func GetHash(a string) (hash.Hash, error) {
var h hash.Hash
switch a {
case "adler32":
h = adler32.New()
case "crc32", "crc32ieee":
h = crc32.New(crc32.MakeTable(crc32.IEEE))
case "crc32castagnoli":
h = crc32.New(crc32.MakeTable(crc32.Castagnoli))
case "crc32koopman":
h = crc32.New(crc32.MakeTable(crc32.Koopman))
case "crc64", "crc64iso":
h = crc64.New(crc64.MakeTable(crc64.ISO))
case "crc64ecma":
h = crc64.New(crc64.MakeTable(crc64.ECMA))
case "fnv", "fnv32":
h = fnv.New32()
case "fnv32a":
h = fnv.New32a()
case "fnv64":
h = fnv.New64()
case "fnv64a":
h = fnv.New64a()
case "hmac", "hmacsha256":
h = hmac.New(sha256.New, []byte(key))
case "hmacmd5":
h = hmac.New(md5.New, []byte(key))
case "hmacsha1":
h = hmac.New(sha1.New, []byte(key))
case "hmacsha512":
h = hmac.New(sha512.New, []byte(key))
case "md4":
h = md4.New()
case "md5":
h = md5.New()
case "ripemd160":
h = ripemd160.New()
case "sha1":
h = sha1.New()
case "sha224":
h = sha256.New224()
case "sha256":
h = sha256.New()
case "sha384":
h = sha512.New384()
case "sha512":
h = sha512.New()
default:
return nil, errors.New("Invalid algorithm")
}
return h, nil
}
func RimpHash(in []byte, out []byte) {
sha := sha256.New()
sha.Write(in)
rim := ripemd160.New()
rim.Write(sha.Sum(nil)[:])
copy(out, rim.Sum(nil))
}
func hash160(data []byte) []byte {
sha := sha256.New()
ripe := ripemd160.New()
sha.Write(data)
ripe.Write(sha.Sum(nil))
return ripe.Sum(nil)
}
func Sha256RipeMD160(b []byte) []byte {
ripe := ripemd160.New()
sha := sha256.New()
sha.Write(b)
ripe.Write(sha.Sum(nil))
return ripe.Sum(nil)
}
// Convert ECC-256 Public Key to an EMP address (raw 25 bytes).
func GetAddress(log chan string, x, y *big.Int) []byte {
pubKey := elliptic.Marshal(elliptic.P256(), x, y)
ripemd := ripemd160.New()
sum := sha512.Sum384(pubKey)
sumslice := make([]byte, sha512.Size384, sha512.Size384)
for i := 0; i < sha512.Size384; i++ {
sumslice[i] = sum[i]
}
ripemd.Write(sumslice)
appender := ripemd.Sum(nil)
appender = appender[len(appender)-20:]
address := make([]byte, 1, 1)
// Version 0x01
address[0] = 0x01
address = append(address, appender...)
sum = sha512.Sum384(address)
sum = sha512.Sum384(sum[:])
for i := 0; i < 4; i++ {
address = append(address, sum[i])
}
return address
}
// General Convenience
func SimpleHashFromBinary(item interface{}) []byte {
hasher, n, err := ripemd160.New(), new(int64), new(error)
wire.WriteBinary(item, hasher, n, err)
if *err != nil {
PanicCrisis(err)
}
return hasher.Sum(nil)
}
// Bitmessage produces a hash for the provided message using a SHA-512 in the
// first round and a RIPEMD-160 in the second.
func Bitmessage(msg []byte) ([]byte, error) {
s := sha512.New()
s.Write(msg)
r := ripemd160.New()
r.Write(s.Sum(nil))
return r.Sum(nil), nil
}
func BinaryRipemd160(o interface{}) []byte {
hasher, n, err := ripemd160.New(), new(int64), new(error)
WriteBinary(o, hasher, n, err)
if *err != nil {
panic(*err)
}
return hasher.Sum(nil)
}
// Returns hash: RIMP160( SHA256( data ) )
func Rimp160AfterSha256(in []byte) (res [20]byte) {
sha := sha256.New()
sha.Write(in)
rim := ripemd160.New()
rim.Write(sha.Sum(nil)[:])
copy(res[:], rim.Sum(nil))
return
}
func execRipemd160(ctx *execContext, op Opcode, _ []byte) error {
if ctx.stack.empty() {
return errStackItemMissing
}
r := ripemd160.New()
r.Write(ctx.stack.pop())
ctx.stack.push(r.Sum(nil))
return nil
}
func (part *Part) Hash() []byte {
if part.hash != nil {
return part.hash
} else {
hasher := ripemd160.New()
hasher.Write(part.Bytes) // doesn't err
part.hash = hasher.Sum(nil)
return part.hash
}
}
func execHash160(ctx *execContext, op Opcode, _ []byte) error {
if ctx.stack.empty() {
return errStackItemMissing
}
h := sha256.Sum256(ctx.stack.pop())
r := ripemd160.New()
r.Write(h[:])
ctx.stack.push(r.Sum(nil))
return nil
}
func SimpleHashFromTwoHashes(left []byte, right []byte) []byte {
var n int64
var err error
var hasher = ripemd160.New()
wire.WriteByteSlice(left, hasher, &n, &err)
wire.WriteByteSlice(right, hasher, &n, &err)
if err != nil {
PanicCrisis(err)
}
return hasher.Sum(nil)
}
func Sha256RipeMD160(b []byte) ([]byte, error) {
ripe := ripemd160.New()
sha := sha256.New()
if _, err := sha.Write(b); err != nil {
return nil, err
}
if _, err := ripe.Write(sha.Sum(nil)); err != nil {
return nil, err
}
return ripe.Sum(nil), nil
}
func (kv KVPair) Hash() []byte {
hasher, n, err := ripemd160.New(), new(int64), new(error)
wire.WriteString(kv.Key, hasher, n, err)
if kvH, ok := kv.Value.(Hashable); ok {
wire.WriteByteSlice(kvH.Hash(), hasher, n, err)
} else {
wire.WriteBinary(kv.Value, hasher, n, err)
}
if *err != nil {
PanicSanity(*err)
}
return hasher.Sum(nil)
}
func ECDSAPublicKeyToString(key ecdsa.PublicKey) string {
x := key.X.Bytes()
y := key.Y.Bytes()
sha := util.SHA256(append(append([]byte{0x04}, x...), y...)) // should it be 0x04?
ripe := ripemd160.New().Sum(sha)
ripesha := util.SHA256(ripe)
ripedoublesha := util.SHA256(ripesha)
head := ripedoublesha[0:3]
final := append(ripe, head...)
