1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2012 The Bitcoin developers
3 // Distributed under the MIT/X11 software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 #ifndef H_BITCOIN_SCRIPT
6 #define H_BITCOIN_SCRIPT
11 #include <boost/foreach.hpp>
12 #include <boost/variant.hpp>
20 /** Signature hash types/flags */
26 SIGHASH_ANYONECANPAY = 0x80,
29 /** Script verification flags */
32 SCRIPT_VERIFY_NONE = 0,
33 SCRIPT_VERIFY_P2SH = (1U << 0),
34 SCRIPT_VERIFY_STRICTENC = (1U << 1),
35 SCRIPT_VERIFY_NOCACHE = (1U << 2),
41 // 'standard' transaction types:
48 class CNoDestination {
50 friend bool operator==(const CNoDestination &a, const CNoDestination &b) { return true; }
51 friend bool operator<(const CNoDestination &a, const CNoDestination &b) { return true; }
54 /** A txout script template with a specific destination. It is either:
55 * * CNoDestination: no destination set
56 * * CKeyID: TX_PUBKEYHASH destination
57 * * CScriptID: TX_SCRIPTHASH destination
58 * A CTxDestination is the internal data type encoded in a CBitcoinAddress
60 typedef boost::variant<CNoDestination, CKeyID, CScriptID> CTxDestination;
62 const char* GetTxnOutputType(txnouttype t);
106 OP_TOALTSTACK = 0x6b,
107 OP_FROMALTSTACK = 0x6c,
139 OP_EQUALVERIFY = 0x88,
164 OP_NUMEQUALVERIFY = 0x9d,
165 OP_NUMNOTEQUAL = 0x9e,
167 OP_GREATERTHAN = 0xa0,
168 OP_LESSTHANOREQUAL = 0xa1,
169 OP_GREATERTHANOREQUAL = 0xa2,
181 OP_CODESEPARATOR = 0xab,
183 OP_CHECKSIGVERIFY = 0xad,
184 OP_CHECKMULTISIG = 0xae,
185 OP_CHECKMULTISIGVERIFY = 0xaf,
201 // template matching params
202 OP_SMALLINTEGER = 0xfa,
204 OP_PUBKEYHASH = 0xfd,
207 OP_INVALIDOPCODE = 0xff,
210 const char* GetOpName(opcodetype opcode);
214 inline std::string ValueString(const std::vector<unsigned char>& vch)
217 return strprintf("%d", CBigNum(vch).getint());
222 inline std::string StackString(const std::vector<std::vector<unsigned char> >& vStack)
225 BOOST_FOREACH(const std::vector<unsigned char>& vch, vStack)
229 str += ValueString(vch);
241 /** Serialized script, used inside transaction inputs and outputs */
242 class CScript : public std::vector<unsigned char>
245 CScript& push_int64(int64 n)
247 if (n == -1 || (n >= 1 && n <= 16))
249 push_back(n + (OP_1 - 1));
254 *this << bn.getvch();
259 CScript& push_uint64(uint64 n)
261 if (n >= 1 && n <= 16)
263 push_back(n + (OP_1 - 1));
268 *this << bn.getvch();
275 CScript(const CScript& b) : std::vector<unsigned char>(b.begin(), b.end()) { }
276 CScript(const_iterator pbegin, const_iterator pend) : std::vector<unsigned char>(pbegin, pend) { }
278 CScript(const unsigned char* pbegin, const unsigned char* pend) : std::vector<unsigned char>(pbegin, pend) { }
281 CScript& operator+=(const CScript& b)
283 insert(end(), b.begin(), b.end());
287 friend CScript operator+(const CScript& a, const CScript& b)
295 //explicit CScript(char b) is not portable. Use 'signed char' or 'unsigned char'.
