You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

policy.cpp 6.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180
  1. // Copyright (c) 2009-2010 Satoshi Nakamoto
  2. // Copyright (c) 2009-2015 The Bitcoin developers
  3. // Distributed under the MIT software license, see the accompanying
  4. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  5. // NOTE: This file is intended to be customised by the end user, and includes only local node policy logic
  6. #include "policy/policy.h"
  7. #include "main.h"
  8. #include "tinyformat.h"
  9. #include "util.h"
  10. #include "utilstrencodings.h"
  11. #include <boost/foreach.hpp>
  12. /**
  13. * Check transaction inputs to mitigate two
  14. * potential denial-of-service attacks:
  15. *
  16. * 1. scriptSigs with extra data stuffed into them,
  17. * not consumed by scriptPubKey (or P2SH script)
  18. * 2. P2SH scripts with a crazy number of expensive
  19. * CHECKSIG/CHECKMULTISIG operations
  20. *
  21. * Check transaction inputs, and make sure any
  22. * pay-to-script-hash transactions are evaluating IsStandard scripts
  23. *
  24. * Why bother? To avoid denial-of-service attacks; an attacker
  25. * can submit a standard HASH... OP_EQUAL transaction,
  26. * which will get accepted into blocks. The redemption
  27. * script can be anything; an attacker could use a very
  28. * expensive-to-check-upon-redemption script like:
  29. * DUP CHECKSIG DROP ... repeated 100 times... OP_1
  30. */
  31. bool IsStandard(const CScript& scriptPubKey, txnouttype& whichType)
  32. {
  33. std::vector<std::vector<unsigned char> > vSolutions;
  34. if (!Solver(scriptPubKey, whichType, vSolutions))
  35. return false;
  36. if (whichType == TX_MULTISIG)
  37. {
  38. unsigned char m = vSolutions.front()[0];
  39. unsigned char n = vSolutions.back()[0];
  40. // Support up to x-of-3 multisig txns as standard
  41. if (n < 1 || n > 3)
  42. return false;
  43. if (m < 1 || m > n)
  44. return false;
  45. } else if (whichType == TX_NULL_DATA &&
  46. (!fAcceptDatacarrier || scriptPubKey.size() > nMaxDatacarrierBytes))
  47. return false;
  48. return whichType != TX_NONSTANDARD;
  49. }
  50. bool IsStandardTx(const CTransaction& tx, std::string& reason)
  51. {
  52. if (tx.nVersion > CTransaction::CURRENT_VERSION || tx.nVersion < 1) {
  53. reason = "version";
  54. return false;
  55. }
  56. // Extremely large transactions with lots of inputs can cost the network
  57. // almost as much to process as they cost the sender in fees, because
  58. // computing signature hashes is O(ninputs*txsize). Limiting transactions
  59. // to MAX_STANDARD_TX_SIZE mitigates CPU exhaustion attacks.
  60. unsigned int sz = tx.GetSerializeSize(SER_NETWORK, CTransaction::CURRENT_VERSION);
  61. if (sz >= MAX_STANDARD_TX_SIZE) {
  62. reason = "tx-size";
  63. return false;
  64. }
  65. BOOST_FOREACH(const CTxIn& txin, tx.vin)
  66. {
  67. // Biggest 'standard' txin is a 15-of-15 P2SH multisig with compressed
  68. // keys. (remember the 520 byte limit on redeemScript size) That works
  69. // out to a (15*(33+1))+3=513 byte redeemScript, 513+1+15*(73+1)+3=1627
  70. // bytes of scriptSig, which we round off to 1650 bytes for some minor
  71. // future-proofing. That's also enough to spend a 20-of-20
  72. // CHECKMULTISIG scriptPubKey, though such a scriptPubKey is not
  73. // considered standard)
  74. if (txin.scriptSig.size() > 1650) {
  75. reason = "scriptsig-size";
  76. return false;
  77. }
  78. if (!txin.scriptSig.IsPushOnly()) {
  79. reason = "scriptsig-not-pushonly";
  80. return false;
  81. }
  82. }
  83. unsigned int nDataOut = 0;
  84. txnouttype whichType;
  85. BOOST_FOREACH(const CTxOut& txout, tx.vout) {
  86. if (!::IsStandard(txout.scriptPubKey, whichType)) {
  87. reason = "scriptpubkey";
  88. return false;
  89. }
  90. if (whichType == TX_NULL_DATA)
  91. nDataOut++;
  92. else if ((whichType == TX_MULTISIG) && (!fIsBareMultisigStd)) {
  93. reason = "bare-multisig";
  94. return false;
  95. } else if (txout.IsDust(::minRelayTxFee)) {
  96. reason = "dust";
  97. return false;
  98. }
  99. }
  100. // only one OP_RETURN txout is permitted
  101. if (nDataOut > 1) {
  102. reason = "multi-op-return";
  103. return false;
  104. }
  105. return true;
  106. }
  107. bool AreInputsStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs)
  108. {
  109. if (tx.IsCoinBase())
  110. return true; // Coinbases don't use vin normally
  111. for (unsigned int i = 0; i < tx.vin.size(); i++)
  112. {
  113. const CTxOut& prev = mapInputs.GetOutputFor(tx.vin[i]);
  114. std::vector<std::vector<unsigned char> > vSolutions;
  115. txnouttype whichType;
  116. // get the scriptPubKey corresponding to this input:
  117. const CScript& prevScript = prev.scriptPubKey;
  118. if (!Solver(prevScript, whichType, vSolutions))
  119. return false;
  120. int nArgsExpected = ScriptSigArgsExpected(whichType, vSolutions);
  121. if (nArgsExpected < 0)
  122. return false;
  123. // Transactions with extra stuff in their scriptSigs are
  124. // non-standard. Note that this EvalScript() call will
  125. // be quick, because if there are any operations
  126. // beside "push data" in the scriptSig
  127. // IsStandardTx() will have already returned false
  128. // and this method isn't called.
  129. std::vector<std::vector<unsigned char> > stack;
  130. if (!EvalScript(stack, tx.vin[i].scriptSig, SCRIPT_VERIFY_NONE, BaseSignatureChecker()))
  131. return false;
  132. if (whichType == TX_SCRIPTHASH)
  133. {
  134. if (stack.empty())
  135. return false;
  136. CScript subscript(stack.back().begin(), stack.back().end());
  137. std::vector<std::vector<unsigned char> > vSolutions2;
  138. txnouttype whichType2;
  139. if (Solver(subscript, whichType2, vSolutions2))
  140. {
  141. int tmpExpected = ScriptSigArgsExpected(whichType2, vSolutions2);
  142. if (tmpExpected < 0)
  143. return false;
  144. nArgsExpected += tmpExpected;
  145. }
  146. else
  147. {
  148. // Any other Script with less than 15 sigops OK:
  149. unsigned int sigops = subscript.GetSigOpCount(true);
  150. // ... extra data left on the stack after execution is OK, too:
  151. return (sigops <= MAX_P2SH_SIGOPS);
  152. }
  153. }
  154. if (stack.size() != (unsigned int)nArgsExpected)
  155. return false;
  156. }
  157. return true;
  158. }