You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

policy.cpp 9.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261
  1. // Copyright (c) 2009-2010 Satoshi Nakamoto
  2. // Copyright (c) 2009-2016 The Starwels developers
  3. // Distributed under the MIT software license, see the accompanying
  4. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  5. // NOTE: This file is intended to be customised by the end user, and includes only local node policy logic
  6. #include "policy/policy.h"
  7. #include "consensus/validation.h"
  8. #include "validation.h"
  9. #include "coins.h"
  10. #include "tinyformat.h"
  11. #include "util.h"
  12. #include "utilstrencodings.h"
  13. CAmount GetDustThreshold(const CTxOut& txout, const CFeeRate& dustRelayFeeIn)
  14. {
  15. // "Dust" is defined in terms of dustRelayFee,
  16. // which has units satoshis-per-kilobyte.
  17. // If you'd pay more in fees than the value of the output
  18. // to spend something, then we consider it dust.
  19. // A typical spendable non-segwit txout is 34 bytes big, and will
  20. // need a CTxIn of at least 148 bytes to spend:
  21. // so dust is a spendable txout less than
  22. // 182*dustRelayFee/1000 (in satoshis).
  23. // 546 satoshis at the default rate of 3000 sat/kB.
  24. // A typical spendable segwit txout is 31 bytes big, and will
  25. // need a CTxIn of at least 67 bytes to spend:
  26. // so dust is a spendable txout less than
  27. // 98*dustRelayFee/1000 (in satoshis).
  28. // 294 satoshis at the default rate of 3000 sat/kB.
  29. if (txout.scriptPubKey.IsUnspendable())
  30. return 0;
  31. size_t nSize = GetSerializeSize(txout, SER_DISK, 0);
  32. int witnessversion = 0;
  33. std::vector<unsigned char> witnessprogram;
  34. if (txout.scriptPubKey.IsWitnessProgram(witnessversion, witnessprogram)) {
  35. // sum the sizes of the parts of a transaction input
  36. // with 75% segwit discount applied to the script size.
  37. nSize += (32 + 4 + 1 + (107 / WITNESS_SCALE_FACTOR) + 4);
  38. } else {
  39. nSize += (32 + 4 + 1 + 107 + 4); // the 148 mentioned above
  40. }
  41. return dustRelayFeeIn.GetFee(nSize);
  42. }
  43. bool IsDust(const CTxOut& txout, const CFeeRate& dustRelayFeeIn)
  44. {
  45. return (txout.nValue < GetDustThreshold(txout, dustRelayFeeIn));
  46. }
  47. /**
  48. * Check transaction inputs to mitigate two
  49. * potential denial-of-service attacks:
  50. *
  51. * 1. scriptSigs with extra data stuffed into them,
  52. * not consumed by scriptPubKey (or P2SH script)
  53. * 2. P2SH scripts with a crazy number of expensive
  54. * CHECKSIG/CHECKMULTISIG operations
  55. *
  56. * Why bother? To avoid denial-of-service attacks; an attacker
  57. * can submit a standard HASH... OP_EQUAL transaction,
  58. * which will get accepted into blocks. The redemption
  59. * script can be anything; an attacker could use a very
  60. * expensive-to-check-upon-redemption script like:
  61. * DUP CHECKSIG DROP ... repeated 100 times... OP_1
  62. */
  63. bool IsStandard(const CScript& scriptPubKey, txnouttype& whichType, const bool witnessEnabled)
  64. {
  65. std::vector<std::vector<unsigned char> > vSolutions;
  66. if (!Solver(scriptPubKey, whichType, vSolutions))
  67. return false;
  68. if (whichType == TX_MULTISIG)
  69. {
  70. unsigned char m = vSolutions.front()[0];
  71. unsigned char n = vSolutions.back()[0];
  72. // Support up to x-of-3 multisig txns as standard
  73. if (n < 1 || n > 3)
  74. return false;
  75. if (m < 1 || m > n)
  76. return false;
  77. } else if (whichType == TX_NULL_DATA &&
  78. (!fAcceptDatacarrier || scriptPubKey.size() > nMaxDatacarrierBytes))
  79. return false;
  80. else if (!witnessEnabled && (whichType == TX_WITNESS_V0_KEYHASH || whichType == TX_WITNESS_V0_SCRIPTHASH))
  81. return false;
  82. return whichType != TX_NONSTANDARD;
  83. }
  84. bool IsStandardTx(const CTransaction& tx, std::string& reason, const bool witnessEnabled)
  85. {
  86. if (tx.nVersion > CTransaction::MAX_STANDARD_VERSION || tx.nVersion < 1) {
  87. reason = "version";
  88. return false;
  89. }
  90. // Extremely large transactions with lots of inputs can cost the network
  91. // almost as much to process as they cost the sender in fees, because
  92. // computing signature hashes is O(ninputs*txsize). Limiting transactions
  93. // to MAX_STANDARD_TX_WEIGHT mitigates CPU exhaustion attacks.
