|
| 1 | +// Copyright (c) 2019 The Bitcoin Core developers |
| 2 | +// Distributed under the MIT software license, see the accompanying |
| 3 | +// file COPYING or http://www.opensource.org/licenses/mit-license.php. |
| 4 | + |
| 5 | +#include <string> |
| 6 | +#include <vector> |
| 7 | +#include <script/script.h> |
| 8 | +#include <script/miniscript.h> |
| 9 | + |
| 10 | +#include <assert.h> |
| 11 | + |
| 12 | +namespace miniscript { |
| 13 | +namespace internal { |
| 14 | + |
| 15 | +Type SanitizeType(Type e) { |
| 16 | + int num_types = (e << "K"_mst) + (e << "V"_mst) + (e << "B"_mst) + (e << "W"_mst); |
| 17 | + if (num_types == 0) return ""_mst; // No valid type, don't care about the rest |
| 18 | + assert(num_types == 1); // K, V, B, W all conflict with each other |
| 19 | + bool ok = // Work around a GCC 4.8 bug that breaks user-defined literals in macro calls. |
| 20 | + (!(e << "z"_mst) || !(e << "o"_mst)) && // z conflicts with o |
| 21 | + (!(e << "n"_mst) || !(e << "z"_mst)) && // n conflicts with z |
| 22 | + (!(e << "n"_mst) || !(e << "W"_mst)) && // n conflicts with W |
| 23 | + (!(e << "V"_mst) || !(e << "d"_mst)) && // V conflicts with d |
| 24 | + (!(e << "K"_mst) || (e << "u"_mst)) && // K implies u |
| 25 | + (!(e << "V"_mst) || !(e << "u"_mst)) && // V conflicts with u |
| 26 | + (!(e << "e"_mst) || !(e << "f"_mst)) && // e conflicts with f |
| 27 | + (!(e << "e"_mst) || (e << "d"_mst)) && // e implies d |
| 28 | + (!(e << "V"_mst) || !(e << "e"_mst)) && // V conflicts with e |
| 29 | + (!(e << "d"_mst) || !(e << "f"_mst)) && // d conflicts with f |
| 30 | + (!(e << "V"_mst) || (e << "f"_mst)) && // V implies f |
| 31 | + (!(e << "K"_mst) || (e << "s"_mst)) && // K implies s |
| 32 | + (!(e << "z"_mst) || (e << "m"_mst)); // z implies m |
| 33 | + assert(ok); |
| 34 | + return e; |
| 35 | +} |
| 36 | + |
| 37 | +Type ComputeType(Fragment nodetype, Type x, Type y, Type z, const std::vector<Type>& sub_types, uint32_t k, size_t data_size, size_t n_subs, size_t n_keys) { |
| 38 | + // Sanity check on data |
| 39 | + if (nodetype == Fragment::SHA256 || nodetype == Fragment::HASH256) { |
| 40 | + assert(data_size == 32); |
| 41 | + } else if (nodetype == Fragment::RIPEMD160 || nodetype == Fragment::HASH160) { |
| 42 | + assert(data_size == 20); |
| 43 | + } else { |
| 44 | + assert(data_size == 0); |
| 45 | + } |
| 46 | + // Sanity check on k |
| 47 | + if (nodetype == Fragment::OLDER || nodetype == Fragment::AFTER) { |
| 48 | + assert(k >= 1 && k < 0x80000000UL); |
| 49 | + } else if (nodetype == Fragment::MULTI) { |
| 50 | + assert(k >= 1 && k <= n_keys); |
| 51 | + } else if (nodetype == Fragment::THRESH) { |
| 52 | + assert(k >= 1 && k <= n_subs); |
| 53 | + } else { |
| 54 | + assert(k == 0); |
| 55 | + } |
| 56 | + // Sanity check on subs |
| 57 | + if (nodetype == Fragment::AND_V || nodetype == Fragment::AND_B || nodetype == Fragment::OR_B || |
| 58 | + nodetype == Fragment::OR_C || nodetype == Fragment::OR_I || nodetype == Fragment::OR_D) { |
| 59 | + assert(n_subs == 2); |
| 60 | + } else if (nodetype == Fragment::ANDOR) { |
