1 // Copyright (c) 2009-2010 Satoshi Nakamoto
\r
2 // Distributed under the MIT/X11 software license, see the accompanying
\r
3 // file license.txt or http://www.opensource.org/licenses/mit-license.php.
\r
7 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType);
\r
11 typedef vector<unsigned char> valtype;
\r
12 static const valtype vchFalse(0);
\r
13 static const valtype vchZero(0);
\r
14 static const valtype vchTrue(1, 1);
\r
15 static const CBigNum bnZero(0);
\r
16 static const CBigNum bnOne(1);
\r
17 static const CBigNum bnFalse(0);
\r
18 static const CBigNum bnTrue(1);
\r
19 static const size_t nMaxNumSize = 258;
\r
22 bool CastToBool(const valtype& vch)
\r
24 return (CBigNum(vch) != bnZero);
\r
27 void MakeSameSize(valtype& vch1, valtype& vch2)
\r
29 // Lengthen the shorter one
\r
30 if (vch1.size() < vch2.size())
\r
31 vch1.resize(vch2.size(), 0);
\r
32 if (vch2.size() < vch1.size())
\r
33 vch2.resize(vch1.size(), 0);
\r
39 // Script is a stack machine (like Forth) that evaluates a predicate
\r
40 // returning a bool indicating valid or not. There are no loops.
\r
42 #define stacktop(i) (stack.at(stack.size()+(i)))
\r
43 #define altstacktop(i) (altstack.at(altstack.size()+(i)))
\r
45 bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
48 CScript::const_iterator pc = script.begin();
\r
49 CScript::const_iterator pend = script.end();
\r
50 CScript::const_iterator pbegincodehash = script.begin();
\r
51 vector<bool> vfExec;
\r
52 vector<valtype> altstack;
\r
53 if (script.size() > 10000)
\r
62 bool fExec = !count(vfExec.begin(), vfExec.end(), false);
\r
68 valtype vchPushValue;
\r
69 if (!script.GetOp(pc, opcode, vchPushValue))
\r
71 if (vchPushValue.size() > 5000)
\r
73 if (opcode > OP_16 && nOpCount++ > 200)
\r
76 if (fExec && opcode <= OP_PUSHDATA4)
\r
77 stack.push_back(vchPushValue);
\r
78 else if (fExec || (OP_IF <= opcode && opcode <= OP_ENDIF))
\r
103 CBigNum bn((int)opcode - (int)(OP_1 - 1));
\r
104 stack.push_back(bn.getvch());
\r
113 case OP_NOP1: case OP_NOP2: case OP_NOP3: case OP_NOP4: case OP_NOP5:
\r
114 case OP_NOP6: case OP_NOP7: case OP_NOP8: case OP_NOP9: case OP_NOP10:
\r
128 // <expression> if [statements] [else [statements]] endif
\r
129 bool fValue = false;
\r
132 if (stack.size() < 1)
\r
134 valtype& vch = stacktop(-1);
\r
135 fValue = CastToBool(vch);
\r
136 if (opcode == OP_NOTIF)
\r
140 vfExec.push_back(fValue);
\r
146 if (vfExec.empty())
\r
148 vfExec.back() = !vfExec.back();
\r
154 if (vfExec.empty())
\r
163 // (false -- false) and return
\r
164 if (stack.size() < 1)
\r
166 bool fValue = CastToBool(stacktop(-1));
\r
184 case OP_TOALTSTACK:
\r
186 if (stack.size() < 1)
\r
188 altstack.push_back(stacktop(-1));
\r
193 case OP_FROMALTSTACK:
\r
195 if (altstack.size() < 1)
\r
197 stack.push_back(altstacktop(-1));
\r
198 altstack.pop_back();
\r
212 // (x1 x2 -- x1 x2 x1 x2)
\r
213 if (stack.size() < 2)
\r
