func delSig(where, sig []byte) (res []byte) {
// recover the standard length
bb := new(bytes.Buffer)
if len(sig) < btc.OP_PUSHDATA1 {
bb.Write([]byte{byte(len(sig))})
} else if len(sig) <= 0xff {
bb.Write([]byte{btc.OP_PUSHDATA1})
bb.Write([]byte{byte(len(sig))})
} else if len(sig) <= 0xffff {
bb.Write([]byte{btc.OP_PUSHDATA2})
binary.Write(bb, binary.LittleEndian, uint16(len(sig)))
} else {
bb.Write([]byte{btc.OP_PUSHDATA4})
binary.Write(bb, binary.LittleEndian, uint32(len(sig)))
}
bb.Write(sig)
sig = bb.Bytes()
var idx int
for idx < len(where) {
_, _, n, e := btc.GetOpcode(where[idx:])
if e != nil {
fmt.Println(e.Error())
fmt.Println("B", idx, hex.EncodeToString(where))
return
}
if !bytes.Equal(where[idx:idx+n], sig) {
res = append(res, where[idx:idx+n]...)
}
idx += n
}
return
}
func IsPushOnly(scr []byte) bool {
idx := 0
for idx < len(scr) {
op, _, n, e := btc.GetOpcode(scr[idx:])
if e != nil {
return false
}
if op > btc.OP_16 {
return false
}
idx += n
}
return true
}
func evalScript(p []byte, stack *scrStack, tx *btc.Tx, inp int, ver_flags uint32) bool {
if DBG_SCR {
fmt.Println("script len", len(p))
}
if len(p) > 10000 {
if DBG_ERR {
fmt.Println("script too long", len(p))
}
return false
}
defer func() {
if r := recover(); r != nil {
if DBG_ERR {
err, ok := r.(error)
if !ok {
err = fmt.Errorf("pkg: %v", r)
}
fmt.Println("evalScript panic:", err.Error())
fmt.Println(string(debug.Stack()))
}
}
}()
var exestack scrStack
var altstack scrStack
sta, idx, opcnt := 0, 0, 0
for idx < len(p) {
inexec := exestack.nofalse()
// Read instruction
opcode, pushval, n, e := btc.GetOpcode(p[idx:])
if e != nil {
//fmt.Println(e.Error())
//fmt.Println("A", idx, hex.EncodeToString(p))
return false
}
idx += n
if DBG_SCR {
fmt.Printf("\nExecuting opcode 0x%02x n=%d inexec:%t push:%s..\n",
opcode, n, inexec, hex.EncodeToString(pushval))
stack.print()
}
if pushval != nil && len(pushval) > btc.MAX_SCRIPT_ELEMENT_SIZE {
if DBG_ERR {
fmt.Println("pushval too long", len(pushval))
}
return false
}
if opcode > 0x60 {
opcnt++
if opcnt > 201 {
if DBG_ERR {
fmt.Println("evalScript: too many opcodes A")
}
return false
}
}
if opcode == 0x7e /*OP_CAT*/ ||
opcode == 0x7f /*OP_SUBSTR*/ ||
opcode == 0x80 /*OP_LEFT*/ ||
opcode == 0x81 /*OP_RIGHT*/ ||
opcode == 0x83 /*OP_INVERT*/ ||
opcode == 0x84 /*OP_AND*/ ||
opcode == 0x85 /*OP_OR*/ ||
opcode == 0x86 /*OP_XOR*/ ||
opcode == 0x8d /*OP_2MUL*/ ||
opcode == 0x8e /*OP_2DIV*/ ||
opcode == 0x95 /*OP_MUL*/ ||
opcode == 0x96 /*OP_DIV*/ ||
opcode == 0x97 /*OP_MOD*/ ||
opcode == 0x98 /*OP_LSHIFT*/ ||
opcode == 0x99 /*OP_RSHIFT*/ {
if DBG_ERR {
fmt.Println("Unsupported opcode", opcode)
}
return false
}
if inexec && 0 <= opcode && opcode <= btc.OP_PUSHDATA4 {
stack.push(pushval)
if DBG_SCR {
fmt.Println("pushed", len(pushval), "bytes")
}
} else if inexec || (0x63 /*OP_IF*/ <= opcode && opcode <= 0x68 /*OP_ENDIF*/) {
switch {
case opcode == 0x4f: // OP_1NEGATE
stack.pushInt(-1)
case opcode >= 0x51 && opcode <= 0x60: // OP_1-OP_16
stack.pushInt(int64(opcode - 0x50))
case opcode == 0x61: // OP_NOP
// Do nothing
/* - not handled
OP_VER = 0x62
*/
case opcode == 0x63 || opcode == 0x64: //OP_IF || OP_NOTIF
// <expression> if [statements] [else [statements]] endif
val := false
if inexec {
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for", opcode)
}
return false
}
if opcode == 0x63 /*OP_IF*/ {
val = stack.popBool()
} else {
val = !stack.popBool()
}
}
if DBG_SCR {
fmt.Println(inexec, "if pushing", val, "...")
