You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

segwit.py 39KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642
  1. #!/usr/bin/env python3
  2. # Copyright (c) 2016 The Bitcoin Core developers
  3. # Distributed under the MIT software license, see the accompanying
  4. # file COPYING or http://www.opensource.org/licenses/mit-license.php.
  5. """Test the SegWit changeover logic."""
  6. from test_framework.test_framework import BitcoinTestFramework
  7. from test_framework.util import *
  8. from test_framework.mininode import sha256, ripemd160, CTransaction, CTxIn, COutPoint, CTxOut, COIN
  9. from test_framework.address import script_to_p2sh, key_to_p2pkh
  10. from test_framework.script import CScript, OP_HASH160, OP_CHECKSIG, OP_0, hash160, OP_EQUAL, OP_DUP, OP_EQUALVERIFY, OP_1, OP_2, OP_CHECKMULTISIG, hash160, OP_TRUE
  11. from io import BytesIO
  12. from test_framework.mininode import ToHex, FromHex, COIN
  13. NODE_0 = 0
  14. NODE_1 = 1
  15. NODE_2 = 2
  16. WIT_V0 = 0
  17. WIT_V1 = 1
  18. # Create a scriptPubKey corresponding to either a P2WPKH output for the
  19. # given pubkey, or a P2WSH output of a 1-of-1 multisig for the given
  20. # pubkey. Returns the hex encoding of the scriptPubKey.
  21. def witness_script(use_p2wsh, pubkey):
  22. if (use_p2wsh == False):
  23. # P2WPKH instead
  24. pubkeyhash = hash160(hex_str_to_bytes(pubkey))
  25. pkscript = CScript([OP_0, pubkeyhash])
  26. else:
  27. # 1-of-1 multisig
  28. witness_program = CScript([OP_1, hex_str_to_bytes(pubkey), OP_1, OP_CHECKMULTISIG])
  29. scripthash = sha256(witness_program)
  30. pkscript = CScript([OP_0, scripthash])
  31. return bytes_to_hex_str(pkscript)
  32. # Return a transaction (in hex) that spends the given utxo to a segwit output,
  33. # optionally wrapping the segwit output using P2SH.
  34. def create_witnessprogram(use_p2wsh, utxo, pubkey, encode_p2sh, amount):
  35. pkscript = hex_str_to_bytes(witness_script(use_p2wsh, pubkey))
  36. if (encode_p2sh):
  37. p2sh_hash = hash160(pkscript)
  38. pkscript = CScript([OP_HASH160, p2sh_hash, OP_EQUAL])
  39. tx = CTransaction()
  40. tx.vin.append(CTxIn(COutPoint(int(utxo["txid"], 16), utxo["vout"]), b""))
  41. tx.vout.append(CTxOut(int(amount*COIN), pkscript))
  42. return ToHex(tx)
  43. # Create a transaction spending a given utxo to a segwit output corresponding
  44. # to the given pubkey: use_p2wsh determines whether to use P2WPKH or P2WSH;
  45. # encode_p2sh determines whether to wrap in P2SH.
  46. # sign=True will have the given node sign the transaction.
  47. # insert_redeem_script will be added to the scriptSig, if given.
  48. def send_to_witness(use_p2wsh, node, utxo, pubkey, encode_p2sh, amount, sign=True, insert_redeem_script=""):
  49. tx_to_witness = create_witnessprogram(use_p2wsh, utxo, pubkey, encode_p2sh, amount)
  50. if (sign):
  51. signed = node.signrawtransaction(tx_to_witness)
  52. assert("errors" not in signed or len(["errors"]) == 0)
  53. return node.sendrawtransaction(signed["hex"])
  54. else:
  55. if (insert_redeem_script):
  56. tx = FromHex(CTransaction(), tx_to_witness)
  57. tx.vin[0].scriptSig += CScript([hex_str_to_bytes(insert_redeem_script)])
  58. tx_to_witness = ToHex(tx)
  59. return node.sendrawtransaction(tx_to_witness)
  60. def getutxo(txid):
  61. utxo = {}
  62. utxo["vout"] = 0
  63. utxo["txid"] = txid
  64. return utxo
  65. def find_unspent(node, min_value):
  66. for utxo in node.listunspent():
  67. if utxo['amount'] >= min_value:
  68. return utxo
  69. class SegWitTest(BitcoinTestFramework):
  70. def __init__(self):
  71. super().__init__()
  72. self.setup_clean_chain = True
  73. self.num_nodes = 3
  74. def setup_network(self):
  75. self.nodes = []
  76. self.nodes.append(start_node(0, self.options.tmpdir, ["-walletprematurewitness", "-rpcserialversion=0"]))
  77. self.nodes.append(start_node(1, self.options.tmpdir, ["-blockversion=4", "-promiscuousmempoolflags=517", "-prematurewitness", "-walletprematurewitness", "-rpcserialversion=1"]))
  78. self.nodes.append(start_node(2, self.options.tmpdir, ["-blockversion=536870915", "-promiscuousmempoolflags=517", "-prematurewitness", "-walletprematurewitness"]))
  79. connect_nodes(self.nodes[1], 0)
  80. connect_nodes(self.nodes[2], 1)
  81. connect_nodes(self.nodes[0], 2)
  82. self.is_network_split = False
  83. self.sync_all()
  84. def success_mine(self, node, txid, sign, redeem_script=""):
  85. send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
  86. block = node.generate(1)
  87. assert_equal(len(node.getblock(block[0])["tx"]), 2)
  88. sync_blocks(self.nodes)
  89. def skip_mine(self, node, txid, sign, redeem_script=""):
  90. send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
  91. block = node.generate(1)