296 explicit CScript(signed char b) { operator<<(b); }
297 explicit CScript(short b) { operator<<(b); }
298 explicit CScript(int b) { operator<<(b); }
299 explicit CScript(long b) { operator<<(b); }
300 explicit CScript(int64 b) { operator<<(b); }
301 explicit CScript(unsigned char b) { operator<<(b); }
302 explicit CScript(unsigned int b) { operator<<(b); }
303 explicit CScript(unsigned short b) { operator<<(b); }
304 explicit CScript(unsigned long b) { operator<<(b); }
305 explicit CScript(uint64 b) { operator<<(b); }
307 explicit CScript(opcodetype b) { operator<<(b); }
308 explicit CScript(const uint256& b) { operator<<(b); }
309 explicit CScript(const CBigNum& b) { operator<<(b); }
310 explicit CScript(const std::vector<unsigned char>& b) { operator<<(b); }
313 //CScript& operator<<(char b) is not portable. Use 'signed char' or 'unsigned char'.
314 CScript& operator<<(signed char b) { return push_int64(b); }
315 CScript& operator<<(short b) { return push_int64(b); }
316 CScript& operator<<(int b) { return push_int64(b); }
317 CScript& operator<<(long b) { return push_int64(b); }
318 CScript& operator<<(int64 b) { return push_int64(b); }
319 CScript& operator<<(unsigned char b) { return push_uint64(b); }
320 CScript& operator<<(unsigned int b) { return push_uint64(b); }
321 CScript& operator<<(unsigned short b) { return push_uint64(b); }
322 CScript& operator<<(unsigned long b) { return push_uint64(b); }
323 CScript& operator<<(uint64 b) { return push_uint64(b); }
325 CScript& operator<<(opcodetype opcode)
327 if (opcode < 0 || opcode > 0xff)
328 throw std::runtime_error("CScript::operator<<() : invalid opcode");
329 insert(end(), (unsigned char)opcode);
333 CScript& operator<<(const uint160& b)
335 insert(end(), sizeof(b));
336 insert(end(), (unsigned char*)&b, (unsigned char*)&b + sizeof(b));
340 CScript& operator<<(const uint256& b)
342 insert(end(), sizeof(b));
343 insert(end(), (unsigned char*)&b, (unsigned char*)&b + sizeof(b));
347 CScript& operator<<(const CPubKey& key)
349 std::vector<unsigned char> vchKey = key.Raw();
350 return (*this) << vchKey;
353 CScript& operator<<(const CBigNum& b)
359 CScript& operator<<(const std::vector<unsigned char>& b)
361 if (b.size() < OP_PUSHDATA1)
363 insert(end(), (unsigned char)b.size());
365 else if (b.size() <= 0xff)
367 insert(end(), OP_PUSHDATA1);
368 insert(end(), (unsigned char)b.size());
370 else if (b.size() <= 0xffff)
372 insert(end(), OP_PUSHDATA2);
373 unsigned short nSize = b.size();
374 insert(end(), (unsigned char*)&nSize, (unsigned char*)&nSize + sizeof(nSize));
378 insert(end(), OP_PUSHDATA4);
379 unsigned int nSize = b.size();
380 insert(end(), (unsigned char*)&nSize, (unsigned char*)&nSize + sizeof(nSize));
382 insert(end(), b.begin(), b.end());
386 CScript& operator<<(const CScript& b)
388 // I'm not sure if this should push the script or concatenate scripts.