215 valtype vch1 = stacktop(-2);
\r
216 valtype vch2 = stacktop(-1);
\r
217 stack.push_back(vch1);
\r
218 stack.push_back(vch2);
\r
224 // (x1 x2 x3 -- x1 x2 x3 x1 x2 x3)
\r
225 if (stack.size() < 3)
\r
227 valtype vch1 = stacktop(-3);
\r
228 valtype vch2 = stacktop(-2);
\r
229 valtype vch3 = stacktop(-1);
\r
230 stack.push_back(vch1);
\r
231 stack.push_back(vch2);
\r
232 stack.push_back(vch3);
\r
238 // (x1 x2 x3 x4 -- x1 x2 x3 x4 x1 x2)
\r
239 if (stack.size() < 4)
\r
241 valtype vch1 = stacktop(-4);
\r
242 valtype vch2 = stacktop(-3);
\r
243 stack.push_back(vch1);
\r
244 stack.push_back(vch2);
\r
250 // (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
\r
251 if (stack.size() < 6)
\r
253 valtype vch1 = stacktop(-6);
\r
254 valtype vch2 = stacktop(-5);
\r
255 stack.erase(stack.end()-6, stack.end()-4);
\r
256 stack.push_back(vch1);
\r
257 stack.push_back(vch2);
\r
263 // (x1 x2 x3 x4 -- x3 x4 x1 x2)
\r
264 if (stack.size() < 4)
\r
266 swap(stacktop(-4), stacktop(-2));
\r
267 swap(stacktop(-3), stacktop(-1));
\r
274 if (stack.size() < 1)
\r
276 valtype vch = stacktop(-1);
\r
277 if (CastToBool(vch))
\r
278 stack.push_back(vch);
\r
285 CBigNum bn(stack.size());
\r
286 stack.push_back(bn.getvch());
\r
293 if (stack.size() < 1)
\r
302 if (stack.size() < 1)
\r
304 valtype vch = stacktop(-1);
\r
305 stack.push_back(vch);
\r
312 if (stack.size() < 2)
\r
314 stack.erase(stack.end() - 2);
\r
320 // (x1 x2 -- x1 x2 x1)
\r
321 if (stack.size() < 2)
\r
323 valtype vch = stacktop(-2);
\r
324 stack.push_back(vch);
\r
331 // (xn ... x2 x1 x0 n - xn ... x2 x1 x0 xn)
\r
332 // (xn ... x2 x1 x0 n - ... x2 x1 x0 xn)
\r
333 if (stack.size() < 2)
\r
335 int n = CBigNum(stacktop(-1)).getint();
\r
337 if (n < 0 || n >= stack.size())
\r
339 valtype vch = stacktop(-n-1);
\r
340 if (opcode == OP_ROLL)
\r
341 stack.erase(stack.end()-n-1);
\r
342 stack.push_back(vch);
\r
348 // (x1 x2 x3 -- x2 x3 x1)
\r
349 // x2 x1 x3 after first swap
\r
350 // x2 x3 x1 after second swap
\r
351 if (stack.size() < 3)
\r
353 swap(stacktop(-3), stacktop(-2));
\r
354 swap(stacktop(-2), stacktop(-1));
\r
360 // (x1 x2 -- x2 x1)
\r
361 if (stack.size() < 2)
\r
363 swap(stacktop(-2), stacktop(-1));
\r
369 // (x1 x2 -- x2 x1 x2)
\r
370 if (stack.size() < 2)
\r
372 valtype vch = stacktop(-1);
\r
373 stack.insert(stack.end()-2, vch);
\r
384 if (stack.size() < 2)
\r
386 valtype& vch1 = stacktop(-2);
\r
387 valtype& vch2 = stacktop(-1);
\r
388 vch1.insert(vch1.end(), vch2.begin(), vch2.end());
\r
390 if (stacktop(-1).size() > 5000)
\r
397 // (in begin size -- out)
\r
398 if (stack.size() < 3)
\r
400 valtype& vch = stacktop(-3);
\r
401 int nBegin = CBigNum(stacktop(-2)).getint();
\r
402 int nEnd = nBegin + CBigNum(stacktop(-1)).getint();
\r
403 if (nBegin < 0 || nEnd < nBegin)
\r
405 if (nBegin > vch.size())
\r
406 nBegin = vch.size();
\r
407 if (nEnd > vch.size())
\r
409 vch.erase(vch.begin() + nEnd, vch.end());
