cryptoquick
diff --git a/‎doc/design/p2qrh.md‎
Lines changed: 97 additions & 0 deletions b/‎doc/design/p2qrh.md‎
Lines changed: 97 additions & 0 deletions
diff --git a/‎src/addresstype.cpp‎
Lines changed: 6 additions & 0 deletions b/‎src/addresstype.cpp‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/policy/policy.cpp‎
Lines changed: 34 additions & 0 deletions b/‎src/policy/policy.cpp‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎src/policy/policy.h‎
Lines changed: 2 additions & 0 deletions b/‎src/policy/policy.h‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/pubkey.cpp‎
Lines changed: 122 additions & 2 deletions b/‎src/pubkey.cpp‎
Lines changed: 122 additions & 2 deletions
diff --git a/‎src/rpc/rawtransaction.cpp‎
Lines changed: 2 additions & 0 deletions b/‎src/rpc/rawtransaction.cpp‎
Lines changed: 2 additions & 0 deletions
@@ -157,6 +157,8 @@ The equivalent needs to be implemented for PQC algorithms implemented in [libbit
 | | walletcreatefundedpsbt | Creates new PSBTs with P2QRH outputs |
 | | utxoupdatepsbt | Updates PSBT data for P2QRH inputs/outputs |
 | Raw Transaction Operations | signrawtransactionwithwallet | Signs P2QRH inputs using wallet keys |
+| | testmempoolaccept | testmempoolaccept "signedhex" |
+| | sendrawtransaction | sendrawtransaction "signedhex" |
 | | createrawtransaction| createrawtransaction '[]' '{"bc1r...":0.01}'
 | | signrawtransactionwithkey | Signs P2QRH inputs with specified keys |
 | | decoderawtransaction | Decodes transactions with P2QRH inputs/outputs |
@@ -200,3 +202,98 @@ The equivalent needs to be implemented for PQC algorithms implemented in [libbit
     ```
     $ build/test/functional/rpc_validateaddress.py
     ```
+
+## Modifications
+
+### bad-txns-nonstandard-inputs
+
+```
+$ b-reg testmempoolaccept '["'''$RAW_P2QRH_SPEND_TX'''"]'
+[
+  {
+    "txid": "824244091bece2eb03a6f0dec6c8f87619dc687f10f4da03465cefd27c3007f7",
+    "wtxid": "9f3f2fbe411d6c69b1882bbf884124511592f888d2129b105f5d577cd2bfa917",
+    "allowed": false,
+    "reject-reason": "bad-txns-nonstandard-inputs",
+    "reject-details": "bad-txns-nonstandard-inputs"
+  }
+]
+```
+
+To allow for P2QRH (witness v3, similar to P2TR) funding transactions, you need to update the policy logic so that P2QRH outputs are considered standard, just like P2TR (Taproot) outputs.
+What needs to change:
+
+1. In AreInputsStandard, currently only witness v0 and v1 (P2WPKH, P2WSH, P2TR) are considered standard. P2QRH (witness v3) is not, so funding transactions to P2QRH are not allowed.
+1. In IsStandard, the Solver function returns WITNESS_UNKNOWN for any witness version it doesn't recognize, including v3. This means P2QRH outputs are not considered standard.
+
+How to fix:
+
+1. Update Solver to recognize P2QRH as a standard type.
+** Add a new TxoutType for P2QRH (e.g., WITNESS_V3_P2QRH).
+** In Solver, if witnessversion == 3 && witnessprogram.size() == WITNESS_V3_P2QRH_SIZE, return TxoutType::WITNESS_V3_P2QRH.
+1. Update IsStandard to allow P2QRH outputs.
+** Accept TxoutType::WITNESS_V3_P2QRH as standard.
+1. Update AreInputsStandard to allow spending from P2QRH outputs.
+** Accept TxoutType::WITNESS_V3_P2QRH as standard, not just WITNESS_V1_TAPROOT.
+
+
+### Witness version reserved for soft-fork upgrades
+
+```
+$ b-reg testmempoolaccept '["'''$RAW_P2QRH_SPEND_TX'''"]'
+[
+  {
