vincenzopalazzo
/
rgb-cln
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
rgb-cln/bitcoin_script.c

234 lines
6.0 KiB
C
Raw Blame History

#include "bitcoin_script.h"
#include "bitcoin_address.h"
#include "pkt.h"
#include <openssl/ripemd.h>
#include <ccan/endian/endian.h>
#include <ccan/crypto/sha256/sha256.h>
/* Some standard ops */
#define OP_PUSHBYTES(val) (val)
#define OP_LITERAL(val) (0x51 + (val))
#define OP_PUSHDATA1 0x4C
#define OP_PUSHDATA2 0x4D
#define OP_PUSHDATA4 0x4E
#define OP_NOP 0x61
#define OP_IF 0x63
#define OP_ELSE 0x67
#define OP_ENDIF 0x68
#define OP_DEPTH 0x74
#define OP_DUP 0x76
#define OP_EQUAL 0x87
#define OP_EQUALVERIFY 0x88
#define OP_SIZE 0x82
#define OP_1SUB 0x8C
#define OP_CHECKSIG 0xAC
#define OP_CHECKMULTISIG 0xAE
#define OP_HASH160 0xA9
#define OP_CHECKSEQUENCEVERIFY 0xB2
static void add(u8 **scriptp, const void *mem, size_t len)
{
size_t oldlen = tal_count(*scriptp);
tal_resize(scriptp, oldlen + len);
memcpy(*scriptp + oldlen, mem, len);
}
static void add_op(u8 **scriptp, u8 op)
{
add(scriptp, &op, 1);
}
static void add_push_bytes(u8 **scriptp, const void *mem, size_t len)
{
if (len < 76)
add_op(scriptp, OP_PUSHBYTES(len));
else if (len < 256) {
char c = len;
add_op(scriptp, OP_PUSHDATA1);
add(scriptp, &c, 1);
} else if (len < 65536) {
le16 v = cpu_to_le16(len);
add_op(scriptp, OP_PUSHDATA2);
add(scriptp, &v, 2);
} else {
le32 v = cpu_to_le32(len);
add_op(scriptp, OP_PUSHDATA4);
add(scriptp, &v, 4);
}
add(scriptp, mem, len);
}
/* FIXME: permute? */
/* Is a < b? (If equal we don't care) */
static bool key_less(const BitcoinPubkey *a, const BitcoinPubkey *b)
{
size_t len;
int cmp;
if (a->key.len < b->key.len)
len = a->key.len;
else
len = b->key.len;
cmp = memcmp(a->key.data, b->key.data, len);
if (cmp < 0)
return true;
else if (cmp > 0)
return false;
/* Corner case: if it's shorter, it's less. */
return a->key.len < b->key.len;
}
/* tal_count() gives the length of the script. */
u8 *bitcoin_redeem_2of2(const tal_t *ctx,
const BitcoinPubkey *key1,
const BitcoinPubkey *key2)
{
u8 *script = tal_arr(ctx, u8, 0);
add_op(&script, OP_LITERAL(2));
if (key_less(key1, key2)) {
add_push_bytes(&script, key1->key.data, key1->key.len);
add_push_bytes(&script, key2->key.data, key2->key.len);
} else {
add_push_bytes(&script, key2->key.data, key2->key.len);
add_push_bytes(&script, key1->key.data, key1->key.len);
}
add_op(&script, OP_LITERAL(2));
add_op(&script, OP_CHECKMULTISIG);
return script;
}
/* tal_count() gives the length of the script. */
u8 *bitcoin_redeem_single(const tal_t *ctx, const u8 *key, size_t keylen)
{
u8 *script = tal_arr(ctx, u8, 0);
add_push_bytes(&script, key, keylen);
add_op(&script, OP_CHECKSIG);
return script;
}
/* Create p2sh for this redeem script. */
u8 *scriptpubkey_p2sh(const tal_t *ctx, const u8 *redeemscript)
{
struct sha256 h;
u8 redeemhash[RIPEMD160_DIGEST_LENGTH];
u8 *script = tal_arr(ctx, u8, 0);
add_op(&script, OP_HASH160);
sha256(&h, redeemscript, tal_count(redeemscript));
RIPEMD160(h.u.u8, sizeof(h), redeemhash);
