1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2012 The Bitcoin developers
3 // Distributed under the MIT/X11 software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 #ifndef H_BITCOIN_SCRIPT
6 #define H_BITCOIN_SCRIPT
15 typedef std::vector<uint8_t> valtype;
18 class CBitcoinAddress;
20 static const unsigned int MAX_SCRIPT_ELEMENT_SIZE = 520; // bytes
22 // Setting nSequence to this value for every input in a transaction
23 // disables nLockTime.
24 static const uint32_t SEQUENCE_FINAL = 0xffffffff;
26 // Threshold for inverted nSequence: below this value it is interpreted
27 // as a relative lock-time, otherwise ignored.
28 //static const uint32_t SEQUENCE_THRESHOLD = 0x80000000;
30 // If this flag set, CTxIn::nSequence is NOT interpreted as a
31 // relative lock-time.
32 static const uint32_t SEQUENCE_LOCKTIME_DISABLE_FLAG = 0x80000000;
34 // If CTxIn::nSequence encodes a relative lock-time and this flag
35 // is set, the relative lock-time has units of 512 seconds,
36 // otherwise it specifies blocks with a granularity of 1.
37 static const uint32_t SEQUENCE_LOCKTIME_TYPE_FLAG = 0x00400000;
39 // If CTxIn::nSequence encodes a relative lock-time, this mask is
40 // applied to extract that lock-time from the sequence field.
41 static const uint32_t SEQUENCE_LOCKTIME_MASK = 0x0000ffff;
43 // IsMine() return codes
49 MINE_ALL = MINE_WATCH_ONLY | MINE_SPENDABLE
52 typedef uint8_t isminefilter;
54 // Signature hash types/flags
60 SIGHASH_ANYONECANPAY = 0x80
63 // Script verification flags
66 SCRIPT_VERIFY_NONE = 0,
67 SCRIPT_VERIFY_P2SH = (1U << 0), // evaluate P2SH (BIP16) subscripts
68 SCRIPT_VERIFY_STRICTENC = (1U << 1), // enforce strict conformance to DER and SEC2 for signatures and pubkeys
69 SCRIPT_VERIFY_LOW_S = (1U << 2), // enforce low S values in signatures (depends on STRICTENC)
70 SCRIPT_VERIFY_NOCACHE = (1U << 3), // do not store results in signature cache (but do query it)
71 SCRIPT_VERIFY_NULLDUMMY = (1U << 4), // verify dummy stack item consumed by CHECKMULTISIG is of zero-length
72 SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1U << 9),
73 SCRIPT_VERIFY_CHECKSEQUENCEVERIFY = (1U << 10)
76 // Strict verification:
78 // * force DER encoding;
80 // * ensure that CHECKMULTISIG dummy argument is null.
81 static const unsigned int STRICT_FORMAT_FLAGS = SCRIPT_VERIFY_STRICTENC | SCRIPT_VERIFY_LOW_S | SCRIPT_VERIFY_NULLDUMMY;
83 // Mandatory script verification flags that all new blocks must comply with for
84 // them to be valid. (but old blocks may not comply with) Currently just P2SH,
85 // but in the future other flags may be added, such as a soft-fork to enforce
86 // strict DER encoding.
88 // Failing one of these tests may trigger a DoS ban - see ConnectInputs() for
90 static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
92 // Standard script verification flags that standard transactions will comply
93 // with. However scripts violating these flags may still be present in valid
94 // blocks and we must accept those blocks.
95 static const unsigned int STRICT_FLAGS = MANDATORY_SCRIPT_VERIFY_FLAGS | STRICT_FORMAT_FLAGS;
100 // 'standard' transaction types:
109 const char* GetTxnOutputType(txnouttype t);
112 enum opcodetype : uint8_t
151 OP_CHECKLOCKTIMEVERIFY = 0xb1,
152 OP_CHECKSEQUENCEVERIFY = 0xb2,
155 OP_TOALTSTACK = 0x6b,
156 OP_FROMALTSTACK = 0x6c,
188 OP_EQUALVERIFY = 0x88,
213 OP_NUMEQUALVERIFY = 0x9d,
214 OP_NUMNOTEQUAL = 0x9e,
216 OP_GREATERTHAN = 0xa0,
217 OP_LESSTHANOREQUAL = 0xa1,
218 OP_GREATERTHANOREQUAL = 0xa2,
230 OP_CODESEPARATOR = 0xab,
232 OP_CHECKSIGVERIFY = 0xad,
233 OP_CHECKMULTISIG = 0xae,
234 OP_CHECKMULTISIGVERIFY = 0xaf,
246 // template matching params
248 OP_SMALLINTEGER = 0xfa,
251 OP_PUBKEYHASH = 0xfd,
254 OP_INVALIDOPCODE = 0xff
257 const char* GetOpName(opcodetype opcode);
259 inline std::string ValueString(const std::vector<unsigned char>& vch)
262 return strprintf("%d", CBigNum(vch).getint32());
267 inline std::string StackString(const std::vector<std::vector<unsigned char> >& vStack)
270 for(const auto& vch : vStack)
274 str += ValueString(vch);
279 // Serialized script, used inside transaction inputs and outputs
280 class CScript : public std::vector<uint8_t>
284 CScript& push_int64(int64_t n);
285 CScript& push_uint64(uint64_t n);
289 CScript(const CScript& b) : std::vector<uint8_t>(b.begin(), b.end()) { }
290 CScript(const_iterator pbegin, const_iterator pend) : std::vector<uint8_t>(pbegin, pend) { }
292 CScript(const uint8_t* pbegin, const uint8_t* pend) : std::vector<uint8_t>(pbegin, pend) { }
295 CScript& operator+=(const CScript& b);
297 friend CScript operator+(const CScript& a, const CScript& b)
304 explicit CScript(int8_t b) { operator<<(b); }
305 explicit CScript(int16_t b) { operator<<(b); }
306 explicit CScript(int32_t b) { operator<<(b); }