389 // If there's ever a use for pushing a script onto a script, delete this member fn
390 assert(!"Warning: Pushing a CScript onto a CScript with << is probably not intended, use + to concatenate!");
395 bool GetOp(iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>& vchRet)
397 // Wrapper so it can be called with either iterator or const_iterator
398 const_iterator pc2 = pc;
399 bool fRet = GetOp2(pc2, opcodeRet, &vchRet);
400 pc = begin() + (pc2 - begin());
404 bool GetOp(iterator& pc, opcodetype& opcodeRet)
406 const_iterator pc2 = pc;
407 bool fRet = GetOp2(pc2, opcodeRet, NULL);
408 pc = begin() + (pc2 - begin());
412 bool GetOp(const_iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>& vchRet) const
414 return GetOp2(pc, opcodeRet, &vchRet);
417 bool GetOp(const_iterator& pc, opcodetype& opcodeRet) const
419 return GetOp2(pc, opcodeRet, NULL);
422 bool GetOp2(const_iterator& pc, opcodetype& opcodeRet, std::vector<unsigned char>* pvchRet) const
424 opcodeRet = OP_INVALIDOPCODE;
433 unsigned int opcode = *pc++;
436 if (opcode <= OP_PUSHDATA4)
438 unsigned int nSize = 0;
439 if (opcode < OP_PUSHDATA1)
443 else if (opcode == OP_PUSHDATA1)
449 else if (opcode == OP_PUSHDATA2)
454 memcpy(&nSize, &pc[0], 2);
457 else if (opcode == OP_PUSHDATA4)
461 memcpy(&nSize, &pc[0], 4);
464 if (end() - pc < 0 || (unsigned int)(end() - pc) < nSize)
467 pvchRet->assign(pc, pc + nSize);
471 opcodeRet = (opcodetype)opcode;
475 // Encode/decode small integers:
476 static int DecodeOP_N(opcodetype opcode)
480 assert(opcode >= OP_1 && opcode <= OP_16);
481 return (int)opcode - (int)(OP_1 - 1);
483 static opcodetype EncodeOP_N(int n)
485 assert(n >= 0 && n <= 16);
488 return (opcodetype)(OP_1+n-1);
491 int FindAndDelete(const CScript& b)
496 iterator pc = begin();
500 while (end() - pc >= (long)b.size() && memcmp(&pc[0], &b[0], b.size()) == 0)
502 erase(pc, pc + b.size());
506 while (GetOp(pc, opcode));
509 int Find(opcodetype op) const
513 for (const_iterator pc = begin(); pc != end() && GetOp(pc, opcode);)
519 // Pre-version-0.6, Bitcoin always counted CHECKMULTISIGs
520 // as 20 sigops. With pay-to-script-hash, that changed:
521 // CHECKMULTISIGs serialized in scriptSigs are
522 // counted more accurately, assuming they are of the form
523 // ... OP_N CHECKMULTISIG ...
524 unsigned int GetSigOpCount(bool fAccurate) const;
526 // Accurately count sigOps, including sigOps in
527 // pay-to-script-hash transactions:
528 unsigned int GetSigOpCount(const CScript& scriptSig) const;
530 bool IsPayToScriptHash() const;
532 // Called by CTransaction::IsStandard
533 bool IsPushOnly() const
535 const_iterator pc = begin();
539 if (!GetOp(pc, opcode))
548 void SetDestination(const CTxDestination& address);
549 void SetMultisig(int nRequired, const std::vector<CKey>& keys);
552 void PrintHex() const
554 printf("CScript(%s)\n", HexStr(begin(), end(), true).c_str());
557 std::string ToString() const
561 std::vector<unsigned char> vch;
562 const_iterator pc = begin();
567 if (!GetOp(pc, opcode, vch))
572 if (0 <= opcode && opcode <= OP_PUSHDATA4)
573 str += ValueString(vch);
575 str += GetOpName(opcode);
582 printf("%s\n", ToString().c_str());
585 CScriptID GetID() const
587 return CScriptID(Hash160(*this));
591 /** Compact serializer for scripts.
593 * It detects common cases and encodes them much more efficiently.
594 * 3 special cases are defined:
595 * * Pay to pubkey hash (encoded as 21 bytes)
596 * * Pay to script hash (encoded as 21 bytes)
597 * * Pay to pubkey starting with 0x02, 0x03 or 0x04 (encoded as 33 bytes)
599 * Other scripts up to 121 bytes require 1 byte + script length. Above
600 * that, scripts up to 16505 bytes require 2 bytes + script length.