+    "txid": "824244091bece2eb03a6f0dec6c8f87619dc687f10f4da03465cefd27c3007f7",
+    "wtxid": "9f3f2fbe411d6c69b1882bbf884124511592f888d2129b105f5d577cd2bfa917",
+    "allowed": false,
+    "reject-reason": "non-mandatory-script-verify-flag (Witness version reserved for soft-fork upgrades)",
+    "reject-details": "non-mandatory-script-verify-flag (Witness version reserved for soft-fork upgrades), input 0 of 824244091bece2eb03a6f0dec6c8f87619dc687f10f4da03465cefd27c3007f7 (wtxid 9f3f2fbe411d6c69b1882bbf884124511592f888d2129b105f5d577cd2bfa917), spending 6745235727bf162d190553f7da087d8484b73716f2fcf774b8c56245f5f9e619:0"
+  }
+]
+```
+
+### Invalid Taproot control block size
+
+```
+$ b-reg testmempoolaccept '["'''$RAW_P2QRH_SPEND_TX'''"]'
+[
+  {
+    "txid": "824244091bece2eb03a6f0dec6c8f87619dc687f10f4da03465cefd27c3007f7",
+    "wtxid": "9f3f2fbe411d6c69b1882bbf884124511592f888d2129b105f5d577cd2bfa917",
+    "allowed": false,
+    "reject-reason": "mandatory-script-verify-flag-failed (Invalid Taproot control block size)",
+    "reject-details": "mandatory-script-verify-flag-failed (Invalid Taproot control block size), input 0 of 824244091bece2eb03a6f0dec6c8f87619dc687f10f4da03465cefd27c3007f7 (wtxid 9f3f2fbe411d6c69b1882bbf884124511592f888d2129b105f5d577cd2bfa917), spending 6745235727bf162d190553f7da087d8484b73716f2fcf774b8c56245f5f9e619:0"
+  }
+]
+```
+
+### Taproot version reserved for soft-fork upgrades
+
+```
+$ b-reg testmempoolaccept '["'''$RAW_P2QRH_SPEND_TX'''"]'
+[
+  {
+    "txid": "61829641ab32b14a65de0d9e93feedcdd1ee7b5e40d01c43a4ca72815fa886a8",
+    "wtxid": "eeaaf921f323be39e2b8314bd4ebe7275b784eac9697634bbff975e735961213",
+    "allowed": false,
+    "reject-reason": "non-mandatory-script-verify-flag (Taproot version reserved for soft-fork upgrades)",
+    "reject-details": "non-mandatory-script-verify-flag (Taproot version reserved for soft-fork upgrades), input 0 of 61829641ab32b14a65de0d9e93feedcdd1ee7b5e40d01c43a4ca72815fa886a8 (wtxid eeaaf921f323be39e2b8314bd4ebe7275b784eac9697634bbff975e735961213), spending 6745235727bf162d190553f7da087d8484b73716f2fcf774b8c56245f5f9e619:0"
+  }
+]
+```
+
+### Stack size must be exactly one after execution
+
+```
+$ b-reg testmempoolaccept '["'''$RAW_P2QRH_SPEND_TX'''"]'
+[
+  {
+    "txid": "61829641ab32b14a65de0d9e93feedcdd1ee7b5e40d01c43a4ca72815fa886a8",
+    "wtxid": "eeaaf921f323be39e2b8314bd4ebe7275b784eac9697634bbff975e735961213",
+    "allowed": false,
+    "reject-reason": "mandatory-script-verify-flag-failed (Stack size must be exactly one after execution)",
+    "reject-details": "mandatory-script-verify-flag-failed (Stack size must be exactly one after execution), input 0 of 61829641ab32b14a65de0d9e93feedcdd1ee7b5e40d01c43a4ca72815fa886a8 (wtxid eeaaf921f323be39e2b8314bd4ebe7275b784eac9697634bbff975e735961213), spending 6745235727bf162d190553f7da087d8484b73716f2fcf774b8c56245f5f9e619:0"
+  }
+]
+
+```
@@ -87,6 +87,12 @@ bool ExtractDestination(const CScript& scriptPubKey, CTxDestination& addressRet)
         addressRet = tap;
         return true;
     }
+    case TxoutType::WITNESS_V3_P2QRH: {
+        WitnessV3P2QRH p2qrh;
+        std::copy(vSolutions[0].begin(), vSolutions[0].end(), p2qrh.begin());
+        addressRet = p2qrh;
+        return true;
+    }
     case TxoutType::ANCHOR: {
         addressRet = PayToAnchor();
         return true;
 