  92. assert_equal(len(node.getblock(block[0])["tx"]), 1)
  93. sync_blocks(self.nodes)
  94. def fail_accept(self, node, error_msg, txid, sign, redeem_script=""):
  95. assert_raises_jsonrpc(-26, error_msg, send_to_witness, 1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
  96. def fail_mine(self, node, txid, sign, redeem_script=""):
  97. send_to_witness(1, node, getutxo(txid), self.pubkey[0], False, Decimal("49.998"), sign, redeem_script)
  98. assert_raises_jsonrpc(-1, "CreateNewBlock: TestBlockValidity failed", node.generate, 1)
  99. sync_blocks(self.nodes)
  100. def run_test(self):
  101. self.nodes[0].generate(161) #block 161
  102. self.log.info("Verify sigops are counted in GBT with pre-BIP141 rules before the fork")
  103. txid = self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1)
  104. tmpl = self.nodes[0].getblocktemplate({})
  105. assert(tmpl['sizelimit'] == 1000000)
  106. assert('weightlimit' not in tmpl)
  107. assert(tmpl['sigoplimit'] == 20000)
  108. assert(tmpl['transactions'][0]['hash'] == txid)
  109. assert(tmpl['transactions'][0]['sigops'] == 2)
  110. tmpl = self.nodes[0].getblocktemplate({'rules':['segwit']})
  111. assert(tmpl['sizelimit'] == 1000000)
  112. assert('weightlimit' not in tmpl)
  113. assert(tmpl['sigoplimit'] == 20000)
  114. assert(tmpl['transactions'][0]['hash'] == txid)
  115. assert(tmpl['transactions'][0]['sigops'] == 2)
  116. self.nodes[0].generate(1) #block 162
  117. balance_presetup = self.nodes[0].getbalance()
  118. self.pubkey = []
  119. p2sh_ids = [] # p2sh_ids[NODE][VER] is an array of txids that spend to a witness version VER pkscript to an address for NODE embedded in p2sh
  120. wit_ids = [] # wit_ids[NODE][VER] is an array of txids that spend to a witness version VER pkscript to an address for NODE via bare witness
  121. for i in range(3):
  122. newaddress = self.nodes[i].getnewaddress()
  123. self.pubkey.append(self.nodes[i].validateaddress(newaddress)["pubkey"])
  124. multiaddress = self.nodes[i].addmultisigaddress(1, [self.pubkey[-1]])
  125. self.nodes[i].addwitnessaddress(newaddress)
  126. self.nodes[i].addwitnessaddress(multiaddress)
  127. p2sh_ids.append([])
  128. wit_ids.append([])
  129. for v in range(2):
  130. p2sh_ids[i].append([])
  131. wit_ids[i].append([])
  132. for i in range(5):
  133. for n in range(3):
  134. for v in range(2):
  135. wit_ids[n][v].append(send_to_witness(v, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[n], False, Decimal("49.999")))
  136. p2sh_ids[n][v].append(send_to_witness(v, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[n], True, Decimal("49.999")))
  137. self.nodes[0].generate(1) #block 163
  138. sync_blocks(self.nodes)
  139. # Make sure all nodes recognize the transactions as theirs
  140. assert_equal(self.nodes[0].getbalance(), balance_presetup - 60*50 + 20*Decimal("49.999") + 50)
  141. assert_equal(self.nodes[1].getbalance(), 20*Decimal("49.999"))
  142. assert_equal(self.nodes[2].getbalance(), 20*Decimal("49.999"))
  143. self.nodes[0].generate(260) #block 423
  144. sync_blocks(self.nodes)
  145. self.log.info("Verify default node can't accept any witness format txs before fork")
  146. # unsigned, no scriptsig
  147. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", wit_ids[NODE_0][WIT_V0][0], False)
  148. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", wit_ids[NODE_0][WIT_V1][0], False)
  149. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V0][0], False)
  150. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V1][0], False)
  151. # unsigned with redeem script
  152. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V0][0], False, witness_script(False, self.pubkey[0]))
  153. self.fail_accept(self.nodes[0], "mandatory-script-verify-flag", p2sh_ids[NODE_0][WIT_V1][0], False, witness_script(True, self.pubkey[0]))
  154. # signed
  155. self.fail_accept(self.nodes[0], "no-witness-yet", wit_ids[NODE_0][WIT_V0][0], True)
  156. self.fail_accept(self.nodes[0], "no-witness-yet", wit_ids[NODE_0][WIT_V1][0], True)
  157. self.fail_accept(self.nodes[0], "no-witness-yet", p2sh_ids[NODE_0][WIT_V0][0], True)
  158. self.fail_accept(self.nodes[0], "no-witness-yet", p2sh_ids[NODE_0][WIT_V1][0], True)
  159. self.log.info("Verify witness txs are skipped for mining before the fork")
  160. self.skip_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][0], True) #block 424
  161. self.skip_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][0], True) #block 425
  162. self.skip_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][0], True) #block 426
  163. self.skip_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][0], True) #block 427
  164. # TODO: An old node would see these txs without witnesses and be able to mine them
