1 #include <boost/assert.hpp>
2 #include <boost/assign/list_of.hpp>
3 #include <boost/assign/list_inserter.hpp>
4 #include <boost/assign/std/vector.hpp>
5 #include <boost/test/unit_test.hpp>
6 #include <boost/foreach.hpp>
7 #include <boost/tuple/tuple.hpp>
9 #include <openssl/ec.h>
10 #include <openssl/err.h>
18 using namespace boost::assign;
20 typedef vector<unsigned char> valtype;
22 extern uint256 SignatureHash(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType);
23 extern bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, int& nSigOpCount,
24 int nHashType, bool fStrictOpEval);
26 BOOST_AUTO_TEST_SUITE(multisig_tests)
29 sign_multisig(CScript scriptPubKey, vector<CKey> keys, CTransaction transaction, int whichIn)
31 uint256 hash = SignatureHash(scriptPubKey, transaction, whichIn, SIGHASH_ALL);
34 result << OP_0; // CHECKMULTISIG bug workaround
35 BOOST_FOREACH(CKey key, keys)
37 vector<unsigned char> vchSig;
38 BOOST_CHECK(key.Sign(hash, vchSig));
39 vchSig.push_back((unsigned char)SIGHASH_ALL);
45 BOOST_AUTO_TEST_CASE(multisig_verify)
48 for (int i = 0; i < 4; i++)
52 a_and_b << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
55 a_or_b << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
58 escrow << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << key[2].GetPubKey() << OP_3 << OP_CHECKMULTISIG;
60 CTransaction txFrom; // Funding transaction
61 txFrom.vout.resize(3);
62 txFrom.vout[0].scriptPubKey = a_and_b;
63 txFrom.vout[1].scriptPubKey = a_or_b;
64 txFrom.vout[2].scriptPubKey = escrow;
66 CTransaction txTo[3]; // Spending transaction
67 for (int i = 0; i < 3; i++)
69 txTo[i].vin.resize(1);
70 txTo[i].vout.resize(1);
71 txTo[i].vin[0].prevout.n = i;
72 txTo[i].vin[0].prevout.hash = txFrom.GetHash();
73 txTo[i].vout[0].nValue = 1;
82 keys += key[0],key[1]; // magic operator+= from boost.assign
83 s = sign_multisig(a_and_b, keys, txTo[0], 0);
84 BOOST_CHECK(VerifyScript(s, a_and_b, txTo[0], 0, nUnused, 0, true));
86 for (int i = 0; i < 4; i++)
90 s = sign_multisig(a_and_b, keys, txTo[0], 0);
91 BOOST_CHECK_MESSAGE(!VerifyScript(s, a_and_b, txTo[0], 0, nUnused, 0, true), strprintf("a&b 1: %d", i));
94 keys += key[1],key[i];
95 s = sign_multisig(a_and_b, keys, txTo[0], 0);
96 BOOST_CHECK_MESSAGE(!VerifyScript(s, a_and_b, txTo[0], 0, nUnused, 0, true), strprintf("a&b 2: %d", i));
100 for (int i = 0; i < 4; i++)
104 s = sign_multisig(a_or_b, keys, txTo[1], 0);
105 if (i == 0 || i == 1)
106 BOOST_CHECK_MESSAGE(VerifyScript(s, a_or_b, txTo[1], 0, nUnused, 0, true), strprintf("a|b: %d", i));
108 BOOST_CHECK_MESSAGE(!VerifyScript(s, a_or_b, txTo[1], 0, nUnused, 0, true), strprintf("a|b: %d", i));
112 BOOST_CHECK(!VerifyScript(s, a_or_b, txTo[1], 0, nUnused, 0, true));
115 BOOST_CHECK(!VerifyScript(s, a_or_b, txTo[1], 0, nUnused, 0, true));
118 for (int i = 0; i < 4; i++)
119 for (int j = 0; j < 4; j++)
122 keys += key[i],key[j];
123 s = sign_multisig(escrow, keys, txTo[2], 0);
124 if (i < j && i < 3 && j < 3)
125 BOOST_CHECK_MESSAGE(VerifyScript(s, escrow, txTo[2], 0, nUnused, 0, true), strprintf("escrow 1: %d %d", i, j));
127 BOOST_CHECK_MESSAGE(!VerifyScript(s, escrow, txTo[2], 0, nUnused, 0, true), strprintf("escrow 2: %d %d", i, j));
131 BOOST_AUTO_TEST_CASE(multisig_IsStandard)
134 for (int i = 0; i < 4; i++)
138 a_and_b << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
139 BOOST_CHECK(::IsStandard(a_and_b));
142 a_or_b << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
143 BOOST_CHECK(::IsStandard(a_or_b));
146 escrow << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << key[2].GetPubKey() << OP_3 << OP_CHECKMULTISIG;
147 BOOST_CHECK(::IsStandard(escrow));
150 one_of_four << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << key[2].GetPubKey() << key[3].GetPubKey() << OP_4 << OP_CHECKMULTISIG;
151 BOOST_CHECK(!::IsStandard(one_of_four));
153 CScript malformed[6];
154 malformed[0] << OP_3 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
155 malformed[1] << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << OP_3 << OP_CHECKMULTISIG;
156 malformed[2] << OP_0 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
157 malformed[3] << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_0 << OP_CHECKMULTISIG;
158 malformed[4] << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_CHECKMULTISIG;
159 malformed[5] << OP_1 << key[0].GetPubKey() << key[1].GetPubKey();
161 for (int i = 0; i < 6; i++)
162 BOOST_CHECK(!::IsStandard(malformed[i]));
165 BOOST_AUTO_TEST_CASE(multisig_Solver1)
167 // Tests Solver() that returns lists of keys that are
168 // required to satisfy a ScriptPubKey
170 // Also tests IsMine() and ExtractAddress()
172 // Note: ExtractAddress for the multisignature transactions
173 // always returns false for this release, even if you have
174 // one key that would satisfy an (a|b) or 2-of-3 keys needed
175 // to spend an escrow transaction.
