test/functional/segwit.py

   1 #!/usr/bin/env python3
   2 # Copyright (c) 2016 The Bitcoin Core developers
   3 # Distributed under the MIT software license, see the accompanying
   4 # file COPYING or http://www.opensource.org/licenses/mit-license.php.
   5 """Test the SegWit changeover logic."""
   6
   7 from test_framework.test_framework import BitcoinTestFramework
   8 from test_framework.util import *
   9 from test_framework.mininode import sha256, CTransaction, CTxIn, COutPoint, CTxOut, COIN, ToHex, FromHex
  10 from test_framework.address import script_to_p2sh, key_to_p2pkh
  11 from test_framework.script import CScript, OP_HASH160, OP_CHECKSIG, OP_0, hash160, OP_EQUAL, OP_DUP, OP_EQUALVERIFY, OP_1, OP_2, OP_CHECKMULTISIG, OP_TRUE
  12 from io import BytesIO
  13
  14 NODE_0 = 0
  15 NODE_1 = 1
  16 NODE_2 = 2
  17 WIT_V0 = 0
  18 WIT_V1 = 1
  19
  20 # Create a scriptPubKey corresponding to either a P2WPKH output for the
  21 # given pubkey, or a P2WSH output of a 1-of-1 multisig for the given
  22 # pubkey. Returns the hex encoding of the scriptPubKey.
  23 def witness_script(use_p2wsh, pubkey):
  24     if (use_p2wsh == False):
  25         # P2WPKH instead
  26         pubkeyhash = hash160(hex_str_to_bytes(pubkey))
  27         pkscript = CScript([OP_0, pubkeyhash])
  28     else:
  29         # 1-of-1 multisig
  30         witness_program = CScript([OP_1, hex_str_to_bytes(pubkey), OP_1, OP_CHECKMULTISIG])
  31         scripthash = sha256(witness_program)
  32         pkscript = CScript([OP_0, scripthash])
  33     return bytes_to_hex_str(pkscript)
  34
  35 # Return a transaction (in hex) that spends the given utxo to a segwit output,
  36 # optionally wrapping the segwit output using P2SH.
  37 def create_witnessprogram(use_p2wsh, utxo, pubkey, encode_p2sh, amount):
  38     pkscript = hex_str_to_bytes(witness_script(use_p2wsh, pubkey))
  39     if (encode_p2sh):
  40         p2sh_hash = hash160(pkscript)
  41         pkscript = CScript([OP_HASH160, p2sh_hash, OP_EQUAL])
  42     tx = CTransaction()
  43     tx.vin.append(CTxIn(COutPoint(int(utxo["txid"], 16), utxo["vout"]), b""))
  44     tx.vout.append(CTxOut(int(amount*COIN), pkscript))
  45     return ToHex(tx)
  46
  47 # Create a transaction spending a given utxo to a segwit output corresponding
  48 # to the given pubkey: use_p2wsh determines whether to use P2WPKH or P2WSH;
  49 # encode_p2sh determines whether to wrap in P2SH.
  50 # sign=True will have the given node sign the transaction.
  51 # insert_redeem_script will be added to the scriptSig, if given.
  52 def send_to_witness(use_p2wsh, node, utxo, pubkey, encode_p2sh, amount, sign=True, insert_redeem_script=""):
  53     tx_to_witness = create_witnessprogram(use_p2wsh, utxo, pubkey, encode_p2sh, amount)
  54     if (sign):
  55         signed = node.signrawtransaction(tx_to_witness)
  56         assert("errors" not in signed or len(["errors"]) == 0)
  57         return node.sendrawtransaction(signed["hex"])
  58     else:
  59         if (insert_redeem_script):
  60             tx = FromHex(CTransaction(), tx_to_witness)
  61             tx.vin[0].scriptSig += CScript([hex_str_to_bytes(insert_redeem_script)])
  62             tx_to_witness = ToHex(tx)
  63
  64     return node.sendrawtransaction(tx_to_witness)
  65
  66 def getutxo(txid):
  67     utxo = {}
  68     utxo["vout"] = 0
  69     utxo["txid"] = txid
  70     return utxo
  71
  72 def find_unspent(node, min_value):
  73     for utxo in node.listunspent():
  74         if utxo['amount'] >= min_value:
  75             return utxo
  76
  77 class SegWitTest(BitcoinTestFramework):
  78
  79     def __init__(self):
  80         super().__init__()
  81         self.setup_clean_chain = True
  82         self.num_nodes = 3
  83
  84     def setup_network(self):
  85         self.nodes = []
  86         self.nodes.append(start_node(0, self.options.tmpdir, ["-walletprematurewitness", "-rpcserialversion=0"]))
  87         self.nodes.append(start_node(1, self.options.tmpdir, ["-blockversion=4", "-promiscuousmempoolflags=517", "-prematurewitness", "-walletprematurewitness", "-rpcserialversion=1"]))
  88         self.nodes.append(start_node(2, self.options.tmpdir, ["-blockversion=536870915", "-promiscuousmempoolflags=517", "-prematurewitness", "-walletprematurewitness"]))
  89         connect_nodes(self.nodes[1], 0)
  90         connect_nodes(self.nodes[2], 1)
  91         connect_nodes(self.nodes[0], 2)
  92         self.is_network_split = False
  93         self.sync_all()
  94
  95     def success_mine(self, node, txid, sign, redeem_script=""):
  96         send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
  97         block = node.generate(1)
  98         assert_equal(len(node.getblock(block[0])["tx"]), 2)
  99         sync_blocks(self.nodes)
 100
 101     def skip_mine(self, node, txid, sign, redeem_script=""):
 102         send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
 103         block = node.generate(1)
 104         assert_equal(len(node.getblock(block[0])["tx"]), 1)
 105         sync_blocks(self.nodes)
 106
 107     def fail_accept(self, node, error_msg, txid, sign, redeem_script=""):
