Commit Graph

75 Commits

Author SHA1 Message Date
David Hill
a6bf1d9850 txscript: Implement CheckSequenceVerify (BIP0112) 2016-10-19 12:06:44 -04:00
Dave Collins
cee207c64c txscript: Expose AddOps on ScriptBuilder. (#734)
This exposes a new function on the ScriptBuilder type named AddOps that
allows multiple opcodes to be added via a single call and adds tests to
exercise the new function.

Finally, it updates a couple of places in the signing code that were
abusing the interface by setting its private script directly to use the
new public function instead.
2016-08-12 19:29:28 -05:00
Dave Collins
bd4e64d1d4 chainhash: Abstract hash logic to new package. (#729)
This is mostly a backport of some of the same modifications made in
Decred along with a few additional things cleaned up.  In particular,
this updates the code to make use of the new chainhash package.

Also, since this required API changes anyways and the hash algorithm is
no longer tied specifically to SHA, all other functions throughout the
code base which had "Sha" in their name have been changed to Hash so
they are not incorrectly implying the hash algorithm.

The following is an overview of the changes:

- Remove the wire.ShaHash type
- Update all references to wire.ShaHash to the new chainhash.Hash type
- Rename the following functions and update all references:
  - wire.BlockHeader.BlockSha -> BlockHash
  - wire.MsgBlock.BlockSha -> BlockHash
  - wire.MsgBlock.TxShas -> TxHashes
  - wire.MsgTx.TxSha -> TxHash
  - blockchain.ShaHashToBig -> HashToBig
  - peer.ShaFunc -> peer.HashFunc
- Rename all variables that included sha in their name to include hash
  instead
- Update for function name changes in other dependent packages such as
  btcutil
- Update copyright dates on all modified files
- Update glide.lock file to use the required version of btcutil
2016-08-08 14:04:33 -05:00
Mawueli Kofi Adzoe
7f07fb1093 txscript: Fix typo. (#700)
* Fix tiny typo. Bump copyright year.
* Clarify documentation.
2016-05-22 23:23:20 -05:00
Dave Collins
644570487f txscript: Reduce script parse opcode allocs. (#677)
This changes the script template parsing function to use a pointer into
the constant global opcode array for parsed opcodes as opposed to making
a copy of the opcode entries which causes unnecessary allocations.

Profiling showed that after roughly 48 hours of operation, this
copy was the culprit of 207 million unnecessary allocations.
2016-04-25 16:17:07 -05:00
Olaoluwa Osuntokun
3b39edcaa1 txscript: optimize sigcache lookup (#598)
Profiles discovered that lookups into the signature cache included an
expensive comparison to the stored `sigInfo` struct. This lookup had the
potential to be more expensive than directly verifying the signature
itself!

In addition, evictions were rather expensive because they involved
reading from /dev/urandom, or equivalent, for each eviction once the
signature cache was full as well as potentially iterating over every
item in the cache in the worst-case.

To remedy this poor performance several changes have been made:
* Change the lookup key to the fixed sized 32-byte signature hash
* Perform a full equality check only if there is a cache hit which
    results in a significant  speed up for both insertions and existence
checks
* Override entries in the case of a colliding hash on insert Add an
* .IsEqual() method to the Signature and PublicKey types in the
  btcec package to facilitate easy equivalence testing
* Allocate the signature cache map with the max number of entries in
  order to avoid unnecessary map re-sizes/allocations
* Optimize evictions from the signature cache Delete the first entry
* seen which is safe from manipulation due to
    the pre image resistance of the hash function
* Double the default maximum number of entries within the signature
  cache due to the reduction in the size of a cache entry
  * With this eviction scheme, removals are effectively O(1)