add_push_bytes(&script, redeemhash, sizeof(redeemhash));
add_op(&script, OP_EQUAL);
return script;
}
u8 *scriptpubkey_pay_to_pubkeyhash(const tal_t *ctx,
const struct bitcoin_address *addr)
{
u8 *script = tal_arr(ctx, u8, 0);
add_op(&script, OP_DUP);
add_op(&script, OP_HASH160);
add_push_bytes(&script, addr, sizeof(addr));
add_op(&script, OP_EQUALVERIFY);
add_op(&script, OP_CHECKSIG);
return script;
}
u8 *scriptsig_pay_to_pubkeyhash(const tal_t *ctx,
const struct bitcoin_address *addr,
const u8 *signature,
size_t sig_len)
{
u8 *script = tal_arr(ctx, u8, 0);
add_push_bytes(&script, signature, sig_len);
add_push_bytes(&script, addr, sizeof(*addr));
return script;
}
/* Is this a normal pay to pubkey hash? */
bool is_pay_to_pubkey_hash(const ProtobufCBinaryData *script)
{
if (script->len != 25)
return false;
if (script->data[0] != OP_DUP)
return false;
if (script->data[1] != OP_HASH160)
return false;
if (script->data[2] != OP_PUSHBYTES(20))
return false;
if (script->data[23] != OP_EQUALVERIFY)
return false;
if (script->data[24] != OP_CHECKSIG)
return false;
return true;
}
/* One of:
* mysig and theirsig, OR
* mysig and relative locktime passed, OR
* theirsig and hash preimage. */
u8 *bitcoin_redeem_revocable(const tal_t *ctx,
const BitcoinPubkey *mykey,
u32 locktime,
const BitcoinPubkey *theirkey,
const Sha256Hash *revocation_hash)
{
u8 *script = tal_arr(ctx, u8, 0);
struct sha256 rhash;
u8 rhash_ripemd[RIPEMD160_DIGEST_LENGTH];
le32 locktime_le = cpu_to_le32(locktime);
proto_to_sha256(revocation_hash, &rhash);
/* If there are two args: */
add_op(&script, OP_DEPTH);
add_op(&script, OP_1SUB);
add_op(&script, OP_IF);
/* If the top arg is a hashpreimage. */
add_op(&script, OP_SIZE);
add_op(&script, OP_LITERAL(32));
add_op(&script, OP_EQUAL);
add_op(&script, OP_IF);
/* Must hash to revocation_hash, and be signed by them. */
RIPEMD160(rhash.u.u8, sizeof(rhash.u), rhash_ripemd);
add_op(&script, OP_HASH160);
add_push_bytes(&script, rhash_ripemd, sizeof(rhash_ripemd));
add_op(&script, OP_EQUALVERIFY);
add_push_bytes(&script, theirkey->key.data, theirkey->key.len);
add_op(&script, OP_CHECKSIG);
/* Otherwise, it should be both our sigs. */
add_op(&script, OP_ELSE);
add_op(&script, OP_LITERAL(2));
/* This obscures whose key is whose. Probably unnecessary? */
if (key_less(mykey, theirkey)) {
add_push_bytes(&script, mykey->key.data, mykey->key.len);
add_push_bytes(&script, theirkey->key.data, theirkey->key.len);
} else {
add_push_bytes(&script, theirkey->key.data, theirkey->key.len);
add_push_bytes(&script, mykey->key.data, mykey->key.len);
}
add_op(&script, OP_LITERAL(2));
add_op(&script, OP_CHECKMULTISIG);
add_op(&script, OP_ENDIF);
/* Not two args? Must be us using timeout. */
add_op(&script, OP_ELSE);
add_push_bytes(&script, &locktime_le, sizeof(locktime_le));
add_op(&script, OP_CHECKSEQUENCEVERIFY);
add_push_bytes(&script, mykey->key.data, mykey->key.len);
add_op(&script, OP_CHECKSIG);
add_op(&script, OP_ENDIF);
return script;
}
Reference in New Issue View Git Blame Copy Permalink