\r
410 vch.erase(vch.begin(), vch.begin() + nBegin);
\r
419 // (in size -- out)
\r
420 if (stack.size() < 2)
\r
422 valtype& vch = stacktop(-2);
\r
423 int nSize = CBigNum(stacktop(-1)).getint();
\r
426 if (nSize > vch.size())
\r
427 nSize = vch.size();
\r
428 if (opcode == OP_LEFT)
\r
429 vch.erase(vch.begin() + nSize, vch.end());
\r
431 vch.erase(vch.begin(), vch.end() - nSize);
\r
439 if (stack.size() < 1)
\r
441 CBigNum bn(stacktop(-1).size());
\r
442 stack.push_back(bn.getvch());
\r
453 if (stack.size() < 1)
\r
455 valtype& vch = stacktop(-1);
\r
456 for (int i = 0; i < vch.size(); i++)
\r
466 if (stack.size() < 2)
\r
468 valtype& vch1 = stacktop(-2);
\r
469 valtype& vch2 = stacktop(-1);
\r
470 MakeSameSize(vch1, vch2);
\r
471 if (opcode == OP_AND)
\r
473 for (int i = 0; i < vch1.size(); i++)
\r
474 vch1[i] &= vch2[i];
\r
476 else if (opcode == OP_OR)
\r
478 for (int i = 0; i < vch1.size(); i++)
\r
479 vch1[i] |= vch2[i];
\r
481 else if (opcode == OP_XOR)
\r
483 for (int i = 0; i < vch1.size(); i++)
\r
484 vch1[i] ^= vch2[i];
\r
491 case OP_EQUALVERIFY:
\r
492 //case OP_NOTEQUAL: // use OP_NUMNOTEQUAL
\r
495 if (stack.size() < 2)
\r
497 valtype& vch1 = stacktop(-2);
\r
498 valtype& vch2 = stacktop(-1);
\r
499 bool fEqual = (vch1 == vch2);
\r
500 // OP_NOTEQUAL is disabled because it would be too easy to say
\r
501 // something like n != 1 and have some wiseguy pass in 1 with extra
\r
502 // zero bytes after it (numerically, 0x01 == 0x0001 == 0x000001)
\r
503 //if (opcode == OP_NOTEQUAL)
\r
504 // fEqual = !fEqual;
\r
507 stack.push_back(fEqual ? vchTrue : vchFalse);
\r
508 if (opcode == OP_EQUALVERIFY)
\r
532 if (stack.size() < 1)
\r
534 if (stacktop(-1).size() > nMaxNumSize)
\r
536 CBigNum bn(stacktop(-1));
\r
539 case OP_1ADD: bn += bnOne; break;
\r
540 case OP_1SUB: bn -= bnOne; break;
\r
541 case OP_2MUL: bn <<= 1; break;
\r
542 case OP_2DIV: bn >>= 1; break;
\r
543 case OP_NEGATE: bn = -bn; break;
\r
544 case OP_ABS: if (bn < bnZero) bn = -bn; break;
\r
545 case OP_NOT: bn = (bn == bnZero); break;
\r
546 case OP_0NOTEQUAL: bn = (bn != bnZero); break;
\r
549 stack.push_back(bn.getvch());
\r
563 case OP_NUMEQUALVERIFY:
\r
564 case OP_NUMNOTEQUAL:
\r
566 case OP_GREATERTHAN:
\r
567 case OP_LESSTHANOREQUAL:
\r
568 case OP_GREATERTHANOREQUAL:
\r
573 if (stack.size() < 2)
\r
575 if (stacktop(-2).size() > nMaxNumSize ||
\r
576 stacktop(-1).size() > nMaxNumSize)
\r
578 CBigNum bn1(stacktop(-2));
\r
579 CBigNum bn2(stacktop(-1));
\r
592 if (!BN_mul(&bn, &bn1, &bn2, pctx))
\r
597 if (!BN_div(&bn, NULL, &bn1, &bn2, pctx))
\r
602 if (!BN_mod(&bn, &bn1, &bn2, pctx))
\r
607 if (bn2 < bnZero || bn2 > CBigNum(2048))
\r
609 bn = bn1 << bn2.getulong();
\r
613 if (bn2 < bnZero || bn2 > CBigNum(2048))
\r
615 bn = bn1 >> bn2.getulong();
\r
618 case OP_BOOLAND: bn = (bn1 != bnZero && bn2 != bnZero); break;
\r