i := new(big.Int)
i.SetBytes(final)
var b []byte
return string(base58.EncodeBig(b, i))
}
// Hash160 performs the same operations as OP_HASH160 in Bitcoin Script
// It hashes the given data first with SHA256, then RIPEMD160
func Hash160(data []byte) ([]byte, error) {
//Does identical function to Script OP_HASH160. Hash once with SHA-256, then RIPEMD-160
if data == nil {
return nil, errors.New("Empty bytes cannot be hashed")
}
shaHash := sha256.New()
shaHash.Write(data)
hash := shaHash.Sum(nil) //SHA256 first
ripemd160Hash := ripemd160.New()
ripemd160Hash.Write(hash)
hash = ripemd160Hash.Sum(nil) //RIPEMD160 second
return hash, nil
}
func ripemd160Func(input []byte, gas *uint64) (output []byte, err error) {
// Deduct gas
gasRequired := uint64((len(input)+31)/32)*GasRipemd160Word + GasRipemd160Base
if *gas < gasRequired {
return nil, ErrInsufficientGas
} else {
*gas -= gasRequired
}
// Hash
hasher := ripemd160.New()
_, err = hasher.Write(input)
if err != nil {
panic(err)
}
return LeftPadBytes(hasher.Sum(nil), 32), nil
}
// NOTE: sets hashes recursively
func (node *IAVLNode) hashWithCount(t *IAVLTree) ([]byte, int) {
if node.hash != nil {
return node.hash, 0
}
hasher := ripemd160.New()
buf := new(bytes.Buffer)
_, hashCount, err := node.writeHashBytes(t, buf)
if err != nil {
PanicCrisis(err)
}
// fmt.Printf("Wrote IAVL hash bytes: %X\n", buf.Bytes())
hasher.Write(buf.Bytes())
node.hash = hasher.Sum(nil)
// fmt.Printf("Write IAVL hash: %X\n", node.hash)
return node.hash, hashCount + 1
}
// ToAddressUncompressed converts a Bitcoin public key to an uncompressed Bitcoin address string.
func (pub *PublicKey) ToAddressUncompressed() (address string) {
/* See https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses */
/* Convert the public key to bytes */
pub_bytes := pub.ToBytesUncompressed()
/* SHA256 Hash */
sha256_h := sha256.New()
sha256_h.Reset()
sha256_h.Write(pub_bytes)
pub_hash_1 := sha256_h.Sum(nil)
/* RIPEMD-160 Hash */
ripemd160_h := ripemd160.New()
ripemd160_h.Reset()
ripemd160_h.Write(pub_hash_1)
pub_hash_2 := ripemd160_h.Sum(nil)
/* Convert hash bytes to base58 check encoded sequence */
address = b58checkencode(0x00, pub_hash_2)
return address
}
func GetHash(alg string) (hash.Hash, error) {
var h hash.Hash
switch alg {
default:
return nil, fmt.Errorf("Invalid algorithm")
case "md4":
h = md4.New()
case "md5":
h = md5.New()
case "ripemd160":
h = ripemd160.New()
case "sha1":
h = sha1.New()
case "sha224":
h = sha256.New224()
case "sha256":
h = sha256.New()
case "sha384":
h = sha512.New384()
case "sha512":
h = sha512.New()
}
return h, nil
}
func evalScript(p []byte, stack *scrStack, tx *Tx, inp int) bool {
var vfExec scrStack
var altstack scrStack
sta, idx, nOpCount := 0, 0, 0
for idx < len(p) {
fExec := vfExec.empties() == 0
// Read instruction
opcode, vchPushValue, n, e := getOpcode(p[idx:])
if e != nil {
println(e.Error())
return false
}
idx += n
if don(DBG_SCRIPT) {
fmt.Printf("\nExecuting opcode 0x%02x..\n", opcode)
stack.print()
}
if vchPushValue != nil && len(vchPushValue) > MAX_SCRIPT_ELEMENT_SIZE {
println("vchPushValue too long", len(vchPushValue))
return false
}
if opcode > 0x60 {
nOpCount++
if nOpCount > 201 {
println("evalScript: too many opcodes A")
return false
}
}
if opcode == 0x7e /*OP_CAT*/ ||
opcode == 0x7f /*OP_SUBSTR*/ ||
opcode == 0x80 /*OP_LEFT*/ ||
opcode == 0x81 /*OP_RIGHT*/ ||
opcode == 0x83 /*OP_INVERT*/ ||
opcode == 0x84 /*OP_AND*/ ||
opcode == 0x85 /*OP_OR*/ ||
opcode == 0x86 /*OP_XOR*/ ||
opcode == 0x8d /*OP_2MUL*/ ||
opcode == 0x8e /*OP_2DIV*/ ||
opcode == 0x95 /*OP_MUL*/ ||
opcode == 0x96 /*OP_DIV*/ ||
opcode == 0x97 /*OP_MOD*/ ||
opcode == 0x98 /*OP_LSHIFT*/ ||
opcode == 0x99 /*OP_RSHIFT*/ {
println("Unsupported opcode")
return false
}
if fExec && 0 <= opcode && opcode <= 0x4e /*OP_PUSHDATA4*/ {
stack.push(vchPushValue[:])
} else if fExec || (0x63 /*OP_IF*/ <= opcode && opcode <= 0x68 /*OP_ENDIF*/) {
switch {
case opcode == 0x4f: // OP_1NEGATE
stack.pushInt(-1)
case opcode >= 0x51 && opcode <= 0x60: // OP_1-OP_16
stack.pushInt(opcode - 0x50)
case opcode == 0x61: // OP_NOP
// Do nothing
case opcode == 0x62: // OP_VER
// I think, do nothing...
