Taproot policy change

jl2012 · elichai · commit e4715e6df1c0 · 2019-08-22T18:25:15.000-04:00
diff --git a/src/policy/policy.cpp b/src/policy/policy.cpp
@@ -219,16 +219,27 @@ bool IsWitnessStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
         if (!prevScript.IsWitnessProgram(witnessversion, witnessprogram))
             return false;
 
-        // Check P2WSH standard limits
-        if (witnessversion == 0 && witnessprogram.size() == WITNESS_V0_SCRIPTHASH_SIZE) {
-            if (tx.vin[i].scriptWitness.stack.back().size() > MAX_STANDARD_P2WSH_SCRIPT_SIZE)
-                return false;
-            size_t sizeWitnessStack = tx.vin[i].scriptWitness.stack.size() - 1;
-            if (sizeWitnessStack > MAX_STANDARD_P2WSH_STACK_ITEMS)
-                return false;
-            for (unsigned int j = 0; j < sizeWitnessStack; j++) {
-                if (tx.vin[i].scriptWitness.stack[j].size() > MAX_STANDARD_P2WSH_STACK_ITEM_SIZE)
-                    return false;
+        auto stack = tx.vin[i].scriptWitness.stack;
+        if (stack.size() >= 2 && !stack.back().empty() && stack.back()[0] == ANNEX_TAG) {
+            return false; // annex is non-standard
+        }
+
+        bool p2wsh = (witnessversion == 0 && witnessprogram.size() == WITNESS_V0_SCRIPTHASH_SIZE);
+        bool taproot = (witnessversion == 1 && witnessprogram.size() == WITNESS_V1_TAPROOT_SIZE && (witnessprogram[0] & 0xfe) == 0);
+
+        // Preprocessing for TAPROOT
+        if (taproot) {
+            if (stack.size() <= 1) return true;
+            stack.pop_back();
+        }
+
+        // Check P2WSH and TAPROOT standard limits
+        if (p2wsh || taproot) {
+            if (stack.back().size() > MAX_STANDARD_WITNESS_SCRIPT_SIZE) return false;
+            stack.pop_back();
+            if (stack.size() > MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS) return false;
+            for (const auto& item : stack) {
+                if (item.size() > MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE) return false;
             }
         }
     }
diff --git a/src/policy/policy.h b/src/policy/policy.h
@@ -36,12 +36,12 @@ static const unsigned int DEFAULT_INCREMENTAL_RELAY_FEE = 1000;
 static const unsigned int DEFAULT_BYTES_PER_SIGOP = 20;
 /** Default for -permitbaremultisig */
 static const bool DEFAULT_PERMIT_BAREMULTISIG = true;
-/** The maximum number of witness stack items in a standard P2WSH script */
-static const unsigned int MAX_STANDARD_P2WSH_STACK_ITEMS = 100;
-/** The maximum size of each witness stack item in a standard P2WSH script */
-static const unsigned int MAX_STANDARD_P2WSH_STACK_ITEM_SIZE = 80;
-/** The maximum size of a standard witnessScript */
-static const unsigned int MAX_STANDARD_P2WSH_SCRIPT_SIZE = 3600;
+/** The maximum number of witness input stack items in a standard witness script */
+static const unsigned int MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS = 210;
+/** The maximum size of each witness stack item in a standard witness script */
+static const unsigned int MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE = 80;
+/** The maximum size of a standard witness script */
+static const unsigned int MAX_STANDARD_WITNESS_SCRIPT_SIZE = 7100;
 /** Min feerate for defining dust. Historically this has been based on the
  * minRelayTxFee, however changing the dust limit changes which transactions are
  * standard and should be done with care and ideally rarely. It makes sense to
@@ -68,7 +68,12 @@ static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VE
                                                              SCRIPT_VERIFY_WITNESS |
                                                              SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM |
                                                              SCRIPT_VERIFY_WITNESS_PUBKEYTYPE |
-                                                             SCRIPT_VERIFY_CONST_SCRIPTCODE;
+                                                             SCRIPT_VERIFY_CONST_SCRIPTCODE |
+                                                             SCRIPT_VERIFY_TAPROOT |
+                                                             SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION |
+                                                             SCRIPT_VERIFY_DISCOURAGE_UNKNOWN_ANNEX |
+                                                             SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS |
+                                                             SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE;
 
 /** For convenience, standard but not mandatory verify flags. */
 static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;
diff --git a/src/script/interpreter.h b/src/script/interpreter.h
@@ -187,6 +187,7 @@ struct ScriptExecutionData
 /** Signature hash sizes */
 static constexpr size_t WITNESS_V0_SCRIPTHASH_SIZE = 32;
 static constexpr size_t WITNESS_V0_KEYHASH_SIZE = 20;
+static constexpr size_t WITNESS_V1_TAPROOT_SIZE = 33;
 
 template <class T>
 uint256 SignatureHash(const CScript& scriptCode, const T& txTo, unsigned int nIn, int nHashType, const CAmount& amount, SigVersion sigversion, const PrecomputedTransactionData* cache = nullptr);
diff --git a/test/functional/p2p_segwit.py b/test/functional/p2p_segwit.py
@@ -89,6 +89,12 @@
 MAX_SIGOP_COST = 80000
 
 SEGWIT_HEIGHT = 120
+MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS = 210
+MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE = 80
+MAX_STANDARD_WITNESS_SCRIPT_SIZE = 7100
+# Extra restrictions make tests easier
+assert MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS < 403 and (MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS % 2) == 0
+assert MAX_STANDARD_WITNESS_SCRIPT_SIZE % 50 == 0
 
 class UTXO():
     """Used to keep track of anyone-can-spend outputs that we can use in the tests."""
@@ -1797,10 +1803,12 @@ def test_non_standard_witness(self):
 