619 case OP_BOOLOR: bn = (bn1 != bnZero || bn2 != bnZero); break;
\r
620 case OP_NUMEQUAL: bn = (bn1 == bn2); break;
\r
621 case OP_NUMEQUALVERIFY: bn = (bn1 == bn2); break;
\r
622 case OP_NUMNOTEQUAL: bn = (bn1 != bn2); break;
\r
623 case OP_LESSTHAN: bn = (bn1 < bn2); break;
\r
624 case OP_GREATERTHAN: bn = (bn1 > bn2); break;
\r
625 case OP_LESSTHANOREQUAL: bn = (bn1 <= bn2); break;
\r
626 case OP_GREATERTHANOREQUAL: bn = (bn1 >= bn2); break;
\r
627 case OP_MIN: bn = (bn1 < bn2 ? bn1 : bn2); break;
\r
628 case OP_MAX: bn = (bn1 > bn2 ? bn1 : bn2); break;
\r
632 stack.push_back(bn.getvch());
\r
634 if (opcode == OP_NUMEQUALVERIFY)
\r
636 if (CastToBool(stacktop(-1)))
\r
646 // (x min max -- out)
\r
647 if (stack.size() < 3)
\r
649 if (stacktop(-3).size() > nMaxNumSize ||
\r
650 stacktop(-2).size() > nMaxNumSize ||
\r
651 stacktop(-1).size() > nMaxNumSize)
\r
653 CBigNum bn1(stacktop(-3));
\r
654 CBigNum bn2(stacktop(-2));
\r
655 CBigNum bn3(stacktop(-1));
\r
656 bool fValue = (bn2 <= bn1 && bn1 < bn3);
\r
660 stack.push_back(fValue ? vchTrue : vchFalse);
\r
675 if (stack.size() < 1)
\r
677 valtype& vch = stacktop(-1);
\r
678 valtype vchHash((opcode == OP_RIPEMD160 || opcode == OP_SHA1 || opcode == OP_HASH160) ? 20 : 32);
\r
679 if (opcode == OP_RIPEMD160)
\r
680 RIPEMD160(&vch[0], vch.size(), &vchHash[0]);
\r
681 else if (opcode == OP_SHA1)
\r
682 SHA1(&vch[0], vch.size(), &vchHash[0]);
\r
683 else if (opcode == OP_SHA256)
\r
684 SHA256(&vch[0], vch.size(), &vchHash[0]);
\r
685 else if (opcode == OP_HASH160)
\r
687 uint160 hash160 = Hash160(vch);
\r
688 memcpy(&vchHash[0], &hash160, sizeof(hash160));
\r
690 else if (opcode == OP_HASH256)
\r
692 uint256 hash = Hash(vch.begin(), vch.end());
\r
693 memcpy(&vchHash[0], &hash, sizeof(hash));
\r
696 stack.push_back(vchHash);
\r
700 case OP_CODESEPARATOR:
\r
702 // Hash starts after the code separator
\r
703 pbegincodehash = pc;
\r
708 case OP_CHECKSIGVERIFY:
\r
710 // (sig pubkey -- bool)
\r
711 if (stack.size() < 2)
\r
714 valtype& vchSig = stacktop(-2);
\r
715 valtype& vchPubKey = stacktop(-1);
\r
718 //PrintHex(vchSig.begin(), vchSig.end(), "sig: %s\n");
\r
719 //PrintHex(vchPubKey.begin(), vchPubKey.end(), "pubkey: %s\n");
\r
721 // Subset of script starting at the most recent codeseparator
\r
722 CScript scriptCode(pbegincodehash, pend);
\r
724 // Drop the signature, since there's no way for a signature to sign itself
\r
725 scriptCode.FindAndDelete(CScript(vchSig));
\r
727 bool fSuccess = CheckSig(vchSig, vchPubKey, scriptCode, txTo, nIn, nHashType);
\r
731 stack.push_back(fSuccess ? vchTrue : vchFalse);
\r
732 if (opcode == OP_CHECKSIGVERIFY)
\r
742 case OP_CHECKMULTISIG:
\r
743 case OP_CHECKMULTISIGVERIFY:
\r
745 // ([sig ...] num_of_signatures [pubkey ...] num_of_pubkeys -- bool)
\r
748 if (stack.size() < i)
\r
751 int nKeysCount = CBigNum(stacktop(-i)).getint();
\r
752 if (nKeysCount < 0)
\r
756 if (stack.size() < i)
\r
