Taproot :) #16687

elichai commented at 9:19 PM on August 22, 2019: contributor

Sorry. was opened in mistake.

Squashed 'src/secp256k1/' changes from b19c00006..e729cc7f5

e729cc7f5 Merge #657: Fix a nit in the recovery tests
b64a2e259 Fix a nit in the recovery tests
e028aa33d Merge #650: secp256k1/src/tests.c:  Properly handle sscanf return value
f1e11d363 Merge #654: Fix typo (∞)
ef83281c3 Merge pull request #656 from real-or-random/patch-1
556caad2c Fix typo in docs for _context_set_illegal_callback
786dfb49f Merge #583: JNI: fix use sig array
e95f8ab09 Merge #644: Avoid optimizing out a verify_check
384f55606 Merge #652: README.md: update instruction to run tests
ee56accd4 Merge #651: Fix typo in secp256k1_preallocated.h
7b9b11723 Merge #640: scalar_impl.h: fix includes
d99bec2e2 Merge #655: jni: Use only Guava for hex encoding and decoding
2abcf951a jni: Use only Guava for hex encoding and decoding
271582b3b Fix typo
ce6d43826 README.md: update instruction to run tests
b1e68cb8e Fix typo in secp256k1_preallocated.h
a11c76c59 secp256k1/src/tests.c:  Properly handle sscanf return value
94ae7cbf8 Moved a dereference so the null check will be before the dereferencing
2cb73b106 scalar_impl.h: fix includes
fa3301713 Merge #634: Add a descriptive comment for secp256k1_ecmult_const.
ee9e68cd3 Add a descriptive comment for secp256k1_ecmult_const.
d0d738d32 Merge #631: typo in comment for secp256k1_ec_pubkey_tweak_mul ()
6914c2527 typo in comment for secp256k1_ec_pubkey_tweak_mul ()
e541a90ef Merge #629: Avoid calling _is_zero when _set_b32 fails.
f34b0c3f3 Merge #630: Note intention of timing sidechannel freeness.
8d1563b0f Note intention of timing sidechannel freeness.
1669bb286 Merge #628: Fix ability to compile tests without -DVERIFY.
ecc94abcc Merge #627: Guard memcmp in tests against mixed size inputs.
544435fc9 Merge #578: Avoid implementation-defined and undefined behavior when dealing with sizes
143dc6e9e Merge #595: Allow to use external default callbacks
e49f7991c Add missing #(un)defines to base-config.h
77defd2c3 Add secp256k1_ prefix to default callback functions
908bdce64 Include stdio.h and stdlib.h explicitly in secp256k1.c
5db782e65 Allow usage of external default callbacks
6095a863f Replace CHECKs for no_precomp ctx by ARG_CHECKs without a return
cd473e02c Avoid calling secp256k1_*_is_zero when secp256k1_*_set_b32 fails.
6c36de7a3 Merge #600: scratch space: use single allocation
98836b11f scratch: replace frames with "checkpoint" system
7623cf2b9 scratch: save a couple bytes of unnecessarily-allocated memory
a7a164f2c scratch: rename `max_size` to `size`, document that extra will actually be allocated
5a4bc0bb9 scratch: unify allocations
c2b028a28 scratch space: thread `error_callback` into all scratch space functions
0be1a4ae6 scratch: add magic bytes to beginning of structure
92a48a764 scratch space: use single allocation
40839e21b Merge #592: Use trivial algorithm in ecmult_multi if scratch space is small
dcf392027 Fix ability to compile tests without -DVERIFY.
a484e0008 Merge #566: Enable context creation in preallocated memory
0522caac8 Explain caller's obligations for preallocated memory
238305fdb Move _preallocated functions to separate header
695feb6fb Export _preallocated functions
814cc78d7 Add tests for contexts in preallocated memory
ba12dd08d Check arguments of _preallocated functions
5feadde46 Support cloning a context into preallocated memory
c4fd5dab4 Switch to a single malloc call
ef020de16 Add size constants for preallocated memory
1bf7c056b Prepare for manual memory management in preallocated memory
248bffb05 Guard memcmp in tests against mixed size inputs.
36698dcfe Merge #596: Make WINDOW_G configurable
a61a93ff5 Clean up ./configure help strings
2842dc523 Make WINDOW_G configurable
1a02d6ce5 Merge #626: Revert "Merge #620: Install headers automatically"
662918cb2 Revert "Merge #620: Install headers automatically"
14c7dbd44 Simplify control flow in DER parsing
ec8f20bab Avoid out-of-bound pointers and integer overflows in size comparisons
01ee1b3b3 Parse DER-enconded length into a size_t instead of an int
912680ed8 Merge #561: Respect LDFLAGS and #undef STATIC_PRECOMPUTATION if using basic config
91fae3ace Merge #620: Install headers automatically
5df77a0ed Merge #533: Make sure we're not using an uninitialized variable in secp256k1_wnaf_const(...)
975e51e0d Merge #617: Pass scalar by reference in secp256k1_wnaf_const()
735fbde04 Merge #619: Clear a copied secret key after negation
16e86150d Install headers automatically
069870d92 Clear a copied secret key after negation
8979ec0d9 Pass scalar by reference in secp256k1_wnaf_const()
84a808598 Merge #612: Allow field_10x26_arm.s to compile for ARMv7 architecture
d4d270a59 Allow field_10x26_arm.s to compile for ARMv7 architecture
248f04661 Make sure we're not using an uninitialized variable in secp256k1_wnaf_const(...)
9ab96f7b1 Use trivial algorithm in ecmult_multi if scratch space is small
dbed75d96 Undefine `STATIC_PRECOMPUTATION` if using the basic config
310111e09 Keep LDFLAGS if `--coverage`
74e2dbd68 JNI: fix use sig array
3cb057f84 Fix possible integer overflow in DER parsing