case opcode == 0x63 || opcode == 0x64: //OP_IF || OP_NOTIF
// <expression> if [statements] [else [statements]] endif
fValue := false
if fExec {
if stack.size() < 1 {
println("Stack too short for", opcode)
return false
}
if opcode == 0x63 /*OP_IF*/ {
fValue = stack.popInt() != 0
} else {
fValue = stack.popInt() == 0
}
}
vfExec.pushBool(fValue)
case opcode == 0x67: //OP_ELSE
if vfExec.size() == 0 {
println("vfExec empty in OP_ELSE")
}
vfExec.pushBool(vfExec.popInt() == 0)
case opcode == 0x68: //OP_ENDIF
if vfExec.size() == 0 {
println("vfExec empty in OP_ENDIF")
}
vfExec.pop()
case opcode == 0x69: //OP_VERIFY
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
if stack.topInt(-1) == 0 {
return false
}
stack.pop()
case opcode == 0x6b: //OP_TOALTSTACK
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
altstack.push(stack.pop())
case opcode == 0x6c: //OP_FROMALTSTACK
if altstack.size() < 1 {
println("AltStack too short for opcode", opcode)
return false
}
stack.push(altstack.pop())
case opcode == 0x6d: //OP_2DROP
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.pop()
stack.pop()
case opcode == 0x6e: //OP_2DUP
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.top(-1)
x2 := stack.top(-2)
stack.push(x2)
stack.push(x1)
case opcode == 0x6f: //OP_3DUP
if stack.size() < 3 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.top(-3)
x2 := stack.top(-2)
x3 := stack.top(-1)
stack.push(x1)
stack.push(x2)
stack.push(x3)
case opcode == 0x70: //OP_2OVER
if stack.size() < 4 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.top(-4)
x2 := stack.top(-3)
stack.push(x1)
stack.push(x2)
case opcode == 0x73: //OP_IFDUP
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
ti := stack.topInt(-1)
if ti != 0 {
stack.pushInt(ti)
}
case opcode == 0x74: //OP_DEPTH
stack.pushInt(stack.size())
case opcode == 0x75: //OP_DROP
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pop()
case opcode == 0x76: //OP_DUP
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
el := stack.pop()
stack.push(el)
stack.push(el)
case opcode == 0x77: //OP_NIP
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
x := stack.pop()
stack.pop()
stack.push(x)
case opcode == 0x78: //OP_OVER
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.push(stack.top(-2))
case opcode == 0x79 || opcode == 0x7a: //OP_PICK || OP_ROLL
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
n := stack.popInt()
if n < 0 || n >= stack.size() {
println("Wrong n for opcode", opcode)
return false
}
if opcode == 0x79 /*OP_PICK*/ {
stack.push(stack.top(-1 - n))
} else if n > 0 {
tmp := make([][]byte, n)
for i := range tmp {
tmp[i] = stack.pop()
}
xn := stack.pop()
for i := len(tmp) - 1; i >= 0; i-- {
stack.push(tmp[i])
}
stack.push(xn)
}
case opcode == 0x7b: //OP_ROT
if stack.size() < 3 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.pop()
x2 := stack.pop()
x3 := stack.pop()
stack.push(x2)
stack.push(x3)
stack.push(x1)
case opcode == 0x7c: //OP_SWAP
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
case opcode == 0x7d: //OP_TUCK
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x2)
stack.push(x1)
stack.push(x2)
case opcode == 0x82: //OP_SIZE
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushInt(len(stack.top(-1)))
case opcode == 0x87: //OP_EQUAL
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
if bytes.Equal(stack.pop()[:], stack.pop()[:]) {
stack.push([]byte{1})
} else {
stack.push([]byte{0})
}
case opcode == 0x88: //OP_EQUALVERIFY
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
return bytes.Equal(stack.pop()[:], stack.pop()[:])
case opcode == 0x8c: //OP_1SUB
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushInt(stack.popInt() - 1)
case opcode == 0x8f: //OP_NEGATE
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushInt(-stack.popInt())
case opcode == 0x90: //OP_ABS
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
if a < 0 {
stack.pushInt(-a)
} else {
stack.pushInt(a)
}
case opcode == 0x91: //OP_NOT
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushBool(stack.popInt() == 0)
case opcode == 0x92: //OP_0NOTEQUAL
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushBool(stack.popInt() != 0)
case opcode == 0x93: //OP_ADD
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushInt(stack.popInt() + stack.popInt())
case opcode == 0x94: //OP_SUB
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
stack.pushInt(a - b)
case opcode == 0x9a: //OP_BOOLAND
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushBool(stack.popInt() != 0 && stack.popInt() != 0)
case opcode == 0x9b: //OP_BOOLOR
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushBool(stack.popInt() != 0 || stack.popInt() != 0)
case opcode == 0x9c || opcode == 0x9d: //OP_NUMEQUAL || OP_NUMEQUALVERIFY
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
if opcode == 0x9d {
return stack.popInt() == stack.popInt()
} else {
stack.pushBool(stack.popInt() == stack.popInt())
}
case opcode == 0x9e: //OP_NUMNOTEQUAL
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
stack.pushBool(stack.popInt() != stack.popInt())
case opcode == 0x9f: //OP_LESSTHAN
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
stack.pushBool(a < b)
case opcode == 0xa0: //OP_GREATERTHAN
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
stack.pushBool(a > b)
case opcode == 0xa1: //OP_LESSTHANOREQUAL
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
stack.pushBool(a <= b)
case opcode == 0xa2: //OP_GREATERTHANOREQUAL
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
stack.pushBool(a >= b)
case opcode == 0xa3: //OP_MIN
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
if a < b {
stack.pushInt(a)
} else {
stack.pushInt(b)
}
case opcode == 0xa4: //OP_MAX
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
a := stack.popInt()
b := stack.popInt()
if a > b {
stack.pushInt(a)
} else {
stack.pushInt(b)
}
case opcode == 0xa5: //OP_WITHIN
if stack.size() < 3 {
println("Stack too short for opcode", opcode)
return false
}
x := stack.popInt()
mi := stack.popInt()
ma := stack.popInt()
stack.pushBool(x >= mi && x < ma)
case opcode == 0xa6: //OP_RIPEMD160
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
rim := ripemd160.New()
rim.Write(stack.pop()[:])
stack.push(rim.Sum(nil)[:])
case opcode == 0xa8: //OP_SHA256
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
sha := sha256.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa9: //OP_HASH160
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
rim160 := Rimp160AfterSha256(stack.pop())
stack.push(rim160[:])
case opcode == 0xaa: //OP_HASH256
if stack.size() < 1 {
println("Stack too short for opcode", opcode)
return false
}
h := Sha2Sum(stack.pop())
stack.push(h[:])
case opcode == 0xab: // OP_CODESEPARATOR
sta = idx
case opcode == 0xac: // OP_CHECKSIG
if stack.size() < 2 {
println("Stack too short for opcode", opcode)
return false
}
key, e := NewPublicKey(stack.pop())
if e != nil {
println(e.Error())
return false
}
sig, e := NewSignature(stack.pop())
if e != nil {
println(e.Error())
return false
}
return key.Verify(tx.SignatureHash(p[sta:], inp, sig.HashType), sig)
case opcode == 0xae: //OP_CHECKMULTISIG
//println("OP_CHECKMULTISIG ...")
//stack.print()
if stack.size() < 1 {
println("OP_CHECKMULTISIG: Stack too short A")
return false
}
i := 1
nKeysCount := stack.topInt(-i)
if nKeysCount < 0 || nKeysCount > 20 {
println("OP_CHECKMULTISIG: Wrong number of keys")
return false
}
nOpCount += nKeysCount
if nOpCount > 201 {
println("evalScript: too many opcodes B")
return false
}
i++
ikey := i
i += nKeysCount
if stack.size() < i {
println("OP_CHECKMULTISIG: Stack too short B")
return false
}
nSigsCount := stack.topInt(-i)
if nSigsCount < 0 || nSigsCount > nKeysCount {
println("OP_CHECKMULTISIG: nSigsCount error")
return false
}
i++
isig := i
i += nSigsCount
if stack.size() < i {
println("OP_CHECKMULTISIG: Stack too short C")
return false
}
fSuccess := true
for nSigsCount > 0 {
key, e := NewPublicKey(stack.top(-ikey))
if e != nil {
println(e.Error())
return false
}
sig, e := NewSignature(stack.top(-isig))
if e != nil {
println(e.Error())
return false
}
fOk := key.Verify(tx.SignatureHash(p[sta:], inp, sig.HashType), sig)
if fOk {
isig++
nSigsCount--
}
ikey++
nKeysCount--
// If there are more signatures left than keys left,
// then too many signatures have failed
if nSigsCount > nKeysCount {
fSuccess = false
}
}
for i > 0 {
i--
stack.pop()
}
//stack.print()
return fSuccess
case opcode >= 0xb0 && opcode <= 0xb9: //OP_NOP
// just do nothing
case opcode >= 0xba: // inivalid opcode = invaid script
println("fail tx because it contains invalid opcode", opcode)
return false
default:
fmt.Printf("Unhandled opcode 0x%02x\n", opcode)
stack.print()
fmt.Println("Rest of the script:", hex.EncodeToString(p[idx:]))
os.Exit(0)
}
}
if don(DBG_SCRIPT) {
stack.print()
}
if stack.size()+altstack.size() > 1000 {
println("Stack too big")
return false
}
}
if vfExec.size() > 0 {
println("Unfinished if..")
