/workdir/bitcoin/src/signet.cpp

Source (jump to first uncovered line)
// Copyright (c) 2019-2021 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <signet.h>

#include <array>
#include <cstdint>
#include <vector>

#include <common/system.h>
#include <consensus/merkle.h>
#include <consensus/params.h>
#include <consensus/validation.h>
#include <core_io.h>
#include <hash.h>
#include <logging.h>
#include <primitives/block.h>
#include <primitives/transaction.h>
#include <script/interpreter.h>
#include <span.h>
#include <streams.h>
#include <uint256.h>
#include <util/strencodings.h>

static constexpr uint8_t SIGNET_HEADER[4] = {0xec, 0xc7, 0xda, 0xa2};

static constexpr unsigned int BLOCK_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_NULLDUMMY;

static bool FetchAndClearCommitmentSection(const Span<const uint8_t> header, CScript& witness_commitment, std::vector<uint8_t>& result)
{
    CScript replacement;
    bool found_header = false;
    result.clear();

    opcodetype opcode;
    CScript::const_iterator pc = witness_commitment.begin();
    std::vector<uint8_t> pushdata;
    while (witness_commitment.GetOp(pc, opcode, pushdata)) {
        if (pushdata.size() > 0) {
            if (!found_header && pushdata.size() > (size_t)header.size() && Span{pushdata}.first(header.size()) == header) {
                // pushdata only counts if it has the header _and_ some data
                result.insert(result.end(), pushdata.begin() + header.size(), pushdata.end());
                pushdata.erase(pushdata.begin() + header.size(), pushdata.end());
                found_header = true;
            }
            replacement << pushdata;
        } else {
            replacement << opcode;
        }
    }

    if (found_header) witness_commitment = replacement;
    return found_header;
}

static uint256 ComputeModifiedMerkleRoot(const CMutableTransaction& cb, const CBlock& block)
{
    std::vector<uint256> leaves;
    leaves.resize(block.vtx.size());
    leaves[0] = cb.GetHash();
    for (size_t s = 1; s < block.vtx.size(); ++s) {
        leaves[s] = block.vtx[s]->GetHash();
    }
    return ComputeMerkleRoot(std::move(leaves));
}

std::optional<SignetTxs> SignetTxs::Create(const CBlock& block, const CScript& challenge)
{
    CMutableTransaction tx_to_spend;
    tx_to_spend.version = 0;
    tx_to_spend.nLockTime = 0;
    tx_to_spend.vin.emplace_back(COutPoint(), CScript(OP_0), 0);
    tx_to_spend.vout.emplace_back(0, challenge);

    CMutableTransaction tx_spending;
    tx_spending.version = 0;
    tx_spending.nLockTime = 0;
    tx_spending.vin.emplace_back(COutPoint(), CScript(), 0);
    tx_spending.vout.emplace_back(0, CScript(OP_RETURN));

    // can't fill any other fields before extracting signet
    // responses from block coinbase tx

    // find and delete signet signature
    if (block.vtx.empty()) return std::nullopt; // no coinbase tx in block; invalid
    CMutableTransaction modified_cb(*block.vtx.at(0));

    const int cidx = GetWitnessCommitmentIndex(block);
    if (cidx == NO_WITNESS_COMMITMENT) {
        return std::nullopt; // require a witness commitment
    }

    CScript& witness_commitment = modified_cb.vout.at(cidx).scriptPubKey;

    std::vector<uint8_t> signet_solution;
    if (!FetchAndClearCommitmentSection(SIGNET_HEADER, witness_commitment, signet_solution)) {
        // no signet solution -- allow this to support OP_TRUE as trivial block challenge
    } else {
        try {
            SpanReader v{signet_solution};
            v >> tx_spending.vin[0].scriptSig;
            v >> tx_spending.vin[0].scriptWitness.stack;
            if (!v.empty()) return std::nullopt; // extraneous data encountered
        } catch (const std::exception&) {
            return std::nullopt; // parsing error
        }
    }
    uint256 signet_merkle = ComputeModifiedMerkleRoot(modified_cb, block);

    std::vector<uint8_t> block_data;
    VectorWriter writer{block_data, 0};
    writer << block.nVersion;
    writer << block.hashPrevBlock;
    writer << signet_merkle;
    writer << block.nTime;
    tx_to_spend.vin[0].scriptSig << block_data;
    tx_spending.vin[0].prevout = COutPoint(tx_to_spend.GetHash(), 0);

    return SignetTxs{tx_to_spend, tx_spending};
}

// Signet block solution checker
bool CheckSignetBlockSolution(const CBlock& block, const Consensus::Params& consensusParams)
{
    if (block.GetHash() == consensusParams.hashGenesisBlock) {
        // genesis block solution is always valid
        return true;
    }

    const CScript challenge(consensusParams.signet_challenge.begin(), consensusParams.signet_challenge.end());
    const std::optional<SignetTxs> signet_txs = SignetTxs::Create(block, challenge);

    if (!signet_txs) {
        LogPrint(BCLog::VALIDATION, "CheckSignetBlockSolution: Errors in block (block solution parse failure)\n");
        return false;
    }

    const CScript& scriptSig = signet_txs->m_to_sign.vin[0].scriptSig;
    const CScriptWitness& witness = signet_txs->m_to_sign.vin[0].scriptWitness;