759 int nSigsCount = CBigNum(stacktop(-i)).getint();
\r
760 if (nSigsCount < 0 || nSigsCount > nKeysCount)
\r
764 if (stack.size() < i)
\r
767 // Subset of script starting at the most recent codeseparator
\r
768 CScript scriptCode(pbegincodehash, pend);
\r
770 // Drop the signatures, since there's no way for a signature to sign itself
\r
771 for (int k = 0; k < nSigsCount; k++)
\r
773 valtype& vchSig = stacktop(-isig-k);
\r
774 scriptCode.FindAndDelete(CScript(vchSig));
\r
777 bool fSuccess = true;
\r
778 while (fSuccess && nSigsCount > 0)
\r
780 valtype& vchSig = stacktop(-isig);
\r
781 valtype& vchPubKey = stacktop(-ikey);
\r
784 if (CheckSig(vchSig, vchPubKey, scriptCode, txTo, nIn, nHashType))
\r
792 // If there are more signatures left than keys left,
\r
793 // then too many signatures have failed
\r
794 if (nSigsCount > nKeysCount)
\r
800 stack.push_back(fSuccess ? vchTrue : vchFalse);
\r
802 if (opcode == OP_CHECKMULTISIGVERIFY)
\r
817 if (stack.size() + altstack.size() > 1000)
\r
827 if (!vfExec.empty())
\r
843 uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
845 if (nIn >= txTo.vin.size())
\r
847 printf("ERROR: SignatureHash() : nIn=%d out of range\n", nIn);
\r
850 CTransaction txTmp(txTo);
\r
852 // In case concatenating two scripts ends up with two codeseparators,
\r
853 // or an extra one at the end, this prevents all those possible incompatibilities.
\r
854 scriptCode.FindAndDelete(CScript(OP_CODESEPARATOR));
\r
856 // Blank out other inputs' signatures
\r
857 for (int i = 0; i < txTmp.vin.size(); i++)
\r
858 txTmp.vin[i].scriptSig = CScript();
\r
859 txTmp.vin[nIn].scriptSig = scriptCode;
\r
861 // Blank out some of the outputs
\r
862 if ((nHashType & 0x1f) == SIGHASH_NONE)
\r
865 txTmp.vout.clear();
\r
867 // Let the others update at will
\r
868 for (int i = 0; i < txTmp.vin.size(); i++)
\r
870 txTmp.vin[i].nSequence = 0;
\r
872 else if ((nHashType & 0x1f) == SIGHASH_SINGLE)
\r
874 // Only lockin the txout payee at same index as txin
\r
875 unsigned int nOut = nIn;
\r
876 if (nOut >= txTmp.vout.size())
\r
878 printf("ERROR: SignatureHash() : nOut=%d out of range\n", nOut);
\r
881 txTmp.vout.resize(nOut+1);
\r
882 for (int i = 0; i < nOut; i++)
\r
883 txTmp.vout[i].SetNull();
\r
885 // Let the others update at will
\r
886 for (int i = 0; i < txTmp.vin.size(); i++)
\r
888 txTmp.vin[i].nSequence = 0;
\r
891 // Blank out other inputs completely, not recommended for open transactions
\r
892 if (nHashType & SIGHASH_ANYONECANPAY)
\r
894 txTmp.vin[0] = txTmp.vin[nIn];
\r
895 txTmp.vin.resize(1);
\r
898 // Serialize and hash
\r
899 CDataStream ss(SER_GETHASH);
\r
901 ss << txTmp << nHashType;
\r
902 return Hash(ss.begin(), ss.end());
\r
906 bool CheckSig(vector<unsigned char> vchSig, vector<unsigned char> vchPubKey, CScript scriptCode,
\r
907 const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
910 if (!key.SetPubKey(vchPubKey))
