Branch data Line data Source code
# 1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
# 2 : : // Copyright (c) 2009-2020 The Bitcoin Core developers
# 3 : : // Distributed under the MIT software license, see the accompanying
# 4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
# 5 : :
# 6 : : // NOTE: This file is intended to be customised by the end user, and includes only local node policy logic
# 7 : :
# 8 : : #include <policy/policy.h>
# 9 : :
# 10 : : #include <consensus/validation.h>
# 11 : : #include <coins.h>
# 12 : : #include <span.h>
# 13 : :
# 14 : : CAmount GetDustThreshold(const CTxOut& txout, const CFeeRate& dustRelayFeeIn)
# 15 : 148893 : {
# 16 : : // "Dust" is defined in terms of dustRelayFee,
# 17 : : // which has units satoshis-per-kilobyte.
# 18 : : // If you'd pay more in fees than the value of the output
# 19 : : // to spend something, then we consider it dust.
# 20 : : // A typical spendable non-segwit txout is 34 bytes big, and will
# 21 : : // need a CTxIn of at least 148 bytes to spend:
# 22 : : // so dust is a spendable txout less than
# 23 : : // 182*dustRelayFee/1000 (in satoshis).
# 24 : : // 546 satoshis at the default rate of 3000 sat/kvB.
# 25 : : // A typical spendable segwit txout is 31 bytes big, and will
# 26 : : // need a CTxIn of at least 67 bytes to spend:
# 27 : : // so dust is a spendable txout less than
# 28 : : // 98*dustRelayFee/1000 (in satoshis).
# 29 : : // 294 satoshis at the default rate of 3000 sat/kvB.
# 30 [ + + ]: 148893 : if (txout.scriptPubKey.IsUnspendable())
# 31 : 12 : return 0;
# 32 : :
# 33 : 148881 : size_t nSize = GetSerializeSize(txout);
# 34 : 148881 : int witnessversion = 0;
# 35 : 148881 : std::vector<unsigned char> witnessprogram;
# 36 : :
# 37 [ + + ]: 148881 : if (txout.scriptPubKey.IsWitnessProgram(witnessversion, witnessprogram)) {
# 38 : : // sum the sizes of the parts of a transaction input
# 39 : : // with 75% segwit discount applied to the script size.
# 40 : 142458 : nSize += (32 + 4 + 1 + (107 / WITNESS_SCALE_FACTOR) + 4);
# 41 : 142458 : } else {
# 42 : 6423 : nSize += (32 + 4 + 1 + 107 + 4); // the 148 mentioned above
# 43 : 6423 : }
# 44 : :
# 45 : 148881 : return dustRelayFeeIn.GetFee(nSize);
# 46 : 148881 : }
# 47 : :
# 48 : : bool IsDust(const CTxOut& txout, const CFeeRate& dustRelayFeeIn)
# 49 : 148893 : {
# 50 : 148893 : return (txout.nValue < GetDustThreshold(txout, dustRelayFeeIn));
# 51 : 148893 : }
# 52 : :
# 53 : : bool IsStandard(const CScript& scriptPubKey, TxoutType& whichType)
# 54 : 83208 : {
# 55 : 83208 : std::vector<std::vector<unsigned char> > vSolutions;
# 56 : 83208 : whichType = Solver(scriptPubKey, vSolutions);
# 57 : :
# 58 [ + + ]: 83208 : if (whichType == TxoutType::NONSTANDARD) {
# 59 : 79 : return false;
# 60 [ + + ]: 83129 : } else if (whichType == TxoutType::MULTISIG) {
# 61 : 20 : unsigned char m = vSolutions.front()[0];
# 62 : 20 : unsigned char n = vSolutions.back()[0];
# 63 : : // Support up to x-of-3 multisig txns as standard
# 64 [ - + ][ + + ]: 20 : if (n < 1 || n > 3)
# 65 : 2 : return false;
# 66 [ - + ][ - + ]: 18 : if (m < 1 || m > n)
# 67 : 0 : return false;
# 68 [ + + ]: 83109 : } else if (whichType == TxoutType::NULL_DATA &&
# 69 [ - + ][ + + ]: 83109 : (!fAcceptDatacarrier || scriptPubKey.size() > nMaxDatacarrierBytes)) {
# 70 : 2 : return false;
# 71 : 2 : }
# 72 : :
# 73 : 83125 : return true;
# 74 : 83125 : }
# 75 : :
# 76 : : bool IsStandardTx(const CTransaction& tx, bool permit_bare_multisig, const CFeeRate& dust_relay_fee, std::string& reason)