git-subtree-dir: src/secp256k1
git-subtree-split: e729cc7f5a76cb20cbe2317e8e8dad3e422740a0

461acf5c6c

Merge commit '461acf5c6c39610c55988eed7a50922aed732ded' into taproot-rebase-52b9797 78fb58d0b5

Squashed 'src/secp256k1/' changes from e729cc7f5..a228e2f54

a228e2f54 Add schnorrsig module which implements BIP-schnorr [0] compatible signing, verification and batch verification.
f129809a6 add chacha20 function
REVERT: e729cc7f5 Merge #657: Fix a nit in the recovery tests
REVERT: b64a2e259 Fix a nit in the recovery tests
REVERT: e028aa33d Merge #650: secp256k1/src/tests.c:  Properly handle sscanf return value
REVERT: f1e11d363 Merge #654: Fix typo (∞)
REVERT: ef83281c3 Merge pull request #656 from real-or-random/patch-1
REVERT: 556caad2c Fix typo in docs for _context_set_illegal_callback
REVERT: 786dfb49f Merge #583: JNI: fix use sig array
REVERT: e95f8ab09 Merge #644: Avoid optimizing out a verify_check
REVERT: 384f55606 Merge #652: README.md: update instruction to run tests
REVERT: ee56accd4 Merge #651: Fix typo in secp256k1_preallocated.h
REVERT: 7b9b11723 Merge #640: scalar_impl.h: fix includes
REVERT: d99bec2e2 Merge #655: jni: Use only Guava for hex encoding and decoding
REVERT: 2abcf951a jni: Use only Guava for hex encoding and decoding
REVERT: 271582b3b Fix typo
REVERT: ce6d43826 README.md: update instruction to run tests
REVERT: b1e68cb8e Fix typo in secp256k1_preallocated.h
REVERT: a11c76c59 secp256k1/src/tests.c:  Properly handle sscanf return value
REVERT: 94ae7cbf8 Moved a dereference so the null check will be before the dereferencing
REVERT: 2cb73b106 scalar_impl.h: fix includes
REVERT: fa3301713 Merge #634: Add a descriptive comment for secp256k1_ecmult_const.
REVERT: ee9e68cd3 Add a descriptive comment for secp256k1_ecmult_const.
REVERT: d0d738d32 Merge #631: typo in comment for secp256k1_ec_pubkey_tweak_mul ()
REVERT: 6914c2527 typo in comment for secp256k1_ec_pubkey_tweak_mul ()
REVERT: 74e2dbd68 JNI: fix use sig array