| 61 | + assert(n_subs == 3); |
| 62 | + } else if (nodetype == Fragment::WRAP_A || nodetype == Fragment::WRAP_S || nodetype == Fragment::WRAP_C || |
| 63 | + nodetype == Fragment::WRAP_D || nodetype == Fragment::WRAP_V || nodetype == Fragment::WRAP_J || |
| 64 | + nodetype == Fragment::WRAP_N) { |
| 65 | + assert(n_subs == 1); |
| 66 | + } else if (nodetype != Fragment::THRESH) { |
| 67 | + assert(n_subs == 0); |
| 68 | + } |
| 69 | + // Sanity check on keys |
| 70 | + if (nodetype == Fragment::PK_K || nodetype == Fragment::PK_H) { |
| 71 | + assert(n_keys == 1); |
| 72 | + } else if (nodetype == Fragment::MULTI) { |
| 73 | + assert(n_keys >= 1 && n_keys <= 20); |
| 74 | + } else { |
| 75 | + assert(n_keys == 0); |
| 76 | + } |
| 77 | + |
| 78 | + // Below is the per-nodetype logic for computing the expression types. |
| 79 | + // It heavily relies on Type's << operator (where "X << a_mst" means |
| 80 | + // "X has all properties listed in a"). |
| 81 | + switch (nodetype) { |
| 82 | + case Fragment::PK_K: return "Konudemsxk"_mst; |
| 83 | + case Fragment::PK_H: return "Knudemsxk"_mst; |
| 84 | + case Fragment::OLDER: return |
| 85 | + "g"_mst.If(k & CTxIn::SEQUENCE_LOCKTIME_TYPE_FLAG) | |
| 86 | + "h"_mst.If(!(k & CTxIn::SEQUENCE_LOCKTIME_TYPE_FLAG)) | |
| 87 | + "Bzfmxk"_mst; |
| 88 | + case Fragment::AFTER: return |
| 89 | + "i"_mst.If(k >= LOCKTIME_THRESHOLD) | |
| 90 | + "j"_mst.If(k < LOCKTIME_THRESHOLD) | |
| 91 | + "Bzfmxk"_mst; |
| 92 | + case Fragment::SHA256: return "Bonudmk"_mst; |
| 93 | + case Fragment::RIPEMD160: return "Bonudmk"_mst; |
| 94 | + case Fragment::HASH256: return "Bonudmk"_mst; |
| 95 | + case Fragment::HASH160: return "Bonudmk"_mst; |
| 96 | + case Fragment::JUST_1: return "Bzufmxk"_mst; |
| 97 | + case Fragment::JUST_0: return "Bzudemsxk"_mst; |
| 98 | + case Fragment::WRAP_A: return |
| 99 | + "W"_mst.If(x << "B"_mst) | // W=B_x |
| 100 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 101 | + (x & "udfems"_mst) | // u=u_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x |
| 102 | + "x"_mst; // x |
| 103 | + case Fragment::WRAP_S: return |
| 104 | + "W"_mst.If(x << "Bo"_mst) | // W=B_x*o_x |
| 105 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 106 | + (x & "udfemsx"_mst); // u=u_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x, x=x_x |
| 107 | + case Fragment::WRAP_C: return |
| 108 | + "B"_mst.If(x << "K"_mst) | // B=K_x |
| 109 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 110 | + (x & "ondfem"_mst) | // o=o_x, n=n_x, d=d_x, f=f_x, e=e_x, m=m_x |
| 111 | + "us"_mst; // u, s |
| 112 | + case Fragment::WRAP_D: return |
| 113 | + "B"_mst.If(x << "Vz"_mst) | // B=V_x*z_x |
| 114 | + "o"_mst.If(x << "z"_mst) | // o=z_x |
| 115 | + "e"_mst.If(x << "f"_mst) | // e=f_x |
| 116 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 117 | + (x & "ms"_mst) | // m=m_x, s=s_x |
| 118 | + "nudx"_mst; // n, u, d, x |
| 119 | + case Fragment::WRAP_V: return |
| 120 | + "V"_mst.If(x << "B"_mst) | // V=B_x |
| 121 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 122 | + (x & "zonms"_mst) | // z=z_x, o=o_x, n=n_x, m=m_x, s=s_x |