177 CBasicKeyStore keystore, emptykeystore, partialkeystore;
179 CBitcoinAddress keyaddr[3];
180 for (int i = 0; i < 3; i++)
183 keystore.AddKey(key[i]);
184 keyaddr[i].SetPubKey(key[i].GetPubKey());
186 partialkeystore.AddKey(key[0]);
189 vector<valtype> solutions;
190 txnouttype whichType;
192 s << key[0].GetPubKey() << OP_CHECKSIG;
193 BOOST_CHECK(Solver(s, whichType, solutions));
194 BOOST_CHECK(solutions.size() == 1);
195 CBitcoinAddress addr;
196 BOOST_CHECK(ExtractAddress(s, addr));
197 BOOST_CHECK(addr == keyaddr[0]);
198 BOOST_CHECK(IsMine(keystore, s));
199 BOOST_CHECK(!IsMine(emptykeystore, s));
202 vector<valtype> solutions;
203 txnouttype whichType;
205 s << OP_DUP << OP_HASH160 << Hash160(key[0].GetPubKey()) << OP_EQUALVERIFY << OP_CHECKSIG;
206 BOOST_CHECK(Solver(s, whichType, solutions));
207 BOOST_CHECK(solutions.size() == 1);
208 CBitcoinAddress addr;
209 BOOST_CHECK(ExtractAddress(s, addr));
210 BOOST_CHECK(addr == keyaddr[0]);
211 BOOST_CHECK(IsMine(keystore, s));
212 BOOST_CHECK(!IsMine(emptykeystore, s));
215 vector<valtype> solutions;
216 txnouttype whichType;
218 s << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
219 BOOST_CHECK(Solver(s, whichType, solutions));
220 BOOST_CHECK_EQUAL(solutions.size(), 4);
221 CBitcoinAddress addr;
222 BOOST_CHECK(!ExtractAddress(s, addr));
223 BOOST_CHECK(IsMine(keystore, s));
224 BOOST_CHECK(!IsMine(emptykeystore, s));
225 BOOST_CHECK(!IsMine(partialkeystore, s));
228 vector<valtype> solutions;
229 txnouttype whichType;
231 s << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
232 BOOST_CHECK(Solver(s, whichType, solutions));
233 BOOST_CHECK_EQUAL(solutions.size(), 4);
234 vector<CBitcoinAddress> addrs;
236 BOOST_CHECK(ExtractAddresses(s, whichType, addrs, nRequired));
237 BOOST_CHECK(addrs[0] == keyaddr[0]);
238 BOOST_CHECK(addrs[1] == keyaddr[1]);
239 BOOST_CHECK(nRequired = 1);
240 BOOST_CHECK(IsMine(keystore, s));
241 BOOST_CHECK(!IsMine(emptykeystore, s));
242 BOOST_CHECK(!IsMine(partialkeystore, s));
245 vector<valtype> solutions;
246 txnouttype whichType;
248 s << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << key[2].GetPubKey() << OP_3 << OP_CHECKMULTISIG;
249 BOOST_CHECK(Solver(s, whichType, solutions));
250 BOOST_CHECK(solutions.size() == 5);
254 BOOST_AUTO_TEST_CASE(multisig_Sign)
256 // Test SignSignature() (and therefore the version of Solver() that signs transactions)
257 CBasicKeyStore keystore;
259 for (int i = 0; i < 4; i++)
262 keystore.AddKey(key[i]);
266 a_and_b << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
269 a_or_b << OP_1 << key[0].GetPubKey() << key[1].GetPubKey() << OP_2 << OP_CHECKMULTISIG;
272 escrow << OP_2 << key[0].GetPubKey() << key[1].GetPubKey() << key[2].GetPubKey() << OP_3 << OP_CHECKMULTISIG;
274 CTransaction txFrom; // Funding transaction
275 txFrom.vout.resize(3);
276 txFrom.vout[0].scriptPubKey = a_and_b;
277 txFrom.vout[1].scriptPubKey = a_or_b;
278 txFrom.vout[2].scriptPubKey = escrow;
280 CTransaction txTo[3]; // Spending transaction
281 for (int i = 0; i < 3; i++)
283 txTo[i].vin.resize(1);
284 txTo[i].vout.resize(1);
285 txTo[i].vin[0].prevout.n = i;
286 txTo[i].vin[0].prevout.hash = txFrom.GetHash();
287 txTo[i].vout[0].nValue = 1;
290 for (int i = 0; i < 3; i++)
292 BOOST_CHECK_MESSAGE(SignSignature(keystore, txFrom, txTo[i], 0), strprintf("SignSignature %d", i));
297 BOOST_AUTO_TEST_SUITE_END()