return false
}
return true
}
func evalScript(p []byte, stack *scrStack, tx *Tx, inp int) bool {
if don(DBG_SCRIPT) {
println("script len", len(p))
}
if len(p) > 10000 {
if don(DBG_SCRERR) {
println("script too long", len(p))
}
return false
}
defer func() {
if r := recover(); r != nil {
if don(DBG_SCRERR) {
err, ok := r.(error)
if !ok {
err = fmt.Errorf("pkg: %v", r)
}
println("evalScript panic:", err.Error())
}
}
}()
var vfExec scrStack
var altstack scrStack
sta, idx, opcnt := 0, 0, 0
for idx < len(p) {
fExec := vfExec.nofalse()
// Read instruction
opcode, vchPushValue, n, e := GetOpcode(p[idx:])
if e != nil {
println(e.Error())
println("A", idx, hex.EncodeToString(p))
return false
}
idx += n
if don(DBG_SCRIPT) {
fmt.Printf("\nExecuting opcode 0x%02x n=%d fExec:%t push:%s..\n",
opcode, n, fExec, hex.EncodeToString(vchPushValue))
stack.print()
}
if vchPushValue != nil && len(vchPushValue) > MAX_SCRIPT_ELEMENT_SIZE {
if don(DBG_SCRERR) {
println("vchPushValue too long", len(vchPushValue))
}
return false
}
if opcode > 0x60 {
opcnt++
if opcnt > 201 {
if don(DBG_SCRERR) {
println("evalScript: too many opcodes A")
}
return false
}
}
if opcode == 0x7e /*OP_CAT*/ ||
opcode == 0x7f /*OP_SUBSTR*/ ||
opcode == 0x80 /*OP_LEFT*/ ||
opcode == 0x81 /*OP_RIGHT*/ ||
opcode == 0x83 /*OP_INVERT*/ ||
opcode == 0x84 /*OP_AND*/ ||
opcode == 0x85 /*OP_OR*/ ||
opcode == 0x86 /*OP_XOR*/ ||
opcode == 0x8d /*OP_2MUL*/ ||
opcode == 0x8e /*OP_2DIV*/ ||
opcode == 0x95 /*OP_MUL*/ ||
opcode == 0x96 /*OP_DIV*/ ||
opcode == 0x97 /*OP_MOD*/ ||
opcode == 0x98 /*OP_LSHIFT*/ ||
opcode == 0x99 /*OP_RSHIFT*/ {
if don(DBG_SCRERR) {
println("Unsupported opcode", opcode)
}
return false
}
if fExec && 0 <= opcode && opcode <= OP_PUSHDATA4 {
stack.push(vchPushValue)
if don(DBG_SCRIPT) {
fmt.Println("pushed", len(vchPushValue), "bytes")
}
} else if fExec || (0x63 /*OP_IF*/ <= opcode && opcode <= 0x68 /*OP_ENDIF*/) {
switch {
case opcode == 0x4f: // OP_1NEGATE
stack.pushInt(-1)
case opcode >= 0x51 && opcode <= 0x60: // OP_1-OP_16
stack.pushInt(int64(opcode - 0x50))
case opcode == 0x61: // OP_NOP
// Do nothing
/* - not handled
OP_VER = 0x62
*/
case opcode == 0x63 || opcode == 0x64: //OP_IF || OP_NOTIF
// <expression> if [statements] [else [statements]] endif
fValue := false
if fExec {
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for", opcode)
}
return false
}
if opcode == 0x63 /*OP_IF*/ {
fValue = stack.popBool()
} else {
fValue = !stack.popBool()
}
}
if don(DBG_SCRERR) {
println(fExec, "if pushing", fValue, "...")
}
vfExec.pushBool(fValue)
/* - not handled
OP_VERIF = 0x65,
OP_VERNOTIF = 0x66,
*/
case opcode == 0x67: //OP_ELSE
if vfExec.size() == 0 {
if don(DBG_SCRERR) {
println("vfExec empty in OP_ELSE")
}
}
vfExec.pushBool(!vfExec.popBool())
case opcode == 0x68: //OP_ENDIF
if vfExec.size() == 0 {
if don(DBG_SCRERR) {
println("vfExec empty in OP_ENDIF")
}
}
vfExec.pop()
case opcode == 0x69: //OP_VERIFY
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
if !stack.topBool(-1) {
return false
}
stack.pop()
case opcode == 0x6b: //OP_TOALTSTACK
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
altstack.push(stack.pop())
case opcode == 0x6c: //OP_FROMALTSTACK
if altstack.size() < 1 {
if don(DBG_SCRERR) {
println("AltStack too short for opcode", opcode)
}
return false
}
stack.push(altstack.pop())
case opcode == 0x6d: //OP_2DROP
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
stack.pop()
case opcode == 0x6e: //OP_2DUP
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-1)
x2 := stack.top(-2)
stack.push(x2)
stack.push(x1)
case opcode == 0x6f: //OP_3DUP
if stack.size() < 3 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-3)
x2 := stack.top(-2)
x3 := stack.top(-1)
stack.push(x1)
stack.push(x2)
stack.push(x3)
case opcode == 0x70: //OP_2OVER
if stack.size() < 4 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-4)
x2 := stack.top(-3)
stack.push(x1)
stack.push(x2)
case opcode == 0x71: //OP_2ROT
// (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
if stack.size() < 6 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x6 := stack.pop()
x5 := stack.pop()
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x5)
stack.push(x6)
stack.push(x1)
stack.push(x2)
case opcode == 0x72: //OP_2SWAP
// (x1 x2 x3 x4 -- x3 x4 x1 x2)
if stack.size() < 4 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x1)
stack.push(x2)
case opcode == 0x73: //OP_IFDUP
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
if stack.topBool(-1) {
stack.push(stack.top(-1))
}
case opcode == 0x74: //OP_DEPTH
stack.pushInt(int64(stack.size()))
case opcode == 0x75: //OP_DROP
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
case opcode == 0x76: //OP_DUP
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
el := stack.pop()
stack.push(el)
stack.push(el)
case opcode == 0x77: //OP_NIP
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x := stack.pop()
stack.pop()
stack.push(x)
case opcode == 0x78: //OP_OVER
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.push(stack.top(-2))