 108         assert_raises_jsonrpc(-26, error_msg, send_to_witness, 1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
 109
 110     def fail_mine(self, node, txid, sign, redeem_script=""):
 111         send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
 112         assert_raises_jsonrpc(-1, "CreateNewBlock: TestBlockValidity failed", node.generate, 1)
 113         sync_blocks(self.nodes)
 114
 115     def run_test(self):
 116         self.nodes[0].generate(161) #block 161
 117
 118         self.log.info("Verify sigops are counted in GBT with pre-BIP141 rules before the fork")
 119         txid = self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1)
 120         tmpl = self.nodes[0].getblocktemplate({})
 121         assert(tmpl['sizelimit'] == 1000000)
 122         assert('weightlimit' not in tmpl)
 123         assert(tmpl['sigoplimit'] == 20000)
 124         assert(tmpl['transactions'][0]['hash'] == txid)
 125         assert(tmpl['transactions'][0]['sigops'] == 2)
 126         tmpl = self.nodes[0].getblocktemplate({'rules':['segwit']})
 127         assert(tmpl['sizelimit'] == 1000000)
 128         assert('weightlimit' not in tmpl)
 129         assert(tmpl['sigoplimit'] == 20000)
 130         assert(tmpl['transactions'][0]['hash'] == txid)
 131         assert(tmpl['transactions'][0]['sigops'] == 2)
 132         self.nodes[0].generate(1) #block 162
 133
 134         balance_presetup = self.nodes[0].getbalance()
 135         self.pubkey = []
 136         p2sh_ids = [] # p2sh_ids[NODE][VER] is an array of txids that spend to a witness version VER pkscript to an address for NODE embedded in p2sh
 137         wit_ids = [] # wit_ids[NODE][VER] is an array of txids that spend to a witness version VER pkscript to an address for NODE via bare witness
 138         for i in range(3):
 139             newaddress = self.nodes[i].getnewaddress()
 140             self.pubkey.append(self.nodes[i].validateaddress(newaddress)["pubkey"])
 141             multiaddress = self.nodes[i].addmultisigaddress(1, [self.pubkey[-1]])
 142             self.nodes[i].addwitnessaddress(newaddress)
 143             self.nodes[i].addwitnessaddress(multiaddress)
 144             p2sh_ids.append([])
 145             wit_ids.append([])
 146             for v in range(2):
 147                 p2sh_ids[i].append([])
 148                 wit_ids[i].append([])
 149
 150         for i in range(5):
 151             for n in range(3):
 152                 for v in range(2):
 153                     wit_ids[n][v].append(send_to_witness(v, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[n], False, Decimal("49.999")))
 154                     p2sh_ids[n][v].append(send_to_witness(v, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[n], True, Decimal("49.999")))
 155
 156         self.nodes[0].generate(1) #block 163
 157         sync_blocks(self.nodes)
 158
 159         # Make sure all nodes recognize the transactions as theirs
 160         assert_equal(self.nodes[0].getbalance(), balance_presetup - 60*50 + 20*Decimal("49.999") + 50)
 161         assert_equal(self.nodes[1].getbalance(), 20*Decimal("49.999"))
 162         assert_equal(self.nodes[2].getbalance(), 20*Decimal("49.999"))
 163
 164         self.nodes[0].generate(260) #block 423
 165         sync_blocks(self.nodes)
 166
 167         self.log.info("Verify default node can't accept any witness format txs before fork")
 168         # unsigned, no scriptsig
 169         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", wit_ids[NODE_0][WIT_V0][0], False)
 170         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", wit_ids[NODE_0][WIT_V1][0], False)
 171         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V0][0], False)
 172         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V1][0], False)
 173         # unsigned with redeem script
 174         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V0][0], False, witness_script(False, self.pubkey[0]))
 175         self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V1][0], False, witness_script(True, self.pubkey[0]))
 176         # signed
 177         self.fail_accept(self.nodes[0], "no-witness-yet", wit_ids[NODE_0][WIT_V0][0], True)
 178         self.fail_accept(self.nodes[0], "no-witness-yet", wit_ids[NODE_0][WIT_V1][0], True)
 179         self.fail_accept(self.nodes[0], "no-witness-yet", p2sh_ids[NODE_0][WIT_V0][0], True)
 180         self.fail_accept(self.nodes[0], "no-witness-yet", p2sh_ids[NODE_0][WIT_V1][0], True)
 181
 182         self.log.info("Verify witness txs are skipped for mining before the fork")
 183         self.skip_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][0], True) #block 424
 184         self.skip_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][0], True) #block 425
 185         self.skip_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][0], True) #block 426
 186         self.skip_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][0], True) #block 427
 187
 188         # TODO: An old node would see these txs without witnesses and be able to mine them
 189
 190         self.log.info("Verify unsigned bare witness txs in versionbits-setting blocks are valid before the fork")
