cryptocoin 0.0.1b

data/lib/cryptocoin/script/op_code/constants.rb

@@ -0,0 +1,157 @@
+module Cryptocoin
+  class Script
+    # Taken from the Bitcoin official client
+    class OpCode
+      module Constants
+      # push value onto stack
+        OP_0 = 0x00
+        OP_FALSE = OP_0
+        OP_PUSHDATA0 = 0x01
+        OP_PUSHDATA1 = 0x4c
+        OP_PUSHDATA2 = 0x4d
+        OP_PUSHDATA4 = 0x4e
+        OP_1NEGATE = 0x4f
+        OP_RESERVED = 0x50
+        OP_1 = 0x51
+        OP_TRUE = OP_1
+        OP_2 = 0x52
+        OP_3 = 0x53
+        OP_4 = 0x54
+        OP_5 = 0x55
+        OP_6 = 0x56
+        OP_7 = 0x57
+        OP_8 = 0x58
+        OP_9 = 0x59
+        OP_10 = 0x5a
+        OP_11 = 0x5b
+        OP_12 = 0x5c
+        OP_13 = 0x5d
+        OP_14 = 0x5e
+        OP_15 = 0x5f
+        OP_16 = 0x60
+
+        # control
+        OP_NOP = 0x61
+        OP_VER = 0x62
+        OP_IF = 0x63
+        OP_NOTIF = 0x64
+        OP_VERIF = 0x65
+        OP_VERNOTIF = 0x66
+        OP_ELSE = 0x67
+        OP_ENDIF = 0x68
+        OP_VERIFY = 0x69
+        OP_RETURN = 0x6a
+
+        # stack ops
+        OP_TOALTSTACK = 0x6b
+        OP_FROMALTSTACK = 0x6c
+        OP_2DROP = 0x6d
+        OP_2DUP = 0x6e
+        OP_3DUP = 0x6f
+        OP_2OVER = 0x70
+        OP_2ROT = 0x71
+        OP_2SWAP = 0x72
+        OP_IFDUP = 0x73
+        OP_DEPTH = 0x74
+        OP_DROP = 0x75
+        OP_DUP = 0x76
+        OP_NIP = 0x77
+        OP_OVER = 0x78
+        OP_PICK = 0x79
+        OP_ROLL = 0x7a
+        OP_ROT = 0x7b
+        OP_SWAP = 0x7c
+        OP_TUCK = 0x7d
+
+        # splice ops
+        OP_CAT = 0x7e
+        OP_SUBSTR = 0x7f
+        OP_LEFT = 0x80
+        OP_RIGHT = 0x81
+        OP_SIZE = 0x82
+
+        # bit logic
+        OP_INVERT = 0x83
+        OP_AND = 0x84
+        OP_OR = 0x85
+        OP_XOR = 0x86
+        OP_EQUAL = 0x87
+        OP_EQUALVERIFY = 0x88
+        OP_RESERVED1 = 0x89
+        OP_RESERVED2 = 0x8a
+
+        # numeric
+        OP_1ADD = 0x8b
+        OP_1SUB = 0x8c
+        OP_2MUL = 0x8d
+        OP_2DIV = 0x8e
+        OP_NEGATE = 0x8f
+        OP_ABS = 0x90
+        OP_NOT = 0x91
+        OP_0NOTEQUAL = 0x92
+
+        OP_ADD = 0x93
+        OP_SUB = 0x94
+        OP_MUL = 0x95
+        OP_DIV = 0x96
+        OP_MOD = 0x97
+        OP_LSHIFT = 0x98
+        OP_RSHIFT = 0x99
+
+        OP_BOOLAND = 0x9a
+        OP_BOOLOR = 0x9b
+        OP_NUMEQUAL = 0x9c
+        OP_NUMEQUALVERIFY = 0x9d
+        OP_NUMNOTEQUAL = 0x9e
+        OP_LESSTHAN = 0x9f
+        OP_GREATERTHAN = 0xa0
+        OP_LESSTHANOREQUAL = 0xa1
+        OP_GREATERTHANOREQUAL = 0xa2
+        OP_MIN = 0xa3
+        OP_MAX = 0xa4
+
+        OP_WITHIN = 0xa5
+
+        # crypto
+        OP_RIPEMD160 = 0xa6
+        OP_SHA1 = 0xa7
+        OP_SHA256 = 0xa8
+        OP_HASH160 = 0xa9
+        OP_HASH256 = 0xaa
+        OP_CODESEPARATOR = 0xab
+        OP_CHECKSIG = 0xac
+        OP_CHECKSIGVERIFY = 0xad
+        OP_CHECKMULTISIG = 0xae
+        OP_CHECKMULTISIGVERIFY = 0xaf
+
+        # expansion
+        OP_NOP1 = 0xb0
+        OP_NOP2 = 0xb1
+        OP_NOP3 = 0xb2
+        OP_NOP4 = 0xb3
+        OP_NOP5 = 0xb4
+        OP_NOP6 = 0xb5
+        OP_NOP7 = 0xb6
+        OP_NOP8 = 0xb7
+        OP_NOP9 = 0xb8
+        OP_NOP10 = 0xb9
+
+        # template matching params
+        OP_SMALLDATA = 0xf9
+        OP_SMALLINTEGER = 0xfa
+        OP_PUBKEYS = 0xfb
+        OP_PUBKEYHASH = 0xfd
+        OP_PUBKEY = 0xfe
+
+        OP_INVALIDOPCODE = 0xff
+
+        def self.const_get(*args)
+          super(*args)
+          rescue NameError => msg
+            return OP_PUSHDATA0 if args[0] == "OP_PUSHDATA0"
+            raise NameError, msg
+        end
+      end
+    end
+  end
+end

data/lib/cryptocoin/script/op_code/functions.rb

@@ -0,0 +1,515 @@
+require 'cryptocoin/core_ext/integer'