# 77 : 12712 : {
# 78 [ + + ][ + + ]: 12712 : if (tx.nVersion > TX_MAX_STANDARD_VERSION || tx.nVersion < 1) {
# 79 : 1244 : reason = "version";
# 80 : 1244 : return false;
# 81 : 1244 : }
# 82 : :
# 83 : : // Extremely large transactions with lots of inputs can cost the network
# 84 : : // almost as much to process as they cost the sender in fees, because
# 85 : : // computing signature hashes is O(ninputs*txsize). Limiting transactions
# 86 : : // to MAX_STANDARD_TX_WEIGHT mitigates CPU exhaustion attacks.
# 87 : 11468 : unsigned int sz = GetTransactionWeight(tx);
# 88 [ + + ]: 11468 : if (sz > MAX_STANDARD_TX_WEIGHT) {
# 89 : 6 : reason = "tx-size";
# 90 : 6 : return false;
# 91 : 6 : }
# 92 : :
# 93 [ + + ]: 11462 : for (const CTxIn& txin : tx.vin)
# 94 : 40692 : {
# 95 : : // Biggest 'standard' txin involving only keys is a 15-of-15 P2SH
# 96 : : // multisig with compressed keys (remember the 520 byte limit on
# 97 : : // redeemScript size). That works out to a (15*(33+1))+3=513 byte
# 98 : : // redeemScript, 513+1+15*(73+1)+3=1627 bytes of scriptSig, which
# 99 : : // we round off to 1650(MAX_STANDARD_SCRIPTSIG_SIZE) bytes for
# 100 : : // some minor future-proofing. That's also enough to spend a
# 101 : : // 20-of-20 CHECKMULTISIG scriptPubKey, though such a scriptPubKey
# 102 : : // is not considered standard.
# 103 [ + + ]: 40692 : if (txin.scriptSig.size() > MAX_STANDARD_SCRIPTSIG_SIZE) {
# 104 : 3 : reason = "scriptsig-size";
# 105 : 3 : return false;
# 106 : 3 : }
# 107 [ + + ]: 40689 : if (!txin.scriptSig.IsPushOnly()) {
# 108 : 303 : reason = "scriptsig-not-pushonly";
# 109 : 303 : return false;
# 110 : 303 : }
# 111 : 40689 : }
# 112 : :
# 113 : 11462 : unsigned int nDataOut = 0;
# 114 : 11156 : TxoutType whichType;
# 115 [ + + ]: 83188 : for (const CTxOut& txout : tx.vout) {
# 116 [ + + ]: 83188 : if (!::IsStandard(txout.scriptPubKey, whichType)) {
# 117 : 69 : reason = "scriptpubkey";
# 118 : 69 : return false;
# 119 : 69 : }
# 120 : :
# 121 [ + + ]: 83119 : if (whichType == TxoutType::NULL_DATA)
# 122 : 37 : nDataOut++;
# 123 [ + + ][ + + ]: 83082 : else if ((whichType == TxoutType::MULTISIG) && (!permit_bare_multisig)) {
# 124 : 3 : reason = "bare-multisig";
# 125 : 3 : return false;
# 126 [ + + ]: 83079 : } else if (IsDust(txout, dust_relay_fee)) {
# 127 : 9 : reason = "dust";
# 128 : 9 : return false;
# 129 : 9 : }
# 130 : 83119 : }
# 131 : :
# 132 : : // only one OP_RETURN txout is permitted
# 133 [ + + ]: 11156 : if (nDataOut > 1) {
# 134 : 7 : reason = "multi-op-return";
# 135 : 7 : return false;
# 136 : 7 : }
# 137 : :
# 138 : 11068 : return true;
# 139 : 11068 : }
# 140 : :
# 141 : : /**
# 142 : : * Check transaction inputs to mitigate two
# 143 : : * potential denial-of-service attacks:
# 144 : : *
# 145 : : * 1. scriptSigs with extra data stuffed into them,
# 146 : : * not consumed by scriptPubKey (or P2SH script)
# 147 : : * 2. P2SH scripts with a crazy number of expensive
# 148 : : * CHECKSIG/CHECKMULTISIG operations
# 149 : : *
# 150 : : * Why bother? To avoid denial-of-service attacks; an attacker
# 151 : : * can submit a standard HASH... OP_EQUAL transaction,
# 152 : : * which will get accepted into blocks. The redemption
# 153 : : * script can be anything; an attacker could use a very
# 154 : : * expensive-to-check-upon-redemption script like:
# 155 : : * DUP CHECKSIG DROP ... repeated 100 times... OP_1
# 156 : : *
# 157 : : * Note that only the non-witness portion of the transaction is checked here.
# 158 : : */
# 159 : : bool AreInputsStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs, bool taproot_active)
# 160 : 10807 : {
# 161 [ - + ]: 10807 : if (tx.IsCoinBase())
# 162 : 0 : return true; // Coinbases don't use vin normally
# 163 : :
# 164 [ + + ]: 44992 : for (unsigned int i = 0; i < tx.vin.size(); i++)
# 165 : 34402 : {
# 166 : 34402 : const CTxOut& prev = mapInputs.AccessCoin(tx.vin[i].prevout).out;
# 167 : :
# 168 : 34402 : std::vector<std::vector<unsigned char> > vSolutions;
# 169 : 34402 : TxoutType whichType = Solver(prev.scriptPubKey, vSolutions);
# 170 [ + + ][ + + ]: 34402 : if (whichType == TxoutType::NONSTANDARD || whichType == TxoutType::WITNESS_UNKNOWN) {
# 171 : : // WITNESS_UNKNOWN failures are typically also caught with a policy
# 172 : : // flag in the script interpreter, but it can be helpful to catch
# 173 : : // this type of NONSTANDARD transaction earlier in transaction
# 174 : : // validation.
# 175 : 205 : return false;
# 176 [ + + ]: 34197 : } else if (whichType == TxoutType::SCRIPTHASH) {
# 177 : 724 : std::vector<std::vector<unsigned char> > stack;
# 178 : : // convert the scriptSig into a stack, so we can inspect the redeemScript
# 179 [ - + ]: 724 : if (!EvalScript(stack, tx.vin[i].scriptSig, SCRIPT_VERIFY_NONE, BaseSignatureChecker(), SigVersion::BASE))