case opcode == 0x79 || opcode == 0x7a: //OP_PICK || OP_ROLL
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
n := stack.popInt()
if n < 0 || n >= int64(stack.size()) {
if don(DBG_SCRERR) {
println("Wrong n for opcode", opcode)
}
return false
}
if opcode == 0x79 /*OP_PICK*/ {
stack.push(stack.top(int(-1 - n)))
} else if n > 0 {
tmp := make([][]byte, n)
for i := range tmp {
tmp[i] = stack.pop()
}
xn := stack.pop()
for i := len(tmp) - 1; i >= 0; i-- {
stack.push(tmp[i])
}
stack.push(xn)
}
case opcode == 0x7b: //OP_ROT
if stack.size() < 3 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x2)
stack.push(x3)
stack.push(x1)
case opcode == 0x7c: //OP_SWAP
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
case opcode == 0x7d: //OP_TUCK
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
stack.push(x1)
case opcode == 0x82: //OP_SIZE
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(int64(len(stack.top(-1))))
case opcode == 0x87 || opcode == 0x88: //OP_EQUAL || OP_EQUALVERIFY
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
a := stack.pop()
b := stack.pop()
if opcode == 0x88 { //OP_EQUALVERIFY
if !bytes.Equal(a, b) {
return false
}
} else {
stack.pushBool(bytes.Equal(a, b))
}
/* - not handled
OP_RESERVED1 = 0x89,
OP_RESERVED2 = 0x8a,
*/
case opcode == 0x8b: //OP_1ADD
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt() + 1)
case opcode == 0x8c: //OP_1SUB
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt() - 1)
case opcode == 0x8f: //OP_NEGATE
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(-stack.popInt())
case opcode == 0x90: //OP_ABS
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
a := stack.popInt()
if a < 0 {
stack.pushInt(-a)
} else {
stack.pushInt(a)
}
case opcode == 0x91: //OP_NOT
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushBool(stack.popInt() == 0)
case opcode == 0x92: //OP_0NOTEQUAL
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
stack.pushBool(stack.popBool())
case opcode == 0x93 || //OP_ADD
opcode == 0x94 || //OP_SUB
opcode == 0x9a || //OP_BOOLAND
opcode == 0x9b || //OP_BOOLOR
opcode == 0x9c || opcode == 0x9d || //OP_NUMEQUAL || OP_NUMEQUALVERIFY
opcode == 0x9e || //OP_NUMNOTEQUAL
opcode == 0x9f || //OP_LESSTHAN
opcode == 0xa0 || //OP_GREATERTHAN
opcode == 0xa1 || //OP_LESSTHANOREQUAL
opcode == 0xa2 || //OP_GREATERTHANOREQUAL
opcode == 0xa3 || //OP_MIN
opcode == 0xa4: //OP_MAX
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
bn2 := stack.popInt()
bn1 := stack.popInt()
var bn int64
switch opcode {
case 0x93:
bn = bn1 + bn2 // OP_ADD
case 0x94:
bn = bn1 - bn2 // OP_SUB
case 0x9a:
bn = b2i(bn1 != 0 && bn2 != 0) // OP_BOOLAND
case 0x9b:
bn = b2i(bn1 != 0 || bn2 != 0) // OP_BOOLOR
case 0x9c:
bn = b2i(bn1 == bn2) // OP_NUMEQUAL
case 0x9d:
bn = b2i(bn1 == bn2) // OP_NUMEQUALVERIFY
case 0x9e:
bn = b2i(bn1 != bn2) // OP_NUMNOTEQUAL
case 0x9f:
bn = b2i(bn1 < bn2) // OP_LESSTHAN
case 0xa0:
bn = b2i(bn1 > bn2) // OP_GREATERTHAN
case 0xa1:
bn = b2i(bn1 <= bn2) // OP_LESSTHANOREQUAL
case 0xa2:
bn = b2i(bn1 >= bn2) // OP_GREATERTHANOREQUAL
case 0xa3: // OP_MIN
if bn1 < bn2 {
bn = bn1
} else {
bn = bn2
}
case 0xa4: // OP_MAX
if bn1 > bn2 {
bn = bn1
} else {
bn = bn2
}
default:
panic("invalid opcode")
}
if opcode == 0x9d { //OP_NUMEQUALVERIFY
if bn == 0 {
return false
}
} else {
stack.pushInt(bn)
}
case opcode == 0xa5: //OP_WITHIN
if stack.size() < 3 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
bn3 := stack.popInt()
bn2 := stack.popInt()
bn1 := stack.popInt()
stack.pushBool(bn2 <= bn1 && bn1 < bn3)
case opcode == 0xa6: //OP_RIPEMD160
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
rim := ripemd160.New()
rim.Write(stack.pop()[:])
stack.push(rim.Sum(nil)[:])
case opcode == 0xa7: //OP_SHA1
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
sha := sha1.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa8: //OP_SHA256
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
sha := sha256.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa9: //OP_HASH160
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
rim160 := Rimp160AfterSha256(stack.pop())
stack.push(rim160[:])
case opcode == 0xaa: //OP_HASH256
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
h := Sha2Sum(stack.pop())
stack.push(h[:])
case opcode == 0xab: // OP_CODESEPARATOR
sta = idx
case opcode == 0xac || opcode == 0xad: // OP_CHECKSIG || OP_CHECKSIGVERIFY
if stack.size() < 2 {
if don(DBG_SCRERR) {
println("Stack too short for opcode", opcode)
}
return false
}
var ok bool
pk := stack.pop()
si := stack.pop()
if len(si) > 9 {
sh := tx.SignatureHash(delSig(p[sta:], si), inp, si[len(si)-1])
ok = EcdsaVerify(pk, si, sh)
if !ok && don(DBG_SCRERR) {
println("EcdsaVerify fail 1")
}
}
if don(DBG_SCRIPT) {
println("ver:", ok)
}
if opcode == 0xad {
if !ok { // OP_CHECKSIGVERIFY
return false
}
} else { // OP_CHECKSIG
stack.pushBool(ok)
}
case opcode == 0xae || opcode == 0xaf: //OP_CHECKMULTISIG || OP_CHECKMULTISIGVERIFY
//println("OP_CHECKMULTISIG ...")