Fixes #575.
2016-04-13 21:56:10 -05:00
Dave Collins
5ff5fc5fa2 txscript: Correct comments on alt stack methods. (#657) 2016-04-11 14:22:25 -05:00
Dave Collins
f389742b39 multi: Update with result of gofmt -s.
This commit updates the code to make use of the most recent simplified
output from gofmt.
2016-02-25 13:02:54 -06:00
Dave Collins
eb882f39f8 multi: Fix several misspellings in the comments.
This commit corrects several typos in the comments found by misspell.
2016-02-25 11:17:12 -06:00
Dave Collins
9abc2c0e19 txscript: Comment improvements and fixes
This commit improves and corrects a few comments in txscript to ensure
they match reality.
2016-02-11 21:43:32 -06:00
Kefkius
d272bfebb7 Fix documentation for opcodeInvalid
Change 'opcodeReserved' to 'opcodeInvalid'
2016-02-11 20:42:41 -06:00
Kefkius
d759d1d3df Remove duplicate stack tests. 2016-02-09 11:17:04 -06:00
Dave Collins
c7e6c1e88f txscript: Correct JSON float conversions in tests.
This modifies the conversion of the output index from the JSON-based
test data for valid and invalid transactions as well as the signature
hash type for signature hash tests to first convert to a signed int and
then to an unsigned int.  This is necessary because the result of a
direct conversion of a float to an unsigned int is implementation
dependent and doesn't result in the expected value on all platforms.

Also, while here, change the function names in the error prints to match
the actual names.

Fixes #600.
2016-02-03 13:38:35 -06:00
Chris Shepherd
528ddaf23e txscript: Fix typo in README 2016-01-29 12:39:11 -08:00
Mawuli Adzoe
14ccab80e7 Review and fix typos in SigCache code. 2015-12-30 11:57:15 -07:00
David Hill
34a94b7d0b txscript: sync Bitcoin Core script tests 2015-12-30 09:38:16 -05:00
Mawuli Adzoe
6e133b58da txscript: Fix docs to match function.
Changed the order of return values described in the docs to be
consistent with the function’s actual return value signature.
2015-12-29 11:42:03 -07:00
Rune T. Aune
b691a222d5 Add signature hash calculation tests from Bitcoin Core.
500 tests with various transactions and scripts, verifying that
calcSignatureHash generates the expected hash in each case.

This requires changing SigHashType to uint32; that won't affect the
standard use-cases, but will make calcSignatureHash behave more like the
Core counterpart for non-standard SigHashType settings, like those in
some of these tests.
2015-11-15 16:39:00 -05:00
Dave Collins
3942a116e4 docs: Make various README.md files consistent.
First, it removes the documentation section from all the README.md files
and instead puts a web-based godoc badge and link at the top with the
other badges.  This is being done since the local godoc tool no longer
ships with Go by default, so the instructions no longer work without
first installing godoc. Due to this, pretty much everyone uses the
web-based godoc these days anyways.  Anyone who has manually installed
godoc won't need instructions.

Second, it makes sure the ISC license badge is at the top with the other
badges and removes the textual reference in the overview section.

Finally, it's modifies the Installation section to Installation and
Updating and adds a '-u' to the 'go get' command since it works for both
and thus is simpler.
2015-10-23 14:51:36 -05:00
David Hill
2e6e896aa6 txscript: Sync Bitcoin Core tests. 2015-10-22 16:10:29 -04:00
David Hill
3fa416a7ef txscript: fix isMultiSig bug.
isMultiSig was not verifying the number of pubkeys specified matched
the number of pubkeys provided.  This caused certain non-standard
scripts to be considered multisig scripts.

However, the script still would have failed during execution.

NOTE: This only affects whether or not the script is considered
standard and does NOT affect consensus.

Also, add a test for this check.
2015-10-22 15:55:34 -04:00
David Hill
4c3ad4987b txscript: Implement CheckLockTimeVerify (BIP0065)
See https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki for
more information.

This commit mimics Bitcoin Core commit bc60b2b4b401f0adff5b8b9678903ff8feb5867b
and includes additional tests from Bitcoin Core commit
cb54d17355864fa08826d6511a0d7692b21ef2c9
2015-10-14 13:19:49 -04:00
David Hill
0f57a41ed8 txscript: Add ScriptVerifyLowS to the standard flags
We've already been generating lowS sigs for quite a while.  This removes
the malleability vector.

