func signAndCheck(msg string, tx *wire.MsgTx, idx int, pkScript []byte,
hashType txscript.SigHashType, kdb txscript.KeyDB, sdb txscript.ScriptDB,
previousScript []byte) error {
sigScript, err := txscript.SignTxOutput(&chaincfg.TestNet3Params, tx,
idx, pkScript, hashType, kdb, sdb, nil)
if err != nil {
return fmt.Errorf("failed to sign output %s: %v", msg, err)
}
return checkScripts(msg, tx, idx, sigScript, pkScript)
}
// AddAllInputScripts modifies a transaction by adding inputs scripts for each
// input. Previous output scripts being redeemed by each input are passed in
// prevPkScripts and the slice length must match the number of inputs. Private
// keys and redeem scripts are looked up using a SecretsSource based on the
// previous output script.
func AddAllInputScripts(tx *wire.MsgTx, prevPkScripts [][]byte, secrets SecretsSource) error {
inputs := tx.TxIn
chainParams := secrets.ChainParams()
if len(inputs) != len(prevPkScripts) {
return errors.New("tx.TxIn and prevPkScripts slices must " +
"have equal length")
}
for i := range inputs {
pkScript := prevPkScripts[i]
sigScript := inputs[i].SignatureScript
script, err := txscript.SignTxOutput(chainParams, tx, i,
pkScript, txscript.SigHashAll, secrets, secrets,
sigScript)
if err != nil {
return err
}
inputs[i].SignatureScript = script
}
return nil
}
func TestSignTxOutput(t *testing.T) {
t.Parallel()
// make key
// make script based on key.
// sign with magic pixie dust.
hashTypes := []txscript.SigHashType{
txscript.SigHashOld, // no longer used but should act like all
txscript.SigHashAll,
txscript.SigHashNone,
txscript.SigHashSingle,
txscript.SigHashAll | txscript.SigHashAnyOneCanPay,
txscript.SigHashNone | txscript.SigHashAnyOneCanPay,
txscript.SigHashSingle | txscript.SigHashAnyOneCanPay,
}
tx := &wire.MsgTx{
Version: 1,
TxIn: []*wire.TxIn{
{
PreviousOutPoint: wire.OutPoint{
Hash: wire.ShaHash{},
Index: 0,
},
Sequence: 4294967295,
},
{
PreviousOutPoint: wire.OutPoint{
Hash: wire.ShaHash{},
Index: 1,
},
Sequence: 4294967295,
},
{
PreviousOutPoint: wire.OutPoint{
Hash: wire.ShaHash{},
Index: 2,
},
Sequence: 4294967295,
},
},
TxOut: []*wire.TxOut{
{
Value: 1,
},
{
Value: 2,
},
{
Value: 3,
},
},
LockTime: 0,
}
// Pay to Pubkey Hash (uncompressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
if err := signAndCheck(msg, tx, i, pkScript, hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to Pubkey Hash (uncompressed) (merging with correct)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), sigScript)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, pkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to Pubkey Hash (compressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
if err := signAndCheck(msg, tx, i, pkScript, hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to Pubkey Hash (compressed) with duplicate merge
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), sigScript)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, pkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to PubKey (uncompressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
if err := signAndCheck(msg, tx, i, pkScript, hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to PubKey (uncompressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(nil), sigScript)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, pkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to PubKey (compressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
if err := signAndCheck(msg, tx, i, pkScript, hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to PubKey (compressed) with duplicate merge
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, pkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(nil), sigScript)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, pkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// As before, but with p2sh now.
// Pay to Pubkey Hash (uncompressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
break
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
if err := signAndCheck(msg, tx, i, scriptPkScript,
hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to Pubkey Hash (uncompressed) with duplicate merge
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
break
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, scriptPkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to Pubkey Hash (compressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
if err := signAndCheck(msg, tx, i, scriptPkScript,
hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to Pubkey Hash (compressed) with duplicate merge
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKeyHash(
btcutil.Hash160(pk), &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, scriptPkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to PubKey (uncompressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
if err := signAndCheck(msg, tx, i, scriptPkScript,
hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to PubKey (uncompressed) with duplicate merge
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeUncompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, false},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, scriptPkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Pay to PubKey (compressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
if err := signAndCheck(msg, tx, i, scriptPkScript,
hashType,
mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil); err != nil {
t.Error(err)
break
}
}
}
// Pay to PubKey (compressed)
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk := (*btcec.PublicKey)(&key.PublicKey).
