PIVX Core  5.6.99
P2P Digital Currency
sighash_tests.cpp
Go to the documentation of this file.
1 // Copyright (c) 2013 The Bitcoin Core developers
2 // Copyright (c) 2017-2022 The PIVX Core developers
3 // Distributed under the MIT/X11 software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 
6 #include "test/test_pivx.h"
7 
8 #include "test/data/sighash.json.h"
9 
10 #include "consensus/tx_verify.h"
11 #include "serialize.h"
12 #include "script/script.h"
13 #include "script/interpreter.h"
14 #include "util/system.h"
15 #include "validation.h"
16 #include "version.h"
17 
18 #include <iostream>
19 
20 #include <boost/test/unit_test.hpp>
21 
22 #include <univalue.h>
23 
24 extern UniValue read_json(const std::string& jsondata);
25 
26 // Old script.cpp SignatureHash function
27 uint256 static SignatureHashOld(CScript scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType)
28 {
29  if (nIn >= txTo.vin.size())
30  {
31  printf("ERROR: SignatureHash() : nIn=%d out of range\n", nIn);
32  return UINT256_ONE;
33  }
34  CMutableTransaction txTmp(txTo);
35 
36  // In case concatenating two scripts ends up with two codeseparators,
37  // or an extra one at the end, this prevents all those possible incompatibilities.
38  scriptCode.FindAndDelete(CScript(OP_CODESEPARATOR));
39 
40  // Blank out other inputs' signatures
41  for (unsigned int i = 0; i < txTmp.vin.size(); i++)
42  txTmp.vin[i].scriptSig = CScript();
43  txTmp.vin[nIn].scriptSig = scriptCode;
44 
45  // Blank out some of the outputs
46  if ((nHashType & 0x1f) == SIGHASH_NONE)
47  {
48  // Wildcard payee
49  txTmp.vout.clear();
50 
51  // Let the others update at will
52  for (unsigned int i = 0; i < txTmp.vin.size(); i++)
53  if (i != nIn)
54  txTmp.vin[i].nSequence = 0;
55  }
56  else if ((nHashType & 0x1f) == SIGHASH_SINGLE)
57  {
58  // Only lock-in the txout payee at same index as txin
59  unsigned int nOut = nIn;
60  if (nOut >= txTmp.vout.size())
61  {
62  printf("ERROR: SignatureHash() : nOut=%d out of range\n", nOut);
63  return UINT256_ONE;
64  }
65  txTmp.vout.resize(nOut+1);
66  for (unsigned int i = 0; i < nOut; i++)
67  txTmp.vout[i].SetNull();
68 
69  // Let the others update at will
70  for (unsigned int i = 0; i < txTmp.vin.size(); i++)
71  if (i != nIn)
72  txTmp.vin[i].nSequence = 0;
73  }
74 
75  // Blank out other inputs completely, not recommended for open transactions
76  if (nHashType & SIGHASH_ANYONECANPAY)
77  {
78  txTmp.vin[0] = txTmp.vin[nIn];
79  txTmp.vin.resize(1);
80  }
81 
82  // Serialize and hash
83  CHashWriter ss(SER_GETHASH, 0);
84  ss << txTmp << nHashType;
85  return ss.GetHash();
86 }
87 
88 void static RandomScript(CScript &script) {
89  static const opcodetype oplist[] = {OP_FALSE, OP_1, OP_2, OP_3, OP_CHECKSIG, OP_IF, OP_VERIF, OP_RETURN, OP_CODESEPARATOR};
90  script = CScript();
91  int ops = (InsecureRandRange(10));
92  for (int i=0; i<ops; i++)
93  script << oplist[InsecureRandRange(sizeof(oplist)/sizeof(oplist[0]))];
94 }
95 
96 void static RandomTransaction(CMutableTransaction &tx, bool fSingle) {
97  bool isSapling = !(InsecureRand32() % 7);
98  tx.nVersion = isSapling ? CTransaction::TxVersion::SAPLING : CTransaction::TxVersion::LEGACY;
99  tx.vin.clear();
