1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2012 The Bitcoin developers
3 // Distributed under the MIT/X11 software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 #ifndef H_BITCOIN_SCRIPT
6 #define H_BITCOIN_SCRIPT
11 #include <boost/foreach.hpp>
12 #include <boost/variant.hpp>
17 typedef std::vector<unsigned char> valtype;
21 static const unsigned int MAX_SCRIPT_ELEMENT_SIZE = 520; // bytes
23 /** Signature hash types/flags */
29 SIGHASH_ANYONECANPAY = 0x80,
32 /** Script verification flags */
35 SCRIPT_VERIFY_NONE = 0,
36 SCRIPT_VERIFY_P2SH = (1U << 0), // evaluate P2SH (BIP16) subscripts
37 SCRIPT_VERIFY_STRICTENC = (1U << 1), // enforce strict conformance to DER and SEC2 for signatures and pubkeys
38 SCRIPT_VERIFY_EVEN_S = (1U << 2), // enforce even S values in signatures (depends on STRICTENC)
39 SCRIPT_VERIFY_NOCACHE = (1U << 3), // do not store results in signature cache (but do query it)
40 SCRIPT_VERIFY_NULLDUMMY = (1U << 4), // verify dummy stack item consumed by CHECKMULTISIG is of zero-length
43 // Mandatory script verification flags that all new blocks must comply with for
44 // them to be valid. (but old blocks may not comply with) Currently just P2SH,
45 // but in the future other flags may be added, such as a soft-fork to enforce
46 // strict DER encoding.
48 // Failing one of these tests may trigger a DoS ban - see CheckInputs() for
50 static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
52 // Standard script verification flags that standard transactions will comply
53 // with. However scripts violating these flags may still be present in valid
54 // blocks and we must accept those blocks.
55 static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY_FLAGS |
56 SCRIPT_VERIFY_STRICTENC |
57 SCRIPT_VERIFY_NULLDUMMY;
59 // For convenience, standard but not mandatory verify flags.
60 static const unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;
65 // 'standard' transaction types:
73 class CNoDestination {
75 friend bool operator==(const CNoDestination &a, const CNoDestination &b) { return true; }
76 friend bool operator<(const CNoDestination &a, const CNoDestination &b) { return true; }
79 /** A txout script template with a specific destination. It is either:
80 * * CNoDestination: no destination set
81 * * CKeyID: TX_PUBKEYHASH destination
82 * * CScriptID: TX_SCRIPTHASH destination
83 * A CTxDestination is the internal data type encoded in a CBitcoinAddress
85 typedef boost::variant<CNoDestination, CKeyID, CScriptID> CTxDestination;
87 const char* GetTxnOutputType(txnouttype t);
131 OP_TOALTSTACK = 0x6b,
132 OP_FROMALTSTACK = 0x6c,
164 OP_EQUALVERIFY = 0x88,
189 OP_NUMEQUALVERIFY = 0x9d,
190 OP_NUMNOTEQUAL = 0x9e,
192 OP_GREATERTHAN = 0xa0,
193 OP_LESSTHANOREQUAL = 0xa1,
194 OP_GREATERTHANOREQUAL = 0xa2,
206 OP_CODESEPARATOR = 0xab,
208 OP_CHECKSIGVERIFY = 0xad,
209 OP_CHECKMULTISIG = 0xae,
210 OP_CHECKMULTISIGVERIFY = 0xaf,
226 // template matching params
228 OP_SMALLINTEGER = 0xfa,
230 OP_PUBKEYHASH = 0xfd,
233 OP_INVALIDOPCODE = 0xff,
236 const char* GetOpName(opcodetype opcode);
240 inline std::string ValueString(const std::vector<unsigned char>& vch)
243 return strprintf("%d", CBigNum(vch).getint());
248 inline std::string StackString(const std::vector<std::vector<unsigned char> >& vStack)
251 BOOST_FOREACH(const std::vector<unsigned char>& vch, vStack)
255 str += ValueString(vch);
267 /** Serialized script, used inside transaction inputs and outputs */
268 class CScript : public std::vector<unsigned char>
271 CScript& push_int64(int64 n)
273 if (n == -1 || (n >= 1 && n <= 16))
275 push_back(n + (OP_1 - 1));
280 *this << bn.getvch();
285 CScript& push_uint64(uint64 n)
287 if (n >= 1 && n <= 16)
289 push_back(n + (OP_1 - 1));
294 *this << bn.getvch();
301 CScript(const CScript& b) : std::vector<unsigned char>(b.begin(), b.end()) { }
302 CScript(const_iterator pbegin, const_iterator pend) : std::vector<unsigned char>(pbegin, pend) { }
304 CScript(const unsigned char* pbegin, const unsigned char* pend) : std::vector<unsigned char>(pbegin, pend) { }
307 CScript& operator+=(const CScript& b)
309 insert(end(), b.begin(), b.end());
313 friend CScript operator+(const CScript& a, const CScript& b)
321 //explicit CScript(char b) is not portable. Use 'signed char' or 'unsigned char'.
