mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-10-11 03:53:22 +02:00
Make post-p2sh consensus rules mandatory for tx relay
This commit is contained in:
Anthony Towns
@@ -86,7 +86,13 @@ static constexpr unsigned int EXTRA_DESCENDANT_TX_SIZE_LIMIT{10000};
|
||||
* Note that this does not affect consensus validity; see GetBlockScriptFlags()
|
||||
* for that.
|
||||
*/
|
||||
static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
|
||||
static constexpr unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS{SCRIPT_VERIFY_P2SH |
|
||||
SCRIPT_VERIFY_DERSIG |
|
||||
SCRIPT_VERIFY_NULLDUMMY |
|
||||
SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY |
|
||||
SCRIPT_VERIFY_CHECKSEQUENCEVERIFY |
|
||||
SCRIPT_VERIFY_WITNESS |
|
||||
SCRIPT_VERIFY_TAPROOT};
|
||||
|
||||
/**
|
||||
* Standard script verification flags that standard transactions will comply
|
||||
@@ -95,22 +101,16 @@ static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
|
||||
* backwards compatability.
|
||||
*/
|
||||
static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS{MANDATORY_SCRIPT_VERIFY_FLAGS |
|
||||
SCRIPT_VERIFY_DERSIG |
|
||||
SCRIPT_VERIFY_STRICTENC |
|
||||
SCRIPT_VERIFY_MINIMALDATA |
|
||||
SCRIPT_VERIFY_NULLDUMMY |
|
||||
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS |
|
||||
SCRIPT_VERIFY_CLEANSTACK |
|
||||
SCRIPT_VERIFY_MINIMALIF |
|
||||
SCRIPT_VERIFY_NULLFAIL |
|
||||
SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY |
|
||||
SCRIPT_VERIFY_CHECKSEQUENCEVERIFY |
|
||||
SCRIPT_VERIFY_LOW_S |
|
||||
SCRIPT_VERIFY_WITNESS |
|
||||
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM |
|
||||
SCRIPT_VERIFY_WITNESS_PUBKEYTYPE |
|
||||
SCRIPT_VERIFY_CONST_SCRIPTCODE |
|
||||
SCRIPT_VERIFY_TAPROOT |
|
||||
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION |
|
||||
SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS |
|
||||
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE};
|
||||
|
||||
@@ -151,11 +151,11 @@ class BIP65Test(BitcoinTestFramework):
|
||||
cltv_invalidate(spendtx, i)
|
||||
|
||||
expected_cltv_reject_reason = [
|
||||
"non-mandatory-script-verify-flag (Operation not valid with the current stack size)",
|
||||
"non-mandatory-script-verify-flag (Negative locktime)",
|
||||
"non-mandatory-script-verify-flag (Locktime requirement not satisfied)",
|
||||
"non-mandatory-script-verify-flag (Locktime requirement not satisfied)",
|
||||
"non-mandatory-script-verify-flag (Locktime requirement not satisfied)",
|
||||
"mandatory-script-verify-flag-failed (Operation not valid with the current stack size)",
|
||||
"mandatory-script-verify-flag-failed (Negative locktime)",
|
||||
"mandatory-script-verify-flag-failed (Locktime requirement not satisfied)",
|
||||
"mandatory-script-verify-flag-failed (Locktime requirement not satisfied)",
|
||||
"mandatory-script-verify-flag-failed (Locktime requirement not satisfied)",
|
||||
][i]