  165. self.log.info("Verify unsigned bare witness txs in versionbits-setting blocks are valid before the fork")
  166. self.success_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][1], False) #block 428
  167. self.success_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][1], False) #block 429
  168. self.log.info("Verify unsigned p2sh witness txs without a redeem script are invalid")
  169. self.fail_accept(self.nodes[2], "mandatory-script-verify-flag", p2sh_ids[NODE_2][WIT_V0][1], False)
  170. self.fail_accept(self.nodes[2], "mandatory-script-verify-flag", p2sh_ids[NODE_2][WIT_V1][1], False)
  171. self.log.info("Verify unsigned p2sh witness txs with a redeem script in versionbits-settings blocks are valid before the fork")
  172. self.success_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][1], False, witness_script(False, self.pubkey[2])) #block 430
  173. self.success_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][1], False, witness_script(True, self.pubkey[2])) #block 431
  174. self.log.info("Verify previous witness txs skipped for mining can now be mined")
  175. assert_equal(len(self.nodes[2].getrawmempool()), 4)
  176. block = self.nodes[2].generate(1) #block 432 (first block with new rules; 432 = 144 * 3)
  177. sync_blocks(self.nodes)
  178. assert_equal(len(self.nodes[2].getrawmempool()), 0)
  179. segwit_tx_list = self.nodes[2].getblock(block[0])["tx"]
  180. assert_equal(len(segwit_tx_list), 5)
  181. self.log.info("Verify block and transaction serialization rpcs return differing serializations depending on rpc serialization flag")
  182. assert(self.nodes[2].getblock(block[0], False) != self.nodes[0].getblock(block[0], False))
  183. assert(self.nodes[1].getblock(block[0], False) == self.nodes[2].getblock(block[0], False))
  184. for i in range(len(segwit_tx_list)):
  185. tx = FromHex(CTransaction(), self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
  186. assert(self.nodes[2].getrawtransaction(segwit_tx_list[i]) != self.nodes[0].getrawtransaction(segwit_tx_list[i]))
  187. assert(self.nodes[1].getrawtransaction(segwit_tx_list[i], 0) == self.nodes[2].getrawtransaction(segwit_tx_list[i]))
  188. assert(self.nodes[0].getrawtransaction(segwit_tx_list[i]) != self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
  189. assert(self.nodes[1].getrawtransaction(segwit_tx_list[i]) == self.nodes[2].gettransaction(segwit_tx_list[i])["hex"])
  190. assert(self.nodes[0].getrawtransaction(segwit_tx_list[i]) == bytes_to_hex_str(tx.serialize_without_witness()))
  191. self.log.info("Verify witness txs without witness data are invalid after the fork")
  192. self.fail_mine(self.nodes[2], wit_ids[NODE_2][WIT_V0][2], False)
  193. self.fail_mine(self.nodes[2], wit_ids[NODE_2][WIT_V1][2], False)
  194. self.fail_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V0][2], False, witness_script(False, self.pubkey[2]))
  195. self.fail_mine(self.nodes[2], p2sh_ids[NODE_2][WIT_V1][2], False, witness_script(True, self.pubkey[2]))
  196. self.log.info("Verify default node can now use witness txs")
  197. self.success_mine(self.nodes[0], wit_ids[NODE_0][WIT_V0][0], True) #block 432
  198. self.success_mine(self.nodes[0], wit_ids[NODE_0][WIT_V1][0], True) #block 433
  199. self.success_mine(self.nodes[0], p2sh_ids[NODE_0][WIT_V0][0], True) #block 434
  200. self.success_mine(self.nodes[0], p2sh_ids[NODE_0][WIT_V1][0], True) #block 435
  201. self.log.info("Verify sigops are counted in GBT with BIP141 rules after the fork")
  202. txid = self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1)
  203. tmpl = self.nodes[0].getblocktemplate({'rules':['segwit']})
  204. assert(tmpl['sizelimit'] >= 3999577) # actual maximum size is lower due to minimum mandatory non-witness data
  205. assert(tmpl['weightlimit'] == 4000000)
  206. assert(tmpl['sigoplimit'] == 80000)
  207. assert(tmpl['transactions'][0]['txid'] == txid)
  208. assert(tmpl['transactions'][0]['sigops'] == 8)
  209. self.nodes[0].generate(1) # Mine a block to clear the gbt cache
  210. self.log.info("Non-segwit miners are able to use GBT response after activation.")
  211. # Create a 3-tx chain: tx1 (non-segwit input, paying to a segwit output) ->
  212. # tx2 (segwit input, paying to a non-segwit output) ->
  213. # tx3 (non-segwit input, paying to a non-segwit output).
  214. # tx1 is allowed to appear in the block, but no others.
  215. txid1 = send_to_witness(1, self.nodes[0], find_unspent(self.nodes[0], 50), self.pubkey[0], False, Decimal("49.996"))
  216. hex_tx = self.nodes[0].gettransaction(txid)['hex']
  217. tx = FromHex(CTransaction(), hex_tx)
  218. assert(tx.wit.is_null()) # This should not be a segwit input
  219. assert(txid1 in self.nodes[0].getrawmempool())
  220. # Now create tx2, which will spend from txid1.