100  tx.vout.clear();
101  tx.sapData->vShieldedSpend.clear();
102  tx.sapData->vShieldedOutput.clear();
103  tx.nLockTime = (InsecureRandBool()) ? InsecureRand32() : 0;
104  int ins = (InsecureRandBits(2)) + 1;
105  int outs = fSingle ? ins : (InsecureRandBits(2)) + 1;
106  for (int in = 0; in < ins; in++) {
107  tx.vin.emplace_back();
108  CTxIn &txin = tx.vin.back();
109  txin.prevout.hash = InsecureRand256();
110  txin.prevout.n = InsecureRandBits(2);
111  RandomScript(txin.scriptSig);
112  txin.nSequence = (InsecureRandBool()) ? InsecureRand32() : (unsigned int)-1;
113  }
114  for (int out = 0; out < outs; out++) {
115  tx.vout.emplace_back();
116  CTxOut &txout = tx.vout.back();
117  txout.nValue = InsecureRandRange(100000000);
118  RandomScript(txout.scriptPubKey);
119  }
120 
121  if (tx.nVersion == 2) {
122  int shielded_spends = (InsecureRandBits(2)) + 1;
123  int shielded_outs = (InsecureRandBits(2)) + 1;
124  tx.sapData->valueBalance = InsecureRandRange(100000000);;
125  for (int spend = 0; spend < shielded_spends; spend++) {
126  SpendDescription sdesc;
127  sdesc.cv = GetRandHash();
128  sdesc.anchor = GetRandHash();
129  sdesc.nullifier = GetRandHash();
130  sdesc.rk = GetRandHash();
131  randombytes_buf(sdesc.zkproof.begin(), sdesc.zkproof.size());
132  tx.sapData->vShieldedSpend.push_back(sdesc);
133  }
134  for (int out = 0; out < shielded_outs; out++) {
135  OutputDescription odesc;
136  odesc.cv = GetRandHash();
137  odesc.cmu = GetRandHash();
138  odesc.ephemeralKey = GetRandHash();
139  randombytes_buf(odesc.encCiphertext.begin(), odesc.encCiphertext.size());
140  randombytes_buf(odesc.outCiphertext.begin(), odesc.outCiphertext.size());
141  randombytes_buf(odesc.zkproof.begin(), odesc.zkproof.size());
142  tx.sapData->vShieldedOutput.push_back(odesc);
143  }
144  }
145 }
146 
147 BOOST_FIXTURE_TEST_SUITE(sighash_tests, BasicTestingSetup)
148 
149 BOOST_AUTO_TEST_CASE(sighash_test)
150 {
151  #if defined(PRINT_SIGHASH_JSON)
152  std::cout << "[\n";
153  std::cout << "\t[\"raw_transaction, script, input_index, hashType, signature_hash (result)\"],\n";
154  #endif
155  int nRandomTests = 50000;
156 
157  #if defined(PRINT_SIGHASH_JSON)
158  nRandomTests = 500;
159  #endif
160  for (int i=0; i<nRandomTests; i++) {
161  int nHashType = InsecureRand32();
162  CMutableTransaction txTo;
163  RandomTransaction(txTo, (nHashType & 0x1f) == SIGHASH_SINGLE);
164  CScript scriptCode;
165  RandomScript(scriptCode);
166  int nIn = InsecureRandRange(txTo.vin.size());
167 
168  uint256 sh, sho;
169  sho = SignatureHashOld(scriptCode, txTo, nIn, nHashType);
170  sh = SignatureHash(scriptCode, txTo, nIn, nHashType, 0, txTo.GetRequiredSigVersion());
171  #if defined(PRINT_SIGHASH_JSON)
172  CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
173  ss << txTo;
174  std::cout << "\t[\"" ;
175  std::cout << HexStr(ss) << "\", \"";
176  std::cout << HexStr(scriptCode) << "\", ";
177  std::cout << nIn << ", ";
178  std::cout << nHashType << ", \"";
179  std::cout << sho.GetHex() << "\"]";
180  if (i+1 != nRandomTests) {
181  std::cout << ",";
182  }
183  std::cout << "\n";
184  #endif
185  if (txTo.nVersion < CTransaction::TxVersion::SAPLING) { // Sapling has a different signature.
