Remove template matching and pseudo opcodes #13194
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
laanwj
reviewed
May 9, 2018
| OP_PUBKEYS = 0xfb, | ||
| OP_PUBKEYHASH = 0xfd, | ||
| OP_PUBKEY = 0xfe, | ||
|
|
There was a problem hiding this comment.
Nice to get rid of these fake opcodes here.
jtimon
approved these changes
May 9, 2018
There was a problem hiding this comment.
utACK modulo nits and modulo this kind of unrelated thing I don't understand.
Perhaps a stupid question but, in https://github.com/bitcoin/bitcoin/blob/master/src/pubkey.h#L59 why are there 3 ways to indicate non-compressed and 2 ways to indicate compressed? shouldn't one for each be enough? also, should using an enum or macros or constants be more clear?
src/script/standard.cpp
Outdated
| CScript::const_iterator it = script.begin(); | ||
| if (script.size() < 1 || script.back() != OP_CHECKMULTISIG) return false; | ||
|
|
||
| if (!script.GetOp(it, opcode, data) || (opcode != OP_0 && (opcode < OP_1 || opcode > OP_16))) return false; |
There was a problem hiding this comment.
Souldn't this return false if it's op_0 too? or are 0 required sigs multisigs valid?
There was a problem hiding this comment.
key count can be 0, I think. The only checks in the interpreter I see are for negative numbers.
There was a problem hiding this comment.
I'm trying to stick to the original logic as close as possible; optimizations / other tweaks can happen later.
There was a problem hiding this comment.
Agree with @sipa here. One step at a time is easier to review.
src/script/standard.cpp
Outdated
| } | ||
| if (opcode != OP_0 && (opcode < OP_1 || opcode > OP_16)) return false; |
There was a problem hiding this comment.
Same here, shouldn't OP_0 be invalid here too?
If 0 is allowed, why not just opcode < OP_0 || opcode > OP_16?
There was a problem hiding this comment.
OP_0 is 0, OP_1 is 81. They aren't continuous.
There was a problem hiding this comment.
An isOP_N(opcode) helper function would make this (and the expression above) slightly better readable.
There was a problem hiding this comment.
I added an IsSmallInteger function for this (which would be distinct from IsOP_N by not accepting OP_1NEGATE).
instagibbs
reviewed
May 9, 2018
src/script/standard.cpp
Outdated
| mTemplates.insert(std::make_pair(TX_PUBKEY, CScript() << OP_PUBKEY << OP_CHECKSIG)); | ||
| if (script.size() == 35 && script[0] == 33 && script[34] == OP_CHECKSIG) { | ||
| pubkey = valtype(script.begin() + 1, script.begin() + 34); | ||
| return CPubKey::ValidSize(pubkey); |
There was a problem hiding this comment.
Redundant check here? We know the size.
There was a problem hiding this comment.
CpubKey::ValidSize checks the data-dependent size (depending on what the first byte is).
instagibbs
reviewed
May 9, 2018
src/script/standard.cpp
Outdated
| } | ||
| if (script.size() == 67 && script[0] == 65 && script[66] == OP_CHECKSIG) { | ||
| pubkey = valtype(script.begin() + 1, script.begin() + 66); | ||
| return CPubKey::ValidSize(pubkey); |
There was a problem hiding this comment.
Redundant check here? We know the size.
There was a problem hiding this comment.
We could just use proper constants in the lines above for more belt and suspenders.
|
@jtimon Hybrid public keys (the 0x06 and 0x07 ones) are stupid, but were supported by OpenSSL, and because of that they're supported in Bitcoin. Nothing we can do about that. |
|
light tACK |
laanwj
reviewed
May 10, 2018
src/script/standard.cpp
Outdated
|
|
||
| if (!script.GetOp(it, opcode, data) || (opcode != OP_0 && (opcode < OP_1 || opcode > OP_16))) return false; | ||
| required = CScript::DecodeOP_N(opcode); | ||
| while (script.GetOp(it, opcode, data) && CPubKey::ValidSize(data)) { |
There was a problem hiding this comment.
Shouldn't it check the opcodes here?
Oh I guess not, all the push opcodes valid here will return non-empty data, and CPubKey::ValidSize rejects empty data.
There was a problem hiding this comment.
Indeed (that's also what the old code does).