  221. tx = CTransaction()
  222. tx.vin.append(CTxIn(COutPoint(int(txid1, 16), 0), b''))
  223. tx.vout.append(CTxOut(int(49.99*COIN), CScript([OP_TRUE])))
  224. tx2_hex = self.nodes[0].signrawtransaction(ToHex(tx))['hex']
  225. txid2 = self.nodes[0].sendrawtransaction(tx2_hex)
  226. tx = FromHex(CTransaction(), tx2_hex)
  227. assert(not tx.wit.is_null())
  228. # Now create tx3, which will spend from txid2
  229. tx = CTransaction()
  230. tx.vin.append(CTxIn(COutPoint(int(txid2, 16), 0), b""))
  231. tx.vout.append(CTxOut(int(49.95*COIN), CScript([OP_TRUE]))) # Huge fee
  232. tx.calc_sha256()
  233. txid3 = self.nodes[0].sendrawtransaction(ToHex(tx))
  234. assert(tx.wit.is_null())
  235. assert(txid3 in self.nodes[0].getrawmempool())
  236. # Now try calling getblocktemplate() without segwit support.
  237. template = self.nodes[0].getblocktemplate()
  238. # Check that tx1 is the only transaction of the 3 in the template.
  239. template_txids = [ t['txid'] for t in template['transactions'] ]
  240. assert(txid2 not in template_txids and txid3 not in template_txids)
  241. assert(txid1 in template_txids)
  242. # Check that running with segwit support results in all 3 being included.
  243. template = self.nodes[0].getblocktemplate({"rules": ["segwit"]})
  244. template_txids = [ t['txid'] for t in template['transactions'] ]
  245. assert(txid1 in template_txids)
  246. assert(txid2 in template_txids)
  247. assert(txid3 in template_txids)
  248. # Mine a block to clear the gbt cache again.
  249. self.nodes[0].generate(1)
  250. self.log.info("Verify behaviour of importaddress, addwitnessaddress and listunspent")
  251. # Some public keys to be used later
  252. pubkeys = [
  253. "0363D44AABD0F1699138239DF2F042C3282C0671CC7A76826A55C8203D90E39242", # cPiM8Ub4heR9NBYmgVzJQiUH1if44GSBGiqaeJySuL2BKxubvgwb
  254. "02D3E626B3E616FC8662B489C123349FECBFC611E778E5BE739B257EAE4721E5BF", # cPpAdHaD6VoYbW78kveN2bsvb45Q7G5PhaPApVUGwvF8VQ9brD97
  255. "04A47F2CBCEFFA7B9BCDA184E7D5668D3DA6F9079AD41E422FA5FD7B2D458F2538A62F5BD8EC85C2477F39650BD391EA6250207065B2A81DA8B009FC891E898F0E", # 91zqCU5B9sdWxzMt1ca3VzbtVm2YM6Hi5Rxn4UDtxEaN9C9nzXV
  256. "02A47F2CBCEFFA7B9BCDA184E7D5668D3DA6F9079AD41E422FA5FD7B2D458F2538", # cPQFjcVRpAUBG8BA9hzr2yEzHwKoMgLkJZBBtK9vJnvGJgMjzTbd
  257. "036722F784214129FEB9E8129D626324F3F6716555B603FFE8300BBCB882151228", # cQGtcm34xiLjB1v7bkRa4V3aAc9tS2UTuBZ1UnZGeSeNy627fN66
  258. "0266A8396EE936BF6D99D17920DB21C6C7B1AB14C639D5CD72B300297E416FD2EC", # cTW5mR5M45vHxXkeChZdtSPozrFwFgmEvTNnanCW6wrqwaCZ1X7K
  259. "0450A38BD7F0AC212FEBA77354A9B036A32E0F7C81FC4E0C5ADCA7C549C4505D2522458C2D9AE3CEFD684E039194B72C8A10F9CB9D4764AB26FCC2718D421D3B84", # 92h2XPssjBpsJN5CqSP7v9a7cf2kgDunBC6PDFwJHMACM1rrVBJ
  260. ]
  261. # Import a compressed key and an uncompressed key, generate some multisig addresses
  262. self.nodes[0].importprivkey("92e6XLo5jVAVwrQKPNTs93oQco8f8sDNBcpv73Dsrs397fQtFQn")
  263. uncompressed_spendable_address = ["mvozP4UwyGD2mGZU4D2eMvMLPB9WkMmMQu"]
  264. self.nodes[0].importprivkey("cNC8eQ5dg3mFAVePDX4ddmPYpPbw41r9bm2jd1nLJT77e6RrzTRR")
  265. compressed_spendable_address = ["mmWQubrDomqpgSYekvsU7HWEVjLFHAakLe"]
  266. assert ((self.nodes[0].validateaddress(uncompressed_spendable_address[0])['iscompressed'] == False))
  267. assert ((self.nodes[0].validateaddress(compressed_spendable_address[0])['iscompressed'] == True))
  268. self.nodes[0].importpubkey(pubkeys[0])
  269. compressed_solvable_address = [key_to_p2pkh(pubkeys[0])]
  270. self.nodes[0].importpubkey(pubkeys[1])
  271. compressed_solvable_address.append(key_to_p2pkh(pubkeys[1]))
  272. self.nodes[0].importpubkey(pubkeys[2])
  273. uncompressed_solvable_address = [key_to_p2pkh(pubkeys[2])]
  274. spendable_anytime = [] # These outputs should be seen anytime after importprivkey and addmultisigaddress
  275. spendable_after_importaddress = [] # These outputs should be seen after importaddress
  276. solvable_after_importaddress = [] # These outputs should be seen after importaddress but not spendable
  277. unsolvable_after_importaddress = [] # These outputs should be unsolvable after importaddress
  278. solvable_anytime = [] # These outputs should be solvable after importpubkey
  279. unseen_anytime = [] # These outputs should never be seen
  280. uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], compressed_spendable_address[0]]))
  281. uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], uncompressed_spendable_address[0]]))
  282. compressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_spendable_address[0]]))
  283. uncompressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], uncompressed_solvable_address[0]]))
  284. compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_solvable_address[0]]))
  285. compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_solvable_address[0], compressed_solvable_address[1]]))
  286. unknown_address = ["mtKKyoHabkk6e4ppT7NaM7THqPUt7AzPrT", "2NDP3jLWAFT8NDAiUa9qiE6oBt2awmMq7Dx"]
  287. # Test multisig_without_privkey
  288. # We have 2 public keys without private keys, use addmultisigaddress to add to wallet.