@@ -91,6 +91,9 @@ bool IsStandard(const CScript& scriptPubKey, TxoutType& whichType)
             return false;
         if (m < 1 || m > n)
             return false;
+    } else if (whichType == TxoutType::WITNESS_V3_P2QRH) {
+        // Accept as standard
+        return true;
     }
 
     return true;
@@ -207,6 +210,9 @@ bool AreInputsStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
             if (subscript.GetSigOpCount(true) > MAX_P2SH_SIGOPS) {
                 return false;
             }
+        } else if (whichType == TxoutType::WITNESS_V3_P2QRH) {
+            // Accept as standard
+            continue;
         }
     }
 
@@ -298,6 +304,34 @@ bool IsWitnessStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
                 return false;
             }
         }
+
+        // Check policy limits for P2QRH spends:
+        // - MAX_STANDARD_P2QRH_STACK_ITEM_SIZE limit for stack item size
+        // - Script path only (no key path spending)
+        // - No annexes
+        if (witnessversion == 3 && witnessprogram.size() == WITNESS_V3_P2QRH_SIZE) {
+            // P2QRH spend (non-P2SH-wrapped, version 3, witness program size 32)
+            std::span stack{tx.vin[i].scriptWitness.stack};
+            if (stack.size() >= 2 && !stack.back().empty() && stack.back()[0] == ANNEX_TAG) {
+                // Annexes are nonstandard as long as no semantics are defined for them.
+                return false;
+            }
+            if (stack.size() >= 2) {
+                // Script path spend (2 or more stack elements after removing optional annex)
+                const auto& control_block = SpanPopBack(stack);
+                SpanPopBack(stack); // Ignore script
+                if (control_block.empty()) return false; // Empty control block is invalid
+                if ((control_block[0] & TAPROOT_LEAF_MASK) == TAPROOT_LEAF_TAPSCRIPT) {
+                    // Leaf version 0xc0 (aka Tapscript, see BIP 342)
+                    for (const auto& item : stack) {
+                        if (item.size() > MAX_STANDARD_P2QRH_STACK_ITEM_SIZE) return false;
+                    }
+                }
+            } else {
+                // P2QRH only supports script path spending, no key path spending allowed
+                return false;
+            }
+        }
     }
     return true;
 }
 
@@ -50,6 +50,8 @@ static constexpr unsigned int MAX_STANDARD_P2WSH_STACK_ITEMS{100};
 static constexpr unsigned int MAX_STANDARD_P2WSH_STACK_ITEM_SIZE{80};
 /** The maximum size in bytes of each witness stack item in a standard BIP 342 script (Taproot, leaf version 0xc0) */
 static constexpr unsigned int MAX_STANDARD_TAPSCRIPT_STACK_ITEM_SIZE{80};
+/** The maximum size in bytes of each witness stack item in a standard P2QRH script (Quantum-Resistant-Hash) */
+static constexpr unsigned int MAX_STANDARD_P2QRH_STACK_ITEM_SIZE{8000};
 /** The maximum size in bytes of a standard witnessScript */
 static constexpr unsigned int MAX_STANDARD_P2WSH_SCRIPT_SIZE{3600};
 /** The maximum size of a standard ScriptSig */
 