322 explicit CScript(signed char b) { operator<<(b); }
323 explicit CScript(short b) { operator<<(b); }
324 explicit CScript(int b) { operator<<(b); }
325 explicit CScript(long b) { operator<<(b); }
326 explicit CScript(int64 b) { operator<<(b); }
327 explicit CScript(unsigned char b) { operator<<(b); }
328 explicit CScript(unsigned int b) { operator<<(b); }
329 explicit CScript(unsigned short b) { operator<<(b); }
330 explicit CScript(unsigned long b) { operator<<(b); }
331 explicit CScript(uint64 b) { operator<<(b); }
333 explicit CScript(opcodetype b) { operator<<(b); }
334 explicit CScript(const uint256& b) { operator<<(b); }
335 explicit CScript(const CBigNum& b) { operator<<(b); }
336 explicit CScript(const std::vector<unsigned char>& b) { operator<<(b); }
339 //CScript& operator<<(char b) is not portable. Use 'signed char' or 'unsigned char'.
340 CScript& operator<<(signed char b) { return push_int64(b); }
341 CScript& operator<<(short b) { return push_int64(b); }
342 CScript& operator<<(int b) { return push_int64(b); }
343 CScript& operator<<(long b) { return push_int64(b); }
344 CScript& operator<<(int64 b) { return push_int64(b); }
345 CScript& operator<<(unsigned char b) { return push_uint64(b); }
346 CScript& operator<<(unsigned int b) { return push_uint64(b); }
347 CScript& operator<<(unsigned short b) { return push_uint64(b); }
348 CScript& operator<<(unsigned long b) { return push_uint64(b); }
349 CScript& operator<<(uint64 b) { return push_uint64(b); }
351 CScript& operator<<(opcodetype opcode)
353 if (opcode < 0 || opcode > 0xff)
354 throw std::runtime_error("CScript::operator<<() : invalid opcode");
355 insert(end(), (unsigned char)opcode);
359 CScript& operator<<(const uint160& b)
361 insert(end(), sizeof(b));
362 insert(end(), (unsigned char*)&b, (unsigned char*)&b + sizeof(b));
366 CScript& operator<<(const uint256& b)
368 insert(end(), sizeof(b));
369 insert(end(), (unsigned char*)&b, (unsigned char*)&b + sizeof(b));
373 CScript& operator<<(const CPubKey& key)
375 std::vector<unsigned char> vchKey = key.Raw();
376 return (*this) << vchKey;
379 CScript& operator<<(const CBigNum& b)
385 CScript& operator<<(const std::vector<unsigned char>& b)
387 if (b.size() < OP_PUSHDATA1)
389 insert(end(), (unsigned char)b.size());
391 else if (b.size() <= 0xff)
393 insert(end(), OP_PUSHDATA1);
394 insert(end(), (unsigned char)b.size());
396 else if (b.size() <= 0xffff)
398 insert(end(), OP_PUSHDATA2);
399 unsigned short nSize = b.size();
400 insert(end(), (unsigned char*)&nSize, (unsigned char*)&nSize + sizeof(nSize));
404 insert(end(), OP_PUSHDATA4);
405 unsigned int nSize = b.size();
406 insert(end(), (unsigned char*)&nSize, (unsigned char*)&nSize + sizeof(nSize));
408 insert(end(), b.begin(), b.end());
412 CScript& operator<<(const CScript& b)
414 // I'm not sure if this should push the script or concatenate scripts.