  289. # Money sent to P2SH of multisig of this should only be seen after importaddress with the BASE58 P2SH address.
  290. multisig_without_privkey_address = self.nodes[0].addmultisigaddress(2, [pubkeys[3], pubkeys[4]])
  291. script = CScript([OP_2, hex_str_to_bytes(pubkeys[3]), hex_str_to_bytes(pubkeys[4]), OP_2, OP_CHECKMULTISIG])
  292. solvable_after_importaddress.append(CScript([OP_HASH160, hash160(script), OP_EQUAL]))
  293. for i in compressed_spendable_address:
  294. v = self.nodes[0].validateaddress(i)
  295. if (v['isscript']):
  296. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  297. # bare and p2sh multisig with compressed keys should always be spendable
  298. spendable_anytime.extend([bare, p2sh])
  299. # P2WSH and P2SH(P2WSH) multisig with compressed keys are spendable after direct importaddress
  300. spendable_after_importaddress.extend([p2wsh, p2sh_p2wsh])
  301. else:
  302. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  303. # normal P2PKH and P2PK with compressed keys should always be spendable
  304. spendable_anytime.extend([p2pkh, p2pk])
  305. # P2SH_P2PK, P2SH_P2PKH, and witness with compressed keys are spendable after direct importaddress
  306. spendable_after_importaddress.extend([p2wpkh, p2sh_p2wpkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
  307. for i in uncompressed_spendable_address:
  308. v = self.nodes[0].validateaddress(i)
  309. if (v['isscript']):
  310. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  311. # bare and p2sh multisig with uncompressed keys should always be spendable
  312. spendable_anytime.extend([bare, p2sh])
  313. # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
  314. unseen_anytime.extend([p2wsh, p2sh_p2wsh])
  315. else:
  316. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  317. # normal P2PKH and P2PK with uncompressed keys should always be spendable
  318. spendable_anytime.extend([p2pkh, p2pk])
  319. # P2SH_P2PK and P2SH_P2PKH are spendable after direct importaddress
  320. spendable_after_importaddress.extend([p2sh_p2pk, p2sh_p2pkh])
  321. # witness with uncompressed keys are never seen
  322. unseen_anytime.extend([p2wpkh, p2sh_p2wpkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
  323. for i in compressed_solvable_address:
  324. v = self.nodes[0].validateaddress(i)
  325. if (v['isscript']):
  326. # Multisig without private is not seen after addmultisigaddress, but seen after importaddress
  327. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  328. solvable_after_importaddress.extend([bare, p2sh, p2wsh, p2sh_p2wsh])
  329. else:
  330. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  331. # normal P2PKH and P2PK with compressed keys should always be seen
  332. solvable_anytime.extend([p2pkh, p2pk])
  333. # P2SH_P2PK, P2SH_P2PKH, and witness with compressed keys are seen after direct importaddress
  334. solvable_after_importaddress.extend([p2wpkh, p2sh_p2wpkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
  335. for i in uncompressed_solvable_address:
  336. v = self.nodes[0].validateaddress(i)
  337. if (v['isscript']):
  338. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  339. # Base uncompressed multisig without private is not seen after addmultisigaddress, but seen after importaddress
  340. solvable_after_importaddress.extend([bare, p2sh])
  341. # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
  342. unseen_anytime.extend([p2wsh, p2sh_p2wsh])
  343. else:
  344. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  345. # normal P2PKH and P2PK with uncompressed keys should always be seen
  346. solvable_anytime.extend([p2pkh, p2pk])
  347. # P2SH_P2PK, P2SH_P2PKH with uncompressed keys are seen after direct importaddress
  348. solvable_after_importaddress.extend([p2sh_p2pk, p2sh_p2pkh])
  349. # witness with uncompressed keys are never seen
  350. unseen_anytime.extend([p2wpkh, p2sh_p2wpkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh])
  351. op1 = CScript([OP_1])
  352. op0 = CScript([OP_0])
  353. # 2N7MGY19ti4KDMSzRfPAssP6Pxyuxoi6jLe is the P2SH(P2PKH) version of mjoE3sSrb8ByYEvgnC3Aox86u1CHnfJA4V
  354. unsolvable_address = ["mjoE3sSrb8ByYEvgnC3Aox86u1CHnfJA4V", "2N7MGY19ti4KDMSzRfPAssP6Pxyuxoi6jLe", script_to_p2sh(op1), script_to_p2sh(op0)]
  355. unsolvable_address_key = hex_str_to_bytes("02341AEC7587A51CDE5279E0630A531AEA2615A9F80B17E8D9376327BAEAA59E3D")