688d796 to
2fc4fdd
Compare
Empact
reviewed
May 16, 2018
src/script/standard.cpp
Outdated
| pubkey = valtype(script.begin() + 1, script.begin() + 34); | ||
| return CPubKey::ValidSize(pubkey); | ||
| } | ||
| if (script.size() == 67 && script[0] == 65 && script[66] == OP_CHECKSIG) { |
There was a problem hiding this comment.
CPubKey::PUBLIC_KEY_SIZE == 65, would add clarity
Empact
reviewed
May 16, 2018
src/script/standard.cpp
Outdated
| { | ||
| // Standard tx, sender provides pubkey, receiver adds signature | ||
| mTemplates.insert(std::make_pair(TX_PUBKEY, CScript() << OP_PUBKEY << OP_CHECKSIG)); | ||
| if (script.size() == 35 && script[0] == 33 && script[34] == OP_CHECKSIG) { |
There was a problem hiding this comment.
CPubKey::COMPRESSED_PUBLIC_KEY_SIZE == 33, would add clarity
There was a problem hiding this comment.
Incidentally, I have #12461 to make these references more succinct.
Empact
reviewed
May 16, 2018
src/script/standard.cpp
Outdated
| return false; | ||
| } | ||
|
|
||
| static bool MatchPayToPubkeyHash(const CScript& script, valtype& pubkeyhash) |
There was a problem hiding this comment.
See also IsToKeyID in compressor.cpp, which looks equivalent.
Could split this up as CScript::IsPayToPubkeyHash, and do the unpacking in Solver, ala IsPayToScriptHash. Would make the case handling more consistent in Solver.
There was a problem hiding this comment.
I'd rather not merging with the versions in compressor - they may end up living separate lives as the standard templates change.
Empact
reviewed
May 16, 2018
| @@ -35,22 +35,55 @@ const char* GetTxnOutputType(txnouttype t) | |||
| return nullptr; | |||
| } | |||
|
|
|||
| bool Solver(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<std::vector<unsigned char> >& vSolutionsRet) | |||
| static bool MatchPayToPubkey(const CScript& script, valtype& pubkey) | |||
There was a problem hiding this comment.
See also IsToPubKey in compressor, which looks equivalent.
|
Concept ACK! Much simpler way to handle these 3 cases. |
|
Nice! |
2fc4fdd to
fa1f642
Compare
|
ACK. |
Empact
reviewed
May 26, 2018
src/script/standard.cpp
Outdated
| } | ||
| if (!IsSmallInteger(opcode)) return false; | ||
| unsigned int keys = CScript::DecodeOP_N(opcode); | ||
| if (pubkeys.size() != keys || required == 0 || keys < required) return false; |
There was a problem hiding this comment.
nit: this required == 0 check could be an earlier return
Empact
reviewed
May 26, 2018
src/script/standard.cpp
Outdated
| typeRet = TX_MULTISIG; | ||
| vSolutionsRet.push_back({static_cast<unsigned char>(required)}); | ||
| vSolutionsRet.insert(vSolutionsRet.end(), keys.begin(), keys.end()); | ||
| vSolutionsRet.push_back({static_cast<unsigned char>(keys.size())}); |
There was a problem hiding this comment.
Maybe worth noting these casts are safe due to small integer limits?
|
utACK fa1f642 |
fa1f642 to
89736a9
Compare
|
re-utACK 89736a9 just addresses comments above |
promag
reviewed
May 26, 2018
src/script/standard.cpp
Outdated
| if (!IsSmallInteger(opcode)) return false; | ||
| unsigned int keys = CScript::DecodeOP_N(opcode); | ||
| if (pubkeys.size() != keys || keys < required) return false; | ||
| if (it + 1 != script.end()) return false; |
There was a problem hiding this comment.
nit
return it + 1 == script.end();|
utACK 89736a9. |
89736a9 to
c639f5a
Compare
jl2012
reviewed
May 29, 2018
src/script/standard.cpp
Outdated
| { | ||
| // Standard tx, sender provides pubkey, receiver adds signature | ||
| mTemplates.insert(std::make_pair(TX_PUBKEY, CScript() << OP_PUBKEY << OP_CHECKSIG)); | ||
| if (script.size() == CPubKey::PUBLIC_KEY_SIZE + 2 && script[0] == CPubKey::PUBLIC_KEY_SIZE && script[CPubKey::PUBLIC_KEY_SIZE + 1] == OP_CHECKSIG) { |
There was a problem hiding this comment.