415 // If there's ever a use for pushing a script onto a script, delete this member fn
416 assert(!"Warning: Pushing a CScript onto a CScript with << is probably not intended, use + to concatenate!");
421 bool GetOp(iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>& vchRet)
423 // Wrapper so it can be called with either iterator or const_iterator
424 const_iterator pc2 = pc;
425 bool fRet = GetOp2(pc2, opcodeRet, &vchRet);
426 pc = begin() + (pc2 - begin());
430 bool GetOp(iterator& pc, opcodetype& opcodeRet)
432 const_iterator pc2 = pc;
433 bool fRet = GetOp2(pc2, opcodeRet, NULL);
434 pc = begin() + (pc2 - begin());
438 bool GetOp(const_iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>& vchRet) const
440 return GetOp2(pc, opcodeRet, &vchRet);
443 bool GetOp(const_iterator& pc, opcodetype& opcodeRet) const
445 return GetOp2(pc, opcodeRet, NULL);
448 bool GetOp2(const_iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>* pvchRet) const
450 opcodeRet = OP_INVALIDOPCODE;
459 unsigned int opcode = *pc++;
462 if (opcode <= OP_PUSHDATA4)
465 if (opcode < OP_PUSHDATA1)
469 else if (opcode == OP_PUSHDATA1)
475 else if (opcode == OP_PUSHDATA2)
480 memcpy(&nSize, &pc[0], 2);
483 else if (opcode == OP_PUSHDATA4)
487 memcpy(&nSize, &pc[0], 4);
490 if (end() - pc < 0 || (unsigned int)(end() - pc) < nSize)
493 pvchRet->assign(pc, pc + nSize);
497 opcodeRet = (opcodetype)opcode;
501 // Encode/decode small integers:
502 static int DecodeOP_N(opcodetype opcode)
506 assert(opcode >= OP_1 && opcode <= OP_16);
507 return (int)opcode - (int)(OP_1 - 1);
509 static opcodetype EncodeOP_N(int n)
511 assert(n >= 0 && n <= 16);
514 return (opcodetype)(OP_1+n-1);
517 int FindAndDelete(const CScript& b)
522 iterator pc = begin();
526 while (end() - pc >= (long)b.size() && memcmp(&pc[0], &b[0], b.size()) == 0)
528 erase(pc, pc + b.size());
532 while (GetOp(pc, opcode));
535 int Find(opcodetype op) const
539 for (const_iterator pc = begin(); pc != end() && GetOp(pc, opcode);)
545 // Pre-version-0.6, Bitcoin always counted CHECKMULTISIGs
546 // as 20 sigops. With pay-to-script-hash, that changed:
547 // CHECKMULTISIGs serialized in scriptSigs are
548 // counted more accurately, assuming they are of the form
549 // ... OP_N CHECKMULTISIG ...
550 unsigned int GetSigOpCount(bool fAccurate) const;
552 // Accurately count sigOps, including sigOps in
553 // pay-to-script-hash transactions:
554 unsigned int GetSigOpCount(const CScript& scriptSig) const;
556 bool IsPayToScriptHash() const;
558 // Called by CTransaction::IsStandard and P2SH VerifyScript (which makes it consensus-critical).
559 bool IsPushOnly() const
561 const_iterator pc = begin();
565 if (!GetOp(pc, opcode))
573 // Called by CTransaction::IsStandard.
574 bool HasCanonicalPushes() const;
576 void SetDestination(const CTxDestination& address);
577 void SetMultisig(int nRequired, const std::vector<CKey>& keys);
580 void PrintHex() const
582 printf("CScript(%s)\n", HexStr(begin(), end(), true).c_str());
585 std::string ToString(bool fShort=false) const
589 std::vector<unsigned char> vch;
590 const_iterator pc = begin();
595 if (!GetOp(pc, opcode, vch))
600 if (0 <= opcode && opcode <= OP_PUSHDATA4)
601 str += fShort? ValueString(vch).substr(0, 10) : ValueString(vch);
603 str += GetOpName(opcode);
610 printf("%s\n", ToString().c_str());
613 CScriptID GetID() const
615 return CScriptID(Hash160(*this));
619 bool IsCanonicalPubKey(const std::vector<unsigned char> &vchPubKey, unsigned int flags);
620 bool IsCanonicalSignature(const std::vector<unsigned char> &vchSig, unsigned int flags);
623 bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
624 bool Solver(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<std::vector<unsigned char> >& vSolutionsRet);
625 int ScriptSigArgsExpected(txnouttype t, const std::vector<std::vector<unsigned char> >& vSolutions);
626 bool IsStandard(const CScript& scriptPubKey, txnouttype& whichType);
627 bool IsMine(const CKeyStore& keystore, const CScript& scriptPubKey);
628 bool IsMine(const CKeyStore& keystore, const CTxDestination &dest);
629 void ExtractAffectedKeys(const CKeyStore &keystore, const CScript& scriptPubKey, std::vector<CKeyID> &vKeys);
630 bool ExtractDestination(const CScript& scriptPubKey, CTxDestination& addressRet);
631 bool ExtractDestinations(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<CTxDestination>& addressRet, int& nRequiredRet);
632 bool SignSignature(const CKeyStore& keystore, const CScript& fromPubKey, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
633 bool SignSignature(const CKeyStore& keystore, const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
634 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
636 // Given two sets of signatures for scriptPubKey, possibly with OP_0 placeholders,
637 // combine them intelligently and return the result.
638 CScript CombineSignatures(CScript scriptPubKey, const CTransaction& txTo, unsigned int nIn, const CScript& scriptSig1, const CScript& scriptSig2);