307 explicit CScript(int64_t b) { operator<<(b); }
309 explicit CScript(uint8_t b) { operator<<(b); }
310 explicit CScript(uint16_t b) { operator<<(b); }
311 explicit CScript(uint32_t b) { operator<<(b); }
312 explicit CScript(uint64_t b) { operator<<(b); }
314 explicit CScript(opcodetype b) { operator<<(b); }
315 explicit CScript(const uint256& b) { operator<<(b); }
316 explicit CScript(const CBigNum& b) { operator<<(b); }
317 explicit CScript(const std::vector<uint8_t>& b) { operator<<(b); }
319 CScript& operator<<(int8_t b) { return push_int64(b); }
320 CScript& operator<<(int16_t b) { return push_int64(b); }
321 CScript& operator<<(int32_t b) { return push_int64(b); }
322 CScript& operator<<(int64_t b) { return push_int64(b); }
324 CScript& operator<<(uint8_t b) { return push_uint64(b); }
325 CScript& operator<<(uint16_t b) { return push_uint64(b); }
326 CScript& operator<<(uint32_t b) { return push_uint64(b); }
327 CScript& operator<<(uint64_t b) { return push_uint64(b); }
329 CScript& operator<<(opcodetype opcode);
330 CScript& operator<<(const uint160& b);
331 CScript& operator<<(const uint256& b);
332 CScript& operator<<(const CPubKey& key);
333 CScript& operator<<(const CBigNum& b);
334 CScript& operator<<(const std::vector<uint8_t>& b);
335 CScript& operator<<(const CScript& b);
337 bool GetOp(iterator& pc, opcodetype& opcodeRet, std::vector<uint8_t>& vchRet);
338 bool GetOp(iterator& pc, opcodetype& opcodeRet);
339 bool GetOp(const_iterator& pc, opcodetype& opcodeRet, std::vector<uint8_t>& vchRet) const;
340 bool GetOp(const_iterator& pc, opcodetype& opcodeRet) const;
341 bool GetOp2(const_iterator& pc, opcodetype& opcodeRet, std::vector<uint8_t>* pvchRet) const;
343 // Encode/decode small integers:
344 static int DecodeOP_N(opcodetype opcode);
345 static opcodetype EncodeOP_N(int n);
347 int FindAndDelete(const CScript& b);
348 int Find(opcodetype op) const;
350 // Pre-version-0.6, Bitcoin always counted CHECKMULTISIGs
351 // as 20 sigops. With pay-to-script-hash, that changed:
352 // CHECKMULTISIGs serialized in scriptSigs are
353 // counted more accurately, assuming they are of the form
354 // ... OP_N CHECKMULTISIG ...
355 unsigned int GetSigOpCount(bool fAccurate) const;
357 // Accurately count sigOps, including sigOps in
358 // pay-to-script-hash transactions:
359 unsigned int GetSigOpCount(const CScript& scriptSig) const;
361 bool IsPayToScriptHash() const;
363 bool IsPushOnly(const_iterator pc) const;
365 // Called by CTransaction::IsStandard and P2SH VerifyScript (which makes it consensus-critical).
366 bool IsPushOnly() const;
368 // Called by CTransaction::IsStandard.
369 bool HasCanonicalPushes() const;
371 void SetDestination(const CTxDestination& address);
372 void SetAddress(const CBitcoinAddress& dest);
373 void SetMultisig(int nRequired, const std::vector<CPubKey>& keys);
375 void PrintHex() const;
376 std::string ToString(bool fShort=false) const;
378 CScriptID GetID() const;
381 bool IsCanonicalPubKey(const std::vector<unsigned char> &vchPubKey, unsigned int flags);
382 bool IsDERSignature(const valtype &vchSig, bool fWithHashType=false, bool fCheckLow=false);
383 bool IsCanonicalSignature(const std::vector<unsigned char> &vchSig, unsigned int flags);
385 bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
386 bool Solver(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<std::vector<unsigned char> >& vSolutionsRet);
387 int ScriptSigArgsExpected(txnouttype t, const std::vector<std::vector<unsigned char> >& vSolutions);
388 bool IsStandard(const CScript& scriptPubKey, txnouttype& whichType);
389 isminetype IsMine(const CKeyStore& keystore, const CScript& scriptPubKey);
390 //isminetype IsMine(const CKeyStore& keystore, const CTxDestination& dest);
391 isminetype IsMine(const CKeyStore& keystore, const CBitcoinAddress& dest);
392 void ExtractAffectedKeys(const CKeyStore &keystore, const CScript& scriptPubKey, std::vector<CKeyID> &vKeys);
393 bool ExtractDestination(const CScript& scriptPubKey, CTxDestination& addressRet);
394 bool ExtractAddress(const CKeyStore &keystore, const CScript& scriptPubKey, CBitcoinAddress& addressRet);
395 bool ExtractDestinations(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<CTxDestination>& addressRet, int& nRequiredRet);
396 bool SignSignature(const CKeyStore& keystore, const CScript& fromPubKey, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
397 bool SignSignature(const CKeyStore& keystore, const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
398 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
400 // Given two sets of signatures for scriptPubKey, possibly with OP_0 placeholders,
401 // combine them intelligently and return the result.
402 CScript CombineSignatures(const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, const CScript& scriptSig1, const CScript& scriptSig2);