Why is OP_CHECKLOCKTIMEVERIFY using a signed value? #7275

issue ciyam opened this issue on January 3, 2016
  1. ciyam commented at 3:36 PM on January 3, 2016: none

    I was able to successfully create a "regtest" CLTV redeem script for a P2SH address using the block number 0x7f but if I change it to 0xff (which I thought should be block 255) it won't work (giving me a "Negative locktime" error).

    As nLockTime is unsigned I don't understand why the op code is reading a signed value and testing for it being negative.

    Did I miss something?

  2. sipa commented at 3:38 PM on January 3, 2016: member

    In Bitcoin Script, all numbers are signed, and CLTV uses the existing mechanism.

  3. ciyam commented at 3:38 PM on January 3, 2016: none

    then how to check for block 255?

  4. ciyam commented at 3:39 PM on January 3, 2016: none

    (if I use 0x02ff00 it won't work)

  5. ciyam commented at 3:39 PM on January 3, 2016: none

    (as it thinks I am adding zeroes when I shouldn't)

  6. sipa commented at 3:42 PM on January 3, 2016: member

    What error do you get, exactly?

  7. ciyam commented at 3:43 PM on January 3, 2016: none

    Negative locktime

  8. sipa commented at 3:44 PM on January 3, 2016: member

    What error do you get when pushing FF 00?

  9. ciyam commented at 3:44 PM on January 3, 2016: none

    SCRIPT_ERR_NEGATIVE_LOCKTIME

  10. ciyam commented at 3:44 PM on January 3, 2016: none

    oh - no error

  11. ciyam commented at 3:44 PM on January 3, 2016: none

    but doesn't work

  12. ciyam commented at 3:45 PM on January 3, 2016: none

    error: {"code":-26,"message":"64: non-mandatory-script-verify-flag (No error)"}

  13. ciyam commented at 3:46 PM on January 3, 2016: none

    (so literally it told me "No error") as the error :D

  14. sipa commented at 3:47 PM on January 3, 2016: member

    Nice catch, that's a bug in the reporting. I'll fix that.

  15. ciyam commented at 3:48 PM on January 3, 2016: none

    so - how should I redeem with block 255? use 0x02ff00 or something else?

  16. ciyam commented at 3:49 PM on January 3, 2016: none

    btw - you can't send "coinbase' to P2SH using regtest either

  17. ciyam commented at 3:50 PM on January 3, 2016: none

    (it screws up the sigScriptPub)

  18. sipa commented at 3:51 PM on January 3, 2016: member

    One issue at a time please.

    0xFF00 is indeed how you'd encode 255.

  19. ciyam commented at 3:52 PM on January 3, 2016: none

    thanks - I can create another issue for the other problem - should I do that?

  20. sipa commented at 3:54 PM on January 3, 2016: member

    Yes.

    See https://github.com/bitcoin/bitcoin/pull/7276/files

  21. ciyam commented at 4:45 PM on January 3, 2016: none

    Will this work correctly with 3 byte blocks also? (such as 0x03ffff00) (am not sure exactly what your change does but noticed the change was from check to check2)

  22. luke-jr commented at 5:27 PM on January 3, 2016: member

    @ciyam @sipa's change seems to fix the bug where you got "No error" rather than the actual error message. Please redo your test with his patch and report what the real error is.

  23. ciyam commented at 5:29 PM on January 3, 2016: none

    Actually I think you are right - and I assume that the "Negative locktime" error will still happen. (I am not actually currently able to use anything other than a released version of Bitcoin though)

  24. ciyam commented at 5:32 PM on January 3, 2016: none

    the relevant code in "interpreter.cpp" is this: // In the rare event that the argument may be < 0 due to // some arithmetic being done first, you can always use // 0 MAX CHECKLOCKTIMEVERIFY. if (nLockTime < 0) return set_error(serror, SCRIPT_ERR_NEGATIVE_LOCKTIME); (the comment is interesting as it seems to indicate there is some way to handle the negative values)

  25. sipa commented at 5:37 PM on January 3, 2016: member

    @ciyam If you pass in a negative number (0x01FF is negative 127), you will get an error about a negative number.

    It would be nice if you can redo your test with #7276 merged (that should fix the "No error" reporting when there is a clear failure nonetheless).

  26. ciyam commented at 5:42 PM on January 3, 2016: none

    Unfortunately I don't have the time to set up an environment for doing testing with Bitcoin but hopefully others that are playing around with the new OP_CHECKLOCKTIMEVERIFY will. I think the issue is easily enough repeated for others to show.

  27. ciyam commented at 5:57 PM on January 3, 2016: none

    If the rule is that all stack values for Bitcoin scripts are "signed" then I guess there is perhaps a fundamental problem here (as nLockTime is unsigned).

  28. sipa commented at 5:58 PM on January 3, 2016: member

    @ciyam You are confusing two things. The fact that all script numbers are signed does not prevent you from creating values that are in range for CLTV. In fact, the input numbers to CLTV can be up to 5 bytes (instead of 4) to account for exactly that.

  29. ciyam commented at 6:05 PM on January 3, 2016: none

    okay - but does your change allow for 5 bytes? (if it does then I guess the problem is resolved) clearly we need it to work for: 0x017f, 0x02ff00 and 0x03ffff00 at the very least

  30. jonasschnelli added the label Bug on Jan 3, 2016
  31. sipa commented at 7:30 PM on January 3, 2016: member

    My change? The patch I'm linking to just fixes a bug so it stops reporting "No error" but reports the actual error.

  32. laanwj commented at 10:01 AM on January 8, 2016: member

    Closed by #7276

  33. laanwj closed this on Jan 8, 2016
  34. MarcoFalke locked this on Sep 8, 2021
Contributors
ciyamsipaluke-jrlaanwj
Labels
Bug
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 21:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me