186  BOOST_CHECK(sh == sho);
187  }
188  }
189  #if defined(PRINT_SIGHASH_JSON)
190  std::cout << "]\n";
191  #endif
192 }
193 
194 // Goal: check that SignatureHash generates correct hash
195 // TODO: Update with Sapling transactions..
196 BOOST_AUTO_TEST_CASE(sighash_from_data)
197 {
198  UniValue tests = read_json(std::string(json_tests::sighash, json_tests::sighash + sizeof(json_tests::sighash)));
199 
200  for (unsigned int idx = 0; idx < tests.size(); idx++) {
201  UniValue test = tests[idx];
202  std::string strTest = test.write();
203  if (test.size() < 1) // Allow for extra stuff (useful for comments)
204  {
205  BOOST_ERROR("Bad test: " << strTest);
206  continue;
207  }
208  if (test.size() == 1) continue; // comment
209 
210  std::string raw_tx, raw_script, sigHashHex;
211  int nIn, nHashType;
212  uint256 sh;
213  CTransactionRef tx;
214  CScript scriptCode = CScript();
215 
216  try {
217  // deserialize test data
218  raw_tx = test[0].get_str();
219  raw_script = test[1].get_str();
220  nIn = test[2].get_int();
221  nHashType = test[3].get_int();
222  sigHashHex = test[4].get_str();
223 
224  uint256 sh;
225  CDataStream stream(ParseHex(raw_tx), SER_NETWORK, PROTOCOL_VERSION);
226  stream >> tx;
227 
228  CValidationState state;
229  BOOST_CHECK_MESSAGE(CheckTransaction(*tx, state, false), strTest);
230  BOOST_CHECK(state.IsValid());
231 
232  std::vector<unsigned char> raw = ParseHex(raw_script);
233  scriptCode.insert(scriptCode.end(), raw.begin(), raw.end());
234  } catch (...) {
235  BOOST_ERROR("Bad test, couldn't deserialize data: " << strTest);
236  continue;
237  }
238 
239  sh = SignatureHash(scriptCode, *tx, nIn, nHashType, 0, tx->GetRequiredSigVersion());
240  BOOST_CHECK_MESSAGE(sh.GetHex() == sigHashHex, strTest);
241 
242  }
243 }
244 
245 BOOST_AUTO_TEST_CASE(malleated_tx)
246 {
247  int nRandomTests = 5000;
248  std::vector<uint256> vsh;
249  std::vector<CScript> vScriptCode;
250  for (int t = 0; t < nRandomTests; t++) {
251  vsh.clear();
252  vScriptCode.clear();
253  // create a random tx and get the signature hashes
254  CMutableTransaction _tx;
255  RandomTransaction(_tx, false);
256  const CTransaction tx(_tx);
257  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
258  vScriptCode.emplace_back();
259  RandomScript(vScriptCode.back());
260  vsh.emplace_back(SignatureHash(vScriptCode.back(), tx, nIn, SIGHASH_ALL, 0, tx.GetRequiredSigVersion()));
261  }
262 
263  // -- create malleated txes
264  CMutableTransaction mtx = _tx;
265  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
266  BOOST_CHECK(vsh[nIn] == SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, tx.GetRequiredSigVersion()));
267  }
268 
269  // remove one transparent input
270  if (mtx.vin.size() > 0) {
271  mtx.vin.pop_back();
272  CTransaction tx2(mtx);
273  for (int nIn = 0; nIn < (int) tx.vin.size() - 1; nIn++) {
274  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx2, nIn, SIGHASH_ALL, 0, tx2.GetRequiredSigVersion()));
275  }
276  }
277 
278  // change the prevout of the transparent input being signed
279  mtx = _tx;
280  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
281  while (mtx.vin[nIn].prevout.hash == tx.vin[nIn].prevout.hash)
282  mtx.vin[nIn].prevout.hash = InsecureRand256();
283  CTransaction tx2(mtx);
284  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx2, nIn, SIGHASH_ALL, 0, tx2.GetRequiredSigVersion()));
285  }
286 
287  // add one random transparent input
288  {
289  mtx = _tx;
290  CTxIn in(InsecureRand256(), InsecureRandBits(2));
291  RandomScript(in.scriptSig);
292  in.nSequence = (InsecureRandBool()) ? InsecureRand32() : (unsigned int)-1;
293  mtx.vin.emplace_back(in);
294  CTransaction tx2(mtx);
295  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
296  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx2, nIn, SIGHASH_ALL, 0, tx2.GetRequiredSigVersion()));