    PrecomputedTransactionData txdata;
    txdata.Init(signet_txs->m_to_sign, {signet_txs->m_to_spend.vout[0]});
    TransactionSignatureChecker sigcheck(&signet_txs->m_to_sign, /* nInIn= */ 0, /* amountIn= */ signet_txs->m_to_spend.vout[0].nValue, txdata, MissingDataBehavior::ASSERT_FAIL);

    if (!VerifyScript(scriptSig, signet_txs->m_to_spend.vout[0].scriptPubKey, &witness, BLOCK_SCRIPT_VERIFY_FLAGS, sigcheck)) {
        LogPrint(BCLog::VALIDATION, "CheckSignetBlockSolution: Errors in block (block solution invalid)\n");
        return false;
    }
    return true;
}

Line	Count	Source (jump to first uncovered line)
1		// Copyright (c) 2019-2021 The Bitcoin Core developers
2		// Distributed under the MIT software license, see the accompanying
3		// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5		#include <signet.h>
6
7		#include <array>
8		#include <cstdint>
9		#include <vector>
10
11		#include <common/system.h>
12		#include <consensus/merkle.h>
13		#include <consensus/params.h>
14		#include <consensus/validation.h>
15		#include <core_io.h>
16		#include <hash.h>
17		#include <logging.h>
18		#include <primitives/block.h>
19		#include <primitives/transaction.h>
20		#include <script/interpreter.h>
21		#include <span.h>
22		#include <streams.h>
23		#include <uint256.h>
24		#include <util/strencodings.h>
25
26		static constexpr uint8_t SIGNET_HEADER[4] = {0xec, 0xc7, 0xda, 0xa2};
27
28		static constexpr unsigned int BLOCK_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH \| SCRIPT_VERIFY_WITNESS \| SCRIPT_VERIFY_DERSIG \| SCRIPT_VERIFY_NULLDUMMY;
29
30		static bool FetchAndClearCommitmentSection(const Span<const uint8_t> header, CScript& witness_commitment, std::vector<uint8_t>& result)
31	0	{
32	0	CScript replacement;
33	0	bool found_header = false;
34	0	result.clear();
35
36	0	opcodetype opcode;
37	0	CScript::const_iterator pc = witness_commitment.begin();
38	0	std::vector<uint8_t> pushdata;
39	0	while (witness_commitment.GetOp(pc, opcode, pushdata)) { Branch (39:12): [True: 0, False: 0]
40	0	if (pushdata.size() > 0) { Branch (40:13): [True: 0, False: 0]
41	0	if (!found_header && pushdata.size() > (size_t)header.size() && Span{pushdata}.first(header.size()) == header) { Branch (41:17): [True: 0, False: 0] Branch (41:17): [True: 0, False: 0] Branch (41:34): [True: 0, False: 0] Branch (41:77): [True: 0, False: 0]
42		// pushdata only counts if it has the header _and_ some data
43	0	result.insert(result.end(), pushdata.begin() + header.size(), pushdata.end());
44	0	pushdata.erase(pushdata.begin() + header.size(), pushdata.end());
45	0	found_header = true;
46	0	}
47	0	replacement << pushdata;
48	0	} else {
49	0	replacement << opcode;
50	0	}
51	0	}
52
53	0	if (found_header) witness_commitment = replacement; Branch (53:9): [True: 0, False: 0]
54	0	return found_header;
55	0	}
56
57		static uint256 ComputeModifiedMerkleRoot(const CMutableTransaction& cb, const CBlock& block)
58	0	{
59	0	std::vector<uint256> leaves;
60	0	leaves.resize(block.vtx.size());
61	0	leaves[0] = cb.GetHash();
62	0	for (size_t s = 1; s < block.vtx.size(); ++s) { Branch (62:24): [True: 0, False: 0]
63	0	leaves[s] = block.vtx[s]->GetHash();
64	0	}
65	0	return ComputeMerkleRoot(std::move(leaves));
66	0	}
67
68		std::optional<SignetTxs> SignetTxs::Create(const CBlock& block, const CScript& challenge)
69	0	{
70	0	CMutableTransaction tx_to_spend;
71	0	tx_to_spend.version = 0;
72	0	tx_to_spend.nLockTime = 0;
73	0	tx_to_spend.vin.emplace_back(COutPoint(), CScript(OP_0), 0);