|
||||
# First we show that this tx is valid except for CLTV by getting it
|
||||
# rejected from the mempool for exactly that reason.
|
||||
|
||||
@@ -407,9 +407,9 @@ class BIP68_112_113Test(BitcoinTestFramework):
|
||||
|
||||
# -1 OP_CSV tx and (empty stack) OP_CSV tx should fail
|
||||
self.send_blocks([self.create_test_block([bip112tx_special_v1])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Negative locktime)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Negative locktime)')
|
||||
self.send_blocks([self.create_test_block([bip112tx_emptystack_v1])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Operation not valid with the current stack size)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Operation not valid with the current stack size)')
|
||||
# If SEQUENCE_LOCKTIME_DISABLE_FLAG is set in argument to OP_CSV, version 1 txs should still pass
|
||||
|
||||
success_txs = [tx['tx'] for tx in bip112txs_vary_OP_CSV_v1 if tx['sdf']]
|
||||
@@ -424,15 +424,15 @@ class BIP68_112_113Test(BitcoinTestFramework):
|
||||
fail_txs += [tx['tx'] for tx in bip112txs_vary_OP_CSV_9_v1 if not tx['sdf']]
|
||||
for tx in fail_txs:
|
||||
self.send_blocks([self.create_test_block([tx])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Locktime requirement not satisfied)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Locktime requirement not satisfied)')
|
||||
|
||||
self.log.info("Test version 2 txs")
|
||||
|
||||
# -1 OP_CSV tx and (empty stack) OP_CSV tx should fail
|
||||
self.send_blocks([self.create_test_block([bip112tx_special_v2])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Negative locktime)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Negative locktime)')
|
||||
self.send_blocks([self.create_test_block([bip112tx_emptystack_v2])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Operation not valid with the current stack size)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Operation not valid with the current stack size)')
|
||||
|
||||
# If SEQUENCE_LOCKTIME_DISABLE_FLAG is set in argument to OP_CSV, version 2 txs should pass (all sequence locks are met)
|
||||
success_txs = [tx['tx'] for tx in bip112txs_vary_OP_CSV_v2 if tx['sdf']]
|
||||
@@ -448,20 +448,20 @@ class BIP68_112_113Test(BitcoinTestFramework):
|
||||
fail_txs += [tx['tx'] for tx in bip112txs_vary_OP_CSV_9_v2 if not tx['sdf']]
|
||||
for tx in fail_txs:
|
||||
self.send_blocks([self.create_test_block([tx])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Locktime requirement not satisfied)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Locktime requirement not satisfied)')
|
||||
|
||||
# If SEQUENCE_LOCKTIME_DISABLE_FLAG is set in nSequence, tx should fail
|
||||
fail_txs = [tx['tx'] for tx in bip112txs_vary_nSequence_v2 if tx['sdf']]
|
||||
for tx in fail_txs:
|
||||
self.send_blocks([self.create_test_block([tx])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Locktime requirement not satisfied)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Locktime requirement not satisfied)')
|
||||
|
||||
# If sequencelock types mismatch, tx should fail
|
||||
fail_txs = [tx['tx'] for tx in bip112txs_vary_nSequence_v2 if not tx['sdf'] and tx['stf']]
|
||||
fail_txs += [tx['tx'] for tx in bip112txs_vary_OP_CSV_v2 if not tx['sdf'] and tx['stf']]
|
||||
for tx in fail_txs:
|
||||
self.send_blocks([self.create_test_block([tx])], success=False,
|
||||
reject_reason='non-mandatory-script-verify-flag (Locktime requirement not satisfied)')
|
||||
reject_reason='mandatory-script-verify-flag-failed (Locktime requirement not satisfied)')