297  }
298  }
299 
300  // Shield inputs
301  if (tx.sapData && tx.sapData->vShieldedSpend.size() > 0) {
302  // remove one spend
303  mtx = _tx;
304  mtx.sapData->vShieldedSpend.pop_back();
305  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
306  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
307  }
308 
309  // modify one spend (cv, anchor, nullifier, rk, zkproof, spendAuthSig)
310  int i = InsecureRandRange(tx.sapData->vShieldedSpend.size());
311 
312  mtx = _tx;
313  while (mtx.sapData->vShieldedSpend[i].cv == tx.sapData->vShieldedSpend[i].cv)
314  mtx.sapData->vShieldedSpend[i].cv = GetRandHash();
315  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
316  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
317  }
318 
319  mtx = _tx;
320  while (mtx.sapData->vShieldedSpend[i].anchor == tx.sapData->vShieldedSpend[i].anchor)
321  mtx.sapData->vShieldedSpend[i].anchor = GetRandHash();
322  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
323  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
324  }
325 
326  mtx = _tx;
327  while (mtx.sapData->vShieldedSpend[i].nullifier == tx.sapData->vShieldedSpend[i].nullifier)
328  mtx.sapData->vShieldedSpend[i].nullifier = GetRandHash();
329  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
330  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
331  }
332 
333  mtx = _tx;
334  while (mtx.sapData->vShieldedSpend[i].rk == tx.sapData->vShieldedSpend[i].rk)
335  mtx.sapData->vShieldedSpend[i].rk = GetRandHash();
336  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
337  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
338  }
339 
340  mtx = _tx;
341  auto zkproof = &mtx.sapData->vShieldedSpend[i].zkproof;
342  randombytes_buf(zkproof->begin(), zkproof->size());
343  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
344  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
345  }
346 
347  mtx = _tx;
348  auto spendAuthSig = &mtx.sapData->vShieldedSpend[i].spendAuthSig;
349  randombytes_buf(spendAuthSig->begin(), spendAuthSig->size());
350  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
351  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
352  }
353  }
354 
355  // add one random spend
356  mtx = _tx;
357  SpendDescription sdesc;
358  sdesc.cv = GetRandHash();
359  sdesc.anchor = GetRandHash();
360  sdesc.nullifier = GetRandHash();
361  sdesc.rk = GetRandHash();
362  randombytes_buf(sdesc.zkproof.begin(), sdesc.zkproof.size());
363  mtx.sapData->vShieldedSpend.push_back(sdesc);
364  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
365  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
366  }
367 
368  // Transparent outputs
369  if (mtx.vout.size() > 0) {
370  // remove one
371  mtx = _tx;
372  mtx.vout.pop_back();
373  CTransaction tx2(mtx);
374  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
375  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx2, nIn, SIGHASH_ALL, 0, tx2.GetRequiredSigVersion()));
376  }
377 
378  // modify one (amount, script)
379  int i = InsecureRandRange(tx.vout.size());
380  mtx = _tx;
381  while (mtx.vout[i].nValue == tx.vout[i].nValue)
382  mtx.vout[i].nValue = InsecureRandRange(100000000);
383  CTransaction tx3 = CTransaction(mtx);
384  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
385  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx3, nIn, SIGHASH_ALL, 0, tx3.GetRequiredSigVersion()));
386  }
387 
388  mtx = _tx;
389  while (mtx.vout[i].scriptPubKey == tx.vout[i].scriptPubKey)
390  RandomScript(mtx.vout[i].scriptPubKey);
391  CTransaction tx4 = CTransaction(mtx);
392  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
393  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx4, nIn, SIGHASH_ALL, 0, tx4.GetRequiredSigVersion()));
394  }
395  }
396 
397  // add a random transparent output
398  {
399  mtx = _tx;
400  CTxOut out;