| 123 | + "fx"_mst; // f, x |
| 124 | + case Fragment::WRAP_J: return |
| 125 | + "B"_mst.If(x << "Bn"_mst) | // B=B_x*n_x |
| 126 | + "e"_mst.If(x << "f"_mst) | // e=f_x |
| 127 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 128 | + (x & "oums"_mst) | // o=o_x, u=u_x, m=m_x, s=s_x |
| 129 | + "ndx"_mst; // n, d, x |
| 130 | + case Fragment::WRAP_N: return |
| 131 | + (x & "ghijk"_mst) | // g=g_x, h=h_x, i=i_x, j=j_x, k=k_x |
| 132 | + (x & "Bzondfems"_mst) | // B=B_x, z=z_x, o=o_x, n=n_x, d=d_x, f=f_x, e=e_x, m=m_x, s=s_x |
| 133 | + "ux"_mst; // u, x |
| 134 | + case Fragment::AND_V: return |
| 135 | + (y & "KVB"_mst).If(x << "V"_mst) | // B=V_x*B_y, V=V_x*V_y, K=V_x*K_y |
| 136 | + (x & "n"_mst) | (y & "n"_mst).If(x << "z"_mst) | // n=n_x+z_x*n_y |
| 137 | + ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y |
| 138 | + (x & y & "dmz"_mst) | // d=d_x*d_y, m=m_x*m_y, z=z_x*z_y |
| 139 | + ((x | y) & "s"_mst) | // s=s_x+s_y |
| 140 | + "f"_mst.If((y << "f"_mst) || (x << "s"_mst)) | // f=f_y+s_x |
| 141 | + (y & "ux"_mst) | // u=u_y, x=x_y |
| 142 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 143 | + "k"_mst.If(((x & y) << "k"_mst) && |
| 144 | + !(((x << "g"_mst) && (y << "h"_mst)) || |
| 145 | + ((x << "h"_mst) && (y << "g"_mst)) || |
| 146 | + ((x << "i"_mst) && (y << "j"_mst)) || |
| 147 | + ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*!(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y) |
| 148 | + case Fragment::AND_B: return |
| 149 | + (x & "B"_mst).If(y << "W"_mst) | // B=B_x*W_y |
| 150 | + ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y |
| 151 | + (x & "n"_mst) | (y & "n"_mst).If(x << "z"_mst) | // n=n_x+z_x*n_y |
| 152 | + (x & y & "e"_mst).If((x & y) << "s"_mst) | // e=e_x*e_y*s_x*s_y |
| 153 | + (x & y & "dzm"_mst) | // d=d_x*d_y, z=z_x*z_y, m=m_x*m_y |
| 154 | + "f"_mst.If(((x & y) << "f"_mst) || (x << "sf"_mst) || (y << "sf"_mst)) | // f=f_x*f_y + f_x*s_x + f_y*s_y |
| 155 | + ((x | y) & "s"_mst) | // s=s_x+s_y |
| 156 | + "ux"_mst | // u, x |
| 157 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 158 | + "k"_mst.If(((x & y) << "k"_mst) && |
| 159 | + !(((x << "g"_mst) && (y << "h"_mst)) || |
| 160 | + ((x << "h"_mst) && (y << "g"_mst)) || |
| 161 | + ((x << "i"_mst) && (y << "j"_mst)) || |
| 162 | + ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*!(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y) |
| 163 | + case Fragment::OR_B: return |
| 164 | + "B"_mst.If(x << "Bd"_mst && y << "Wd"_mst) | // B=B_x*d_x*W_x*d_y |
| 165 | + ((x | y) & "o"_mst).If((x | y) << "z"_mst) | // o=o_x*z_y+z_x*o_y |
| 166 | + (x & y & "m"_mst).If((x | y) << "s"_mst && (x & y) << "e"_mst) | // m=m_x*m_y*e_x*e_y*(s_x+s_y) |
| 167 | + (x & y & "zse"_mst) | // z=z_x*z_y, s=s_x*s_y, e=e_x*e_y |
| 168 | + "dux"_mst | // d, u, x |
| 169 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 170 | + (x & y & "k"_mst); // k=k_x*k_y |
| 171 | + case Fragment::OR_D: return |
| 172 | + (y & "B"_mst).If(x << "Bdu"_mst) | // B=B_y*B_x*d_x*u_x |
| 173 | + (x & "o"_mst).If(y << "z"_mst) | // o=o_x*z_y |
