < 1)
491 valtype
& vch
= stacktop(-1);
492 for (int i
= 0; i
< vch
.size(); i
++)
502 if (stack
.size() < 2)
504 valtype
& vch1
= stacktop(-2);
505 valtype
& vch2
= stacktop(-1);
506 MakeSameSize(vch1
, vch2
);
507 if (opcode
== OP_AND
)
509 for (int i
= 0; i
< vch1
.size(); i
++)
512 else if (opcode
== OP_OR
)
514 for (int i
= 0; i
< vch1
.size(); i
++)
517 else if (opcode
== OP_XOR
)
519 for (int i
= 0; i
< vch1
.size(); i
++)
528 //case OP_NOTEQUAL: // use OP_NUMNOTEQUAL
531 if (stack
.size() < 2)
533 valtype
& vch1
= stacktop(-2);
534 valtype
& vch2
= stacktop(-1);
535 bool fEqual
= (vch1
== vch2
);
536 // OP_NOTEQUAL is disabled because it would be too easy to say
537 // something like n != 1 and have some wiseguy pass in 1 with extra
538 // zero bytes after it (numerically, 0x01 == 0x0001 == 0x000001)
539 //if (opcode == OP_NOTEQUAL)
543 stack
.push_back(fEqual
? vchTrue
: vchFalse
);
544 if (opcode
== OP_EQUALVERIFY
)
568 if (stack
.size() < 1)
570 CBigNum bn
= CastToBigNum(stacktop(-1));
573 case OP_1ADD
: bn
+= bnOne
; break;
574 case OP_1SUB
: bn
-= bnOne
; break;
575 case OP_2MUL
: bn
<<= 1; break;
576 case OP_2DIV
: bn
>>= 1; break;
577 case OP_NEGATE
: bn
= -bn
; break;
578 case OP_ABS
: if (bn
< bnZero
) bn
= -bn
; break;
579 case OP_NOT
: bn
= (bn
== bnZero
); break;
580 case OP_0NOTEQUAL
: bn
= (bn
!= bnZero
); break;
583 stack
.push_back(bn
.getvch());
597 case OP_NUMEQUALVERIFY
:
601 case OP_LESSTHANOREQUAL
:
602 case OP_GREATERTHANOREQUAL
:
607 if (stack
.size() < 2)
609 CBigNum bn1
= CastToBigNum(stacktop(-2));
610 CBigNum bn2
= CastToBigNum(stacktop(-1));
623 if (!BN_mul(&bn
, &bn1
, &bn2
, pctx
))
628 if (!BN_div(&bn
, NULL
, &bn1
, &bn2
, pctx
))
633 if (!BN_mod(&bn
, &bn1
, &bn2
, pctx
))
638 if (bn2
< bnZero
|| bn2
> CBigNum(2048))
640 bn
= bn1
<< bn2
.getulong();
644 if (bn2
< bnZero
|| bn2
> CBigNum(2048))
646 bn
= bn1
>> bn2
.getulong();
649 case OP_BOOLAND
: bn
= (bn1
!= bnZero
&& bn2
!= bnZero
); break;
650 case OP_BOOLOR
: bn
= (bn1
!= bnZero
|| bn2
!= bnZero
); break;
651 case OP_NUMEQUAL
: bn
= (bn1
== bn2
); break;
652 case OP_NUMEQUALVERIFY
: bn
= (bn1
== bn2
); break;
653 case OP_NUMNOTEQUAL
: bn
= (bn1
!= bn2
); break;
654 case OP_LESSTHAN
: bn
= (bn1
< bn2
); break;
655 case OP_GREATERTHAN
: bn
= (bn1
> bn2
); break;
656 case OP_LESSTHANOREQUAL
: bn
= (bn1
<= bn2
); break;
657 case OP_GREATERTHANOREQUAL
: bn
= (bn1
>= bn2
); break;
658 case OP_MIN
: bn
= (bn1
< bn2
? bn1
: bn2
); break;
659 case OP_MAX
: bn
= (bn1
> bn2
? bn1
: bn2
); break;
663 stack
.push_back(bn
.getvch());
665 if (opcode
== OP_NUMEQUALVERIFY
)
667 if (CastToBool(stacktop(-1)))
677 // (x min max -- out)
678 if (stack
.size() < 3)
680 CBigNum bn1
= CastToBigNum(stacktop(-3));
681 CBigNum bn2
= CastToBigNum(stacktop(-2));
682 CBigNum bn3
= CastToBigNum(stacktop(-1));
683 bool fValue
= (bn2
<= bn1
&& bn1
< bn3
);
687 stack
.push_back(fValue
? vchTrue
: vchFalse
);
702 if (stack
.size() < 1)
704 valtype
& vch
= stacktop(-1);
705 valtype
vchHash((opcode
== OP_RIPEMD160
|| opcode
== OP_SHA1
|| opcode