This mimics Bitcoin Core commit 49dd5c629df0a08cf3b1ea8085c03312d1a81696
2015-10-09 15:30:12 -04:00
Olaoluwa Osuntokun
0029905d43 Integrate a valid ECDSA signature cache into btcd
Introduce an ECDSA signature verification into btcd in order to
mitigate a certain DoS attack and as a performance optimization.

The benefits of SigCache are two fold. Firstly, usage of SigCache
mitigates a DoS attack wherein an attacker causes a victim's client to
hang due to worst-case behavior triggered while processing attacker
crafted invalid transactions. A detailed description of the mitigated
DoS attack can be found here: https://bitslog.wordpress.com/2013/01/23/fixed-bitcoin-vulnerability-explanation-why-the-signature-cache-is-a-dos-protection/
Secondly, usage of the SigCache introduces a signature verification
optimization which speeds up the validation of transactions within a
block, if they've already been seen and verified within the mempool.

The server itself manages the sigCache instance. The blockManager and
txMempool respectively now receive pointers to the created sigCache
instance. All read (sig triplet existence) operations on the sigCache
will not block unless a separate goroutine is adding an entry (writing)
to the sigCache. GetBlockTemplate generation now also utilizes the
sigCache in order to avoid unnecessarily double checking signatures
when generating a template after previously accepting a txn to the
mempool. Consequently, the CPU miner now also employs the same
optimization.

The maximum number of entries for the sigCache has been introduced as a
config parameter in order to allow users to configure the amount of
memory consumed by this new additional caching.
2015-10-08 17:31:42 -07:00
David Hill
ce22159fb2 txscript: Change makeScriptNum to take a length argument
While current existing numeric opcodes are limited to 4 bytes, new
opcodes may need different limits.

This mimics Bitcoin Core commit 99088d60d8a7747c6d1a7fd5d8cd388be1b3e138
2015-10-05 19:48:55 -04:00
Dave Collins
064cc8e7c3 txscript: Optimize DisasmString function.
This commit modifies the DisasmString function to use a bytes buffer for
constructing the disassembled string instead of naive string
concatenation.  This makes a huge difference when disassembling scripts
with large numbers of opcodes.
2015-09-28 12:57:53 -05:00
Jonathan Gillham
27f7f82355 txscript: Make error strings idiomatic. 2015-08-09 14:06:36 +01:00
David Hill
3331d6098b txscript: New function IsUnspendable
IsUnspendable takes a public key script and returns whether it is
spendable.

Additionally, hook this into the mempool isDust function, since
unspendable outputs can't be spent.

This mimics Bitcoin Core commit 0aad1f13b2430165062bf9436036c1222a8724da
2015-08-03 10:10:23 -04:00
Jonathan Gillham
b448a2b6bc Make PubKey variable names consistent. 2015-08-02 22:21:27 +01:00
Jonathan Gillham
f8167ab36f txscript: Remove unneeded signature hash copies
These copies were likely left over from when MsgTx had no deep copy
functionality.
2015-07-28 11:31:43 +01:00
Bruno
4335ce828c switch maxDataCarrierSize to public const 2015-07-20 14:26:05 +08:00
Jonathan Gillham
8fcea82a56 Fixed erroneous txscript.KeyClosure documentation. 2015-07-19 16:15:29 +01:00
David Hill
9ffd96bf51 Revert "Move IsFinalizedTransaction to txscript."
This reverts commit 17da2ba7fa.

This was done prematurely.  This will be revisited when a code
restructure is more urgent.
2015-06-29 11:12:35 -04:00
David Hill
17da2ba7fa Move IsFinalizedTransaction to txscript.
This change moves IsFinalizedTransaction to txscript and also changes
the first argument to take a wire.MsgTx instead of btcutil.Tx.  This
is needed for an upcoming diff in which txscript will require
IsFinalizedTransaction and we do not want to import the btcd/blockchain.
2015-06-28 09:43:14 -04:00
David Hill
527f585463 txscript: Move lockTimeThreshold to txscript
Move lockTimeThreshold to txscript and export it.  This is a
consensus value which txscript will need in an upcoming diff.
2015-06-26 10:55:22 -04:00
Dave Collins
edc0d15882 txscript: Consensus audit.
This commit contains fixes from the results of a thorough audit of
txscript to find any cases of script evaluation which doesn't match the
required consensus behavior.  These conditions are fairly obscure and
highly unlikely to happen in any real scripts, but they could have
nevertheless been used by a clever attacker with malicious intent to
cause a fork.