 191         self.success_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][1], False) #block 428
 192         self.success_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][1], False) #block 429
 193
 194         self.log.info("Verify unsigned p2sh witness txs without a redeem script are invalid")
 195         self.fail_accept(self.nodes[2], "mandatory-script-verify-flag", p2sh_ids[NODE_2][WIT_V0][1], False)
 196         self.fail_accept(self.nodes[2], "mandatory-script-verify-flag", p2sh_ids[NODE_2][WIT_V1][1], False)
 197
 198         self.log.info("Verify unsigned p2sh witness txs with a redeem script in versionbits-settings blocks are valid before the fork")
 199         self.success_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][1], False, witness_script(False, self.pubkey[2])) #block 430
 200         self.success_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][1], False, witness_script(True, self.pubkey[2])) #block 431
 201
 202         self.log.info("Verify previous witness txs skipped for mining can now be mined")
 203         assert_equal(len(self.nodes[2].getrawmempool()), 4)
 204         block = self.nodes[2].generate(1) #block 432 (first block with new rules; 432 = 144 * 3)
 205         sync_blocks(self.nodes)
 206         assert_equal(len(self.nodes[2].getrawmempool()), 0)
 207         segwit_tx_list = self.nodes[2].getblock(block[0])["tx"]
 208         assert_equal(len(segwit_tx_list), 5)
 209
 210         self.log.info("Verify block and transaction serialization rpcs return differing serializations depending on rpc serialization flag")
 211         assert(self.nodes[2].getblock(block[0], False) !=  self.nodes[0].getblock(block[0], False))
 212         assert(self.nodes[1].getblock(block[0], False) ==  self.nodes[2].getblock(block[0], False))
 213         for i in range(len(segwit_tx_list)):
 214             tx = FromHex(CTransaction(), self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
 215             assert(self.nodes[2].getrawtransaction(segwit_tx_list[i]) != self.nodes[0].getrawtransaction(segwit_tx_list[i]))
 216             assert(self.nodes[1].getrawtransaction(segwit_tx_list[i], 0) == self.nodes[2].getrawtransaction(segwit_tx_list[i]))
 217             assert(self.nodes[0].getrawtransaction(segwit_tx_list[i]) != self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
 218             assert(self.nodes[1].getrawtransaction(segwit_tx_list[i]) == self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
 219             assert(self.nodes[0].getrawtransaction(segwit_tx_list[i]) == bytes_to_hex_str(tx.serialize_without_witness()))
 220
 221         self.log.info("Verify witness txs without witness data are invalid after the fork")
 222         self.fail_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][2], False)
 223         self.fail_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][2], False)
 224         self.fail_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][2], False, witness_script(False, self.pubkey[2]))
 225         self.fail_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][2], False, witness_script(True, self.pubkey[2]))
 226
 227         self.log.info("Verify default node can now use witness txs")
 228         self.success_mine(self.nodes[0], wit_ids[NODE_0][WIT_V0][0], True) #block 432
 229         self.success_mine(self.nodes[0], wit_ids[NODE_0][WIT_V1][0], True) #block 433
 230         self.success_mine(self.nodes[0], p2sh_ids[NODE_0][WIT_V0][0], True) #block 434
 231         self.success_mine(self.nodes[0], p2sh_ids[NODE_0][WIT_V1][0], True) #block 435
 232
 233         self.log.info("Verify sigops are counted in GBT with BIP141 rules after the fork")
 234         txid = self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1)
 235         tmpl = self.nodes[0].getblocktemplate({'rules':['segwit']})
 236         assert(tmpl['sizelimit'] >= 3999577)  # actual maximum size is lower due to minimum mandatory non-witness data
 237         assert(tmpl['weightlimit'] == 4000000)
 238         assert(tmpl['sigoplimit'] == 80000)
 239         assert(tmpl['transactions'][0]['txid'] == txid)
 240         assert(tmpl['transactions'][0]['sigops'] == 8)
 241
 242         self.nodes[0].generate(1) # Mine a block to clear the gbt cache
 243
 244         self.log.info("Non-segwit miners are able to use GBT response after activation.")
 245         # Create a 3-tx chain: tx1 (non-segwit input, paying to a segwit output) ->
 246         #                      tx2 (segwit input, paying to a non-segwit output) ->
 247         #                      tx3 (non-segwit input, paying to a non-segwit output).
 248         # tx1 is allowed to appear in the block, but no others.
 249         txid1 = send_to_witness(1, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[0], False, Decimal("49.996"))
 250         hex_tx = self.nodes[0].gettransaction(txid)['hex']
 251         tx = FromHex(CTransaction(), hex_tx)
 252         assert(tx.wit.is_null()) # This should not be a segwit input
 253         assert(txid1 in self.nodes[0].getrawmempool())
 254
 255         # Now create tx2, which will spend from txid1.