\r
913 // Hash type is one byte tacked on to the end of the signature
\r
914 if (vchSig.empty())
\r
916 if (nHashType == 0)
\r
917 nHashType = vchSig.back();
\r
918 else if (nHashType != vchSig.back())
\r
922 if (key.Verify(SignatureHash(scriptCode, txTo, nIn, nHashType), vchSig))
\r
937 bool Solver(const CScript& scriptPubKey, vector<pair<opcodetype, valtype> >& vSolutionRet)
\r
940 static vector<CScript> vTemplates;
\r
941 if (vTemplates.empty())
\r
943 // Standard tx, sender provides pubkey, receiver adds signature
\r
944 vTemplates.push_back(CScript() << OP_PUBKEY << OP_CHECKSIG);
\r
946 // Bitcoin address tx, sender provides hash of pubkey, receiver provides signature and pubkey
\r
947 vTemplates.push_back(CScript() << OP_DUP << OP_HASH160 << OP_PUBKEYHASH << OP_EQUALVERIFY << OP_CHECKSIG);
\r
951 const CScript& script1 = scriptPubKey;
\r
952 foreach(const CScript& script2, vTemplates)
\r
954 vSolutionRet.clear();
\r
955 opcodetype opcode1, opcode2;
\r
956 vector<unsigned char> vch1, vch2;
\r
959 CScript::const_iterator pc1 = script1.begin();
\r
960 CScript::const_iterator pc2 = script2.begin();
\r
963 bool f1 = script1.GetOp(pc1, opcode1, vch1);
\r
964 bool f2 = script2.GetOp(pc2, opcode2, vch2);
\r
968 reverse(vSolutionRet.begin(), vSolutionRet.end());
\r
975 else if (opcode2 == OP_PUBKEY)
\r
977 if (vch1.size() <= sizeof(uint256))
\r
979 vSolutionRet.push_back(make_pair(opcode2, vch1));
\r
981 else if (opcode2 == OP_PUBKEYHASH)
\r
983 if (vch1.size() != sizeof(uint160))
\r
985 vSolutionRet.push_back(make_pair(opcode2, vch1));
\r
987 else if (opcode1 != opcode2)
\r
994 vSolutionRet.clear();
\r
999 bool Solver(const CScript& scriptPubKey, uint256 hash, int nHashType, CScript& scriptSigRet)
\r
1001 scriptSigRet.clear();
\r
1003 vector<pair<opcodetype, valtype> > vSolution;
\r
1004 if (!Solver(scriptPubKey, vSolution))
\r
1007 // Compile solution
\r
1008 CRITICAL_BLOCK(cs_mapKeys)
\r
1010 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1012 if (item.first == OP_PUBKEY)
\r
1015 const valtype& vchPubKey = item.second;
\r
1016 if (!mapKeys.count(vchPubKey))
\r
1020 vector<unsigned char> vchSig;
\r
1021 if (!CKey::Sign(mapKeys[vchPubKey], hash, vchSig))
\r
1023 vchSig.push_back((unsigned char)nHashType);
\r
1024 scriptSigRet << vchSig;
\r
1027 else if (item.first == OP_PUBKEYHASH)
\r
1029 // Sign and give pubkey
\r
1030 map<uint160, valtype>::iterator mi = mapPubKeys.find(uint160(item.second));
\r
1031 if (mi == mapPubKeys.end())
\r
1033 const vector<unsigned char>& vchPubKey = (*mi).second;
\r
1034 if (!mapKeys.count(vchPubKey))
\r
1038 vector<unsigned char> vchSig;
\r
1039 if (!CKey::Sign(mapKeys[vchPubKey], hash, vchSig))
\r
1041 vchSig.push_back((unsigned char)nHashType);
\r
1042 scriptSigRet << vchSig << vchPubKey;
\r
1052 bool IsMine(const CScript& scriptPubKey)
\r
1054 CScript scriptSig;
\r
1055 return Solver(scriptPubKey, 0, 0, scriptSig);