@@ -17,6 +17,7 @@
 
 #include <algorithm>
 #include <cassert>
+#include <cstdio>  // Add this include for printf
 
 using namespace util::hex_literals;
 
@@ -230,9 +231,128 @@ bool XOnlyPubKey::IsFullyValid() const
 bool XOnlyPubKey::VerifySchnorr(const uint256& msg, std::span<const unsigned char> sigbytes) const
 {
     assert(sigbytes.size() == 64);
+    
+    // Log the input parameters
+    printf("XOnlyPubKey::VerifySchnorr - Input parameters:\n");
+    printf("  sigbytes.size(): %zu\n", sigbytes.size());
+    printf("  msg (hex): ");
+    for (int i = 0; i < 32; i++) {
+        printf("%02x", msg.begin()[i]);
+    }
+    printf("\n");
+    printf("  sigbytes (hex): ");
+    for (size_t i = 0; i < sigbytes.size(); i++) {
+        printf("%02x", sigbytes[i]);
+    }
+    printf("\n");
+    printf("  m_keydata (hex): ");
+    for (size_t i = 0; i < m_keydata.size(); i++) {
+        printf("%02x", m_keydata.data()[i]);
+    }
+    printf("\n");
+    
+    // Check if the public key is valid
+    printf("  IsFullyValid(): %s\n", IsFullyValid() ? "true" : "false");
+    
     secp256k1_xonly_pubkey pubkey;
-    if (!secp256k1_xonly_pubkey_parse(secp256k1_context_static, &pubkey, m_keydata.data())) return false;
-    return secp256k1_schnorrsig_verify(secp256k1_context_static, sigbytes.data(), msg.begin(), 32, &pubkey);
+    bool parse_result = secp256k1_xonly_pubkey_parse(secp256k1_context_static, &pubkey, m_keydata.data());
+    printf("  secp256k1_xonly_pubkey_parse result: %s\n", parse_result ? "true" : "false");
+    
+    if (!parse_result) {
+        printf("  FAILED: Could not parse xonly pubkey\n");
+        return false;
+    }
+    
+    // Log the parsed pubkey data
+    unsigned char serialized_pubkey[32];
+    secp256k1_xonly_pubkey_serialize(secp256k1_context_static, serialized_pubkey, &pubkey);
+    printf("  parsed pubkey (hex): ");
+    for (int i = 0; i < 32; i++) {
+        printf("%02x", serialized_pubkey[i]);
+    }
+    printf("\n");
+    
+    // Check if the signature bytes look valid (non-zero)
+    bool sig_has_nonzero = false;
+    for (size_t i = 0; i < sigbytes.size(); i++) {
+        if (sigbytes[i] != 0) {
+            sig_has_nonzero = true;
+            break;
+        }
+    }
+    printf("  signature has non-zero bytes: %s\n", sig_has_nonzero ? "true" : "false");
+    
+    // Check if the message hash looks valid (non-zero)
+    bool msg_has_nonzero = false;
+    for (int i = 0; i < 32; i++) {
+        if (msg.begin()[i] != 0) {
+            msg_has_nonzero = true;
+            break;
+        }
+    }
+    printf("  message hash has non-zero bytes: %s\n", msg_has_nonzero ? "true" : "false");
+    
+    // Log the first few bytes of signature components for debugging
+    printf("  signature R (first 16 bytes): ");
+    for (int i = 0; i < 16; i++) {
+        printf("%02x", sigbytes[i]);
+    }
+    printf("\n");
+    printf("  signature S (first 16 bytes): ");
+    for (int i = 32; i < 48; i++) {
+        printf("%02x", sigbytes[i]);
+    }
+    printf("\n");
+    
+    // Log the exact parameters being passed to secp256k1_schnorrsig_verify
+    printf("  Calling secp256k1_schnorrsig_verify with:\n");
+    printf("    context: %p\n", (void*)secp256k1_context_static);