SerializeCompressed()
address, err := btcutil.NewAddressPubKey(pk,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
pkScript, err := txscript.PayToAddrScript(address)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// by the above loop, this should be valid, now sign
// again and merge.
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address.EncodeAddress(): {key, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s a "+
"second time: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript, scriptPkScript)
if err != nil {
t.Errorf("twice signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Basic Multisig
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key1, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk1 := (*btcec.PublicKey)(&key1.PublicKey).
SerializeCompressed()
address1, err := btcutil.NewAddressPubKey(pk1,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
key2, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey 2 for %s: %v",
msg, err)
break
}
pk2 := (*btcec.PublicKey)(&key2.PublicKey).
SerializeCompressed()
address2, err := btcutil.NewAddressPubKey(pk2,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address 2 for %s: %v",
msg, err)
break
}
pkScript, err := txscript.MultiSigScript(
[]*btcutil.AddressPubKey{address1, address2},
2)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
if err := signAndCheck(msg, tx, i, scriptPkScript,
hashType,
mkGetKey(map[string]addressToKey{
address1.EncodeAddress(): {key1, true},
address2.EncodeAddress(): {key2, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil); err != nil {
t.Error(err)
break
}
}
}
// Two part multisig, sign with one key then the other.
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key1, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk1 := (*btcec.PublicKey)(&key1.PublicKey).
SerializeCompressed()
address1, err := btcutil.NewAddressPubKey(pk1,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
key2, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey 2 for %s: %v",
msg, err)
break
}
pk2 := (*btcec.PublicKey)(&key2.PublicKey).
SerializeCompressed()
address2, err := btcutil.NewAddressPubKey(pk2,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address 2 for %s: %v",
msg, err)
break
}
pkScript, err := txscript.MultiSigScript(
[]*btcutil.AddressPubKey{address1, address2},
2)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address1.EncodeAddress(): {key1, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// Only 1 out of 2 signed, this *should* fail.
if checkScripts(msg, tx, i, sigScript,
scriptPkScript) == nil {
t.Errorf("part signed script valid for %s", msg)
break
}
// Sign with the other key and merge
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address2.EncodeAddress(): {key2, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), sigScript)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg, err)
break
}
err = checkScripts(msg, tx, i, sigScript,
scriptPkScript)
if err != nil {
t.Errorf("fully signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
// Two part multisig, sign with one key then both, check key dedup
// correctly.
for _, hashType := range hashTypes {
for i := range tx.TxIn {
msg := fmt.Sprintf("%d:%d", hashType, i)
key1, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey for %s: %v",
msg, err)
break
}
pk1 := (*btcec.PublicKey)(&key1.PublicKey).
SerializeCompressed()
address1, err := btcutil.NewAddressPubKey(pk1,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address for %s: %v",
msg, err)
break
}
key2, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
t.Errorf("failed to make privKey 2 for %s: %v",
msg, err)
break
}
pk2 := (*btcec.PublicKey)(&key2.PublicKey).
SerializeCompressed()
address2, err := btcutil.NewAddressPubKey(pk2,
&chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make address 2 for %s: %v",
msg, err)
break
}
pkScript, err := txscript.MultiSigScript(
[]*btcutil.AddressPubKey{address1, address2},
2)
if err != nil {
t.Errorf("failed to make pkscript "+
"for %s: %v", msg, err)
}
scriptAddr, err := btcutil.NewAddressScriptHash(
pkScript, &chaincfg.TestNet3Params)
if err != nil {
t.Errorf("failed to make p2sh addr for %s: %v",
msg, err)
break
}
scriptPkScript, err := txscript.PayToAddrScript(
scriptAddr)
if err != nil {
t.Errorf("failed to make script pkscript for "+
"%s: %v", msg, err)
break
}
sigScript, err := txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address1.EncodeAddress(): {key1, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), nil)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg,
err)
break
}
// Only 1 out of 2 signed, this *should* fail.