74	0	tx_to_spend.vout.emplace_back(0, challenge);
75
76	0	CMutableTransaction tx_spending;
77	0	tx_spending.version = 0;
78	0	tx_spending.nLockTime = 0;
79	0	tx_spending.vin.emplace_back(COutPoint(), CScript(), 0);
80	0	tx_spending.vout.emplace_back(0, CScript(OP_RETURN));
81
82		// can't fill any other fields before extracting signet
83		// responses from block coinbase tx
84
85		// find and delete signet signature
86	0	if (block.vtx.empty()) return std::nullopt; // no coinbase tx in block; invalid Branch (86:9): [True: 0, False: 0]
87	0	CMutableTransaction modified_cb(*block.vtx.at(0));
88
89	0	const int cidx = GetWitnessCommitmentIndex(block);
90	0	if (cidx == NO_WITNESS_COMMITMENT) { Branch (90:9): [True: 0, False: 0]
91	0	return std::nullopt; // require a witness commitment
92	0	}
93
94	0	CScript& witness_commitment = modified_cb.vout.at(cidx).scriptPubKey;
95
96	0	std::vector<uint8_t> signet_solution;
97	0	if (!FetchAndClearCommitmentSection(SIGNET_HEADER, witness_commitment, signet_solution)) { Branch (97:9): [True: 0, False: 0]
98		// no signet solution -- allow this to support OP_TRUE as trivial block challenge
99	0	} else {
100	0	try {
101	0	SpanReader v{signet_solution};
102	0	v >> tx_spending.vin[0].scriptSig;
103	0	v >> tx_spending.vin[0].scriptWitness.stack;
104	0	if (!v.empty()) return std::nullopt; // extraneous data encountered Branch (104:17): [True: 0, False: 0]
105	0	} catch (const std::exception&) {
106	0	return std::nullopt; // parsing error
107	0	}
108	0	}
109	0	uint256 signet_merkle = ComputeModifiedMerkleRoot(modified_cb, block);
110
111	0	std::vector<uint8_t> block_data;
112	0	VectorWriter writer{block_data, 0};
113	0	writer << block.nVersion;
114	0	writer << block.hashPrevBlock;
115	0	writer << signet_merkle;
116	0	writer << block.nTime;
117	0	tx_to_spend.vin[0].scriptSig << block_data;
118	0	tx_spending.vin[0].prevout = COutPoint(tx_to_spend.GetHash(), 0);
119
120	0	return SignetTxs{tx_to_spend, tx_spending};
121	0	}
122
123		// Signet block solution checker
124		bool CheckSignetBlockSolution(const CBlock& block, const Consensus::Params& consensusParams)
125	0	{
126	0	if (block.GetHash() == consensusParams.hashGenesisBlock) { Branch (126:9): [True: 0, False: 0]
127		// genesis block solution is always valid
128	0	return true;
129	0	}
130
131	0	const CScript challenge(consensusParams.signet_challenge.begin(), consensusParams.signet_challenge.end());
132	0	const std::optional<SignetTxs> signet_txs = SignetTxs::Create(block, challenge);
133
134	0	if (!signet_txs) { Branch (134:9): [True: 0, False: 0]
135	0	LogPrint(BCLog::VALIDATION, "CheckSignetBlockSolution: Errors in block (block solution parse failure)\n");
136	0	return false;
137	0	}
138
139	0	const CScript& scriptSig = signet_txs->m_to_sign.vin[0].scriptSig;
140	0	const CScriptWitness& witness = signet_txs->m_to_sign.vin[0].scriptWitness;
141
142	0	PrecomputedTransactionData txdata;
143	0	txdata.Init(signet_txs->m_to_sign, {signet_txs->m_to_spend.vout[0]});
144	0	TransactionSignatureChecker sigcheck(&signet_txs->m_to_sign, /* nInIn= / 0, / amountIn= */ signet_txs->m_to_spend.vout[0].nValue, txdata, MissingDataBehavior::ASSERT_FAIL);
145
146	0	if (!VerifyScript(scriptSig, signet_txs->m_to_spend.vout[0].scriptPubKey, &witness, BLOCK_SCRIPT_VERIFY_FLAGS, sigcheck)) { Branch (146:9): [True: 0, False: 0]
147	0	LogPrint(BCLog::VALIDATION, "CheckSignetBlockSolution: Errors in block (block solution invalid)\n");
148	0	return false;
149	0	}
150	0	return true;
151	0	}

Coverage Report

Created: 2024-08-21 05:08