\r
1059 bool ExtractPubKey(const CScript& scriptPubKey, bool fMineOnly, vector<unsigned char>& vchPubKeyRet)
\r
1061 vchPubKeyRet.clear();
\r
1063 vector<pair<opcodetype, valtype> > vSolution;
\r
1064 if (!Solver(scriptPubKey, vSolution))
\r
1067 CRITICAL_BLOCK(cs_mapKeys)
\r
1069 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1071 valtype vchPubKey;
\r
1072 if (item.first == OP_PUBKEY)
\r
1074 vchPubKey = item.second;
\r
1076 else if (item.first == OP_PUBKEYHASH)
\r
1078 map<uint160, valtype>::iterator mi = mapPubKeys.find(uint160(item.second));
\r
1079 if (mi == mapPubKeys.end())
\r
1081 vchPubKey = (*mi).second;
\r
1083 if (!fMineOnly || mapKeys.count(vchPubKey))
\r
1085 vchPubKeyRet = vchPubKey;
\r
1094 bool ExtractHash160(const CScript& scriptPubKey, uint160& hash160Ret)
\r
1098 vector<pair<opcodetype, valtype> > vSolution;
\r
1099 if (!Solver(scriptPubKey, vSolution))
\r
1102 foreach(PAIRTYPE(opcodetype, valtype)& item, vSolution)
\r
1104 if (item.first == OP_PUBKEYHASH)
\r
1106 hash160Ret = uint160(item.second);
\r
1114 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
1116 vector<vector<unsigned char> > stack;
\r
1117 if (!EvalScript(stack, scriptSig, txTo, nIn, nHashType))
\r
1119 if (!EvalScript(stack, scriptPubKey, txTo, nIn, nHashType))
\r
1121 if (stack.empty())
\r
1123 return CastToBool(stack.back());
\r
1127 bool SignSignature(const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType, CScript scriptPrereq)
\r
1129 assert(nIn < txTo.vin.size());
\r
1130 CTxIn& txin = txTo.vin[nIn];
\r
1131 assert(txin.prevout.n < txFrom.vout.size());
\r
1132 const CTxOut& txout = txFrom.vout[txin.prevout.n];
\r
1134 // Leave out the signature from the hash, since a signature can't sign itself.
\r
1135 // The checksig op will also drop the signatures from its hash.
\r
1136 uint256 hash = SignatureHash(scriptPrereq + txout.scriptPubKey, txTo, nIn, nHashType);
\r
1138 if (!Solver(txout.scriptPubKey, hash, nHashType, txin.scriptSig))
\r
1141 txin.scriptSig = scriptPrereq + txin.scriptSig;
\r
1144 if (scriptPrereq.empty())
\r
1145 if (!VerifyScript(txin.scriptSig, txout.scriptPubKey, txTo, nIn, 0))
\r
1152 bool VerifySignature(const CTransaction& txFrom, const CTransaction& txTo, unsigned int nIn, int nHashType)
\r
1154 assert(nIn < txTo.vin.size());
\r
1155 const CTxIn& txin = txTo.vin[nIn];
\r
1156 if (txin.prevout.n >= txFrom.vout.size())
\r
1158 const CTxOut& txout = txFrom.vout[txin.prevout.n];
\r
1160 if (txin.prevout.hash != txFrom.GetHash())
\r
1163 if (!VerifyScript(txin.scriptSig, txout.scriptPubKey, txTo, nIn, nHashType))
\r
1166 // Anytime a signature is successfully verified, it's proof the outpoint is spent,
\r
1167 // so lets update the wallet spent flag if it doesn't know due to wallet.dat being
\r
1168 // restored from backup or the user making copies of wallet.dat.
\r
1169 WalletUpdateSpent(txin.prevout);
\r