what about script.back() == OP_CHECKSIG?
jl2012
reviewed
May 29, 2018
src/script/standard.cpp
Outdated
| /** Test for "small integer" script opcodes - OP_0 through OP_16. */ | ||
| static constexpr bool IsSmallInteger(opcodetype opcode) | ||
| { | ||
| return opcode == OP_0 || (opcode >= OP_1 && opcode <= OP_16); |
There was a problem hiding this comment.
if you remove opcode == OP_0 here, you can remove if (required == 0) return false; below
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack.
c639f5a to
c814e2e
Compare
This was referenced Jun 1, 2018
|
This change has the side effect that invalid pubkeys (with correct size of 33 or 65) in bare multisig are now non-standard (see #14104) |
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 10, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 17, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 17, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 17, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 17, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Oct 30, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Dec 6, 2019
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
zkbot
added a commit
to zcash/zcash
that referenced
this pull request
Dec 17, 2019
Bitcoin script PRs 1 Cherry-picked from the following upstream PRs: - bitcoin/bitcoin#6335 - bitcoin/bitcoin#6424 - bitcoin/bitcoin#11058 - bitcoin/bitcoin#12460 - bitcoin/bitcoin#13194 Part of #2074.
sickpig
pushed a commit
to sickpig/BitcoinUnlimited
that referenced
this pull request
Mar 11, 2020
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are more easy to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Committer's note: This is a port of bitcoin/bitcoin/pull/13194 tha has been adapted to work with BU. The main differencies are related to the fact that we expose to the user two other kind of transaction use cases: TX_LABELPUBLIC, TX_CLTV.
DeckerSU
added a commit
to DeckerSU/KomodoOcean
that referenced
this pull request
Mar 17, 2020
furszy
added a commit
to PIVX-Project/PIVX
that referenced
this pull request
Jun 27, 2020
5d96c91 add missing policy.cpp file to cmake (furszy) 2d0783d Standard Solver(): Include cold staking template matching. (furszy) b7fe4c0 Remove template matching and pseudo opcodes (furszy) fe31b31 Assert CPubKey::ValidLength to the pubkey's header-relevent size (Ben Woosley) 2f6b249 Make TX_SCRIPTHASH clear vSolutionsRet first (Peter Todd) 45e5102 Policy: MOVEONLY: 3 functions to policy (furszy) 2c7da7f Policy: MOVEONLY: Create policy/policy.h with some constants (furszy) Pull request description: Coming from the following PRs (with small customizations for our features): * bitcoin#6335 * bitcoin#6424 * bitcoin#12460 * bitcoin#13194 ACKs for top commit: random-zebra: Looking good. ACK 5d96c91 Fuzzbawls: ACK 5d96c91 Tree-SHA512: b3e7479864e16942682b9bc19f432b2a657561647eeadf0ef1285651feb05875d295ff530582ebbc8edacaf3c7d3888249513b4a93d871c2d6c2e1b157ace8c8
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jun 19, 2021
c814e2e Remove template matching and pseudo opcodes (Pieter Wuille) Pull request description: The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jun 24, 2021
c814e2e Remove template matching and pseudo opcodes (Pieter Wuille) Pull request description: The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jun 26, 2021
c814e2e Remove template matching and pseudo opcodes (Pieter Wuille) Pull request description: The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jun 26, 2021
c814e2e Remove template matching and pseudo opcodes (Pieter Wuille) Pull request description: The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jun 28, 2021
c814e2e Remove template matching and pseudo opcodes (Pieter Wuille) Pull request description: The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one. The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement. As a side-effect, it also gets rid of the pseudo opcodes hack. Tree-SHA512: 643b409c5c36821519f613a43efd399af0ec99b6131f35cd4024decfb2d483d719e0e921cd088bc9832a7ac797cb4a6b1158b8574c82f7fbebb75f1b31b359df
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The current code contains a rather complex script template matching engine, which is only used for 3 particular script types (P2PK, P2PKH, multisig). The first two of these are trivial to match for otherwise, and a specialized matcher for multisig is both more compact and more efficient than a generic one.
The goal is being more flexible, so that for example larger standard multisigs inside SegWit outputs are easier to implement.
As a side-effect, it also gets rid of the pseudo opcodes hack.