  94. unsigned int sz = GetTransactionWeight(tx);
  95. if (sz >= MAX_STANDARD_TX_WEIGHT) {
  96. reason = "tx-size";
  97. return false;
  98. }
  99. for (const CTxIn& txin : tx.vin)
  100. {
  101. // Biggest 'standard' txin is a 15-of-15 P2SH multisig with compressed
  102. // keys (remember the 520 byte limit on redeemScript size). That works
  103. // out to a (15*(33+1))+3=513 byte redeemScript, 513+1+15*(73+1)+3=1627
  104. // bytes of scriptSig, which we round off to 1650 bytes for some minor
  105. // future-proofing. That's also enough to spend a 20-of-20
  106. // CHECKMULTISIG scriptPubKey, though such a scriptPubKey is not
  107. // considered standard.
  108. if (txin.scriptSig.size() > 1650) {
  109. reason = "scriptsig-size";
  110. return false;
  111. }
  112. if (!txin.scriptSig.IsPushOnly()) {
  113. reason = "scriptsig-not-pushonly";
  114. return false;
  115. }
  116. }
  117. unsigned int nDataOut = 0;
  118. txnouttype whichType;
  119. for (const CTxOut& txout : tx.vout) {
  120. if (!::IsStandard(txout.scriptPubKey, whichType, witnessEnabled)) {
  121. reason = "scriptpubkey";
  122. return false;
  123. }
  124. if (whichType == TX_NULL_DATA)
  125. nDataOut++;
  126. else if ((whichType == TX_MULTISIG) && (!fIsBareMultisigStd)) {
  127. reason = "bare-multisig";
  128. return false;
  129. } else if (IsDust(txout, ::dustRelayFee)) {
  130. reason = "dust";
  131. return false;
  132. }
  133. }
  134. // only one OP_RETURN txout is permitted
  135. if (nDataOut > 1) {
  136. reason = "multi-op-return";
  137. return false;
  138. }
  139. return true;
  140. }
  141. bool AreInputsStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
  142. {
  143. if (tx.IsCoinBase())
  144. return true; // Coinbases don't use vin normally
  145. for (unsigned int i = 0; i < tx.vin.size(); i++)
  146. {
  147. const CTxOut& prev = mapInputs.AccessCoin(tx.vin[i].prevout).out;
  148. std::vector<std::vector<unsigned char> > vSolutions;
  149. txnouttype whichType;
  150. // get the scriptPubKey corresponding to this input:
  151. const CScript& prevScript = prev.scriptPubKey;
  152. if (!Solver(prevScript, whichType, vSolutions))
  153. return false;
  154. if (whichType == TX_SCRIPTHASH)
  155. {
  156. std::vector<std::vector<unsigned char> > stack;
  157. // convert the scriptSig into a stack, so we can inspect the redeemScript
  158. if (!EvalScript(stack, tx.vin[i].scriptSig, SCRIPT_VERIFY_NONE, BaseSignatureChecker(), SIGVERSION_BASE))
  159. return false;
  160. if (stack.empty())
  161. return false;
  162. CScript subscript(stack.back().begin(), stack.back().end());
  163. if (subscript.GetSigOpCount(true) > MAX_P2SH_SIGOPS) {
  164. return false;
  165. }
  166. }
  167. }
  168. return true;
  169. }
  170. bool IsWitnessStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
  171. {
  172. if (tx.IsCoinBase())
  173. return true; // Coinbases are skipped
  174. for (unsigned int i = 0; i < tx.vin.size(); i++)
  175. {
  176. // We don't care if witness for this input is empty, since it must not be bloated.