         # Create scripts for tests
         scripts = []
-        scripts.append(CScript([OP_DROP] * 100))
-        scripts.append(CScript([OP_DROP] * 99))
-        scripts.append(CScript([pad * 59] * 59 + [OP_DROP] * 60))
-        scripts.append(CScript([pad * 59] * 59 + [OP_DROP] * 61))
+        scripts.append(CScript([OP_2DROP] * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS // 2)))
+        scripts.append(CScript([OP_2DROP] * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS // 2 - 1) + [OP_DROP]))
+        scripts.append(CScript([pad * 48] * (MAX_STANDARD_WITNESS_SCRIPT_SIZE // 50) + [OP_DROP] * (MAX_STANDARD_WITNESS_SCRIPT_SIZE // 50)))
+        scripts.append(CScript([pad * 48] * (MAX_STANDARD_WITNESS_SCRIPT_SIZE // 50) + [OP_DROP] * (MAX_STANDARD_WITNESS_SCRIPT_SIZE // 50 + 1)))
+        assert len(scripts[2]) == MAX_STANDARD_WITNESS_SCRIPT_SIZE
+        assert len(scripts[3]) == MAX_STANDARD_WITNESS_SCRIPT_SIZE + 1
 
         p2wsh_scripts = []
 
@@ -1840,45 +1848,45 @@ def test_non_standard_witness(self):
             p2sh_txs.append(p2sh_tx)
 
         # Testing native P2WSH
-        # Witness stack size, excluding witnessScript, over 100 is non-standard
-        p2wsh_txs[0].wit.vtxinwit[0].scriptWitness.stack = [pad] * 101 + [scripts[0]]
+        # Witness stack size, excluding witnessScript, over MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS is non-standard
+        p2wsh_txs[0].wit.vtxinwit[0].scriptWitness.stack = [pad] * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + 1) + [scripts[0]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2wsh_txs[0], True, False, 'bad-witness-nonstandard')
         # Non-standard nodes should accept
         test_transaction_acceptance(self.nodes[0], self.test_node, p2wsh_txs[0], True, True)
 
-        # Stack element size over 80 bytes is non-standard
-        p2wsh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * 81] * 100 + [scripts[1]]
+        # Stack element size over MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE bytes is non-standard
+        p2wsh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE + 1)] * MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + [scripts[1]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2wsh_txs[1], True, False, 'bad-witness-nonstandard')
         # Non-standard nodes should accept
         test_transaction_acceptance(self.nodes[0], self.test_node, p2wsh_txs[1], True, True)
-        # Standard nodes should accept if element size is not over 80 bytes
-        p2wsh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * 80] * 100 + [scripts[1]]
+        # Standard nodes should accept if element size is not over MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE
+        p2wsh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE] * MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + [scripts[1]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2wsh_txs[1], True, True)
 
-        # witnessScript size at 3600 bytes is standard
-        p2wsh_txs[2].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, scripts[2]]
+        # witnessScript size at 7100 bytes is standard
+        p2wsh_txs[2].wit.vtxinwit[0].scriptWitness.stack = [pad, scripts[2]]
         test_transaction_acceptance(self.nodes[0], self.test_node, p2wsh_txs[2], True, True)
         test_transaction_acceptance(self.nodes[1], self.std_node, p2wsh_txs[2], True, True)
 
-        # witnessScript size at 3601 bytes is non-standard
-        p2wsh_txs[3].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, pad, scripts[3]]
+        # witnessScript size at 7101 bytes is non-standard
+        p2wsh_txs[3].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, scripts[3]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2wsh_txs[3], True, False, 'bad-witness-nonstandard')
         # Non-standard nodes should accept
         test_transaction_acceptance(self.nodes[0], self.test_node, p2wsh_txs[3], True, True)
 
         # Repeating the same tests with P2SH-P2WSH
-        p2sh_txs[0].wit.vtxinwit[0].scriptWitness.stack = [pad] * 101 + [scripts[0]]
+        p2sh_txs[0].wit.vtxinwit[0].scriptWitness.stack = [pad] * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + 1) + [scripts[0]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2sh_txs[0], True, False, 'bad-witness-nonstandard')
         test_transaction_acceptance(self.nodes[0], self.test_node, p2sh_txs[0], True, True)
-        p2sh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * 81] * 100 + [scripts[1]]
+        p2sh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * (MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE + 1)] * MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + [scripts[1]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2sh_txs[1], True, False, 'bad-witness-nonstandard')
         test_transaction_acceptance(self.nodes[0], self.test_node, p2sh_txs[1], True, True)
-        p2sh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * 80] * 100 + [scripts[1]]
+        p2sh_txs[1].wit.vtxinwit[0].scriptWitness.stack = [pad * MAX_STANDARD_WITNESS_INPUT_STACK_ITEM_SIZE] * MAX_STANDARD_WITNESS_INPUT_STACK_ITEMS + [scripts[1]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2sh_txs[1], True, True)
-        p2sh_txs[2].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, scripts[2]]
+        p2sh_txs[2].wit.vtxinwit[0].scriptWitness.stack = [pad, scripts[2]]
         test_transaction_acceptance(self.nodes[0], self.test_node, p2sh_txs[2], True, True)
         test_transaction_acceptance(self.nodes[1], self.std_node, p2sh_txs[2], True, True)
-        p2sh_txs[3].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, pad, scripts[3]]
+        p2sh_txs[3].wit.vtxinwit[0].scriptWitness.stack = [pad, pad, scripts[3]]
         test_transaction_acceptance(self.nodes[1], self.std_node, p2sh_txs[3], True, False, 'bad-witness-nonstandard')
         test_transaction_acceptance(self.nodes[0], self.test_node, p2sh_txs[3], True, True)
 