 256         tx = CTransaction()
 257         tx.vin.append(CTxIn(COutPoint(int(txid1, 16), 0), b''))
 258         tx.vout.append(CTxOut(int(49.99*COIN), CScript([OP_TRUE])))
 259         tx2_hex = self.nodes[0].signrawtransaction(ToHex(tx))['hex']
 260         txid2 = self.nodes[0].sendrawtransaction(tx2_hex)
 261         tx = FromHex(CTransaction(), tx2_hex)
 262         assert(not tx.wit.is_null())
 263
 264         # Now create tx3, which will spend from txid2
 265         tx = CTransaction()
 266         tx.vin.append(CTxIn(COutPoint(int(txid2, 16), 0), b""))
 267         tx.vout.append(CTxOut(int(49.95*COIN), CScript([OP_TRUE]))) # Huge fee
 268         tx.calc_sha256()
 269         txid3 = self.nodes[0].sendrawtransaction(ToHex(tx))
 270         assert(tx.wit.is_null())
 271         assert(txid3 in self.nodes[0].getrawmempool())
 272
 273         # Now try calling getblocktemplate() without segwit support.
 274         template = self.nodes[0].getblocktemplate()
 275
 276         # Check that tx1 is the only transaction of the 3 in the template.
 277         template_txids = [ t['txid'] for t in template['transactions'] ]
 278         assert(txid2 not in template_txids and txid3 not in template_txids)
 279         assert(txid1 in template_txids)
 280
 281         # Check that running with segwit support results in all 3 being included.
 282         template = self.nodes[0].getblocktemplate({"rules": ["segwit"]})
 283         template_txids = [ t['txid'] for t in template['transactions'] ]
 284         assert(txid1 in template_txids)
 285         assert(txid2 in template_txids)
 286         assert(txid3 in template_txids)
 287
 288         # Mine a block to clear the gbt cache again.
 289         self.nodes[0].generate(1)
 290
 291         self.log.info("Verify behaviour of importaddress, addwitnessaddress and listunspent")
 292
 293         # Some public keys to be used later
 294         pubkeys = [
 295             "0363D44AABD0F1699138239DF2F042C3282C0671CC7A76826A55C8203D90E39242", # cPiM8Ub4heR9NBYmgVzJQiUH1if44GSBGiqaeJySuL2BKxubvgwb
 296             "02D3E626B3E616FC8662B489C123349FECBFC611E778E5BE739B257EAE4721E5BF", # cPpAdHaD6VoYbW78kveN2bsvb45Q7G5PhaPApVUGwvF8VQ9brD97
 297             "04A47F2CBCEFFA7B9BCDA184E7D5668D3DA6F9079AD41E422FA5FD7B2D458F2538A62F5BD8EC85C2477F39650BD391EA6250207065B2A81DA8B009FC891E898F0E", # 91zqCU5B9sdWxzMt1ca3VzbtVm2YM6Hi5Rxn4UDtxEaN9C9nzXV
 298             "02A47F2CBCEFFA7B9BCDA184E7D5668D3DA6F9079AD41E422FA5FD7B2D458F2538", # cPQFjcVRpAUBG8BA9hzr2yEzHwKoMgLkJZBBtK9vJnvGJgMjzTbd
 299             "036722F784214129FEB9E8129D626324F3F6716555B603FFE8300BBCB882151228", # cQGtcm34xiLjB1v7bkRa4V3aAc9tS2UTuBZ1UnZGeSeNy627fN66
 300             "0266A8396EE936BF6D99D17920DB21C6C7B1AB14C639D5CD72B300297E416FD2EC", # cTW5mR5M45vHxXkeChZdtSPozrFwFgmEvTNnanCW6wrqwaCZ1X7K
 301             "0450A38BD7F0AC212FEBA77354A9B036A32E0F7C81FC4E0C5ADCA7C549C4505D2522458C2D9AE3CEFD684E039194B72C8A10F9CB9D4764AB26FCC2718D421D3B84", # 92h2XPssjBpsJN5CqSP7v9a7cf2kgDunBC6PDFwJHMACM1rrVBJ
 302         ]
 303
 304         # Import a compressed key and an uncompressed key, generate some multisig addresses
 305         self.nodes[0].importprivkey("92e6XLo5jVAVwrQKPNTs93oQco8f8sDNBcpv73Dsrs397fQtFQn")
 306         uncompressed_spendable_address = ["mvozP4UwyGD2mGZU4D2eMvMLPB9WkMmMQu"]
 307         self.nodes[0].importprivkey("cNC8eQ5dg3mFAVePDX4ddmPYpPbw41r9bm2jd1nLJT77e6RrzTRR")
 308         compressed_spendable_address = ["mmWQubrDomqpgSYekvsU7HWEVjLFHAakLe"]
 309         assert ((self.nodes[0].validateaddress(uncompressed_spendable_address[0])['iscompressed'] == False))
 310         assert ((self.nodes[0].validateaddress(compressed_spendable_address[0])['iscompressed'] == True))
 311
 312         self.nodes[0].importpubkey(pubkeys[0])
 313         compressed_solvable_address = [key_to_p2pkh(pubkeys[0])]
 314         self.nodes[0].importpubkey(pubkeys[1])
 315         compressed_solvable_address.append(key_to_p2pkh(pubkeys[1]))
 316         self.nodes[0].importpubkey(pubkeys[2])
 317         uncompressed_solvable_address = [key_to_p2pkh(pubkeys[2])]
 318
 319         spendable_anytime = []                      # These outputs should be seen anytime after importprivkey and addmultisigaddress
 320         spendable_after_importaddress = []          # These outputs should be seen after importaddress
 321         solvable_after_importaddress = []           # These outputs should be seen after importaddress but not spendable
 322         unsolvable_after_importaddress = []         # These outputs should be unsolvable after importaddress
 323         solvable_anytime = []                       # These outputs should be solvable after importpubkey
 324         unseen_anytime = []                         # These outputs should never be seen
 325
 326         uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], compressed_spendable_address[0]]))
 327         uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], uncompressed_spendable_address[0]]))
 328         compressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_spendable_address[0]]))
 329         uncompressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], uncompressed_solvable_address[0]]))
 330         compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_solvable_address[0]]))
 331         compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_solvable_address[0], compressed_solvable_address[1]]))
 332         unknown_address = ["mtKKyoHabkk6e4ppT7NaM7THqPUt7AzPrT", "2NDP3jLWAFT8NDAiUa9qiE6oBt2awmMq7Dx"]
 333
 334         # Test multisig_without_privkey
 335         # We have 2 public keys without private keys, use addmultisigaddress to add to wallet.