  356. unsolvablep2pkh = CScript([OP_DUP, OP_HASH160, hash160(unsolvable_address_key), OP_EQUALVERIFY, OP_CHECKSIG])
  357. unsolvablep2wshp2pkh = CScript([OP_0, sha256(unsolvablep2pkh)])
  358. p2shop0 = CScript([OP_HASH160, hash160(op0), OP_EQUAL])
  359. p2wshop1 = CScript([OP_0, sha256(op1)])
  360. unsolvable_after_importaddress.append(unsolvablep2pkh)
  361. unsolvable_after_importaddress.append(unsolvablep2wshp2pkh)
  362. unsolvable_after_importaddress.append(op1) # OP_1 will be imported as script
  363. unsolvable_after_importaddress.append(p2wshop1)
  364. unseen_anytime.append(op0) # OP_0 will be imported as P2SH address with no script provided
  365. unsolvable_after_importaddress.append(p2shop0)
  366. spendable_txid = []
  367. solvable_txid = []
  368. spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime, 2))
  369. solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime, 1))
  370. self.mine_and_test_listunspent(spendable_after_importaddress + solvable_after_importaddress + unseen_anytime + unsolvable_after_importaddress, 0)
  371. importlist = []
  372. for i in compressed_spendable_address + uncompressed_spendable_address + compressed_solvable_address + uncompressed_solvable_address:
  373. v = self.nodes[0].validateaddress(i)
  374. if (v['isscript']):
  375. bare = hex_str_to_bytes(v['hex'])
  376. importlist.append(bytes_to_hex_str(bare))
  377. importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(bare)])))
  378. else:
  379. pubkey = hex_str_to_bytes(v['pubkey'])
  380. p2pk = CScript([pubkey, OP_CHECKSIG])
  381. p2pkh = CScript([OP_DUP, OP_HASH160, hash160(pubkey), OP_EQUALVERIFY, OP_CHECKSIG])
  382. importlist.append(bytes_to_hex_str(p2pk))
  383. importlist.append(bytes_to_hex_str(p2pkh))
  384. importlist.append(bytes_to_hex_str(CScript([OP_0, hash160(pubkey)])))
  385. importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(p2pk)])))
  386. importlist.append(bytes_to_hex_str(CScript([OP_0, sha256(p2pkh)])))
  387. importlist.append(bytes_to_hex_str(unsolvablep2pkh))
  388. importlist.append(bytes_to_hex_str(unsolvablep2wshp2pkh))
  389. importlist.append(bytes_to_hex_str(op1))
  390. importlist.append(bytes_to_hex_str(p2wshop1))
  391. for i in importlist:
  392. # import all generated addresses. The wallet already has the private keys for some of these, so catch JSON RPC
  393. # exceptions and continue.
  394. try:
  395. self.nodes[0].importaddress(i,"",False,True)
  396. except JSONRPCException as exp:
  397. assert_equal(exp.error["message"], "The wallet already contains the private key for this address or script")
  398. assert_equal(exp.error["code"], -4)
  399. self.nodes[0].importaddress(script_to_p2sh(op0)) # import OP_0 as address only
  400. self.nodes[0].importaddress(multisig_without_privkey_address) # Test multisig_without_privkey
  401. spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime + spendable_after_importaddress, 2))
  402. solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime + solvable_after_importaddress, 1))
  403. self.mine_and_test_listunspent(unsolvable_after_importaddress, 1)
  404. self.mine_and_test_listunspent(unseen_anytime, 0)
  405. # addwitnessaddress should refuse to return a witness address if an uncompressed key is used or the address is
  406. # not in the wallet
  407. # note that no witness address should be returned by unsolvable addresses
  408. # the multisig_without_privkey_address will fail because its keys were not added with importpubkey
  409. for i in uncompressed_spendable_address + uncompressed_solvable_address + unknown_address + unsolvable_address + [multisig_without_privkey_address]:
  410. assert_raises_jsonrpc(-4, "Public key or redeemscript not known to wallet, or the key is uncompressed", self.nodes[0].addwitnessaddress, i)
  411. for i in compressed_spendable_address + compressed_solvable_address:
  412. witaddress = self.nodes[0].addwitnessaddress(i)
  413. # addwitnessaddress should return the same address if it is a known P2SH-witness address
  414. assert_equal(witaddress, self.nodes[0].addwitnessaddress(witaddress))
  415. spendable_txid.append(self.mine_and_test_listunspent(spendable_anytime + spendable_after_importaddress, 2))
  416. solvable_txid.append(self.mine_and_test_listunspent(solvable_anytime + solvable_after_importaddress, 1))
  417. self.mine_and_test_listunspent(unsolvable_after_importaddress, 1)