+require 'cryptocoin/core_ext/string'
+require 'cryptocoin/script/op_code/constants'
+require 'digest/sha2'
+require 'digest/rmd160'
+
+module Cryptocoin
+  class Script
+    class OpCode
+      module Functions
+        include Cryptocoin::Script::OpCode::Constants
+        
+        # One of a kind function
+        # Sends back the stack, modified string, raw, seek
+        def op_pushdata(stack, opcode, script, script_string, raw, seek)
+          bytes = case opcode.hex
+          when OP_PUSHDATA0..OP_PUSHDATA1
+            opcode.raw
+          when OP_PUSHDATA1
+            seek+=1
+            script[seek-1]
+          when OP_PUSHDATA2
+            seek+=2
+            script[seek-2..seek]
+          when OP_PUSHDATA4
+            seek+=4
+            script[seek-4..seek]
+          end
+          
+          bytes = bytes.unpack('H*')[0].to_i(16)
+          
+          unless OP_PUSHDATA0..OP_PUSHDATA1 === opcode.hex
+            raw += [bytes].pack('H*')
+            script_string.push(bytes)
+          end
+          
+          # Read the value from the bytes and see how much to read
+          # return nil if invalid according to spec
+          return false if bytes > 520
+          j = script[seek..seek+bytes-1]
+          script_string.push(j.unpack('H*')[0])
+          raw += j
+          stack.push(j)
+          seek+=bytes
+          [stack, script_string, raw, seek]
+        end
+
+        def op_numeric(stack, opcode)
+          stack.push((opcode.hex - (OP_1 - 1)).to_openssl_bn)
+        end
+
+        def op_if(stack, exec_stack, opcode)
+          require_stack stack do
+            val = false
+            i = stack.pop
+            if !!i.to_openssl_bn_int
+              val = true if opcode.hex == OP_IF
+            else
+              val = true if opcode.hex == OP_NOTIF
+            end
+            exec_stack.push(val)
+            [stack, exec_stack]
+          end
+        end
+
+        def op_else(exec_stack)
+          require_stack exec_stack do
+            exec_stack[-1] = !exec_stack[-1]
+            exec_stack
+          end
+        end
+
+        def op_endif(exec_stack)
+          require_stack exec_stack do
+            exec_stack.pop
+            exec_stack
+          end
+        end
+
+        def op_verify(stack, transaction_valid)
+          require_stack stack do
+            i = stack.pop
+            if i.to_openssl_bn_int == 0
+              stack.push(i)
+              transaction_valid = false
+            end
+            [stack, transaction_valid]
+          end
+        end
+
+        def op_toaltstack(stack, alt_stack)
+          require_stack stack do
+            alt_stack.push(stack.pop)
+          end
+          [stack, alt_stack]
+        end
+
+        def op_fromaltstack(stack, alt_stack)
+          require_stack alt_stack do
+            stack.push(alt_stack.pop)
+          end
+          [stack, alt_stack]
+        end
+
+        def op_2drop(stack)
+          require_stack stack, 2 do
+            2.times do
+              stack.pop
+            end
+            stack
+          end
+        end
+
+        def op_2dup(stack)
+          require_stack stack, 2 do
+            i = stack[-1]
+            j = stack[-2]
+            stack.push(i, j)
+            stack
+          end
+        end
+
+        def op_3dup(stack)
+          require_stack stack, 3 do
+            i = stack[-1]
+            j = stack[-2]
+            k = stack[-3]
+            stack.push(i, j, k)
+            stack
+          end
+        end
+
+        def op_2over(stack)
+          require_stack stack, 4 do
+            i = stack[-3]
+            j = stack[-4]
+            stack.push(i, j)
+            stack
+          end
+        end
+
+        def op_2rot(stack)
+          require_stack stack, 6 do
+            i = stack.slize!(-6,2)
+            stack.push(i).flatten!