+    printf("    sig64: %p (first byte: %02x)\n", (void*)sigbytes.data(), sigbytes[0]);
+    printf("    msg: %p (first byte: %02x)\n", (void*)msg.begin(), msg.begin()[0]);
+    printf("    msglen: 32\n");
+    printf("    pubkey: %p\n", (void*)&pubkey);
+    
+    bool verify_result = secp256k1_schnorrsig_verify(secp256k1_context_static, sigbytes.data(), msg.begin(), 32, &pubkey);
+    printf("  secp256k1_schnorrsig_verify result: %s\n", verify_result ? "true" : "false");
+    
+    // Try with a different message to see if it's a message issue
+    uint256 zero_msg;
+    zero_msg.SetNull();
+    bool zero_verify_result = secp256k1_schnorrsig_verify(secp256k1_context_static, sigbytes.data(), zero_msg.begin(), 32, &pubkey);
+    printf("  secp256k1_schnorrsig_verify with zero message: %s\n", zero_verify_result ? "true" : "false");
+    
+    // Try with a different signature to see if it's a signature issue
+    unsigned char zero_sig[64] = {0};
+    bool zero_sig_verify_result = secp256k1_schnorrsig_verify(secp256k1_context_static, zero_sig, msg.begin(), 32, &pubkey);
+    printf("  secp256k1_schnorrsig_verify with zero signature: %s\n", zero_sig_verify_result ? "true" : "false");
+    
+    // Try with byte-reversed message to check for endianness issues
+    unsigned char reversed_msg[32];
+    for (int i = 0; i < 32; i++) {
+        reversed_msg[i] = msg.begin()[31 - i];
+    }
+    printf("  reversed msg (hex): ");
+    for (int i = 0; i < 32; i++) {
+        printf("%02x", reversed_msg[i]);
+    }
+    printf("\n");
+    bool reversed_verify_result = secp256k1_schnorrsig_verify(secp256k1_context_static, sigbytes.data(), reversed_msg, 32, &pubkey);
+    printf("  secp256k1_schnorrsig_verify with reversed message: %s\n", reversed_verify_result ? "true" : "false");
+    
+    // Try with byte-reversed signature to check for signature endianness
+    unsigned char reversed_sig[64];
+    for (int i = 0; i < 64; i++) {
+        reversed_sig[i] = sigbytes[63 - i];
+    }
+    printf("  reversed sig (first 16 bytes): ");
+    for (int i = 0; i < 16; i++) {
+        printf("%02x", reversed_sig[i]);
+    }
+    printf("\n");
+    bool reversed_sig_verify_result = secp256k1_schnorrsig_verify(secp256k1_context_static, reversed_sig, msg.begin(), 32, &pubkey);
+    printf("  secp256k1_schnorrsig_verify with reversed signature: %s\n", reversed_sig_verify_result ? "true" : "false");
+    
+    return verify_result;
 }
 
 static const HashWriter HASHER_TAPTWEAK{TaggedHash("TapTweak")};
 
@@ -547,6 +547,7 @@ static RPCHelpMan decodescript()
         case TxoutType::SCRIPTHASH:
         case TxoutType::WITNESS_UNKNOWN:
         case TxoutType::WITNESS_V1_TAPROOT:
+        case TxoutType::WITNESS_V3_P2QRH:
         case TxoutType::ANCHOR:
             // Should not be wrapped
             return false;
@@ -590,6 +591,7 @@ static RPCHelpMan decodescript()
             case TxoutType::WITNESS_V0_KEYHASH:
             case TxoutType::WITNESS_V0_SCRIPTHASH:
             case TxoutType::WITNESS_V1_TAPROOT:
+            case TxoutType::WITNESS_V3_P2QRH:
             case TxoutType::ANCHOR:
                 // Should not be wrapped
                 return false;