//stack.print()
if stack.size() < 1 {
if don(DBG_SCRERR) {
println("OP_CHECKMULTISIG: Stack too short A")
}
return false
}
i := 1
keyscnt := stack.topInt(-i)
if keyscnt < 0 || keyscnt > 20 {
println("OP_CHECKMULTISIG: Wrong number of keys")
return false
}
opcnt += int(keyscnt)
if opcnt > 201 {
println("evalScript: too many opcodes B")
return false
}
i++
ikey := i
i += int(keyscnt)
if stack.size() < i {
if don(DBG_SCRERR) {
println("OP_CHECKMULTISIG: Stack too short B")
}
return false
}
sigscnt := stack.topInt(-i)
if sigscnt < 0 || sigscnt > keyscnt {
println("OP_CHECKMULTISIG: sigscnt error")
return false
}
i++
isig := i
i += int(sigscnt)
if stack.size() < i {
if don(DBG_SCRERR) {
println("OP_CHECKMULTISIG: Stack too short C")
}
return false
}
xxx := p[sta:]
for k := 0; k < int(sigscnt); k++ {
xxx = delSig(xxx, stack.top(-isig-k))
}
success := true
for sigscnt > 0 {
pk := stack.top(-ikey)
si := stack.top(-isig)
if len(si) > 9 && ((len(pk) == 65 && pk[0] == 4) || (len(pk) == 33 && (pk[0]|1) == 3)) {
sh := tx.SignatureHash(xxx, inp, si[len(si)-1])
if EcdsaVerify(pk, si, sh) {
isig++
sigscnt--
}
}
ikey++
keyscnt--
// If there are more signatures left than keys left,
// then too many signatures have failed
if sigscnt > keyscnt {
success = false
break
}
}
for i > 0 {
i--
stack.pop()
}
if opcode == 0xaf {
if !success { // OP_CHECKMULTISIGVERIFY
return false
}
} else {
stack.pushBool(success)
}
case opcode >= 0xb0 && opcode <= 0xb9: //OP_NOP
// just do nothing
default:
if don(DBG_SCRERR) {
fmt.Printf("Unhandled opcode 0x%02x - a handler must be implemented\n", opcode)
stack.print()
fmt.Println("Rest of the script:", hex.EncodeToString(p[idx:]))
}
return false
}
}
if don(DBG_SCRIPT) {
fmt.Printf("Finished Executing opcode 0x%02x\n", opcode)
stack.print()
}
if stack.size()+altstack.size() > 1000 {
if don(DBG_SCRERR) {
println("Stack too big")
}
return false
}
}
if don(DBG_SCRIPT) {
fmt.Println("END OF SCRIPT")
stack.print()
}
if vfExec.size() > 0 {
if don(DBG_SCRERR) {
println("Unfinished if..")
}
return false
}
return true
}
func Ripemd160(data []byte) []byte {
ripemd := ripemd160.New()
ripemd.Write(data)
return ripemd.Sum(nil)
}
func evalScript(p []byte, stack *scrStack, tx *btc.Tx, inp int, ver_flags uint32) bool {
if DBG_SCR {
fmt.Println("script len", len(p))
}
if len(p) > 10000 {
if DBG_ERR {
fmt.Println("script too long", len(p))
}
return false
}
defer func() {
if r := recover(); r != nil {
if DBG_ERR {
err, ok := r.(error)
if !ok {
err = fmt.Errorf("pkg: %v", r)
}
fmt.Println("evalScript panic:", err.Error())
fmt.Println(string(debug.Stack()))
}
}
}()
var exestack scrStack
var altstack scrStack
sta, idx, opcnt := 0, 0, 0
checkMinVals := (ver_flags & VER_MINDATA) != 0
for idx < len(p) {
inexec := exestack.nofalse()
// Read instruction
opcode, pushval, n, e := btc.GetOpcode(p[idx:])
if e != nil {
//fmt.Println(e.Error())
//fmt.Println("A", idx, hex.EncodeToString(p))
return false
}
idx += n
if DBG_SCR {
fmt.Printf("\nExecuting opcode 0x%02x n=%d inexec:%t push:%s..\n",
opcode, n, inexec, hex.EncodeToString(pushval))
stack.print()
}
if pushval != nil && len(pushval) > btc.MAX_SCRIPT_ELEMENT_SIZE {
if DBG_ERR {
fmt.Println("pushval too long", len(pushval))
}
return false
}
if opcode > 0x60 {
opcnt++
if opcnt > 201 {
if DBG_ERR {
fmt.Println("evalScript: too many opcodes A")
}
return false
}
}
if opcode == 0x7e /*OP_CAT*/ ||
opcode == 0x7f /*OP_SUBSTR*/ ||
opcode == 0x80 /*OP_LEFT*/ ||
opcode == 0x81 /*OP_RIGHT*/ ||
opcode == 0x83 /*OP_INVERT*/ ||
opcode == 0x84 /*OP_AND*/ ||
opcode == 0x85 /*OP_OR*/ ||
opcode == 0x86 /*OP_XOR*/ ||
opcode == 0x8d /*OP_2MUL*/ ||
opcode == 0x8e /*OP_2DIV*/ ||
opcode == 0x95 /*OP_MUL*/ ||
opcode == 0x96 /*OP_DIV*/ ||
opcode == 0x97 /*OP_MOD*/ ||
opcode == 0x98 /*OP_LSHIFT*/ ||
opcode == 0x99 /*OP_RSHIFT*/ {
if DBG_ERR {
fmt.Println("Unsupported opcode", opcode)
}
return false
}
if inexec && 0 <= opcode && opcode <= btc.OP_PUSHDATA4 {
if checkMinVals && !checkMinimalPush(pushval, opcode) {
if DBG_ERR {
fmt.Println("Push value not in a minimal format", hex.EncodeToString(pushval))
}
return false
}
stack.push(pushval)
if DBG_SCR {
fmt.Println("pushed", len(pushval), "bytes")
}
} else if inexec || (0x63 /*OP_IF*/ <= opcode && opcode <= 0x68 /*OP_ENDIF*/) {
switch {
case opcode == 0x4f: // OP_1NEGATE
stack.pushInt(-1)
case opcode >= 0x51 && opcode <= 0x60: // OP_1-OP_16
stack.pushInt(int64(opcode - 0x50))
case opcode == 0x61: // OP_NOP
// Do nothing
/* - not handled
OP_VER = 0x62
*/
case opcode == 0x63 || opcode == 0x64: //OP_IF || OP_NOTIF
// <expression> if [statements] [else [statements]] endif
val := false
if inexec {
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for", opcode)
}
return false
}
if opcode == 0x63 /*OP_IF*/ {
val = stack.popBool()
} else {
val = !stack.popBool()
}
}
if DBG_SCR {
fmt.Println(inexec, "if pushing", val, "...")