 336         # Money sent to P2SH of multisig of this should only be seen after importaddress with the BASE58 P2SH address.
 337
 338         multisig_without_privkey_address = self.nodes[0].addmultisigaddress(2, [pubkeys[3], pubkeys[4]])
 339         script = CScript([OP_2, hex_str_to_bytes(pubkeys[3]), hex_str_to_bytes(pubkeys[4]), OP_2, OP_CHECKMULTISIG])
 340         solvable_after_importaddress.append(CScript([OP_HASH160, hash160(script), OP_EQUAL]))
 341
 342         for i in compressed_spendable_address:
 343             v = self.nodes[0].validateaddress(i)
 344             if (v['isscript']):
 345                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 346                 # bare and p2sh multisig with compressed keys should always be spendable
 347                 spendable_anytime.extend([bare, p2sh])
 348                 # P2WSH and P2SH(P2WSH) multisig with compressed keys are spendable after direct importaddress
 349                 spendable_after_importaddress.extend([p2wsh, p2sh_p2wsh])
 350             else:
 351                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 352                 # normal P2PKH and P2PK with compressed keys should always be spendable
 353                 spendable_anytime.extend([p2pkh, p2pk])
 354                 # P2SH_P2PK, P2SH_P2PKH, and witness with compressed keys are spendable after direct importaddress
 355                 spendable_after_importaddress.extend([p2wpkh, p2sh_p2wpkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
 356
 357         for i in uncompressed_spendable_address:
 358             v = self.nodes[0].validateaddress(i)
 359             if (v['isscript']):
 360                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 361                 # bare and p2sh multisig with uncompressed keys should always be spendable
 362                 spendable_anytime.extend([bare, p2sh])
 363                 # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
 364                 unseen_anytime.extend([p2wsh, p2sh_p2wsh])
 365             else:
 366                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 367                 # normal P2PKH and P2PK with uncompressed keys should always be spendable
 368                 spendable_anytime.extend([p2pkh, p2pk])
 369                 # P2SH_P2PK and P2SH_P2PKH are spendable after direct importaddress
 370                 spendable_after_importaddress.extend([p2sh_p2pk, p2sh_p2pkh])
 371                 # witness with uncompressed keys are never seen
 372                 unseen_anytime.extend([p2wpkh, p2sh_p2wpkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
 373
 374         for i in compressed_solvable_address:
 375             v = self.nodes[0].validateaddress(i)
 376             if (v['isscript']):
 377                 # Multisig without private is not seen after addmultisigaddress, but seen after importaddress
 378                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 379                 solvable_after_importaddress.extend([bare, p2sh, p2wsh, p2sh_p2wsh])
 380             else:
 381                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 382                 # normal P2PKH and P2PK with compressed keys should always be seen
 383                 solvable_anytime.extend([p2pkh, p2pk])
 384                 # P2SH_P2PK, P2SH_P2PKH, and witness with compressed keys are seen after direct importaddress
 385                 solvable_after_importaddress.extend([p2wpkh, p2sh_p2wpkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
 386
 387         for i in uncompressed_solvable_address:
 388             v = self.nodes[0].validateaddress(i)
 389             if (v['isscript']):
 390                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 391                 # Base uncompressed multisig without private is not seen after addmultisigaddress, but seen after importaddress
 392                 solvable_after_importaddress.extend([bare, p2sh])
 393                 # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
 394                 unseen_anytime.extend([p2wsh, p2sh_p2wsh])
 395             else:
 396                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 397                 # normal P2PKH and P2PK with uncompressed keys should always be seen
 398                 solvable_anytime.extend([p2pkh, p2pk])
 399                 # P2SH_P2PK, P2SH_P2PKH with uncompressed keys are seen after direct importaddress
 400                 solvable_after_importaddress.extend([p2sh_p2pk, p2sh_p2pkh])
 401                 # witness with uncompressed keys are never seen
 402                 unseen_anytime.extend([p2wpkh, p2sh_p2wpkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
 403
 404         op1 = CScript([OP_1])
 405         op0 = CScript([OP_0])
 406         # 2N7MGY19ti4KDMSzRfPAssP6Pxyuxoi6jLe is the P2SH(P2PKH) version of mjoE3sSrb8ByYEvgnC3Aox86u1CHnfJA4V