  177. // If the script is invalid without witness, it would be caught sooner or later during validation.
  178. if (tx.vin[i].scriptWitness.IsNull())
  179. continue;
  180. const CTxOut &prev = mapInputs.AccessCoin(tx.vin[i].prevout).out;
  181. // get the scriptPubKey corresponding to this input:
  182. CScript prevScript = prev.scriptPubKey;
  183. if (prevScript.IsPayToScriptHash()) {
  184. std::vector <std::vector<unsigned char> > stack;
  185. // If the scriptPubKey is P2SH, we try to extract the redeemScript casually by converting the scriptSig
  186. // into a stack. We do not check IsPushOnly nor compare the hash as these will be done later anyway.
  187. // If the check fails at this stage, we know that this txid must be a bad one.
  188. if (!EvalScript(stack, tx.vin[i].scriptSig, SCRIPT_VERIFY_NONE, BaseSignatureChecker(), SIGVERSION_BASE))
  189. return false;
  190. if (stack.empty())
  191. return false;
  192. prevScript = CScript(stack.back().begin(), stack.back().end());
  193. }
  194. int witnessversion = 0;
  195. std::vector<unsigned char> witnessprogram;
  196. // Non-witness program must not be associated with any witness
  197. if (!prevScript.IsWitnessProgram(witnessversion, witnessprogram))
  198. return false;
  199. // Check P2WSH standard limits
  200. if (witnessversion == 0 && witnessprogram.size() == 32) {
  201. if (tx.vin[i].scriptWitness.stack.back().size() > MAX_STANDARD_P2WSH_SCRIPT_SIZE)
  202. return false;
  203. size_t sizeWitnessStack = tx.vin[i].scriptWitness.stack.size() - 1;
  204. if (sizeWitnessStack > MAX_STANDARD_P2WSH_STACK_ITEMS)
  205. return false;
  206. for (unsigned int j = 0; j < sizeWitnessStack; j++) {
  207. if (tx.vin[i].scriptWitness.stack[j].size() > MAX_STANDARD_P2WSH_STACK_ITEM_SIZE)
  208. return false;
  209. }
  210. }
  211. }
  212. return true;
  213. }
  214. CFeeRate incrementalRelayFee = CFeeRate(DEFAULT_INCREMENTAL_RELAY_FEE);
  215. CFeeRate dustRelayFee = CFeeRate(DUST_RELAY_TX_FEE);
  216. unsigned int nBytesPerSigOp = DEFAULT_BYTES_PER_SIGOP;
  217. int64_t GetVirtualTransactionSize(int64_t nWeight, int64_t nSigOpCost)
  218. {
  219. return (std::max(nWeight, nSigOpCost * nBytesPerSigOp) + WITNESS_SCALE_FACTOR - 1) / WITNESS_SCALE_FACTOR;
  220. }
  221. int64_t GetVirtualTransactionSize(const CTransaction& tx, int64_t nSigOpCost)
  222. {
  223. return GetVirtualTransactionSize(GetTransactionWeight(tx), nSigOpCost);
  224. }