| 174 | + (x & y & "m"_mst).If(x << "e"_mst && (x | y) << "s"_mst) | // m=m_x*m_y*e_x*(s_x+s_y) |
| 175 | + (x & y & "zes"_mst) | // z=z_x*z_y, e=e_x*e_y, s=s_x*s_y |
| 176 | + (y & "ufd"_mst) | // u=u_y, f=f_y, d=d_y |
| 177 | + "x"_mst | // x |
| 178 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 179 | + (x & y & "k"_mst); // k=k_x*k_y |
| 180 | + case Fragment::OR_C: return |
| 181 | + (y & "V"_mst).If(x << "Bdu"_mst) | // V=V_y*B_x*u_x*d_x |
| 182 | + (x & "o"_mst).If(y << "z"_mst) | // o=o_x*z_y |
| 183 | + (x & y & "m"_mst).If(x << "e"_mst && (x | y) << "s"_mst) | // m=m_x*m_y*e_x*(s_x+s_y) |
| 184 | + (x & y & "zs"_mst) | // z=z_x*z_y, s=s_x*s_y |
| 185 | + "fx"_mst | // f, x |
| 186 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 187 | + (x & y & "k"_mst); // k=k_x*k_y |
| 188 | + case Fragment::OR_I: return |
| 189 | + (x & y & "VBKufs"_mst) | // V=V_x*V_y, B=B_x*B_y, K=K_x*K_y, u=u_x*u_y, f=f_x*f_y, s=s_x*s_y |
| 190 | + "o"_mst.If((x & y) << "z"_mst) | // o=z_x*z_y |
| 191 | + ((x | y) & "e"_mst).If((x | y) << "f"_mst) | // e=e_x*f_y+f_x*e_y |
| 192 | + (x & y & "m"_mst).If((x | y) << "s"_mst) | // m=m_x*m_y*(s_x+s_y) |
| 193 | + ((x | y) & "d"_mst) | // d=d_x+d_y |
| 194 | + "x"_mst | // x |
| 195 | + ((x | y) & "ghij"_mst) | // g=g_x+g_y, h=h_x+h_y, i=i_x+i_y, j=j_x+j_y |
| 196 | + (x & y & "k"_mst); // k=k_x*k_y |
| 197 | + case Fragment::ANDOR: return |
| 198 | + (y & z & "BKV"_mst).If(x << "Bdu"_mst) | // B=B_x*d_x*u_x*B_y*B_z, K=B_x*d_x*u_x*K_y*K_z, V=B_x*d_x*u_x*V_y*V_z |
| 199 | + (x & y & z & "z"_mst) | // z=z_x*z_y*z_z |
| 200 | + ((x | (y & z)) & "o"_mst).If((x | (y & z)) << "z"_mst) | // o=o_x*z_y*z_z+z_x*o_y*o_z |
| 201 | + (y & z & "u"_mst) | // u=u_y*u_z |
| 202 | + (z & "f"_mst).If((x << "s"_mst) || (y << "f"_mst)) | // f=(s_x+f_y)*f_z |
| 203 | + (z & "d"_mst) | // d=d_z |
| 204 | + (x & z & "e"_mst).If(x << "s"_mst || y << "f"_mst) | // e=e_x*e_z*(s_x+f_y) |
| 205 | + (x & y & z & "m"_mst).If(x << "e"_mst && (x | y | z) << "s"_mst) | // m=m_x*m_y*m_z*e_x*(s_x+s_y+s_z) |
| 206 | + (z & (x | y) & "s"_mst) | // s=s_z*(s_x+s_y) |
| 207 | + "x"_mst | // x |
| 208 | + ((x | y | z) & "ghij"_mst) | // g=g_x+g_y+g_z, h=h_x+h_y+h_z, i=i_x+i_y+i_z, j=j_x+j_y_j_z |
| 209 | + "k"_mst.If(((x & y & z) << "k"_mst) && |
| 210 | + !(((x << "g"_mst) && (y << "h"_mst)) || |
| 211 | + ((x << "h"_mst) && (y << "g"_mst)) || |
| 212 | + ((x << "i"_mst) && (y << "j"_mst)) || |
| 213 | + ((x << "j"_mst) && (y << "i"_mst)))); // k=k_x*k_y*k_z* !(g_x*h_y + h_x*g_y + i_x*j_y + j_x*i_y) |
| 214 | + case Fragment::MULTI: return "Bnudemsk"_mst; |
| 215 | + case Fragment::THRESH: { |
| 216 | + bool all_e = true; |
| 217 | + bool all_m = true; |
| 218 | + uint32_t args = 0; |
| 219 | + uint32_t num_s = 0; |
| 220 | + Type acc_tl = "k"_mst; |
| 221 | + for (size_t i = 0; i < sub_types.size(); ++i) { |
| 222 | + Type t = sub_types[i]; |
| 223 | + if (!(t << (i ? "Wdu"_mst : "Bdu"_mst))) return ""_mst; // Require Bdu, Wdu, Wdu, ... |
| 224 | + if (!(t << "e"_mst)) all_e = false; |
| 225 | + if (!(t << "m"_mst)) all_m = false; |
| 226 | + if (t << "s"_mst) num_s += 1; |