 407         unsolvable_address = ["mjoE3sSrb8ByYEvgnC3Aox86u1CHnfJA4V", "2N7MGY19ti4KDMSzRfPAssP6Pxyuxoi6jLe", script_to_p2sh(op1), script_to_p2sh(op0)]
 408         unsolvable_address_key = hex_str_to_bytes("02341AEC7587A51CDE5279E0630A531AEA2615A9F80B17E8D9376327BAEAA59E3D")
 409         unsolvablep2pkh = CScript([OP_DUP, OP_HASH160, hash160(unsolvable_address_key), OP_EQUALVERIFY, OP_CHECKSIG])
 410         unsolvablep2wshp2pkh = CScript([OP_0, sha256(unsolvablep2pkh)])
 411         p2shop0 = CScript([OP_HASH160, hash160(op0), OP_EQUAL])
 412         p2wshop1 = CScript([OP_0, sha256(op1)])
 413         unsolvable_after_importaddress.append(unsolvablep2pkh)
 414         unsolvable_after_importaddress.append(unsolvablep2wshp2pkh)
 415         unsolvable_after_importaddress.append(op1) # OP_1 will be imported as script
 416         unsolvable_after_importaddress.append(p2wshop1)
 417         unseen_anytime.append(op0) # OP_0 will be imported as P2SH address with no script provided
 418         unsolvable_after_importaddress.append(p2shop0)
 419
 420         spendable_txid = []
 421         solvable_txid = []
 422         spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime, 2))
 423         solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime, 1))
 424         self.mine_and_test_listunspent(spendable_after_importaddress + solvable_after_importaddress + unseen_anytime + unsolvable_after_importaddress, 0)
 425
 426         importlist = []
 427         for i in compressed_spendable_address + uncompressed_spendable_address + compressed_solvable_address + uncompressed_solvable_address:
 428             v = self.nodes[0].validateaddress(i)
 429             if (v['isscript']):
 430                 bare = hex_str_to_bytes(v['hex'])
 431                 importlist.append(bytes_to_hex_str(bare))
 432                 importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(bare)])))
 433             else:
 434                 pubkey = hex_str_to_bytes(v['pubkey'])
 435                 p2pk = CScript([pubkey, OP_CHECKSIG])
 436                 p2pkh = CScript([OP_DUP, OP_HASH160, hash160(pubkey), OP_EQUALVERIFY, OP_CHECKSIG])
 437                 importlist.append(bytes_to_hex_str(p2pk))
 438                 importlist.append(bytes_to_hex_str(p2pkh))
 439                 importlist.append(bytes_to_hex_str(CScript([OP_0, hash160(pubkey)])))
 440                 importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(p2pk)])))
 441                 importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(p2pkh)])))
 442
 443         importlist.append(bytes_to_hex_str(unsolvablep2pkh))
 444         importlist.append(bytes_to_hex_str(unsolvablep2wshp2pkh))
 445         importlist.append(bytes_to_hex_str(op1))
 446         importlist.append(bytes_to_hex_str(p2wshop1))
 447
 448         for i in importlist:
 449             # import all generated addresses. The wallet already has the private keys for some of these, so catch JSON RPC
 450             # exceptions and continue.
 451             try:
 452                 self.nodes[0].importaddress(i,"",False,True)
 453             except JSONRPCException as exp:
 454                 assert_equal(exp.error["message"], "The wallet already contains the private key for this address or script")
 455                 assert_equal(exp.error["code"], -4)
 456
 457         self.nodes[0].importaddress(script_to_p2sh(op0)) # import OP_0 as address only
 458         self.nodes[0].importaddress(multisig_without_privkey_address) # Test multisig_without_privkey
 459
 460         spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime + spendable_after_importaddress, 2))
 461         solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime + solvable_after_importaddress, 1))
 462         self.mine_and_test_listunspent(unsolvable_after_importaddress, 1)
 463         self.mine_and_test_listunspent(unseen_anytime, 0)
 464
 465         # addwitnessaddress should refuse to return a witness address if an uncompressed key is used or the address is
 466         # not in the wallet
 467         # note that no witness address should be returned by unsolvable addresses
 468         # the multisig_without_privkey_address will fail because its keys were not added with importpubkey
 469         for i in uncompressed_spendable_address + uncompressed_solvable_address + unknown_address + unsolvable_address + [multisig_without_privkey_address]:
 470             assert_raises_jsonrpc(-4, "Public key or redeemscript not known to wallet, or the key is uncompressed", self.nodes[0].addwitnessaddress, i)
 471
 472         for i in compressed_spendable_address + compressed_solvable_address:
 473             witaddress = self.nodes[0].addwitnessaddress(i)
 474             # addwitnessaddress should return the same address if it is a known P2SH-witness address
 475             assert_equal(witaddress, self.nodes[0].addwitnessaddress(witaddress))
 476
 477         spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime + spendable_after_importaddress, 2))