|
||||
|
||||
# Remaining txs should pass, just test masking works properly
|
||||
success_txs = [tx['tx'] for tx in bip112txs_vary_nSequence_v2 if not tx['sdf'] and not tx['stf']]
|
||||
|
||||
@@ -120,7 +120,7 @@ class BIP66Test(BitcoinTestFramework):
|
||||
'txid': spendtx.hash,
|
||||
'wtxid': spendtx.getwtxid(),
|
||||
'allowed': False,
|
||||
'reject-reason': 'non-mandatory-script-verify-flag (Non-canonical DER signature)',
|
||||
'reject-reason': 'mandatory-script-verify-flag-failed (Non-canonical DER signature)',
|
||||
}],
|
||||
self.nodes[0].testmempoolaccept(rawtxs=[spendtx.serialize().hex()], maxfeerate=0),
|
||||
)
|
||||
@@ -130,7 +130,7 @@ class BIP66Test(BitcoinTestFramework):
|
||||
block.hashMerkleRoot = block.calc_merkle_root()
|
||||
block.solve()
|
||||
|
||||
with self.nodes[0].assert_debug_log(expected_msgs=[f'CheckInputScripts on {block.vtx[-1].hash} failed with non-mandatory-script-verify-flag (Non-canonical DER signature)']):
|
||||
with self.nodes[0].assert_debug_log(expected_msgs=[f'CheckInputScripts on {block.vtx[-1].hash} failed with mandatory-script-verify-flag-failed (Non-canonical DER signature)']):
|
||||
peer.send_and_ping(msg_block(block))
|
||||
assert_equal(int(self.nodes[0].getbestblockhash(), 16), tip)
|
||||
peer.sync_with_ping()
|
||||
|
||||
@@ -37,7 +37,7 @@ from test_framework.util import (
|
||||
from test_framework.wallet import getnewdestination
|
||||
from test_framework.wallet_util import generate_keypair
|
||||
|
||||
NULLDUMMY_ERROR = "non-mandatory-script-verify-flag (Dummy CHECKMULTISIG argument must be zero)"
|
||||
NULLDUMMY_ERROR = "mandatory-script-verify-flag-failed (Dummy CHECKMULTISIG argument must be zero)"
|
||||
|
||||
|
||||
def invalidate_nulldummy_tx(tx):
|
||||
|
||||
@@ -215,13 +215,13 @@ class SegWitTest(BitcoinTestFramework):
|
||||
|
||||
self.log.info("Verify default node can't accept txs with missing witness")
|
||||
# unsigned, no scriptsig
|
||||
self.fail_accept(self.nodes[0], "non-mandatory-script-verify-flag (Witness program hash mismatch)", wit_ids[NODE_0][P2WPKH][0], sign=False)
|
||||
self.fail_accept(self.nodes[0], "non-mandatory-script-verify-flag (Witness program was passed an empty witness)", wit_ids[NODE_0][P2WSH][0], sign=False)
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Witness program hash mismatch)", wit_ids[NODE_0][P2WPKH][0], sign=False)
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Witness program was passed an empty witness)", wit_ids[NODE_0][P2WSH][0], sign=False)
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Operation not valid with the current stack size)", p2sh_ids[NODE_0][P2WPKH][0], sign=False)
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Operation not valid with the current stack size)", p2sh_ids[NODE_0][P2WSH][0], sign=False)
|
||||
# unsigned with redeem script
|
||||
self.fail_accept(self.nodes[0], "non-mandatory-script-verify-flag (Witness program hash mismatch)", p2sh_ids[NODE_0][P2WPKH][0], sign=False, redeem_script=witness_script(False, self.pubkey[0]))
|
||||
self.fail_accept(self.nodes[0], "non-mandatory-script-verify-flag (Witness program was passed an empty witness)", p2sh_ids[NODE_0][P2WSH][0], sign=False, redeem_script=witness_script(True, self.pubkey[0]))
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Witness program hash mismatch)", p2sh_ids[NODE_0][P2WPKH][0], sign=False, redeem_script=witness_script(False, self.pubkey[0]))
|
||||
self.fail_accept(self.nodes[0], "mandatory-script-verify-flag-failed (Witness program was passed an empty witness)", p2sh_ids[NODE_0][P2WSH][0], sign=False, redeem_script=witness_script(True, self.pubkey[0]))