| 227 | + args += (t << "z"_mst) ? 0 : (t << "o"_mst) ? 1 : 2; |
| 228 | + acc_tl = ((acc_tl | t) & "ghij"_mst) | |
| 229 | + // Thresh contains a combination of timelocks if it has threshold > 1 and |
| 230 | + // it contains two different children that have different types of timelocks |
| 231 | + // Note how if any of the children don't have "k", the parent also does not have "k" |
| 232 | + "k"_mst.If(((acc_tl & t) << "k"_mst) && ((k <= 1) || |
| 233 | + ((k > 1) && !(((acc_tl << "g"_mst) && (t << "h"_mst)) || |
| 234 | + ((acc_tl << "h"_mst) && (t << "g"_mst)) || |
| 235 | + ((acc_tl << "i"_mst) && (t << "j"_mst)) || |
| 236 | + ((acc_tl << "j"_mst) && (t << "i"_mst)))))); |
| 237 | + } |
| 238 | + return "Bdu"_mst | |
| 239 | + "z"_mst.If(args == 0) | // z=all z |
| 240 | + "o"_mst.If(args == 1) | // o=all z except one o |
| 241 | + "e"_mst.If(all_e && num_s == n_subs) | // e=all e and all s |
| 242 | + "m"_mst.If(all_e && all_m && num_s >= n_subs - k) | // m=all e, >=(n-k) s |
| 243 | + "s"_mst.If(num_s >= n_subs - k + 1) | // s= >=(n-k+1) s |
| 244 | + acc_tl; // timelock info |
| 245 | + } |
| 246 | + } |
| 247 | + assert(false); |
| 248 | + return ""_mst; |
| 249 | +} |
| 250 | + |
| 251 | +size_t ComputeScriptLen(Fragment nodetype, Type sub0typ, size_t subsize, uint32_t k, size_t n_subs, size_t n_keys) { |
| 252 | + switch (nodetype) { |
| 253 | + case Fragment::JUST_1: |
| 254 | + case Fragment::JUST_0: return 1; |
| 255 | + case Fragment::PK_K: return 34; |
| 256 | + case Fragment::PK_H: return 3 + 21; |
| 257 | + case Fragment::OLDER: |
| 258 | + case Fragment::AFTER: return 1 + BuildScript(k).size(); |
| 259 | + case Fragment::HASH256: |
| 260 | + case Fragment::SHA256: return 4 + 2 + 33; |
| 261 | + case Fragment::HASH160: |
| 262 | + case Fragment::RIPEMD160: return 4 + 2 + 21; |
| 263 | + case Fragment::MULTI: return 3 + (n_keys > 16) + (k > 16) + 34 * n_keys; |
| 264 | + case Fragment::AND_V: return subsize; |
| 265 | + case Fragment::WRAP_V: return subsize + (sub0typ << "x"_mst); |
| 266 | + case Fragment::WRAP_S: |
| 267 | + case Fragment::WRAP_C: |
| 268 | + case Fragment::WRAP_N: |
| 269 | + case Fragment::AND_B: |
| 270 | + case Fragment::OR_B: return subsize + 1; |
| 271 | + case Fragment::WRAP_A: |
| 272 | + case Fragment::OR_C: return subsize + 2; |
| 273 | + case Fragment::WRAP_D: |
| 274 | + case Fragment::OR_D: |
| 275 | + case Fragment::OR_I: |
| 276 | + case Fragment::ANDOR: return subsize + 3; |
| 277 | + case Fragment::WRAP_J: return subsize + 4; |
| 278 | + case Fragment::THRESH: return subsize + n_subs + BuildScript(k).size(); |
| 279 | + } |
| 280 | + assert(false); |
| 281 | + return 0; |
| 282 | +} |
| 283 | + |
| 284 | +int FindNextChar(Span<const char> sp, const char m) |
| 285 | +{ |
| 286 | + for (int i = 0; i < (int)sp.size(); ++i) { |
| 287 | + if (sp[i] == m) return i; |
| 288 | + // We only search within the current parentheses |
| 289 | + if (sp[i] == ')') break; |
| 290 | + } |
| 291 | + return -1; |
| 292 | +} |
| 293 | + |
| 294 | +} // namespace internal |
| 295 | +} // namespace miniscript |
0 commit comments