+            stack
+          end
+        end
+
+        def op_2swap(stack)
+          require_stack stack, 4 do
+            i = stack.pop(2)
+            j = stack.pop(2)
+            stack.push(i, j)
+            stack
+          end
+        end
+        
+        def op_ifdup(stack)
+          require_stack stack do
+            stack.push(stack.last) if stack.last != 0.to_openssl_bn_int
+          end
+        end
+
+        def op_depth(stack)
+          stack.push(stack.size.to_openssl_bn)
+          stack
+        end
+
+        def op_nop
+          # Doesn't do anything
+          true 
+        end
+
+        def op_drop(stack)
+          require_stack stack do
+            stack.pop
+            stack
+          end
+        end
+
+        def op_dup(stack)
+          require_stack stack do
+            stack.push(stack.last)
+            stack
+          end
+        end
+
+        def op_nip(stack)
+          require_stack stack, 2 do
+            stack.slice!(-2)
+            stack
+          end
+        end
+
+        def op_over(stack)
+          require_stack stack, 2 do
+            stack.push(stack.slice(-2))
+            stack
+          end
+        end
+
+        def op_pick_or_roll(stack, opcode)
+          require_stack stack, 2 do
+            p = stack.pop
+            i = stack.slice(p, 1) if opcode.hex == OP_PICK
+            i = stack.slice!(p, 1) if opcode.hex == OP_ROLL
+            stack.push(i)
+            stack
+          end
+        end
+
+        def op_rot(stack)
+          require_stack stack, 3 do
+            i = stack.slice!(-3,1)
+            stack.push(i)
+            stack
+          end
+        end
+
+        def op_swap(stack)
+          require_stack stack, 2 do
+            i = stack.slice!(-2,1)
+            stack.push(i)
+            stack
+          end
+        end
+
+        def op_tuck(stack)
+          require_stack stack, 2 do
+            stack.insert(-3, stack.last)
+          end
+        end
+        
+        # Pushes the size of the item at the top of the stack
+        # Note: the stack processing is done in binary, and Ruby treats
+        # binary as strings
+        def op_size(stack)
+          stack.push([stack.last.bytesize].pack('C*'))
+          stack
+        end
+        
+        # Reference client treats OP_RETURN as fail condition
+        # for script. OP_RETURN sets the transaction as invalid
+        # but otherwise the script can be valid
+        def op_return
+          false
+        end
+
+        def op_verify(stack, transaction_valid)
+          require_stack stack do
+            i = stack.pop
+            if i.to_bn.to_i == 0
+              stack.push(i)
+              transaction_valid = false
+            end
+            [stack, transaction_valid]
+          end
+        end
+
+        def op_equal(stack)
+          require_stack stack, 2 do
+            i, j = stack.pop(2)
+            stack.push(i == j ? 1 : 0)
+            stack
+          end
+        end
+
+        def single_stack_arithmetic(stack, opcode)
+          require_stack stack do
+            i = stack.pop.to_openssl_bn_int
+            case opcode.hex
+            when OP_1ADD
+              i += 1
+            when OP_1SUB
+              i -= 1
+            when OP_NEGATE
+              i = -i
+            when OP_ABS
+              i = i.abs
+            when OP_NOT
+              i = (i == 0)
+            when OP_0NOTEQUAL
+              i = (i != 0)
+            end
+            stack.push(i.to_openssl_bn)
+            stack
+          end
+        end
+
+        def double_stack_arithmetic(stack)
+          require_stack stack, 2 do
+            i, j = stack.pop.map { |e| e.to_openssl_bn_int }
+            case opcode.hex
+            when OP_ADD
+              k = i + j
+            when OP_SUB
+              k = i - j
+            when OP_BOOLAND
+              k = (i != 0 and j != 0)
+            when OP_BOOLOR