== OP_HASH160
) ? 20 : 32);
706 if (opcode
== OP_RIPEMD160
)
707 RIPEMD160(&vch
[0], vch
.size(), &vchHash
[0]);
708 else if (opcode
== OP_SHA1
)
709 SHA1(&vch
[0], vch
.size(), &vchHash
[0]);
710 else if (opcode
== OP_SHA256
)
711 SHA256(&vch
[0], vch
.size(), &vchHash
[0]);
712 else if (opcode
== OP_HASH160
)
714 uint160 hash160
= Hash160(vch
);
715 memcpy(&vchHash
[0], &hash160
, sizeof(hash160
));
717 else if (opcode
== OP_HASH256
)
719 uint256 hash
= Hash(vch
.begin(), vch
.end());
720 memcpy(&vchHash
[0], &hash
, sizeof(hash
));
723 stack
.push_back(vchHash
);
727 case OP_CODESEPARATOR
:
729 // Hash starts after the code separator
735 case OP_CHECKSIGVERIFY
:
737 // (sig pubkey -- bool)
738 if (stack
.size() < 2)
741 valtype
& vchSig
= stacktop(-2);
742 valtype
& vchPubKey
= stacktop(-1);
745 //PrintHex(vchSig.begin(), vchSig.end(), "sig: %s\n");
746 //PrintHex(vchPubKey.begin(), vchPubKey.end(), "pubkey: %s\n");
748 // Subset of script starting at the most recent codeseparator
749 CScript
scriptCode(pbegincodehash
, pend
);
751 // Drop the signature, since there's no way for a signature to sign itself
752 scriptCode
.FindAndDelete(CScript(vchSig
));
754 bool fSuccess
= CheckSig(vchSig
, vchPubKey
, scriptCode
, txTo
, nIn
, nHashType
);
758 stack
.push_back(fSuccess
? vchTrue
: vchFalse
);
759 if (opcode
== OP_CHECKSIGVERIFY
)
769 case OP_CHECKMULTISIG
:
770 case OP_CHECKMULTISIGVERIFY
:
772 // ([sig ...] num_of_signatures [pubkey ...] num_of_pubkeys -- bool)
775 if (stack
.size() < i
)
778 int nKeysCount
= CastToBigNum(stacktop(-i
)).getint();
779 if (nKeysCount
< 0 || nKeysCount
> 20)
781 nOpCount
+= nKeysCount
;
786 if (stack
.size() < i
)
789 int nSigsCount
= CastToBigNum(stacktop(-i
)).getint();
790 if (nSigsCount
< 0 || nSigsCount
> nKeysCount
)
794 if (stack
.size() < i
)
797 // Subset of script starting at the most recent codeseparator
798 CScript
scriptCode(pbegincodehash
, pend
);
800 // Drop the signatures, since there's no way for a signature to sign itself
801 for (int k
= 0; k
< nSigsCount
; k
++)
803 valtype
& vchSig
= stacktop(-isig
-k
);
804 scriptCode
.FindAndDelete(CScript(vchSig
));
807 bool fSuccess
= true;
808 while (fSuccess
&& nSigsCount
> 0)
810 valtype
& vchSig
= stacktop(-isig
);
811 valtype
& vchPubKey
= stacktop(-ikey
);
814 if (CheckSig(vchSig
, vchPubKey
, scriptCode
, txTo
, nIn
, nHashType
))
822 // If there are more signatures left than keys left,
823 // then too many signatures have failed
824 if (nSigsCount
> nKeysCount
)
830 stack
.push_back(fSuccess
? vchTrue
: vchFalse
);
832 if (opcode
== OP_CHECKMULTISIGVERIFY
)
847 if (stack
.size() + altstack
.size() > 1000)
871 uint256
SignatureHash(CScript scriptCode
, const CTransaction
& txTo
, unsigned int nIn
, int nHashType
)
873 if (nIn
>= txTo
.vin
.size())
875 printf("ERROR: SignatureHash() : nIn=%d out of range\n", nIn
);
878 CTransaction
txTmp(txTo
);
880 // In case concatenating two scripts ends up with two codeseparators,
881 // or an extra one at the end, this prevents all those possible incompatibilities.