|
||||
|
||||
self.log.info("Verify block and transaction serialization rpcs return differing serializations depending on rpc serialization flag")
|
||||
assert self.nodes[2].getblock(blockhash, False) != self.nodes[0].getblock(blockhash, False)
|
||||
@@ -244,10 +244,10 @@ class SegWitTest(BitcoinTestFramework):
|
||||
assert_equal(witnesses[0], '00' * 32)
|
||||
|
||||
self.log.info("Verify witness txs without witness data are invalid after the fork")
|
||||
self.fail_accept(self.nodes[2], 'non-mandatory-script-verify-flag (Witness program hash mismatch)', wit_ids[NODE_2][P2WPKH][2], sign=False)
|
||||
self.fail_accept(self.nodes[2], 'non-mandatory-script-verify-flag (Witness program was passed an empty witness)', wit_ids[NODE_2][P2WSH][2], sign=False)
|
||||
self.fail_accept(self.nodes[2], 'non-mandatory-script-verify-flag (Witness program hash mismatch)', p2sh_ids[NODE_2][P2WPKH][2], sign=False, redeem_script=witness_script(False, self.pubkey[2]))
|
||||
self.fail_accept(self.nodes[2], 'non-mandatory-script-verify-flag (Witness program was passed an empty witness)', p2sh_ids[NODE_2][P2WSH][2], sign=False, redeem_script=witness_script(True, self.pubkey[2]))
|
||||
self.fail_accept(self.nodes[2], 'mandatory-script-verify-flag-failed (Witness program hash mismatch)', wit_ids[NODE_2][P2WPKH][2], sign=False)
|
||||
self.fail_accept(self.nodes[2], 'mandatory-script-verify-flag-failed (Witness program was passed an empty witness)', wit_ids[NODE_2][P2WSH][2], sign=False)
|
||||
self.fail_accept(self.nodes[2], 'mandatory-script-verify-flag-failed (Witness program hash mismatch)', p2sh_ids[NODE_2][P2WPKH][2], sign=False, redeem_script=witness_script(False, self.pubkey[2]))
|
||||
self.fail_accept(self.nodes[2], 'mandatory-script-verify-flag-failed (Witness program was passed an empty witness)', p2sh_ids[NODE_2][P2WSH][2], sign=False, redeem_script=witness_script(True, self.pubkey[2]))
|
||||
|
||||
self.log.info("Verify default node can now use witness txs")
|
||||
self.success_mine(self.nodes[0], wit_ids[NODE_0][P2WPKH][0], True)
|
||||
|
||||
@@ -512,10 +512,10 @@ class SegWitTest(BitcoinTestFramework):
|
||||
# without a witness is invalid).
|
||||
# Note: The reject reason for this failure could be
|
||||
# 'block-validation-failed' (if script check threads > 1) or
|
||||
# 'non-mandatory-script-verify-flag (Witness program was passed an
|
||||
# 'mandatory-script-verify-flag-failed (Witness program was passed an
|
||||
# empty witness)' (otherwise).
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False, with_witness=False,
|
||||
reason='non-mandatory-script-verify-flag (Witness program was passed an empty witness)')
|
||||
reason='mandatory-script-verify-flag-failed (Witness program was passed an empty witness)')
|
||||
|
||||
self.utxo.pop(0)
|
||||
self.utxo.append(UTXO(txid, 2, value))
|
||||
@@ -708,7 +708,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
# segwit activation. Note that older bitcoind's that are not
|
||||
# segwit-aware would also reject this for failing CLEANSTACK.
|
||||
with self.nodes[0].assert_debug_log(
|
||||
expected_msgs=(spend_tx.hash, 'was not accepted: non-mandatory-script-verify-flag (Witness program was passed an empty witness)')):
|
||||
expected_msgs=(spend_tx.hash, 'was not accepted: mandatory-script-verify-flag-failed (Witness program was passed an empty witness)')):
|
||||
test_transaction_acceptance(self.nodes[0], self.test_node, spend_tx, with_witness=False, accepted=False)