if checkScripts(msg, tx, i, sigScript,
scriptPkScript) == nil {
t.Errorf("part signed script valid for %s", msg)
break
}
// Sign with the other key and merge
sigScript, err = txscript.SignTxOutput(
&chaincfg.TestNet3Params, tx, i, scriptPkScript,
hashType, mkGetKey(map[string]addressToKey{
address1.EncodeAddress(): {key1, true},
address2.EncodeAddress(): {key2, true},
}), mkGetScript(map[string][]byte{
scriptAddr.EncodeAddress(): pkScript,
}), sigScript)
if err != nil {
t.Errorf("failed to sign output %s: %v", msg, err)
break
}
// Now we should pass.
err = checkScripts(msg, tx, i, sigScript,
scriptPkScript)
if err != nil {
t.Errorf("fully signed script invalid for "+
"%s: %v", msg, err)
break
}
}
}
}
// This example demonstrates manually creating and signing a redeem transaction.
func ExampleSignTxOutput() {
// Ordinarily the private key would come from whatever storage mechanism
// is being used, but for this example just hard code it.
privKeyBytes, err := hex.DecodeString("22a47fa09a223f2aa079edf85a7c2" +
"d4f8720ee63e502ee2869afab7de234b80c")
if err != nil {
fmt.Println(err)
return
}
privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), privKeyBytes)
pubKeyHash := btcutil.Hash160(pubKey.SerializeCompressed())
addr, err := btcutil.NewAddressPubKeyHash(pubKeyHash,
&chaincfg.MainNetParams)
if err != nil {
fmt.Println(err)
return
}
// For this example, create a fake transaction that represents what
// would ordinarily be the real transaction that is being spent. It
// contains a single output that pays to address in the amount of 1 BTC.
originTx := wire.NewMsgTx()
prevOut := wire.NewOutPoint(&wire.ShaHash{}, ^uint32(0))
txIn := wire.NewTxIn(prevOut, []byte{txscript.OP_0, txscript.OP_0})
originTx.AddTxIn(txIn)
pkScript, err := txscript.PayToAddrScript(addr)
if err != nil {
fmt.Println(err)
return
}
txOut := wire.NewTxOut(100000000, pkScript)
originTx.AddTxOut(txOut)
originTxHash, err := originTx.TxSha()
if err != nil {
fmt.Println(err)
return
}
// Create the transaction to redeem the fake transaction.
redeemTx := wire.NewMsgTx()
// Add the input(s) the redeeming transaction will spend. There is no
// signature script at this point since it hasn't been created or signed
// yet, hence nil is provided for it.
prevOut = wire.NewOutPoint(&originTxHash, 0)
txIn = wire.NewTxIn(prevOut, nil)
redeemTx.AddTxIn(txIn)
// Ordinarily this would contain that actual destination of the funds,
// but for this example don't bother.
txOut = wire.NewTxOut(0, nil)
redeemTx.AddTxOut(txOut)
// Sign the redeeming transaction.
lookupKey := func(a btcutil.Address) (*btcec.PrivateKey, bool, error) {
// Ordinarily this function would involve looking up the private
// key for the provided address, but since the only thing being
// signed in this example uses the address associated with the
// private key from above, simply return it with the compressed
// flag set since the address is using the associated compressed
// public key.
//
// NOTE: If you want to prove the code is actually signing the
// transaction properly, uncomment the following line which
// intentionally returns an invalid key to sign with, which in
// turn will result in a failure during the script execution
// when verifying the signature.
//
// privKey.D.SetInt64(12345)
//
return privKey, true, nil
}
// Notice that the script database parameter is nil here since it isn't
// used. It must be specified when pay-to-script-hash transactions are
// being signed.
sigScript, err := txscript.SignTxOutput(&chaincfg.MainNetParams,
redeemTx, 0, originTx.TxOut[0].PkScript, txscript.SigHashAll,
txscript.KeyClosure(lookupKey), nil, nil)
if err != nil {
fmt.Println(err)
return
}
redeemTx.TxIn[0].SignatureScript = sigScript
// Prove that the transaction has been validly signed by executing the
// script pair.