401  out.nValue = InsecureRandRange(100000000);
402  RandomScript(out.scriptPubKey);
403  mtx.vout.emplace_back(out);
404  CTransaction tx2(mtx);
405  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
406  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], tx2, nIn, SIGHASH_ALL, 0, tx2.GetRequiredSigVersion()));
407  }
408  }
409 
410  // Shield outputs
411  if (tx.sapData && tx.sapData->vShieldedOutput.size() > 0) {
412  // remove one output
413  mtx = _tx;
414  mtx.sapData->vShieldedOutput.pop_back();
415  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
416  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
417  }
418 
419  // modify one output (cv, cmu, nullifier, ephemeralKey, encCiphertext, outCiphertext, zkproof)
420  int i = InsecureRandRange(tx.sapData->vShieldedOutput.size());
421 
422  mtx = _tx;
423  while (mtx.sapData->vShieldedOutput[i].cv == tx.sapData->vShieldedOutput[i].cv)
424  mtx.sapData->vShieldedOutput[i].cv = GetRandHash();
425  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
426  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
427  }
428 
429  mtx = _tx;
430  while (mtx.sapData->vShieldedOutput[i].cmu == tx.sapData->vShieldedOutput[i].cmu)
431  mtx.sapData->vShieldedOutput[i].cmu = GetRandHash();
432  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
433  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
434  }
435 
436  mtx = _tx;
437  while (mtx.sapData->vShieldedOutput[i].ephemeralKey == tx.sapData->vShieldedOutput[i].ephemeralKey)
438  mtx.sapData->vShieldedOutput[i].ephemeralKey = GetRandHash();
439  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
440  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
441  }
442 
443  mtx = _tx;
444  auto encCiphertext = &mtx.sapData->vShieldedOutput[i].encCiphertext;
445  randombytes_buf(encCiphertext->begin(), encCiphertext->size());
446  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
447  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
448  }
449 
450  mtx = _tx;
451  auto outCiphertext = &mtx.sapData->vShieldedOutput[i].outCiphertext;
452  randombytes_buf(outCiphertext->begin(), outCiphertext->size());
453  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
454  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
455  }
456 
457  mtx = _tx;
458  auto zkproof = &mtx.sapData->vShieldedOutput[i].zkproof;
459  randombytes_buf(zkproof->begin(), zkproof->size());
460  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
461  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
462  }
463  }
464 
465  // add one random output
466  mtx = _tx;
467  OutputDescription odesc;
468  odesc.cv = GetRandHash();
469  odesc.cmu = GetRandHash();
470  odesc.ephemeralKey = GetRandHash();
471  randombytes_buf(odesc.encCiphertext.begin(), odesc.encCiphertext.size());
472  randombytes_buf(odesc.outCiphertext.begin(), odesc.outCiphertext.size());
473  randombytes_buf(odesc.zkproof.begin(), odesc.zkproof.size());
474  mtx.sapData->vShieldedOutput.push_back(odesc);
475  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
476  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
477  }
478 
479  // modify the value balance
480  if (tx.sapData &&
481  (!tx.sapData->vShieldedOutput.empty() || !tx.sapData->vShieldedSpend.empty())) {
482  mtx = _tx;
483  while (mtx.sapData->valueBalance == tx.sapData->valueBalance)
484  mtx.sapData->valueBalance = InsecureRandRange(100000000);
485  for (int nIn = 0; nIn < (int) tx.vin.size(); nIn++) {
486  BOOST_CHECK(vsh[nIn] != SignatureHash(vScriptCode[nIn], CTransaction(mtx), nIn, SIGHASH_ALL, 0, SigVersion::SIGVERSION_SAPLING));
487  }
488  }
489 
490  }
491 }
492 
493 BOOST_AUTO_TEST_SUITE_END()
BaseOutPoint::hash
uint256 hash
Definition: transaction.h:35
BaseOutPoint::n
uint32_t n
Definition: transaction.h:36
CHashWriter
A writer stream (for serialization) that computes a 256-bit hash.