 478         solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime + solvable_after_importaddress, 1))
 479         self.mine_and_test_listunspent(unsolvable_after_importaddress, 1)
 480         self.mine_and_test_listunspent(unseen_anytime, 0)
 481
 482         # Repeat some tests. This time we don't add witness scripts with importaddress
 483         # Import a compressed key and an uncompressed key, generate some multisig addresses
 484         self.nodes[0].importprivkey("927pw6RW8ZekycnXqBQ2JS5nPyo1yRfGNN8oq74HeddWSpafDJH")
 485         uncompressed_spendable_address = ["mguN2vNSCEUh6rJaXoAVwY3YZwZvEmf5xi"]
 486         self.nodes[0].importprivkey("cMcrXaaUC48ZKpcyydfFo8PxHAjpsYLhdsp6nmtB3E2ER9UUHWnw")
 487         compressed_spendable_address = ["n1UNmpmbVUJ9ytXYXiurmGPQ3TRrXqPWKL"]
 488
 489         self.nodes[0].importpubkey(pubkeys[5])
 490         compressed_solvable_address = [key_to_p2pkh(pubkeys[5])]
 491         self.nodes[0].importpubkey(pubkeys[6])
 492         uncompressed_solvable_address = [key_to_p2pkh(pubkeys[6])]
 493
 494         spendable_after_addwitnessaddress = []      # These outputs should be seen after importaddress
 495         solvable_after_addwitnessaddress=[]         # These outputs should be seen after importaddress but not spendable
 496         unseen_anytime = []                         # These outputs should never be seen
 497
 498         uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], compressed_spendable_address[0]]))
 499         uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], uncompressed_spendable_address[0]]))
 500         compressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_spendable_address[0]]))
 501         uncompressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_solvable_address[0], uncompressed_solvable_address[0]]))
 502         compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_solvable_address[0]]))
 503
 504         premature_witaddress = []
 505
 506         for i in compressed_spendable_address:
 507             v = self.nodes[0].validateaddress(i)
 508             if (v['isscript']):
 509                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 510                 # P2WSH and P2SH(P2WSH) multisig with compressed keys are spendable after addwitnessaddress
 511                 spendable_after_addwitnessaddress.extend([p2wsh, p2sh_p2wsh])
 512                 premature_witaddress.append(script_to_p2sh(p2wsh))
 513             else:
 514                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 515                 # P2WPKH, P2SH_P2WPKH are spendable after addwitnessaddress
 516                 spendable_after_addwitnessaddress.extend([p2wpkh, p2sh_p2wpkh])
 517                 premature_witaddress.append(script_to_p2sh(p2wpkh))
 518
 519         for i in uncompressed_spendable_address + uncompressed_solvable_address:
 520             v = self.nodes[0].validateaddress(i)
 521             if (v['isscript']):
 522                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 523                 # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
 524                 unseen_anytime.extend([p2wsh, p2sh_p2wsh])
 525             else:
 526                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 527                 # P2WPKH, P2SH_P2WPKH with uncompressed keys are never seen
 528                 unseen_anytime.extend([p2wpkh, p2sh_p2wpkh])
 529
 530         for i in compressed_solvable_address:
 531             v = self.nodes[0].validateaddress(i)
 532             if (v['isscript']):
 533                 # P2WSH multisig without private key are seen after addwitnessaddress
 534                 [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
 535                 solvable_after_addwitnessaddress.extend([p2wsh, p2sh_p2wsh])
 536                 premature_witaddress.append(script_to_p2sh(p2wsh))
 537             else:
 538                 [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
 539                 # P2SH_P2PK, P2SH_P2PKH with compressed keys are seen after addwitnessaddress
 540                 solvable_after_addwitnessaddress.extend([p2wpkh, p2sh_p2wpkh])
 541                 premature_witaddress.append(script_to_p2sh(p2wpkh))
 542
 543         self.mine_and_test_listunspent(spendable_after_addwitnessaddress + solvable_after_addwitnessaddress + unseen_anytime, 0)
 544
 545         # addwitnessaddress should refuse to return a witness address if an uncompressed key is used
 546         # note that a multisig address returned by addmultisigaddress is not solvable until it is added with importaddress
 547         # premature_witaddress are not accepted until the script is added with addwitnessaddress first
 548         for i in uncompressed_spendable_address + uncompressed_solvable_address + premature_witaddress + [compressed_solvable_address[1]]:
 549             # This will raise an exception