602 class CScriptCompressor
605 // make this static for now (there are only 6 special scripts defined)
606 // this can potentially be extended together with a new nVersion for
607 // transactions, in which case this value becomes dependent on nVersion
608 // and nHeight of the enclosing transaction.
609 static const unsigned int nSpecialScripts = 6;
613 // These check for scripts for which a special case with a shorter encoding is defined.
614 // They are implemented separately from the CScript test, as these test for exact byte
615 // sequence correspondences, and are more strict. For example, IsToPubKey also verifies
616 // whether the public key is valid (as invalid ones cannot be represented in compressed
618 bool IsToKeyID(CKeyID &hash) const;
619 bool IsToScriptID(CScriptID &hash) const;
620 bool IsToPubKey(std::vector<unsigned char> &pubkey) const;
622 bool Compress(std::vector<unsigned char> &out) const;
623 unsigned int GetSpecialSize(unsigned int nSize) const;
624 bool Decompress(unsigned int nSize, const std::vector<unsigned char> &out);
626 CScriptCompressor(CScript &scriptIn) : script(scriptIn) { }
628 unsigned int GetSerializeSize(int nType, int nVersion) const {
629 std::vector<unsigned char> compr;
632 unsigned int nSize = script.size() + nSpecialScripts;
633 return script.size() + VARINT(nSize).GetSerializeSize(nType, nVersion);
636 template<typename Stream>
637 void Serialize(Stream &s, int nType, int nVersion) const {
638 std::vector<unsigned char> compr;
639 if (Compress(compr)) {
640 s << CFlatData(&compr[0], &compr[compr.size()]);
643 unsigned int nSize = script.size() + nSpecialScripts;
645 s << CFlatData(&script[0], &script[script.size()]);
648 template<typename Stream>
649 void Unserialize(Stream &s, int nType, int nVersion) {
650 unsigned int nSize = 0;
652 if (nSize < nSpecialScripts) {
653 std::vector<unsigned char> vch(GetSpecialSize(nSize), 0x00);
654 s >> REF(CFlatData(&vch[0], &vch[vch.size()]));
655 Decompress(nSize, vch);
658 nSize -= nSpecialScripts;
659 script.resize(nSize);
660 s >> REF(CFlatData(&script[0], &script[script.size()]));
664 bool IsCanonicalPubKey(const std::vector<unsigned char> &vchPubKey);
665 bool IsCanonicalSignature(const std::vector<unsigned char> &vchSig);
667 bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
668 bool Solver(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<std::vector<unsigned char> >& vSolutionsRet);
669 int ScriptSigArgsExpected(txnouttype t, const std::vector<std::vector<unsigned char> >& vSolutions);
670 bool IsStandard(const CScript& scriptPubKey);
671 bool IsMine(const CKeyStore& keystore, const CScript& scriptPubKey);
672 bool IsMine(const CKeyStore& keystore, const CTxDestination &dest);
673 bool ExtractDestination(const CScript& scriptPubKey, CTxDestination& addressRet);
674 bool ExtractDestinations(const CScript& scriptPubKey, txnouttype& typeRet, std::vector<CTxDestination>& addressRet, int& nRequiredRet);
675 bool SignSignature(const CKeyStore& keystore, const CScript& fromPubKey, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
676 bool SignSignature(const CKeyStore& keystore, const CTransaction& txFrom, CTransaction& txTo, unsigned int nIn, int nHashType=SIGHASH_ALL);
677 bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, const CTransaction& txTo, unsigned int nIn, unsigned int flags, int nHashType);
679 // Given two sets of signatures for scriptPubKey, possibly with OP_0 placeholders,
680 // combine them intelligently and return the result.
681 CScript CombineSignatures(CScript scriptPubKey, const CTransaction& txTo, unsigned int nIn, const CScript& scriptSig1, const CScript& scriptSig2);