}
exestack.pushBool(val)
/* - not handled
OP_VERIF = 0x65,
OP_VERNOTIF = 0x66,
*/
case opcode == 0x67: //OP_ELSE
if exestack.size() == 0 {
if DBG_ERR {
fmt.Println("exestack empty in OP_ELSE")
}
}
exestack.pushBool(!exestack.popBool())
case opcode == 0x68: //OP_ENDIF
if exestack.size() == 0 {
if DBG_ERR {
fmt.Println("exestack empty in OP_ENDIF")
}
}
exestack.pop()
case opcode == 0x69: //OP_VERIFY
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
if !stack.topBool(-1) {
return false
}
stack.pop()
case opcode == 0x6b: //OP_TOALTSTACK
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
altstack.push(stack.pop())
case opcode == 0x6c: //OP_FROMALTSTACK
if altstack.size() < 1 {
if DBG_ERR {
fmt.Println("AltStack too short for opcode", opcode)
}
return false
}
stack.push(altstack.pop())
case opcode == 0x6d: //OP_2DROP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
stack.pop()
case opcode == 0x6e: //OP_2DUP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-1)
x2 := stack.top(-2)
stack.push(x2)
stack.push(x1)
case opcode == 0x6f: //OP_3DUP
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-3)
x2 := stack.top(-2)
x3 := stack.top(-1)
stack.push(x1)
stack.push(x2)
stack.push(x3)
case opcode == 0x70: //OP_2OVER
if stack.size() < 4 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.top(-4)
x2 := stack.top(-3)
stack.push(x1)
stack.push(x2)
case opcode == 0x71: //OP_2ROT
// (x1 x2 x3 x4 x5 x6 -- x3 x4 x5 x6 x1 x2)
if stack.size() < 6 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x6 := stack.pop()
x5 := stack.pop()
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x5)
stack.push(x6)
stack.push(x1)
stack.push(x2)
case opcode == 0x72: //OP_2SWAP
// (x1 x2 x3 x4 -- x3 x4 x1 x2)
if stack.size() < 4 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x4 := stack.pop()
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x3)
stack.push(x4)
stack.push(x1)
stack.push(x2)
case opcode == 0x73: //OP_IFDUP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
if stack.topBool(-1) {
stack.push(stack.top(-1))
}
case opcode == 0x74: //OP_DEPTH
stack.pushInt(int64(stack.size()))
case opcode == 0x75: //OP_DROP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pop()
case opcode == 0x76: //OP_DUP
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
el := stack.pop()
stack.push(el)
stack.push(el)
case opcode == 0x77: //OP_NIP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x := stack.pop()
stack.pop()
stack.push(x)
case opcode == 0x78: //OP_OVER
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.push(stack.top(-2))
case opcode == 0x79 || opcode == 0x7a: //OP_PICK || OP_ROLL
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
n := stack.popInt()
if n < 0 || n >= int64(stack.size()) {
if DBG_ERR {
fmt.Println("Wrong n for opcode", opcode)
}
return false
}
if opcode == 0x79 /*OP_PICK*/ {
stack.push(stack.top(int(-1 - n)))
} else if n > 0 {
tmp := make([][]byte, n)
for i := range tmp {
tmp[i] = stack.pop()
}
xn := stack.pop()
for i := len(tmp) - 1; i >= 0; i-- {
stack.push(tmp[i])
}
stack.push(xn)
}
case opcode == 0x7b: //OP_ROT
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x3 := stack.pop()
x2 := stack.pop()
x1 := stack.pop()
stack.push(x2)
stack.push(x3)
stack.push(x1)
case opcode == 0x7c: //OP_SWAP
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