 550             assert_raises_jsonrpc(-4, "Public key or redeemscript not known to wallet, or the key is uncompressed", self.nodes[0].addwitnessaddress, i)
 551
 552         # after importaddress it should pass addwitnessaddress
 553         v = self.nodes[0].validateaddress(compressed_solvable_address[1])
 554         self.nodes[0].importaddress(v['hex'],"",False,True)
 555         for i in compressed_spendable_address + compressed_solvable_address + premature_witaddress:
 556             witaddress = self.nodes[0].addwitnessaddress(i)
 557             assert_equal(witaddress, self.nodes[0].addwitnessaddress(witaddress))
 558
 559         spendable_txid.append(self.mine_and_test_listunspent(spendable_after_addwitnessaddress, 2))
 560         solvable_txid.append(self.mine_and_test_listunspent(solvable_after_addwitnessaddress, 1))
 561         self.mine_and_test_listunspent(unseen_anytime, 0)
 562
 563         # Check that spendable outputs are really spendable
 564         self.create_and_mine_tx_from_txids(spendable_txid)
 565
 566         # import all the private keys so solvable addresses become spendable
 567         self.nodes[0].importprivkey("cPiM8Ub4heR9NBYmgVzJQiUH1if44GSBGiqaeJySuL2BKxubvgwb")
 568         self.nodes[0].importprivkey("cPpAdHaD6VoYbW78kveN2bsvb45Q7G5PhaPApVUGwvF8VQ9brD97")
 569         self.nodes[0].importprivkey("91zqCU5B9sdWxzMt1ca3VzbtVm2YM6Hi5Rxn4UDtxEaN9C9nzXV")
 570         self.nodes[0].importprivkey("cPQFjcVRpAUBG8BA9hzr2yEzHwKoMgLkJZBBtK9vJnvGJgMjzTbd")
 571         self.nodes[0].importprivkey("cQGtcm34xiLjB1v7bkRa4V3aAc9tS2UTuBZ1UnZGeSeNy627fN66")
 572         self.nodes[0].importprivkey("cTW5mR5M45vHxXkeChZdtSPozrFwFgmEvTNnanCW6wrqwaCZ1X7K")
 573         self.create_and_mine_tx_from_txids(solvable_txid)
 574
 575     def mine_and_test_listunspent(self, script_list, ismine):
 576         utxo = find_unspent(self.nodes[0], 50)
 577         tx = CTransaction()
 578         tx.vin.append(CTxIn(COutPoint(int('0x'+utxo['txid'],0), utxo['vout'])))
 579         for i in script_list:
 580             tx.vout.append(CTxOut(10000000, i))
 581         tx.rehash()
 582         signresults = self.nodes[0].signrawtransaction(bytes_to_hex_str(tx.serialize_without_witness()))['hex']
 583         txid = self.nodes[0].sendrawtransaction(signresults, True)
 584         self.nodes[0].generate(1)
 585         sync_blocks(self.nodes)
 586         watchcount = 0
 587         spendcount = 0
 588         for i in self.nodes[0].listunspent():
 589             if (i['txid'] == txid):
 590                 watchcount += 1
 591                 if (i['spendable'] == True):
 592                     spendcount += 1
 593         if (ismine == 2):
 594             assert_equal(spendcount, len(script_list))
 595         elif (ismine == 1):
 596             assert_equal(watchcount, len(script_list))
 597             assert_equal(spendcount, 0)
 598         else:
 599             assert_equal(watchcount, 0)
 600         return txid
 601
 602     def p2sh_address_to_script(self,v):
 603         bare = CScript(hex_str_to_bytes(v['hex']))
 604         p2sh = CScript(hex_str_to_bytes(v['scriptPubKey']))
 605         p2wsh = CScript([OP_0, sha256(bare)])
 606         p2sh_p2wsh = CScript([OP_HASH160, hash160(p2wsh), OP_EQUAL])
 607         return([bare, p2sh, p2wsh, p2sh_p2wsh])
 608
 609     def p2pkh_address_to_script(self,v):
 610         pubkey = hex_str_to_bytes(v['pubkey'])
 611         p2wpkh = CScript([OP_0, hash160(pubkey)])
 612         p2sh_p2wpkh = CScript([OP_HASH160, hash160(p2wpkh), OP_EQUAL])
 613         p2pk = CScript([pubkey, OP_CHECKSIG])
 614         p2pkh = CScript(hex_str_to_bytes(v['scriptPubKey']))
 615         p2sh_p2pk = CScript([OP_HASH160, hash160(p2pk), OP_EQUAL])
 616         p2sh_p2pkh = CScript([OP_HASH160, hash160(p2pkh), OP_EQUAL])
 617         p2wsh_p2pk = CScript([OP_0, sha256(p2pk)])
 618         p2wsh_p2pkh = CScript([OP_0, sha256(p2pkh)])
 619         p2sh_p2wsh_p2pk = CScript([OP_HASH160, hash160(p2wsh_p2pk), OP_EQUAL])
 620         p2sh_p2wsh_p2pkh = CScript([OP_HASH160, hash160(p2wsh_p2pkh), OP_EQUAL])
 621         return [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh]
 622
 623     def create_and_mine_tx_from_txids(self, txids, success = True):
 624         tx = CTransaction()
 625         for i in txids:
 626             txtmp = CTransaction()
 627             txraw = self.nodes[0].getrawtransaction(i)
 628             f = BytesIO(hex_str_to_bytes(txraw))
 629             txtmp.deserialize(f)
 630             for j in range(len(txtmp.vout)):
 631                 tx.vin.append(CTxIn(COutPoint(int('0x'+i,0), j)))
 632         tx.vout.append(CTxOut(0, CScript()))
 633         tx.rehash()
 634         signresults = self.nodes[0].signrawtransaction(bytes_to_hex_str(tx.serialize_without_witness()))['hex']
 635         self.nodes[0].sendrawtransaction(signresults, True)
 636         self.nodes[0].generate(1)
 637         sync_blocks(self.nodes)
 638
 639
 640 if __name__ == '__main__':
 641     SegWitTest().main()