|
||||
|
||||
# Try to put the witness script in the scriptSig, should also fail.
|
||||
@@ -999,7 +999,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
|
||||
# Extra witness data should not be allowed.
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Witness provided for non-witness script)')
|
||||
reason='mandatory-script-verify-flag-failed (Witness provided for non-witness script)')
|
||||
|
||||
# Try extra signature data. Ok if we're not spending a witness output.
|
||||
block.vtx[1].wit.vtxinwit = []
|
||||
@@ -1025,7 +1025,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
|
||||
# This has extra witness data, so it should fail.
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Stack size must be exactly one after execution)')
|
||||
reason='mandatory-script-verify-flag-failed (Stack size must be exactly one after execution)')
|
||||
|
||||
# Now get rid of the extra witness, but add extra scriptSig data
|
||||
tx2.vin[0].scriptSig = CScript([OP_TRUE])
|
||||
@@ -1038,7 +1038,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
|
||||
# This has extra signature data for a witness input, so it should fail.
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Witness requires empty scriptSig)')
|
||||
reason='mandatory-script-verify-flag-failed (Witness requires empty scriptSig)')
|
||||
|
||||
# Now get rid of the extra scriptsig on the witness input, and verify
|
||||
# success (even with extra scriptsig data in the non-witness input)
|
||||
@@ -1077,7 +1077,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
|
||||
self.update_witness_block_with_transactions(block, [tx, tx2])
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Push value size limit exceeded)')
|
||||
reason='mandatory-script-verify-flag-failed (Push value size limit exceeded)')
|
||||
|
||||
# Now reduce the length of the stack element
|
||||
tx2.wit.vtxinwit[0].scriptWitness.stack[0] = b'a' * (MAX_SCRIPT_ELEMENT_SIZE)
|
||||
@@ -1118,7 +1118,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
self.update_witness_block_with_transactions(block, [tx, tx2])
|
||||
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Script is too big)')
|
||||
reason='mandatory-script-verify-flag-failed (Script is too big)')
|
||||
|
||||
# Try again with one less byte in the witness script
|
||||
witness_script = CScript([b'a' * MAX_SCRIPT_ELEMENT_SIZE] * 19 + [OP_DROP] * 62 + [OP_TRUE])
|
||||
@@ -1210,7 +1210,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
block.vtx = [block.vtx[0]]
|
||||
self.update_witness_block_with_transactions(block, [tx2])
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Operation not valid with the current stack size)')
|
||||
reason='mandatory-script-verify-flag-failed (Operation not valid with the current stack size)')
|
||||
|
||||
# Fix the broken witness and the block should be accepted.
|
||||
tx2.wit.vtxinwit[5].scriptWitness.stack = [b'a', witness_script]
|
||||
@@ -1572,7 +1572,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
sign_p2pk_witness_input(witness_script, tx, 0, hashtype, prev_utxo.nValue + 1, key)
|
||||
self.update_witness_block_with_transactions(block, [tx])
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Script evaluated without error '
|
||||
reason='mandatory-script-verify-flag-failed (Script evaluated without error '
|
||||
'but finished with a false/empty top stack element')
|
||||
|
||||
# Too-small input value
|
||||
@@ -1580,7 +1580,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
block.vtx.pop() # remove last tx
|
||||
self.update_witness_block_with_transactions(block, [tx])
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Script evaluated without error '
|
||||
reason='mandatory-script-verify-flag-failed (Script evaluated without error '
|
||||
'but finished with a false/empty top stack element')
|
||||
|
||||
# Now try correct value
|
||||
@@ -1684,7 +1684,7 @@ class SegWitTest(BitcoinTestFramework):
|
||||
block = self.build_next_block()
|
||||
self.update_witness_block_with_transactions(block, [tx, tx2])
|
||||
test_witness_block(self.nodes[0], self.test_node, block, accepted=False,
|
||||
reason='non-mandatory-script-verify-flag (Witness requires empty scriptSig)')
|
||||
reason='mandatory-script-verify-flag-failed (Witness requires empty scriptSig)')
|
||||
|
||||
# Move the signature to the witness.
|
||||
block.vtx.pop()
|
||||
|
||||
Reference in New Issue
Block a user