case opcode == 0x7d: //OP_TUCK
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
x1 := stack.pop()
x2 := stack.pop()
stack.push(x1)
stack.push(x2)
stack.push(x1)
case opcode == 0x82: //OP_SIZE
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(int64(len(stack.top(-1))))
case opcode == 0x87 || opcode == 0x88: //OP_EQUAL || OP_EQUALVERIFY
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
a := stack.pop()
b := stack.pop()
if opcode == 0x88 { //OP_EQUALVERIFY
if !bytes.Equal(a, b) {
return false
}
} else {
stack.pushBool(bytes.Equal(a, b))
}
/* - not handled
OP_RESERVED1 = 0x89,
OP_RESERVED2 = 0x8a,
*/
case opcode == 0x8b: //OP_1ADD
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt() + 1)
case opcode == 0x8c: //OP_1SUB
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(stack.popInt() - 1)
case opcode == 0x8f: //OP_NEGATE
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushInt(-stack.popInt())
case opcode == 0x90: //OP_ABS
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
a := stack.popInt()
if a < 0 {
stack.pushInt(-a)
} else {
stack.pushInt(a)
}
case opcode == 0x91: //OP_NOT
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushBool(stack.popInt() == 0)
case opcode == 0x92: //OP_0NOTEQUAL
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
stack.pushBool(stack.popBool())
case opcode == 0x93 || //OP_ADD
opcode == 0x94 || //OP_SUB
opcode == 0x9a || //OP_BOOLAND
opcode == 0x9b || //OP_BOOLOR
opcode == 0x9c || opcode == 0x9d || //OP_NUMEQUAL || OP_NUMEQUALVERIFY
opcode == 0x9e || //OP_NUMNOTEQUAL
opcode == 0x9f || //OP_LESSTHAN
opcode == 0xa0 || //OP_GREATERTHAN
opcode == 0xa1 || //OP_LESSTHANOREQUAL
opcode == 0xa2 || //OP_GREATERTHANOREQUAL
opcode == 0xa3 || //OP_MIN
opcode == 0xa4: //OP_MAX
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
bn2 := stack.popInt()
bn1 := stack.popInt()
var bn int64
switch opcode {
case 0x93:
bn = bn1 + bn2 // OP_ADD
case 0x94:
bn = bn1 - bn2 // OP_SUB
case 0x9a:
bn = b2i(bn1 != 0 && bn2 != 0) // OP_BOOLAND
case 0x9b:
bn = b2i(bn1 != 0 || bn2 != 0) // OP_BOOLOR
case 0x9c:
bn = b2i(bn1 == bn2) // OP_NUMEQUAL
case 0x9d:
bn = b2i(bn1 == bn2) // OP_NUMEQUALVERIFY
case 0x9e:
bn = b2i(bn1 != bn2) // OP_NUMNOTEQUAL
case 0x9f:
bn = b2i(bn1 < bn2) // OP_LESSTHAN
case 0xa0:
bn = b2i(bn1 > bn2) // OP_GREATERTHAN
case 0xa1:
bn = b2i(bn1 <= bn2) // OP_LESSTHANOREQUAL
case 0xa2:
bn = b2i(bn1 >= bn2) // OP_GREATERTHANOREQUAL
case 0xa3: // OP_MIN
if bn1 < bn2 {
bn = bn1
} else {
bn = bn2
}
case 0xa4: // OP_MAX
if bn1 > bn2 {
bn = bn1
} else {
bn = bn2
}
default:
panic("invalid opcode")
}
if opcode == 0x9d { //OP_NUMEQUALVERIFY
if bn == 0 {
return false
}
} else {
stack.pushInt(bn)
}
case opcode == 0xa5: //OP_WITHIN
if stack.size() < 3 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
bn3 := stack.popInt()
bn2 := stack.popInt()
bn1 := stack.popInt()
stack.pushBool(bn2 <= bn1 && bn1 < bn3)
case opcode == 0xa6: //OP_RIPEMD160
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
rim := ripemd160.New()
rim.Write(stack.pop()[:])
stack.push(rim.Sum(nil)[:])
case opcode == 0xa7: //OP_SHA1
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
sha := sha1.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa8: //OP_SHA256
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
sha := sha256.New()