}
exestack.pushBool(val)
/* - not handled
OP_VERIF = 0x65,
OP_VERNOTIF = 0x66,
*/
case opcode == 0x67: //OP_ELSE
if exestack.size() == 0 {
if DBG_ERR {
fmt.Println("exestack empty in OP_ELSE")
}
}
exestack.pushBool(!exestack.popBool())
case opcode == 0x68: //OP_ENDIF
if exestack.size() == 0 {
if DBG_ERR {
fmt.Println("exestack empty in OP_ENDIF")
}
}
exestack.pop()
case opcode == 0x69: //OP_VERIFY
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
if !stack.topBool(-1) {
return false
}
stack.pop()
case opcode == 0x6b: //OP_TOALTSTACK
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
altstack.push(stack.pop())
case opcode == 0x6c: //OP_FROMALTSTACK
if altstack.size() < 1 {
if DBG_ERR {
fmt.Println("AltStack too short for opcode", opcode)
}
return false
}
stack.push(altstack.pop())
case opcode == 0x6d: //OP_2DROP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
stack.pop()
case opcode == 0x6e: //OP_2DUP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-1)
x2 := stack.top(-2)
stack.push(x2)
stack.push(x1)
case opcode == 0x6f: //OP_3DUP
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-3)
x2 := stack.top(-2)
x3 := stack.top(-1)
stack.push(x1)
stack.push(x2)
stack.push(x3)
case opcode == 0x70: //OP_2OVER
if stack.size() < 4 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-4)
x2 := stack.top(-3)
stack.push(x1)
stack.push(x2)
case opcode == 0x71: //OP_2ROT
// (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
if stack.size() < 6 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x6 := stack.pop()
x5 := stack.pop()
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x5)
stack.push(x6)
stack.push(x1)
stack.push(x2)
case opcode == 0x72: //OP_2SWAP
// (x1 x2 x3 x4 -- x3 x4 x1 x2)
if stack.size() < 4 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x1)
stack.push(x2)
case opcode == 0x73: //OP_IFDUP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
if stack.topBool(-1) {
stack.push(stack.top(-1))
}
case opcode == 0x74: //OP_DEPTH
stack.pushInt(int64(stack.size()))
case opcode == 0x75: //OP_DROP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
case opcode == 0x76: //OP_DUP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
el := stack.pop()
stack.push(el)
stack.push(el)
case opcode == 0x77: //OP_NIP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x := stack.pop()
stack.pop()
stack.push(x)
case opcode == 0x78: //OP_OVER
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.push(stack.top(-2))
case opcode == 0x79 || opcode == 0x7a: //OP_PICK || OP_ROLL
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
n := stack.popInt(checkMinVals)
if n < 0 || n >= int64(stack.size()) {
if DBG_ERR {
fmt.Println("Wrong n for opcode", opcode)
}
return false
}
if opcode == 0x79 /*OP_PICK*/ {
stack.push(stack.top(int(-1 - n)))
} else if n > 0 {
tmp := make([][]byte, n)
for i := range tmp {
tmp[i] = stack.pop()
}
xn := stack.pop()
for i := len(tmp) - 1; i >= 0; i-- {
stack.push(tmp[i])
}
stack.push(xn)
}
case opcode == 0x7b: //OP_ROT
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x2)
stack.push(x3)
stack.push(x1)
case opcode == 0x7c: //OP_SWAP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
case opcode == 0x7d: //OP_TUCK
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
stack.push(x1)
case opcode == 0x82: //OP_SIZE
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(int64(len(stack.top(-1))))
case opcode == 0x87 || opcode == 0x88: //OP_EQUAL || OP_EQUALVERIFY
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
a := stack.pop()
b := stack.pop()
if opcode == 0x88 { //OP_EQUALVERIFY
if !bytes.Equal(a, b) {
return false
}
} else {
stack.pushBool(bytes.Equal(a, b))
}
/* - not handled
OP_RESERVED1 = 0x89,
OP_RESERVED2 = 0x8a,
*/
case opcode == 0x8b: //OP_1ADD
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt(checkMinVals) + 1)
case opcode == 0x8c: //OP_1SUB
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt(checkMinVals) - 1)
case opcode == 0x8f: //OP_NEGATE
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(-stack.popInt(checkMinVals))
case opcode == 0x90: //OP_ABS
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
a := stack.popInt(checkMinVals)
if a < 0 {
stack.pushInt(-a)
} else {
stack.pushInt(a)
}
case opcode == 0x91: //OP_NOT
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushBool(stack.popInt(checkMinVals) == 0)
case opcode == 0x92: //OP_0NOTEQUAL
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
d := stack.pop()
if checkMinVals && len(d) > 1 {
if DBG_ERR {
fmt.Println("Not minimal bool value", hex.EncodeToString(d))
}
return false
}
stack.pushBool(bts2bool(d))
case opcode == 0x93 || //OP_ADD
opcode == 0x94 || //OP_SUB
opcode == 0x9a || //OP_BOOLAND
opcode == 0x9b || //OP_BOOLOR
opcode == 0x9c || opcode == 0x9d || //OP_NUMEQUAL || OP_NUMEQUALVERIFY
opcode == 0x9e || //OP_NUMNOTEQUAL
opcode == 0x9f || //OP_LESSTHAN
opcode == 0xa0 || //OP_GREATERTHAN
opcode == 0xa1 || //OP_LESSTHANOREQUAL
opcode == 0xa2 || //OP_GREATERTHANOREQUAL
opcode == 0xa3 || //OP_MIN
opcode == 0xa4: //OP_MAX
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
bn2 := stack.popInt(checkMinVals)
bn1 := stack.popInt(checkMinVals)
var bn int64
switch opcode {
case 0x93:
bn = bn1 + bn2 // OP_ADD
case 0x94:
bn = bn1 - bn2 // OP_SUB
case 0x9a:
bn = b2i(bn1 != 0 && bn2 != 0) // OP_BOOLAND
case 0x9b:
bn = b2i(bn1 != 0 || bn2 != 0) // OP_BOOLOR
case 0x9c:
bn = b2i(bn1 == bn2) // OP_NUMEQUAL
case 0x9d:
bn = b2i(bn1 == bn2) // OP_NUMEQUALVERIFY
case 0x9e:
bn = b2i(bn1 != bn2) // OP_NUMNOTEQUAL
case 0x9f:
bn = b2i(bn1 < bn2) // OP_LESSTHAN
case 0xa0:
bn = b2i(bn1 > bn2) // OP_GREATERTHAN
case 0xa1:
bn = b2i(bn1 <= bn2) // OP_LESSTHANOREQUAL
case 0xa2:
bn = b2i(bn1 >= bn2) // OP_GREATERTHANOREQUAL
case 0xa3: // OP_MIN
if bn1 < bn2 {
bn = bn1
} else {
bn = bn2
}
case 0xa4: // OP_MAX
if bn1 > bn2 {
bn = bn1
} else {
bn = bn2
}
default:
panic("invalid opcode")
}
if opcode == 0x9d { //OP_NUMEQUALVERIFY
if bn == 0 {
return false
}
} else {
stack.pushInt(bn)
}
case opcode == 0xa5: //OP_WITHIN
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
bn3 := stack.popInt(checkMinVals)
bn2 := stack.popInt(checkMinVals)
bn1 := stack.popInt(checkMinVals)
stack.pushBool(bn2 <= bn1 && bn1 < bn3)
case opcode == 0xa6: //OP_RIPEMD160
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
rim := ripemd160.New()
rim.Write(stack.pop()[:])
stack.push(rim.Sum(nil)[:])
case opcode == 0xa7: //OP_SHA1
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
sha := sha1.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa8: //OP_SHA256
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
sha := sha256.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa9: //OP_HASH160
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
rim160 := btc.Rimp160AfterSha256(stack.pop())
stack.push(rim160[:])
case opcode == 0xaa: //OP_HASH256
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
h := btc.Sha2Sum(stack.pop())
stack.push(h[:])
case opcode == 0xab: // OP_CODESEPARATOR
sta = idx
case opcode == 0xac || opcode == 0xad: // OP_CHECKSIG || OP_CHECKSIGVERIFY
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
var ok bool
pk := stack.pop()
si := stack.pop()
// BIP-0066
if !CheckSignatureEncoding(si, ver_flags) {
if DBG_ERR {
fmt.Println("Invalid Signature Encoding A")
}
return false
}
if len(si) > 0 {
sh := tx.SignatureHash(delSig(p[sta:], si), inp, int32(si[len(si)-1]))
ok = btc.EcdsaVerify(pk, si, sh)
}
if !ok && DBG_ERR {
if DBG_ERR {
fmt.Println("EcdsaVerify fail 1")
}
}
if DBG_SCR {
fmt.Println("ver:", ok)
}
if opcode == 0xad {
if !ok { // OP_CHECKSIGVERIFY
return false
}
} else { // OP_CHECKSIG
stack.pushBool(ok)
}
case opcode == 0xae || opcode == 0xaf: //OP_CHECKMULTISIG || OP_CHECKMULTISIGVERIFY
//fmt.Println("OP_CHECKMULTISIG ...")