# 180 : 0 : return false;
# 181 [ - + ]: 724 : if (stack.empty())
# 182 : 0 : return false;
# 183 : 724 : CScript subscript(stack.back().begin(), stack.back().end());
# 184 [ + + ]: 724 : if (subscript.GetSigOpCount(true) > MAX_P2SH_SIGOPS) {
# 185 : 4 : return false;
# 186 : 4 : }
# 187 [ + + ]: 33473 : } else if (whichType == TxoutType::WITNESS_V1_TAPROOT) {
# 188 : : // Don't allow Taproot spends unless Taproot is active.
# 189 [ + + ]: 4675 : if (!taproot_active) return false;
# 190 : 4675 : }
# 191 : 34402 : }
# 192 : :
# 193 : 10807 : return true;
# 194 : 10807 : }
# 195 : :
# 196 : : bool IsWitnessStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
# 197 : 8145 : {
# 198 [ - + ]: 8145 : if (tx.IsCoinBase())
# 199 : 0 : return true; // Coinbases are skipped
# 200 : :
# 201 [ + + ]: 37446 : for (unsigned int i = 0; i < tx.vin.size(); i++)
# 202 : 29453 : {
# 203 : : // We don't care if witness for this input is empty, since it must not be bloated.
# 204 : : // If the script is invalid without witness, it would be caught sooner or later during validation.
# 205 [ + + ]: 29453 : if (tx.vin[i].scriptWitness.IsNull())
# 206 : 1708 : continue;
# 207 : :
# 208 : 27745 : const CTxOut &prev = mapInputs.AccessCoin(tx.vin[i].prevout).out;
# 209 : :
# 210 : : // get the scriptPubKey corresponding to this input:
# 211 : 27745 : CScript prevScript = prev.scriptPubKey;
# 212 : :
# 213 : 27745 : bool p2sh = false;
# 214 [ + + ]: 27745 : if (prevScript.IsPayToScriptHash()) {
# 215 : 563 : std::vector <std::vector<unsigned char> > stack;
# 216 : : // If the scriptPubKey is P2SH, we try to extract the redeemScript casually by converting the scriptSig
# 217 : : // into a stack. We do not check IsPushOnly nor compare the hash as these will be done later anyway.
# 218 : : // If the check fails at this stage, we know that this txid must be a bad one.
# 219 [ - + ]: 563 : if (!EvalScript(stack, tx.vin[i].scriptSig, SCRIPT_VERIFY_NONE, BaseSignatureChecker(), SigVersion::BASE))
# 220 : 0 : return false;
# 221 [ - + ]: 563 : if (stack.empty())
# 222 : 0 : return false;
# 223 : 563 : prevScript = CScript(stack.back().begin(), stack.back().end());
# 224 : 563 : p2sh = true;
# 225 : 563 : }
# 226 : :
# 227 : 27745 : int witnessversion = 0;
# 228 : 27745 : std::vector<unsigned char> witnessprogram;
# 229 : :
# 230 : : // Non-witness program must not be associated with any witness
# 231 [ + + ]: 27745 : if (!prevScript.IsWitnessProgram(witnessversion, witnessprogram))
# 232 : 1 : return false;
# 233 : :
# 234 : : // Check P2WSH standard limits
# 235 [ + + ][ + + ]: 27744 : if (witnessversion == 0 && witnessprogram.size() == WITNESS_V0_SCRIPTHASH_SIZE) {
# 236 [ + + ]: 546 : if (tx.vin[i].scriptWitness.stack.back().size() > MAX_STANDARD_P2WSH_SCRIPT_SIZE)
# 237 : 2 : return false;
# 238 : 544 : size_t sizeWitnessStack = tx.vin[i].scriptWitness.stack.size() - 1;
# 239 [ + + ]: 544 : if (sizeWitnessStack > MAX_STANDARD_P2WSH_STACK_ITEMS)
# 240 : 2 : return false;
# 241 [ + + ]: 1511 : for (unsigned int j = 0; j < sizeWitnessStack; j++) {
# 242 [ + + ]: 971 : if (tx.vin[i].scriptWitness.stack[j].size() > MAX_STANDARD_P2WSH_STACK_ITEM_SIZE)
# 243 : 2 : return false;
# 244 : 971 : }
# 245 : 542 : }
# 246 : :
# 247 : : // Check policy limits for Taproot spends:
# 248 : : // - MAX_STANDARD_TAPSCRIPT_STACK_ITEM_SIZE limit for stack item size
# 249 : : // - No annexes
# 250 [ + + ][ + + ]: 27744 : if (witnessversion == 1 && witnessprogram.size() == WITNESS_V1_TAPROOT_SIZE && !p2sh) {
# [ + + ]
# 251 : : // Taproot spend (non-P2SH-wrapped, version 1, witness program size 32; see BIP 341)
# 252 : 4507 : auto stack = MakeSpan(tx.vin[i].scriptWitness.stack);
# 253 [ + + ][ + + ]: 4507 : if (stack.size() >= 2 && !stack.back().empty() && stack.back()[0] == ANNEX_TAG) {
# [ + + ]
# 254 : : // Annexes are nonstandard as long as no semantics are defined for them.
# 255 : 106 : return false;
# 256 : 106 : }
# 257 [ + + ]: 4401 : if (stack.size() >= 2) {
# 258 : : // Script path spend (2 or more stack elements after removing optional annex)
# 259 : 3899 : const auto& control_block = SpanPopBack(stack);
# 260 : 3899 : SpanPopBack(stack); // Ignore script
# 261 [ + + ]: 3899 : if (control_block.empty()) return false; // Empty control block is invalid
# 262 [ + + ]: 3898 : if ((control_block[0] & TAPROOT_LEAF_MASK) == TAPROOT_LEAF_TAPSCRIPT) {
# 263 : : // Leaf version 0xc0 (aka Tapscript, see BIP 342)
# 264 [ + + ]: 268026 : for (const auto& item : stack) {
# 265 [ + + ]: 268026 : if (item.size() > MAX_STANDARD_TAPSCRIPT_STACK_ITEM_SIZE) return false;
# 266 : 268026 : }
# 267 : 2937 : }
# 268 [ + - ]: 3898 : } else if (stack.size() == 1) {
# 269 : : // Key path spend (1 stack element after removing optional annex)
# 270 : : // (no policy rules apply)
# 271 : 502 : } else {
# 272 : : // 0 stack elements; this is already invalid by consensus rules
# 273 : 0 : return false;
# 274 : 0 : }
# 275 : 4401 : }
# 276 : 27738 : }
# 277 : 8145 : return true;
# 278 : 8145 : }
# 279 : :
# 280 : : int64_t GetVirtualTransactionSize(int64_t nWeight, int64_t nSigOpCost, unsigned int bytes_per_sigop)
# 281 : 178095910 : {
# 282 : 178095910 : return (std::max(nWeight, nSigOpCost * bytes_per_sigop) + WITNESS_SCALE_FACTOR - 1) / WITNESS_SCALE_FACTOR;
# 283 : 178095910 : }
# 284 : :
# 285 : : int64_t GetVirtualTransactionSize(const CTransaction& tx, int64_t nSigOpCost, unsigned int bytes_per_sigop)
# 286 : 18505 : {
# 287 : 18505 : return GetVirtualTransactionSize(GetTransactionWeight(tx), nSigOpCost, bytes_per_sigop);
# 288 : 18505 : }
# 289 : :
# 290 : : int64_t GetVirtualTransactionInputSize(const CTxIn& txin, int64_t nSigOpCost, unsigned int bytes_per_sigop)
# 291 : 406527 : {
# 292 : 406527 : return GetVirtualTransactionSize(GetTransactionInputWeight(txin), nSigOpCost, bytes_per_sigop);
# 293 : 406527 : }
|