+              k = (i != 0 or j != 0)
+            when OP_NUMEQUAL, OP_NUMEQUALVERIFY
+              k = (i == j)
+              op_verify if @opcode == OP_NUMEQUALVERIFY
+            when OP_NUMNOTEQUAL
+              k = (i != j)
+            when OP_LESSTHAN
+              k = (i < j)
+            when OP_GREATERTHAN
+              k = (i > j)
+            when OP_LESSTHANOREQUAL
+              k = (i <= j)
+            when OP_GREATERTHANOREQUAL
+              k = (i >= j)
+            when OP_MIN
+              k = (i < j ? i : j)
+            when OP_MAX
+              k = (i < j ? j : i)
+            end
+            stack.push(k.to_openssl_bn)
+            stack
+          end
+        end
+
+        def op_within(stack)
+          require_stack stack do
+            i, j, k = stack.pop(3).map{|e| e.to_openssl_bn_int}
+            l = (j <= i and i < k)
+            stack.push(l.to_openssl_bn)
+            stack
+          end
+        end
+
+        def digest(stack, opcode)
+          require_stack stack do
+            i = stack.pop
+            case opcode.hex
+            when OP_RIPEMD160
+              j = Digest::RMD160.digest(i)
+            when OP_SHA256
+              j = Digest::SHA256.digest(i)
+            when OP_SHA1
+              j = Digest::SHA1.digest(i)
+            when OP_HASH160
+              j = Digest::RMD160.digest(Digest::SHA256.digest(i))
+            when OP_HASH256
+              j = Digest::SHA256.digest(Digest::SHA256.digest(i))
+            end
+            stack.push(j)
+            stack
+          end
+        end
+
+        def op_codeseparator(seek)
+          seek # Allow for future changes to this opcode
+        end
+
+        # One of the two opcodes that requires outside knowledge from
+        # the stack itself, since the transaction information isn't
+        # directly part of the script
+        def op_checksig(stack, script, code_separator, transaction)
+          pubkey = stack.pop
+          sig = stack.pop
+          
+          hash_type = sig[-1].unpack('C')[0]
+          signature = sig[0..-2]
+          
+          if is_canonical_pubkey?(pubkey) and is_canonical_signature?(signature)
+            stack = check_sig(signature, hash_type, pubkey, script, code_separator, transaction)
+            return stack.push(0.to_openssl_bn) if !stack
+            stack.push(1.to_openssl_bn)
+          else
+            stack.push(0.to_openssl_bn)
+          end
+          stack
+        end
+
+        def op_multisig(stack, script, code_separator, transaction, opcode_count)
+          require_stack do
+            i = stack.pop.to_openssl_bn_int
+            return false if !i.between?(1,19) #inclusive
+            opcode_count += i
+            return false if opcode_count > 201
+            return false if stack.size < i+1
+            j = stack.size
+            while stack.size > j-i
+              stack = op_checksig(stack, script, code_separator, transaction)
+              return stack.push(0.to_openssl_bn) if !stack
+            end
+            stack.push(1.to_openssl_bn)
+          end
+        end
+
+        private
+
+        def check_sig(signature, hash_type, pubkey, script, code_separator, transaction)          
+          # get the script from codeseparator to end as subscript
+          # remove codeseparator from resulting script
+          # remove signature from script
+          subscript = Cryptocoin::Script.new(script[code_separator..-1])
+          subscript.is_subscript! # calls for removal of op_separate and signature
+          
+          tx_copy = transaction.copy # in case we need to reset tx_copy
+          tx_copy.inputs.each do |i|
+            if i.index == @input_index
+              i.script_sig_length = Cryptocoin::Protocol::VarLenInt.from_int(subscript.raw.bytesize)
+              i.script_sig = subscript.raw
+            else
+              i.script_sig_length = 0.to_openssl_bn