git-subtree-dir: src/secp256k1
git-subtree-split: a228e2f54d64692230ccb2937b12dd746c5157ed

69b0efd59f

Merge commit '69b0efd59feca9b50412d090c16e06bc7a244e6d' into taproot-rebase-52b9797 659d36fb0e

Initialize PrecomputedTransactionData in CheckInputs badc6e2c1a

Keep spent outputs in PrecomputedTransactionData during validation 958acfa3e3

Make PrecomputedTransactionData compatible with taproot sighash 63f7c9b716

Support for Schnorr signatures in pubkey and SignatureCheckers e3d0b066e3

Implement Taproot signature validation

* Integration into CheckSig by Pieter Wuille.

15750103df

Taproot validation

This includes key path spending and script path spending, but not the
Tapscript execution implementation.

4673a65062

Add ScriptExecutionData struct that encapsulates scriptCode a17aab2547

Use ScriptExecutionData to pass through annex hash 686fd712c1

Tapscript ebcfe35841

Indent the legacy branch in CHECKSIG interpreter code correctly be0cf6cc0d

Taproot policy change 906bc45463

Activate taproot on regtest 912753ca71

[TESTS] Tests for Taproot/Schnorr/Tapscript

Includes sighashing code and many tests by Johnson Lau.

00708a2029

in src/script/script.h:598 in 00708a2029

 594 | @@ -583,4 +595,15 @@ struct CScriptWitness
 595 |      std::string ToString() const;
 596 |  };
 597 |  
 598 | +class CReserveScript

jnewbery commented at 9:22 PM on August 22, 2019:

You've accidentally reintroduced this in ebcfe3584199f281f825625dcadef8535dece536

elichai commented at 10:02 PM on August 22, 2019:

What do you mean? isn't https://github.com/bitcoin/bitcoin/commit/ebcfe3584199f281f825625dcadef8535dece536 the only thing where this exists?

in src/script/interpreter.cpp:947 in 00708a2029

 958 | -                        return false;
 959 | -                    }
 960 | -                    bool fSuccess = checker.CheckSig(vchSig, vchPubKey, scriptCode, sigversion);
 961 | +                        // Drop the signature in pre-segwit scripts but not segwit scripts
 962 | +                        if (sigversion == SigVersion::BASE) {
 963 | +                            int found = FindAndDelete(execdata.m_scriptcode,  CScript() << vchSig);

jnewbery commented at 9:24 PM on August 22, 2019:

nit: double space before CScript

in src/validation.cpp:1702 in 00708a2029

1694 | @@ -1689,6 +1695,11 @@ static unsigned int GetBlockScriptFlags(const CBlockIndex* pindex, const Consens
1695 |          flags |= SCRIPT_VERIFY_CHECKSEQUENCEVERIFY;
1696 |      }
1697 |  
1698 | +    // Start enforcing Taproot using versionbits logic.
1699 | +    if (VersionBitsState(pindex->pprev, consensusparams, Consensus::DEPLOYMENT_TAPROOT, versionbitscache) == ThresholdState::ACTIVE) {
1700 | +        flags |= SCRIPT_VERIFY_TAPROOT;
1701 | +    }
1702 | +

jnewbery commented at 9:27 PM on August 22, 2019:

nit: trailing whitespace

jnewbery commented at 9:32 PM on August 22, 2019: member

opened in error. Should have been on a different repo

jnewbery closed this on Aug 22, 2019

MarcoFalke locked this on Dec 16, 2021