Test cases which exercise these conditions have been added to the
reference tests and will contributed upstream to improve the quality for
the entire ecosystem.
2015-05-06 09:41:50 -05:00
Dave Collins
f284b9b394 txscript: Match Bitcoin Core OP_IFDUP behavior.
Unlike OP_IF and OP_NOTIF which interpret the top stack item as a
number, OP_IFDUP interprets it as a boolean.  This has important
consequences because numbers are imited to int32s while booleans can be
an arbitrary number of bytes.

The offending script was found and reported by Jonas Nick through the
use of fuzzing.
2015-05-05 15:06:20 -05:00
Dave Collins
927a0e9c37 txscript: Test consistency and cleanup.
- Move reference tests to test package since they are intended to
  exercise the engine as callers would
- Improve the short form script parsing to allow additional opcodes:
  DATA_#, OP_#, FALSE, TRUE
- Make use of a function to decode hex strings rather than manually
  defining byte slices
- Update the tests to make use of the short form script parsing logic
  rather than manually defining byte slices
- Consistently replace all []byte{} and [][]byte{} with nil
- Define tests only used in a specific function inside that func
- Move invalid flag combination test to engine_test since that is what
  it is testing
- Remove all redundant script tests in favor of the JSON-based tests in
  the data directory.
- Move several functions from internal_test.go to the test files
  associated with what the tests are checking
2015-05-04 16:04:29 -05:00
Dave Collins
005b540895 txscript: Separate code for standard scripts.
This commit moves all code related to standard scripts into a separate
file named standard.go as well as the associated tests into
standard_test.go.  Since the code in address.go and address_test.go is
only related to standard scripts, it has been combined into the new
files and the old files deleted.

The intent here is to make it clear that the code in standard.go is not
related to consensus.
2015-05-01 15:20:48 -05:00
Dave Collins
b6e52fbd93 txscript: Convert to new scriptnum type.
This commit implements a new type, named scriptNum, for handling all
numeric values used in scripts and converts the code over to make use of
it.  This is being done for a few of reasons.

First, the consensus rules for handling numeric values in the scripts
require special handling with subtle semantics.  By encapsulating those
details into a type specifically dedicated to that purpose, it
simplifies the code and generally helps prevent improper usage.

Second, the new type is quite a bit more efficient than big.Ints which
are designed to be arbitrarily large and thus involve a lot of heap
allocations and additional multi-precision bookkeeping.  Because this
new type is based on an int64, it allows the numbers to be stack
allocated thereby eliminating a lot of GC and also eliminates the extra
multi-precision arithmetic bookkeeping.

The use of an int64 is possible because the consensus rules dictate that
when data is interpreted as a number, it is limited to an int32 even
though results outside of this range are allowed so long as they are not
interpreted as integers again themselves.   Thus, the maximum possible
result comes from multiplying a max int32 by itself which safely fits
into an int64 and can then still appropriately provide the serialization
of the larger number as required by consensus.

Finally, it more closely resembles the implementation used by Bitcoin
Core and thus makes is easier to compare the behavior between the two
implementations.

This commit also includes a full suite of tests with 100% coverage of
the semantics of the new type.
2015-05-01 13:15:08 -05:00
Dave Collins
6e402deb35 Relicense to the btcsuite developers.
This commit relicenses all code in this repository to the btcsuite
developers.
2015-05-01 12:00:56 -05:00
Dave Collins
a8fe1ad5fe txscript: Code consistency and doco improvements.
This commit contains a lot of cleanup on the txscript code to make it
more consistent with the code throughout the rest of the project.  It
doesn't change any operational logic.