882 scriptCode
.FindAndDelete(CScript(OP_CODESEPARATOR
));
884 // Blank out other inputs' signatures
885 for (int i
= 0; i
< txTmp
.vin
.size(); i
++)
886 txTmp
.vin
[i
].scriptSig
= CScript();
887 txTmp
.vin
[nIn
].scriptSig
= scriptCode
;
889 // Blank out some of the outputs
890 if ((nHashType
& 0x1f) == SIGHASH_NONE
)
895 // Let the others update at will
896 for (int i
= 0; i
< txTmp
.vin
.size(); i
++)
898 txTmp
.vin
[i
].nSequence
= 0;
900 else if ((nHashType
& 0x1f) == SIGHASH_SINGLE
)
902 // Only lockin the txout payee at same index as txin
903 unsigned int nOut
= nIn
;
904 if (nOut
>= txTmp
.vout
.size())
906 printf("ERROR: SignatureHash() : nOut=%d out of range\n", nOut
);
909 txTmp
.vout
.resize(nOut
+1);
910 for (int i
= 0; i
< nOut
; i
++)
911 txTmp
.vout
[i
].SetNull();
913 // Let the others update at will
914 for (int i
= 0; i
< txTmp
.vin
.size(); i
++)
916 txTmp
.vin
[i
].nSequence
= 0;
919 // Blank out other inputs completely, not recommended for open transactions
920 if (nHashType
& SIGHASH_ANYONECANPAY
)
922 txTmp
.vin
[0] = txTmp
.vin
[nIn
];
926 // Serialize and hash
927 CDataStream
ss(SER_GETHASH
);
929 ss
<< txTmp
<< nHashType
;
930 return Hash(ss
.begin(), ss
.end());
934 bool CheckSig(vector
<unsigned char> vchSig
, vector
<unsigned char> vchPubKey
, CScript scriptCode
,
935 const CTransaction
& txTo
, unsigned int nIn
, int nHashType
)
938 if (!key
.SetPubKey(vchPubKey
))
941 // Hash type is one byte tacked on to the end of the signature
945 nHashType
= vchSig
.back();
946 else if (nHashType
!= vchSig
.back())
950 return key
.Verify(SignatureHash(scriptCode
, txTo
, nIn
, nHashType
), vchSig
);
962 bool Solver(const CScript
& scriptPubKey
, vector
<pair
<opcodetype
, valtype
> >& vSolutionRet
)
965 static vector
<CScript
> vTemplates
;
966 if (vTemplates
.empty())
968 // Standard tx, sender provides pubkey, receiver adds signature
969 vTemplates
.push_back(CScript() << OP_PUBKEY
<< OP_CHECKSIG
);
971 // Bitcoin address tx, sender provides hash of pubkey, receiver provides signature and pubkey
972 vTemplates
.push_back(CScript() << OP_DUP
<< OP_HASH160
<< OP_PUBKEYHASH
<< OP_EQUALVERIFY
<< OP_CHECKSIG
);
976 const CScript
& script1
= scriptPubKey
;
977 foreach(const CScript
& script2
, vTemplates
)
979 vSolutionRet
.clear();
980 opcodetype opcode1
, opcode2
;
981 vector
<unsigned char> vch1
, vch2
;
984 CScript::const_iterator pc1
= script1
.begin();
985 CScript::const_iterator pc2
= script2
.begin();
988 if (pc1
== script1
.end() && pc2
== script2
.end())
991 reverse(vSolutionRet
.begin(), vSolutionRet
.end());
994 if (!script1
.GetOp(pc1
, opcode1
, vch1
))
996 if (!script2
.GetOp(pc2
, opcode2
, vch2
))
998 if (opcode2
== OP_PUBKEY
)
1000 if (vch1
.size() < 33 || vch1
.size() > 120)
1002 vSolutionRet
.push_back(make_pair(opcode2
, vch1
));
1004 else if (opcode2
== OP_PUBKEYHASH
)
1006 if (vch1
.size() != sizeof(uint160
))
1008 vSolutionRet
.push_back(make_pair(opcode2
, vch1
));
1010 else if (opcode1
!= opcode2
|| vch1
!= vch2
)
1017 vSolutionRet
.clear();
1022 bool Solver(const CScript
& scriptPubKey
, uint256 hash
, int nHashType
, CScript
& scriptSigRet
)
1024 scriptSigRet
.clear();
1026 vector
<pair
<opcodetype
, valtype
> > vSolution
;
1027 if (!Solver(scriptPubKey
, vSolution
))
1031 CRITICAL_BLOCK(cs_mapKeys
)
1033 foreach(PAIRTYPE(opcodetype
, valtype
)& item
, vSolution
)
1035 if (item
.first
== OP_PUBKEY
)
1038 const valtype
& vchPubKey
= item
.second
;
1039 if (!mapKeys
.count(vchPubKey
))
1043 vector
<unsigned char> vchSig
;
1044 if (!CKey::Sign(mapKeys
[vchPubKey
], hash
, vchSig
))
1046 vchSig
.push_back((unsigned char)nHashType
);
1047 scriptSigRet
<< vchSig
;