sha.Write(stack.pop()[:])
stack.push(sha.Sum(nil)[:])
case opcode == 0xa9: //OP_HASH160
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
rim160 := btc.Rimp160AfterSha256(stack.pop())
stack.push(rim160[:])
case opcode == 0xaa: //OP_HASH256
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
h := btc.Sha2Sum(stack.pop())
stack.push(h[:])
case opcode == 0xab: // OP_CODESEPARATOR
sta = idx
case opcode == 0xac || opcode == 0xad: // OP_CHECKSIG || OP_CHECKSIGVERIFY
if stack.size() < 2 {
if DBG_ERR {
fmt.Println("Stack too short for opcode", opcode)
}
return false
}
var ok bool
pk := stack.pop()
si := stack.pop()
// BIP-0066
if !CheckSignatureEncoding(si, ver_flags) {
if DBG_ERR {
fmt.Println("Invalid Signature Encoding A")
}
return false
}
if len(si) > 0 {
sh := tx.SignatureHash(delSig(p[sta:], si), inp, int32(si[len(si)-1]))
ok = btc.EcdsaVerify(pk, si, sh)
}
if !ok && DBG_ERR {
if DBG_ERR {
fmt.Println("EcdsaVerify fail 1")
}
}
if DBG_SCR {
fmt.Println("ver:", ok)
}
if opcode == 0xad {
if !ok { // OP_CHECKSIGVERIFY
return false
}
} else { // OP_CHECKSIG
stack.pushBool(ok)
}
case opcode == 0xae || opcode == 0xaf: //OP_CHECKMULTISIG || OP_CHECKMULTISIGVERIFY
//fmt.Println("OP_CHECKMULTISIG ...")
//stack.print()
if stack.size() < 1 {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short A")
}
return false
}
i := 1
keyscnt := stack.topInt(-i)
if keyscnt < 0 || keyscnt > 20 {
fmt.Println("OP_CHECKMULTISIG: Wrong number of keys")
return false
}
opcnt += int(keyscnt)
if opcnt > 201 {
if DBG_ERR {
fmt.Println("evalScript: too many opcodes B")
}
return false
}
i++
ikey := i
i += int(keyscnt)
if stack.size() < i {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short B")
}
return false
}
sigscnt := stack.topInt(-i)
if sigscnt < 0 || sigscnt > keyscnt {
fmt.Println("OP_CHECKMULTISIG: sigscnt error")
return false
}
i++
isig := i
i += int(sigscnt)
if stack.size() < i {
if DBG_ERR {
fmt.Println("OP_CHECKMULTISIG: Stack too short C")
}
return false
}
xxx := p[sta:]
for k := 0; k < int(sigscnt); k++ {
xxx = delSig(xxx, stack.top(-isig-k))
}
success := true
for sigscnt > 0 {
pk := stack.top(-ikey)
si := stack.top(-isig)
// BIP-0066
if !CheckSignatureEncoding(si, ver_flags) {
if DBG_ERR {
fmt.Println("Invalid Signature Encoding B")
}
return false
}
if len(si) > 0 {
sh := tx.SignatureHash(xxx, inp, int32(si[len(si)-1]))
if btc.EcdsaVerify(pk, si, sh) {
isig++
sigscnt--
}
}
ikey++
keyscnt--
// If there are more signatures left than keys left,
// then too many signatures have failed
if sigscnt > keyscnt {
success = false
break
}
}
for i > 0 {
i--
stack.pop()
}
if opcode == 0xaf {
if !success { // OP_CHECKMULTISIGVERIFY
return false
}
} else {
stack.pushBool(success)
}
case opcode >= 0xb0 && opcode <= 0xb9: //OP_NOP
// just do nothing
default:
if DBG_ERR {
fmt.Printf("Unhandled opcode 0x%02x - a handler must be implemented\n", opcode)
stack.print()
fmt.Println("Rest of the script:", hex.EncodeToString(p[idx:]))
}
return false
}
}
if DBG_SCR {
fmt.Printf("Finished Executing opcode 0x%02x\n", opcode)
stack.print()
}
if stack.size()+altstack.size() > 1000 {
if DBG_ERR {
fmt.Println("Stack too big")
}
return false
}
}
if DBG_SCR {
fmt.Println("END OF SCRIPT")
stack.print()
}
if exestack.size() > 0 {
if DBG_ERR {
fmt.Println("Unfinished if..")
}
return false
}
return true
}