The following is an overview of the changes:

- Add a significant number of comments throughout in order to better
  explain what the code is doing
- Fix several comment typos
- Move a couple of constants only used by the engine to engine.go
- Move a variable only used by the engine to engine.go
- Fix a couple of format specifiers in the test prints
- Reorder functions so they're defined before/closer to use
- Make the code lint clean with the exception of the opcode definitions
2015-04-29 13:16:22 -05:00
Dave Collins
8ef68dcc6e txscript: Cleanup and improve opcode tests.
- Remove all redundant opcode tests in favor of the JSON-based tests
  in the data directory.
- Remove duplicate stack nip test
- Add new tests to data/script_invalid.json to exercise additional
  negative error paths
- Remove old unneeded pubkey trace code from opcodeCheckSig
- Simplify and improve the disassembly print function
- Add new tests to directly test all individual opcode disassembly
- Add new tests to directly test opcode disabled function which does not
  get invoked during ordinary execution
- Improve test coverage of opcode.go
2015-04-28 03:19:00 -05:00
Dave Collins
2e433b0eb3 txscript: Move opcode execution logic to engine
This commit moves the opcode execution logic from the opcode type to the
engine type because execution of an opcode modifies the engine state
(primarily the main and alternate data stacks) as opposed to the state
of the opcode.  Making the engine the receiver more clearly indicates
this fact.
2015-04-27 14:35:41 -05:00
Dave Collins
c701477eaf txscript: Slight crypto hash optimizations.
This commit very slightly optimizes the cryptographic hashing performed
by the script opcodes by calling the hash sum routines directly (for
those that support it) rather than allocating a new generic hash.Hash
hasher instance for them.
2015-04-27 12:32:32 -05:00
Dave Collins
7411e65b1e txscript: Unexport Stack type.
This commit unexports the Stack type since it is only intended to be
used internally during script execution.  Further, the engine exposes
the {G,S}etStack and {G,S}etAltStack functions which return the items as
a slice of byte slices ([][]byte) for caller access while stepping.
2015-04-25 17:10:53 -05:00
Dave Collins
d6105893af txscript: Improve conditional stack.
This commit improves the way the conditional execution stack is handled in
a few ways.

First, the current execution state is now pushed onto the end of the slice
rather than the front of it.  This has been done because it results in
fewer allocations and is therefore more efficient.

Second, the need for allocating and setting an initial true in the
conditional stack has been eliminated.  The vast majority of scripts don't
contain any conditionals, so there is no reason to allocate a slice when
it isn't needed.

Third, a new function has been added to the engine to determine if the
current conditional branch is executing named isBranchExecuting which
handles the fact the conditional execution stack can now be empty and
improves the readability of the code.

Finally, it removes a couple of TODOs which I have verified do not apply.
2015-04-23 02:45:27 -05:00
Dave Collins
d66593bbfd txscript: Add exported opcode name to value map.
This commit exports a new map named OpcodeByName which can be used to
lookup an opcode value given a human-readable opcode name.

It also modifies the test function which does short form parsing to use
the new map instead of the internal array.

Closes #267.
2015-04-21 14:02:30 -05:00
Dave Collins
d251208f1f txscript: Convert opcode map to an array.
This commit converts the opcode map to an array to improve performance.

Benchmark of executing a standard p2pk transaction:

New: BenchmarkExecute            2000            784349 ns/op
Old: BenchmarkExecute            2000            792600 ns/op

The time is dominated by the signature checking as expected, however there
is still an increase in speed.
2015-04-21 13:56:05 -05:00
Dave Collins
d6f2b092c0 txscript: Define opcodes in hex and sync BC opcodes.
This commit modifies the definition of the opcodes to their hex
counterparts rather than decimal since it is far more common to see
scripts in hex.  This makes it easier when manually looking at script
dumps to correlate opcodes.  However, since there are also cases where it
is useful to see the decimal value of the opcode, the decimal value has
been left as a comment.  Obviously converting the numbers is trivial, but
it is handy when looking at the opcode definitions to already have it
there.

In addition, it syncs the opcodes with the latest Bitcoin Core internal
opcodes for completeness and modifies the tests accordingly.
2015-04-21 13:51:02 -05:00