//stack.print()
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short A")
}
return false
}
i := 1
keyscnt := stack.topInt(-i, checkMinVals)
if keyscnt < 0 || keyscnt > 20 {
fmt.Println("OP_CHECKMULTISIG: Wrong number of keys")
return false
}
opcnt += int(keyscnt)
if opcnt > 201 {
if DBG_ERR {
fmt.Println("evalScript: too many opcodes B")
}
return false
}
i++
ikey := i
i += int(keyscnt)
if stack.size() < i {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short B")
}
return false
}
sigscnt := stack.topInt(-i, checkMinVals)
if sigscnt < 0 || sigscnt > keyscnt {
fmt.Println("OP_CHECKMULTISIG: sigscnt error")
return false
}
i++
isig := i
i += int(sigscnt)
if stack.size() < i {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short C")
}
return false
}
xxx := p[sta:]
for k := 0; k < int(sigscnt); k++ {
xxx = delSig(xxx, stack.top(-isig-k))
}
success := true
for sigscnt > 0 {
pk := stack.top(-ikey)
si := stack.top(-isig)
// BIP-0066
if !CheckSignatureEncoding(si, ver_flags) {
if DBG_ERR {
fmt.Println("Invalid Signature Encoding B")
}
return false
}
if len(si) > 0 {
sh := tx.SignatureHash(xxx, inp, int32(si[len(si)-1]))
if btc.EcdsaVerify(pk, si, sh) {
isig++
sigscnt--
}
}
ikey++
keyscnt--
// If there are more signatures left than keys left,
// then too many signatures have failed
if sigscnt > keyscnt {
success = false
break
}
}
for i > 0 {
i--
stack.pop()
}
if opcode == 0xaf {
if !success { // OP_CHECKMULTISIGVERIFY
return false
}
} else {
stack.pushBool(success)
}
case opcode >= 0xb1: //OP_NOP2 or OP_CHECKLOCKTIMEVERIFY
if DBG_SCR {
println("OP_NOP2...")
}
if (ver_flags & VER_CLTV) == 0 {
break // Just do NOP2
}
if DBG_SCR {
println("OP_CHECKLOCKTIMEVERIFY...")
}
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: Stack too short")
}
return false
}
d := stack.top(-1)
if len(d) > 5 {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: locktime field too long", len(d))
}
return false
}
if DBG_SCR {
fmt.Println("val from stack", hex.EncodeToString(d))
}
locktime := bts2int_ext(d, 5, checkMinVals)
if locktime < 0 {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: negative locktime")
}
return false
}
if !((tx.Lock_time < LOCKTIME_THRESHOLD && locktime < LOCKTIME_THRESHOLD) ||
(tx.Lock_time >= LOCKTIME_THRESHOLD && locktime >= LOCKTIME_THRESHOLD)) {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: broken lock value")
}
return false
}
if DBG_SCR {
println("locktime > int64(tx.Lock_time)", locktime, int64(tx.Lock_time))
println(" ... seq", len(tx.TxIn), inp, tx.TxIn[inp].Sequence)
}
// Actually compare the specified lock time with the transaction.
if locktime > int64(tx.Lock_time) {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: Locktime requirement not satisfied")
}
return false
}
if tx.TxIn[inp].Sequence == 0xffffffff {
if DBG_ERR {
fmt.Println("OP_CHECKLOCKTIMEVERIFY: TxIn final")
}
return false
}
// OP_CHECKLOCKTIMEVERIFY passed successfully
case opcode >= 0xb0 || opcode >= 0xb2 && opcode <= 0xb9: //OP_NOP1 || OP_NOP3..OP_NOP10
// just do nothing
default:
if DBG_ERR {
fmt.Printf("Unhandled opcode 0x%02x - a handler must be implemented\n", opcode)
stack.print()
fmt.Println("Rest of the script:", hex.EncodeToString(p[idx:]))
}
return false
}
}
if DBG_SCR {
fmt.Printf("Finished Executing opcode 0x%02x\n", opcode)
stack.print()
}
if stack.size()+altstack.size() > 1000 {
if DBG_ERR {
fmt.Println("Stack too big")
}
return false
}
}
if DBG_SCR {
fmt.Println("END OF SCRIPT")
stack.print()
}
if exestack.size() > 0 {
if DBG_ERR {
fmt.Println("Unfinished if..")
}
return false
}
return true
}
// Calculate a unique 200-bits long hash of the address
func (a *StealthAddr) Hash160() []byte {
rim := ripemd160.New()
rim.Write(a.BytesNoPrefix())
return rim.Sum(nil)
}
// calculate hash160 which is ripemd160(sha256(data))
func CalcHash160(buf []byte) []byte {
return CalcHash(CalcHash(buf, sha256.New()), ripemd160.New())
}
// Hash160 calculates the hash ripemd160(sha256(b)).
func Hash160(buf []byte) []byte {
return calcHash(calcHash(buf, fastsha256.New()), ripemd160.New())
}
func main() {
h := ripemd160.New()
h.Write([]byte("Rosetta Code"))
fmt.Printf("%x\n", h.Sum(nil))
}
func publicKeyHash(key []byte) []byte {
s256 := sha256.Sum256(key)
ripemd160Hash := ripemd160.New()
ripemd160Hash.Write(s256[:])
return ripemd160Hash.Sum(nil)
}