Definition: hash.h:216
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:381
CScript::clear
void clear()
Definition: script.h:659
CScript::FindAndDelete
int FindAndDelete(const CScript &b)
Definition: script.h:583
CTransaction
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:244
CTransaction::vin
std::vector< CTxIn > vin
Definition: transaction.h:270
CTransaction::GetRequiredSigVersion
SigVersion GetRequiredSigVersion() const
Definition: transaction.h:347
CTransaction::sapData
Optional< SaplingTxData > sapData
Definition: transaction.h:275
CTransaction::vout
std::vector< CTxOut > vout
Definition: transaction.h:271
CTxIn
An input of a transaction.
Definition: transaction.h:94
CTxIn::nSequence
uint32_t nSequence
Definition: transaction.h:98
CTxIn::scriptSig
CScript scriptSig
Definition: transaction.h:97
CTxIn::prevout
COutPoint prevout
Definition: transaction.h:96
CTxOut
An output of a transaction.
Definition: transaction.h:137
CTxOut::scriptPubKey
CScript scriptPubKey
Definition: transaction.h:140
CTxOut::nValue
CAmount nValue
Definition: transaction.h:139
CValidationState
Capture information about block/transaction validation.
Definition: validation.h:24
CValidationState::IsValid
bool IsValid() const
Definition: validation.h:69
OutputDescription
A shielded output to a transaction.
Definition: sapling_transaction.h:79
OutputDescription::cmu
uint256 cmu
The u-coordinate of the note commitment for the output note.
Definition: sapling_transaction.h:82
OutputDescription::outCiphertext
libzcash::SaplingOutCiphertext outCiphertext
A ciphertext component for the encrypted output note.
Definition: sapling_transaction.h:85
OutputDescription::zkproof
libzcash::GrothProof zkproof
A zero-knowledge proof using the output circuit.
Definition: sapling_transaction.h:86
OutputDescription::encCiphertext
libzcash::SaplingEncCiphertext encCiphertext
A ciphertext component for the encrypted output note.
Definition: sapling_transaction.h:84
OutputDescription::cv
uint256 cv
A value commitment to the value of the output note.
Definition: sapling_transaction.h:81
OutputDescription::ephemeralKey
uint256 ephemeralKey
A Jubjub public key.
Definition: sapling_transaction.h:83
SpendDescription
A shielded input to a transaction.
Definition: sapling_transaction.h:42
SpendDescription::cv
uint256 cv
A value commitment to the value of the input note.
Definition: sapling_transaction.h:46
SpendDescription::zkproof
libzcash::GrothProof zkproof
A zero-knowledge proof using the spend circuit.
Definition: sapling_transaction.h:50
SpendDescription::anchor
uint256 anchor
A Merkle root of the Sapling note commitment tree at some block height in the past.
Definition: sapling_transaction.h:47
SpendDescription::rk
uint256 rk
The randomized public key for spendAuthSig.
Definition: sapling_transaction.h:49
SpendDescription::nullifier
uint256 nullifier
The nullifier of the input note.
Definition: sapling_transaction.h:48
UniValue::get_str
const std::string & get_str() const
Definition: univalue_get.cpp:97
UniValue::write
std::string write(unsigned int prettyIndent=0, unsigned int indentLevel=0) const
Definition: univalue_write.cpp:29
UniValue::size
size_t size() const
Definition: univalue.h:68
UniValue::get_int
int get_int() const
Definition: univalue_get.cpp:104
base_blob::SetNull
void SetNull()
Definition: uint256.h:44
base_blob::GetHex
std::string GetHex() const
Definition: uint256.cpp:21
prevector::end
iterator end()
Definition: prevector.h:287
prevector::insert
iterator insert(iterator pos, const T &value)
Definition: prevector.h:342
uint256
256-bit opaque blob.