1050 else if (item
.first
== OP_PUBKEYHASH
)
1052 // Sign and give pubkey
1053 map
<uint160
, valtype
>::iterator mi
= mapPubKeys
.find(uint160(item
.second
));
1054 if (mi
== mapPubKeys
.end())
1056 const vector
<unsigned char>& vchPubKey
= (*mi
).second
;
1057 if (!mapKeys
.count(vchPubKey
))
1061 vector
<unsigned char> vchSig
;
1062 if (!CKey::Sign(mapKeys
[vchPubKey
], hash
, vchSig
))
1064 vchSig
.push_back((unsigned char)nHashType
);
1065 scriptSigRet
<< vchSig
<< vchPubKey
;
1079 bool IsStandard(const CScript
& scriptPubKey
)
1081 vector
<pair
<opcodetype
, valtype
> > vSolution
;
1082 return Solver(scriptPubKey
, vSolution
);
1086 bool IsMine(const CScript
& scriptPubKey
)
1089 return Solver(scriptPubKey
, 0, 0, scriptSig
);
1093 bool ExtractPubKey(const CScript
& scriptPubKey
, bool fMineOnly
, vector
<unsigned char>& vchPubKeyRet
)
1095 vchPubKeyRet
.clear();
1097 vector
<pair
<opcodetype
, valtype
> > vSolution
;
1098 if (!Solver(scriptPubKey
, vSolution
))
1101 CRITICAL_BLOCK(cs_mapKeys
)
1103 foreach(PAIRTYPE(opcodetype
, valtype
)& item
, vSolution
)
1106 if (item
.first
== OP_PUBKEY
)
1108 vchPubKey
= item
.second
;
1110 else if (item
.first
== OP_PUBKEYHASH
)
1112 map
<uint160
, valtype
>::iterator mi
= mapPubKeys
.find(uint160(item
.second
));
1113 if (mi
== mapPubKeys
.end())
1115 vchPubKey
= (*mi
).second
;
1117 if (!fMineOnly
|| mapKeys
.count(vchPubKey
))
1119 vchPubKeyRet
= vchPubKey
;
1128 bool ExtractHash160(const CScript
& scriptPubKey
, uint160
& hash160Ret
)
1132 vector
<pair
<opcodetype
, valtype
> > vSolution
;
1133 if (!Solver(scriptPubKey
, vSolution
))
1136 foreach(PAIRTYPE(opcodetype
, valtype
)& item
, vSolution
)
1138 if (item
.first
== OP_PUBKEYHASH
)
1140 hash160Ret
= uint160(item
.second
);
1148 bool VerifyScript(const CScript
& scriptSig
, const CScript
& scriptPubKey
, const CTransaction
& txTo
, unsigned int nIn
, int nHashType
)
1150 vector
<vector
<unsigned char> > stack
;
1151 if (!EvalScript(stack
, scriptSig
, txTo
, nIn
, nHashType
))
1153 if (!EvalScript(stack
, scriptPubKey
, txTo
, nIn
, nHashType
))
1157 return CastToBool(stack
.back());
1161 bool SignSignature(const CTransaction
& txFrom
, CTransaction
& txTo
, unsigned int nIn
, int nHashType
, CScript scriptPrereq
)
1163 assert(nIn
< txTo
.vin
.size());
1164 CTxIn
& txin
= txTo
.vin
[nIn
];
1165 assert(txin
.prevout
.n
< txFrom
.vout
.size());
1166 const CTxOut
& txout
= txFrom
.vout
[txin
.prevout
.n
];
1168 // Leave out the signature from the hash, since a signature can't sign itself.
1169 // The checksig op will also drop the signatures from its hash.
1170 uint256 hash
= SignatureHash(scriptPrereq
+ txout
.scriptPubKey
, txTo
, nIn
, nHashType
);
1172 if (!Solver(txout
.scriptPubKey
, hash
, nHashType
, txin
.scriptSig
))
1175 txin
.scriptSig
= scriptPrereq
+ txin
.scriptSig
;
1178 if (scriptPrereq
.empty())
1179 if (!VerifyScript(txin
.scriptSig
, txout
.scriptPubKey
, txTo
, nIn
, 0))
1186 bool VerifySignature(const CTransaction
& txFrom
, const CTransaction
& txTo
, unsigned int nIn
, int nHashType
)
1188 assert(nIn
< txTo
.vin
.size());
1189 const CTxIn
& txin
= txTo
.vin
[nIn
];
1190 if (txin
.prevout
.n
>= txFrom
.vout
.size())
1192 const CTxOut
& txout
= txFrom
.vout
[txin
.prevout
.n
];
1194 if (txin
.prevout
.hash
!= txFrom
.GetHash())
1197 if (!VerifyScript(txin
.scriptSig
, txout
.scriptPubKey
, txTo
, nIn
, nHashType
))
1200 // Anytime a signature is successfully verified, it's proof the outpoint is spent,
1201 // so lets update the wallet spent flag if it doesn't know due to wallet.dat being
1202 // restored from backup or the user making copies of wallet.dat.
1203 WalletUpdateSpent(txin
.prevout
);