  418. self.mine_and_test_listunspent(unseen_anytime, 0)
  419. # Repeat some tests. This time we don't add witness scripts with importaddress
  420. # Import a compressed key and an uncompressed key, generate some multisig addresses
  421. self.nodes[0].importprivkey("927pw6RW8ZekycnXqBQ2JS5nPyo1yRfGNN8oq74HeddWSpafDJH")
  422. uncompressed_spendable_address = ["mguN2vNSCEUh6rJaXoAVwY3YZwZvEmf5xi"]
  423. self.nodes[0].importprivkey("cMcrXaaUC48ZKpcyydfFo8PxHAjpsYLhdsp6nmtB3E2ER9UUHWnw")
  424. compressed_spendable_address = ["n1UNmpmbVUJ9ytXYXiurmGPQ3TRrXqPWKL"]
  425. self.nodes[0].importpubkey(pubkeys[5])
  426. compressed_solvable_address = [key_to_p2pkh(pubkeys[5])]
  427. self.nodes[0].importpubkey(pubkeys[6])
  428. uncompressed_solvable_address = [key_to_p2pkh(pubkeys[6])]
  429. spendable_after_addwitnessaddress = [] # These outputs should be seen after importaddress
  430. solvable_after_addwitnessaddress=[] # These outputs should be seen after importaddress but not spendable
  431. unseen_anytime = [] # These outputs should never be seen
  432. uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], compressed_spendable_address[0]]))
  433. uncompressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [uncompressed_spendable_address[0], uncompressed_spendable_address[0]]))
  434. compressed_spendable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_spendable_address[0]]))
  435. uncompressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_solvable_address[0], uncompressed_solvable_address[0]]))
  436. compressed_solvable_address.append(self.nodes[0].addmultisigaddress(2, [compressed_spendable_address[0], compressed_solvable_address[0]]))
  437. premature_witaddress = []
  438. for i in compressed_spendable_address:
  439. v = self.nodes[0].validateaddress(i)
  440. if (v['isscript']):
  441. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  442. # P2WSH and P2SH(P2WSH) multisig with compressed keys are spendable after addwitnessaddress
  443. spendable_after_addwitnessaddress.extend([p2wsh, p2sh_p2wsh])
  444. premature_witaddress.append(script_to_p2sh(p2wsh))
  445. else:
  446. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  447. # P2WPKH, P2SH_P2WPKH are spendable after addwitnessaddress
  448. spendable_after_addwitnessaddress.extend([p2wpkh, p2sh_p2wpkh])
  449. premature_witaddress.append(script_to_p2sh(p2wpkh))
  450. for i in uncompressed_spendable_address + uncompressed_solvable_address:
  451. v = self.nodes[0].validateaddress(i)
  452. if (v['isscript']):
  453. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  454. # P2WSH and P2SH(P2WSH) multisig with uncompressed keys are never seen
  455. unseen_anytime.extend([p2wsh, p2sh_p2wsh])
  456. else:
  457. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  458. # P2WPKH, P2SH_P2WPKH with uncompressed keys are never seen
  459. unseen_anytime.extend([p2wpkh, p2sh_p2wpkh])
  460. for i in compressed_solvable_address:
  461. v = self.nodes[0].validateaddress(i)
  462. if (v['isscript']):
  463. # P2WSH multisig without private key are seen after addwitnessaddress
  464. [bare, p2sh, p2wsh, p2sh_p2wsh] = self.p2sh_address_to_script(v)
  465. solvable_after_addwitnessaddress.extend([p2wsh, p2sh_p2wsh])
  466. premature_witaddress.append(script_to_p2sh(p2wsh))
  467. else:
  468. [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh] = self.p2pkh_address_to_script(v)
  469. # P2SH_P2PK, P2SH_P2PKH with compressed keys are seen after addwitnessaddress
  470. solvable_after_addwitnessaddress.extend([p2wpkh, p2sh_p2wpkh])
  471. premature_witaddress.append(script_to_p2sh(p2wpkh))
  472. self.mine_and_test_listunspent(spendable_after_addwitnessaddress + solvable_after_addwitnessaddress + unseen_anytime, 0)
  473. # addwitnessaddress should refuse to return a witness address if an uncompressed key is used
  474. # note that a multisig address returned by addmultisigaddress is not solvable until it is added with importaddress
  475. # premature_witaddress are not accepted until the script is added with addwitnessaddress first
  476. for i in uncompressed_spendable_address + uncompressed_solvable_address + premature_witaddress + [compressed_solvable_address[1]]:
  477. # This will raise an exception
  478. assert_raises_jsonrpc(-4, "Public key or redeemscript not known to wallet, or the key is uncompressed", self.nodes[0].addwitnessaddress, i)
