bitcoin

mirror of https://github.com/bitcoin/bitcoin.git synced 2026-01-19 23:03:45 +01:00

Files

merge-script c281bb6837 Merge bitcoin/bitcoin#32924 : test: add valid tx test with minimum-sized ECDSA signature (8 bytes DER-encoded)

5fa81e239a test: add valid tx test with minimum-sized ECDSA signature (8 bytes DER-encoded) (Sebastian Falbesoner)

Pull request description:

  Currently in our tests, all ECDSA signatures passing verification have sizes of 69 bytes and above (that's the DER-encoded size, i.e. counted without the sighash flag byte) [1]. This PR adds test coverage for the minimum-sized valid case of 8 bytes, by taking an interesting testnet transaction that I stumbled upon:
  https://mempool.space/testnet/tx/c6c232a36395fa338da458b86ff1327395a9afc28c5d2daa4273e410089fd433
  Note that this is a very obscure construction that only works because the public key used isn't contained in the locking script, but calculated and provided later at spending time (see https://bitcointalk.org/index.php?topic=1729534.msg17309060#msg17309060 for an explainer), to match the message (sighash) and picked signature. So this doesn't represent a use-case that really makes sense in practice, but it can still appear in a block (not in mempool though, due to `SCRIPT_VERIFY_CONST_SCRIPTCODE`), and having test-coverage seems useful.

  Can be tested with same patch below (tests crash with the condition `>= 9`, but pass with `>= 8`).

  [1] this can be verified by applying the following patch and running the tests:
  ```diff
  diff --git a/src/pubkey.cpp b/src/pubkey.cpp
  index a4ca9a170a..bee0caa603 100644
  --- a/src/pubkey.cpp
  +++ b/src/pubkey.cpp
  @@ -288,7 +288,9 @@ bool CPubKey::Verify(const uint256 &hash, const std::vector<unsigned char>& vchS
       /* libsecp256k1's ECDSA verification requires lower-S signatures, which have
        * not historically been enforced in Bitcoin, so normalize them first. */
       secp256k1_ecdsa_signature_normalize(secp256k1_context_static, &sig, &sig);
  -    return secp256k1_ecdsa_verify(secp256k1_context_static, &sig, hash.begin(), &pubkey);
  +    bool ret = secp256k1_ecdsa_verify(secp256k1_context_static, &sig, hash.begin(), &pubkey);
  +    if (ret) assert(vchSig.size() >= 69);
  +    return ret;
   }
  ```

ACKs for top commit:
  ajtowns:
    ACK 5fa81e239a lgtm
  fjahr:
    tACK 5fa81e239a
  real-or-random:
    utACK 5fa81e239a interesting case

Tree-SHA512: d1f0612fdb71c9238ca0420f574f6f246e60dbd11970b23f21d082c759a89ff98a13b12a1f6266f14f20539ec437b7ab79322082278da32984ddfee2d8893356

2025-10-30 16:32:51 +00:00

asmap.raw

Integrate ASN bucketing in Addrman and add tests

2019-12-25 08:59:08 -05:00

base58_encode_decode.json

test: Extend base58_encode_decode.json with edge cases

2025-01-04 13:13:31 +01:00

bip341_wallet_vectors.json

tests: implement BIP341 test vectors

2021-11-12 12:05:00 -05:00

blockfilters.json

blockfilter: Update BIP 158 test vectors.

2019-04-06 12:10:55 -07:00

key_io_invalid.json

scripted-diff: Regenerate key_io data deterministically

2022-04-06 17:08:07 +02:00

key_io_valid.json

test: use testnet4 in key_io_valid.json

2025-03-26 12:29:04 +01:00

README.md

Enable TLS in links in documentation

2021-09-16 22:00:20 +00:00

script_tests.json

test: check proper OP_2ROT behavior

2025-07-23 13:52:17 -03:00

sighash.json

Add sighash tests from data file

2014-03-31 11:19:19 -03:00

tx_invalid.json

refactor: Rename CTransaction::nVersion to version

2024-06-07 13:55:23 -04:00

tx_valid.json

test: add valid tx test with minimum-sized ECDSA signature (8 bytes DER-encoded)

2025-07-08 19:45:22 +02:00

README.md

Description

This directory contains data-driven tests for various aspects of Bitcoin.

License

The data files in this directory are distributed under the MIT software license, see the accompanying file COPYING or https://www.opensource.org/licenses/mit-license.php.