Definition: uint256.h:138
BOOST_AUTO_TEST_SUITE_END
BOOST_AUTO_TEST_SUITE_END()
SignatureHash
uint256 SignatureHash(const CScript &scriptCode, const CTransaction &txTo, unsigned int nIn, int nHashType, const CAmount &amount, SigVersion sigversion, const PrecomputedTransactionData *cache)
Definition: interpreter.cpp:1180
SIGHASH_ANYONECANPAY
@ SIGHASH_ANYONECANPAY
Definition: interpreter.h:27
SIGHASH_ALL
@ SIGHASH_ALL
Definition: interpreter.h:24
SIGHASH_NONE
@ SIGHASH_NONE
Definition: interpreter.h:25
SIGHASH_SINGLE
@ SIGHASH_SINGLE
Definition: interpreter.h:26
BCLog::SAPLING
@ SAPLING
Definition: logging.h:63
tinyformat::printf
void printf(const char *fmt, const Args &... args)
Format list of arguments to std::cout, according to the given format string.
Definition: tinyformat.h:975
BOOST_FIXTURE_TEST_SUITE
#define BOOST_FIXTURE_TEST_SUITE(a, b)
Definition: object.cpp:14
BOOST_CHECK
#define BOOST_CHECK(expr)
Definition: object.cpp:17
GetRandHash
uint256 GetRandHash() noexcept
Definition: random.cpp:596
opcodetype
opcodetype
Script opcodes.
Definition: script.h:50
OP_2
@ OP_2
Definition: script.h:61
OP_IF
@ OP_IF
Definition: script.h:80
OP_CHECKSIG
@ OP_CHECKSIG
Definition: script.h:166
OP_VERIF
@ OP_VERIF
Definition: script.h:82
OP_CODESEPARATOR
@ OP_CODESEPARATOR
Definition: script.h:165
OP_FALSE
@ OP_FALSE
Definition: script.h:53
OP_1
@ OP_1
Definition: script.h:59
OP_3
@ OP_3
Definition: script.h:62
OP_RETURN
@ OP_RETURN
Definition: script.h:87
SER_NETWORK
@ SER_NETWORK
Definition: serialize.h:174
SER_GETHASH
@ SER_GETHASH
Definition: serialize.h:176
read_json
UniValue read_json(const std::string &jsondata)
Definition: script_tests.cpp:36
BOOST_AUTO_TEST_CASE
BOOST_AUTO_TEST_CASE(sighash_test)
Definition: sighash_tests.cpp:149
BasicTestingSetup
Basic testing setup.
Definition: test_pivx.h:51
CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:409
CMutableTransaction::sapData
Optional< SaplingTxData > sapData
Definition: transaction.h:415
CMutableTransaction::GetRequiredSigVersion
SigVersion GetRequiredSigVersion() const
Definition: transaction.h:450
CMutableTransaction::vout
std::vector< CTxOut > vout
Definition: transaction.h:411
CMutableTransaction::vin
std::vector< CTxIn > vin
Definition: transaction.h:410
test_pivx.h
SIGVERSION_SAPLING
@ SIGVERSION_SAPLING
Definition: transaction.h:28
CTransactionRef
std::shared_ptr< const CTransaction > CTransactionRef
Definition: transaction.h:456
CheckTransaction
bool CheckTransaction(const CTransaction &tx, CValidationState &state, bool fColdStakingActive)
Transaction validation functions.
Definition: tx_verify.cpp:54
tx_verify.h
UINT256_ONE
const uint256 UINT256_ONE
Definition: uint256.h:176
HexStr
std::string HexStr(const Span< const uint8_t > s)
Convert a span of bytes to a lower-case hexadecimal string.
Definition: utilstrencodings.cpp:563
ParseHex
std::vector< unsigned char > ParseHex(const char *psz)
Definition: utilstrencodings.cpp:99
Generated on Wed Apr 2 2025 00:40:37 for PIVX Core by doxygen 1.9.1