  479. # after importaddress it should pass addwitnessaddress
  480. v = self.nodes[0].validateaddress(compressed_solvable_address[1])
  481. self.nodes[0].importaddress(v['hex'],"",False,True)
  482. for i in compressed_spendable_address + compressed_solvable_address + premature_witaddress:
  483. witaddress = self.nodes[0].addwitnessaddress(i)
  484. assert_equal(witaddress, self.nodes[0].addwitnessaddress(witaddress))
  485. spendable_txid.append(self.mine_and_test_listunspent(spendable_after_addwitnessaddress, 2))
  486. solvable_txid.append(self.mine_and_test_listunspent(solvable_after_addwitnessaddress, 1))
  487. self.mine_and_test_listunspent(unseen_anytime, 0)
  488. # Check that spendable outputs are really spendable
  489. self.create_and_mine_tx_from_txids(spendable_txid)
  490. # import all the private keys so solvable addresses become spendable
  491. self.nodes[0].importprivkey("cPiM8Ub4heR9NBYmgVzJQiUH1if44GSBGiqaeJySuL2BKxubvgwb")
  492. self.nodes[0].importprivkey("cPpAdHaD6VoYbW78kveN2bsvb45Q7G5PhaPApVUGwvF8VQ9brD97")
  493. self.nodes[0].importprivkey("91zqCU5B9sdWxzMt1ca3VzbtVm2YM6Hi5Rxn4UDtxEaN9C9nzXV")
  494. self.nodes[0].importprivkey("cPQFjcVRpAUBG8BA9hzr2yEzHwKoMgLkJZBBtK9vJnvGJgMjzTbd")
  495. self.nodes[0].importprivkey("cQGtcm34xiLjB1v7bkRa4V3aAc9tS2UTuBZ1UnZGeSeNy627fN66")
  496. self.nodes[0].importprivkey("cTW5mR5M45vHxXkeChZdtSPozrFwFgmEvTNnanCW6wrqwaCZ1X7K")
  497. self.create_and_mine_tx_from_txids(solvable_txid)
  498. def mine_and_test_listunspent(self, script_list, ismine):
  499. utxo = find_unspent(self.nodes[0], 50)
  500. tx = CTransaction()
  501. tx.vin.append(CTxIn(COutPoint(int('0x'+utxo['txid'],0), utxo['vout'])))
  502. for i in script_list:
  503. tx.vout.append(CTxOut(10000000, i))
  504. tx.rehash()
  505. signresults = self.nodes[0].signrawtransaction(bytes_to_hex_str(tx.serialize_without_witness()))['hex']
  506. txid = self.nodes[0].sendrawtransaction(signresults, True)
  507. self.nodes[0].generate(1)
  508. sync_blocks(self.nodes)
  509. watchcount = 0
  510. spendcount = 0
  511. for i in self.nodes[0].listunspent():
  512. if (i['txid'] == txid):
  513. watchcount += 1
  514. if (i['spendable'] == True):
  515. spendcount += 1
  516. if (ismine == 2):
  517. assert_equal(spendcount, len(script_list))
  518. elif (ismine == 1):
  519. assert_equal(watchcount, len(script_list))
  520. assert_equal(spendcount, 0)
  521. else:
  522. assert_equal(watchcount, 0)
  523. return txid
  524. def p2sh_address_to_script(self,v):
  525. bare = CScript(hex_str_to_bytes(v['hex']))
  526. p2sh = CScript(hex_str_to_bytes(v['scriptPubKey']))
  527. p2wsh = CScript([OP_0, sha256(bare)])
  528. p2sh_p2wsh = CScript([OP_HASH160, hash160(p2wsh), OP_EQUAL])
  529. return([bare, p2sh, p2wsh, p2sh_p2wsh])
  530. def p2pkh_address_to_script(self,v):
  531. pubkey = hex_str_to_bytes(v['pubkey'])
  532. p2wpkh = CScript([OP_0, hash160(pubkey)])
  533. p2sh_p2wpkh = CScript([OP_HASH160, hash160(p2wpkh), OP_EQUAL])
  534. p2pk = CScript([pubkey, OP_CHECKSIG])
  535. p2pkh = CScript(hex_str_to_bytes(v['scriptPubKey']))
  536. p2sh_p2pk = CScript([OP_HASH160, hash160(p2pk), OP_EQUAL])
  537. p2sh_p2pkh = CScript([OP_HASH160, hash160(p2pkh), OP_EQUAL])
  538. p2wsh_p2pk = CScript([OP_0, sha256(p2pk)])
  539. p2wsh_p2pkh = CScript([OP_0, sha256(p2pkh)])
  540. p2sh_p2wsh_p2pk = CScript([OP_HASH160, hash160(p2wsh_p2pk), OP_EQUAL])
  541. p2sh_p2wsh_p2pkh = CScript([OP_HASH160, hash160(p2wsh_p2pkh), OP_EQUAL])
  542. return [p2wpkh, p2sh_p2wpkh, p2pk, p2pkh, p2sh_p2pk, p2sh_p2pkh, p2wsh_p2pk, p2wsh_p2pkh, p2sh_p2wsh_p2pk, p2sh_p2wsh_p2pkh]
  543. def create_and_mine_tx_from_txids(self, txids, success = True):
  544. tx = CTransaction()
  545. for i in txids:
  546. txtmp = CTransaction()
  547. txraw = self.nodes[0].getrawtransaction(i)
  548. f = BytesIO(hex_str_to_bytes(txraw))
  549. txtmp.deserialize(f)
  550. for j in range(len(txtmp.vout)):
  551. tx.vin.append(CTxIn(COutPoint(int('0x'+i,0), j)))
  552. tx.vout.append(CTxOut(0, CScript()))
  553. tx.rehash()
  554. signresults = self.nodes[0].signrawtransaction(bytes_to_hex_str(tx.serialize_without_witness()))['hex']
  555. self.nodes[0].sendrawtransaction(signresults, True)
  556. self.nodes[0].generate(1)
  557. sync_blocks(self.nodes)
  558. if __name__ == '__main__':
  559. SegWitTest().main()