flags := txscript.ScriptBip16 | txscript.ScriptVerifyDERSignatures |
txscript.ScriptStrictMultiSig |
txscript.ScriptDiscourageUpgradableNops
s, err := txscript.NewScript(redeemTx.TxIn[0].SignatureScript,
originTx.TxOut[0].PkScript, 0, redeemTx, flags)
if err != nil {
fmt.Println(err)
return
}
if err := s.Execute(); err != nil {
fmt.Println(err)
return
}
fmt.Println("Transaction successfully signed")
// Output:
// Transaction successfully signed
}
func (w *LibbitcoinWallet) Spend(amount int64, addr btc.Address, feeLevel bitcoin.FeeLevel) error {
// Check for dust
script, _ := txscript.PayToAddrScript(addr)
if txrules.IsDustAmount(btc.Amount(amount), len(script), txrules.DefaultRelayFeePerKb) {
return errors.New("Amount is below dust threshold")
}
var additionalPrevScripts map[wire.OutPoint][]byte
var additionalKeysByAddress map[string]*btc.WIF
// Create input source
coinMap := w.gatherCoins()
coins := make([]coinset.Coin, 0, len(coinMap))
for k := range coinMap {
coins = append(coins, k)
}
inputSource := func(target btc.Amount) (total btc.Amount, inputs []*wire.TxIn, scripts [][]byte, err error) {
// TODO: maybe change the coin selection algorithm? We're using min coins right now because
// TODO: we don't know the number of confirmations on each coin without querying the libbitcoin server.
coinSelector := coinset.MinNumberCoinSelector{MaxInputs: 10000, MinChangeAmount: btc.Amount(10000)}
coins, err := coinSelector.CoinSelect(target, coins)
if err != nil {
return total, inputs, scripts, errors.New("insuffient funds")
}
additionalPrevScripts = make(map[wire.OutPoint][]byte)
additionalKeysByAddress = make(map[string]*btc.WIF)
for _, c := range coins.Coins() {
total += c.Value()
outpoint := wire.NewOutPoint(c.Hash(), c.Index())
in := wire.NewTxIn(outpoint, []byte{})
in.Sequence = 0 // Opt-in RBF so we can bump fees
inputs = append(inputs, in)
additionalPrevScripts[*outpoint] = c.PkScript()
key := coinMap[c]
addr, _ := btc.NewAddressPubKey(key.PublicKey().Key, w.params)
pk, _ := btcec.PrivKeyFromBytes(btcec.S256(), key.Key)
wif, _ := btc.NewWIF(pk, w.params, true)
additionalKeysByAddress[addr.AddressPubKeyHash().EncodeAddress()] = wif
}
return total, inputs, scripts, nil
}
// Get the fee per kilobyte
feePerKB := int64(w.getFeePerByte(feeLevel)) * 1000
// outputs
out := wire.NewTxOut(amount, script)
// Create change source
changeSource := func() ([]byte, error) {
addr := w.GetCurrentAddress(bitcoin.CHANGE)
script, err := txscript.PayToAddrScript(addr)
if err != nil {
return []byte{}, err
}
return script, nil
}
authoredTx, err := txauthor.NewUnsignedTransaction([]*wire.TxOut{out}, btc.Amount(feePerKB), inputSource, changeSource)
if err != nil {
return err
}
// BIP 69 sorting
txsort.InPlaceSort(authoredTx.Tx)
// Sign tx
getKey := txscript.KeyClosure(func(addr btc.Address) (
*btcec.PrivateKey, bool, error) {
addrStr := addr.EncodeAddress()
wif := additionalKeysByAddress[addrStr]
return wif.PrivKey, wif.CompressPubKey, nil
})
getScript := txscript.ScriptClosure(func(
addr btc.Address) ([]byte, error) {
return []byte{}, nil
})
for i, txIn := range authoredTx.Tx.TxIn {
prevOutScript := additionalPrevScripts[txIn.PreviousOutPoint]
script, err := txscript.SignTxOutput(w.params,
authoredTx.Tx, i, prevOutScript, txscript.SigHashAll, getKey,
getScript, txIn.SignatureScript)
if err != nil {
return errors.New("Failed to sign transaction")
}
txIn.SignatureScript = script
}
// Broadcast tx to bitcoin network
serializedTx := new(bytes.Buffer)
authoredTx.Tx.Serialize(serializedTx)
w.Client.Broadcast(serializedTx.Bytes(), func(i interface{}, err error) {
if err == nil {
log.Infof("Broadcast tx %s to bitcoin network\n", authoredTx.Tx.TxSha().String())
} else {
log.Errorf("Failed to broadcast tx, reason: %s\n", err)
}
})
// Update the db
w.ProcessTransaction(btc.NewTx(authoredTx.Tx), 0)
return nil
}