+              i.script_sig = 0.to_openssl_bn
+            end
+          end
+          case hash_type
+          when 2
+            # SIGHASH_NONE
+            tx_copy.out_length = Cryptocoin::Protocol::VarLenInt.from_int(0)
+            tx_copy.outputs = ''
+            tx_copy.inputs.each do |i|
+              i.sequence = [0].pack('V') unless i == @input_index
+            end
+          when 3
+            # SIGHASH_SINGLE
+            if input_index >= tx_copy.outputs.length
+              # Special case, see https://github.com/bitcoinj/bitcoinj/blob/4df728a7d9210dc9ac5a5ae5188c89f5e9d41852/core/src/main/java/com/google/bitcoin/core/Transaction.java#L1018
+              # We're essentially resetting the transaction due to a bug
+              tx_copy = transaction
+              hash = Digest::SHA256([0100000000000000000000000000000000000000000000000000000000000000].pack('C*'))
+              bug = true
+            else
+              n_o = []
+              tx_copy.outputs.each do |o|
+                if o.index == @input_index
+                  n_o.push(i)
+                elsif o.index < @input_index
+                  # TODO: Implement this in a transaction builder
+                  n_o.push(Cryptocoin::Structure::Transaction::Output.new(0, [-1].pack('q') + Cryptocoin::Protocol::VarLenInt.from_int(0)))
+                end
+              end
+              tx_copy.outputs = n_o
+              tx_copy.inputs.each do |i|
+                i.sequence = 0.to_openssl_bn_int
+              end
+            end
+          when 80
+            # SIGHASH_ANYONECANPAY
+            n_i = []
+            tx_copy.inputs.each do |i|
+              n_i.push(i) if i.index == @input.index
+            end
+          end
+          if !bug
+            # Do this if there's a bug in the reference client *SIGHASH_SINGLE*
+            i = tx_copy.raw + [hash_type].pack('V')
+            hash = Digest::SHA256.digest(Digest::SHA256.digest(i))
+          end
+          begin
+            k = OpenSSL::PKey::EC.new("secp256k1")
+            k.public_key = OpenSSL::PKey::EC::Point.new(k.group, OpenSSL::BN.new(pubkey.unpack('H*')[0], 16))
+            if k.dsa_verify_asn1(hash, signature)
+              stack.push(1.to_openssl_bn)
+            else
+              stack.push(0.to_openssl_bn)
+            end
+          rescue OpenSSL::PKey::ECError, OpenSSL::PKey::EC::Point::Error
+            stack.push(0.to_openssl_bn)
+          end
+          stack
+        end
+
+        def is_canonical_signature?(sig)
+          return false if sig.bytesize < 9
+          return false if sig.bytesize > 73
+          return false if !["\x01", "\x02", "\x03", "\x80"].include?(sig[-1])
+          return false if sig[0] != "\x30"
+          return false if sig[1].to_bn_to_i != sig.bytesize-3
+          r_length = sig[3].to_bn.to_i
+          return false if 5 + r_length >= sig.bytesize
+          s_length = sig[5+r_length]
+          return false if r_length + s_length + 7 != sig.bytesize
+          r = sig[4, r_length]
+          return false if r[-2] != "\x02"
+          return false if r.bytesize == 0
+          return false if r.bytes.inject{|x,y| (x<<8) | y} & 0x80
+          return false if r.bytesize > 1 and (r[0] == "\x00" and !(r[1].getbyte(0) & 0x80))
+          true
+        end
+
+        def is_canonical_pubkey?(pubkey)
+          return false if pubkey.bytesize < 33 
+          case pubkey[0]
+          when "\x04"
+            # uncompressed pubkey
+            return false if pubkey.bytesize != 65
+          when "\x02", "\x03"
+            # compressed pubkey
+            return false if pubkey.bytesize != 33
+          else
+            # invalid first byte
+            return false
+          end
+          true
+        end
+
+        def require_stack(stack, size=1, &block)
+          if stack.size >= size
+            yield
+          else
+            nil
+          end
+        end
+      end
+    end
+  end
+end