I'm not sure why we do not use consensus encoding currently for encoding
and decoding scripts to/from hex strings. Many tests include hard coded
hex which do not include the length prefix.
- Add a pair of encoding functions to encode/decode to/from hex without
the length prefix.
- Make `to_hex` and `from_hex` expect the length prefix i.e., use
consensus encoding.
This makes the API easier to use because the various encoding APIs can
be use together now eg `consensus::encode_hex` and `ScriptBuf::from_hex`.
8eeceed450 test: extend `valid_v1_witness_programs` test to include P2A (Luis Schwab)
647526dd1d chore: fix docs for `impl WitnessProgram` and P2A (Luis Schwab)
Pull request description:
Closes#4124.
This PR fixes documentation on `impl WitnessProgram` by replacing instances of `address` to `[WitnessProgram]`, adds punctuation and capitalization where it was lacking and extends the `valid_v1_witness_programs` test to include the P2A output.
ACKs for top commit:
Kixunil:
ACK 8eeceed450
apoelstra:
ACK 8eeceed450f7414c8a286a9e47b6f04b652b18ef; successfully ran local tests
Tree-SHA512: 6e62a8de7135da04d6330d2b5596a2cd19da8a849f8c8c892f53578a8690152b23facf58149d4139ae088f1ab297d3526094617c3549e688819e9b1f3688de8b
afd4ec8c5e test: push minimality check for zero(empty) (ChrisCho-H)
Pull request description:
Following https://github.com/rust-bitcoin/rust-bitcoin/pull/4368.
I omitted to test OP_0(empty bytes) and can be covered by this PR.
ACKs for top commit:
apoelstra:
ACK afd4ec8c5e345a1df5abc46076c843e96a226b77; successfully ran local tests
Tree-SHA512: a3643227f9dfde71d5c5707bf11804e0e26eff43346c0443abdd805f0ffad284c3090e22a0bda34e54e1185a980adc7511724db401c04b55a8be79d67a3fce6d
d6296cd3d1 Remove usage of hex::test_hex_unwrap (Tobin C. Harding)
37035e20e8 Simplify and improve transaction benchmarks (Tobin C. Harding)
Pull request description:
We have the `hex_lit` dependency for converting a hex string literal to an array.
Currently we have a `test_hex_unwrap` macro in the `hex v0.3.0` release but not on either `master`
or the upcoming `v1.0.0-alpha.0` release. This is making PRs around releasing and depending on the
release more noisy than required.
Introduce a `test_hex_unwrap` macro in internals for usage when the input is not a string literal.
Use `hex_lit::hex` where possible (often needing an additional call to
ACKs for top commit:
apoelstra:
ACK d6296cd3d1989cf28d67a5329ad60da4f814ba92; successfully ran local tests
Kixunil:
ACK d6296cd3d1
Tree-SHA512: eab3573f6b7fee408ae11821b77e56cbaddf7cc4540bdc31ed7ef9eb3f25987f50e484f1553aaaa9709367e614eb77ed36250875d0faf5a51ab3fe709d4d4054
There was and inconsistent usage of `#`, `##` and `###` in rustdoc
headings. The difference in the rendered rustdocs is a minimal font
size change.
Change all headings to be H1 `#`.
Change all subheadings to be `###` to have a noticeable difference in
font size in the rendered docs.
2b37583ca5 test: add test for push slice minimal (ChrisCho-H)
Pull request description:
Following https://github.com/rust-bitcoin/rust-bitcoin/pull/4322.
Test `push_slice` and `push_slice_nom_minimal` from OP_1...OP_16 and OP_1NEGATE.
ACKs for top commit:
apoelstra:
ACK 2b37583ca55195965ce2f129d75a1fc114d8b5f6; successfully ran local tests
Tree-SHA512: 6d8e96d522d317d7ede2f1bc133050d98ccbc1816c59fe3589003de249828367314f751d3a75d6b58b0c90b1b735f85650c0d7acebaf5da21a38fb651ab4177d
f6105ea417 Use InputWeightPrediction to calculate effective_value (yancy)
Pull request description:
closes: https://github.com/rust-bitcoin/rust-bitcoin/issues/2455
Also, what about moving `effective_value` to `InputWeightPrediction`?
Marking as a draft until we can add api changes again.
ACKs for top commit:
apoelstra:
ACK f6105ea4171a85ce21443d7eb76b7aa9cadab53a; successfully ran local tests; yeah, this API does look nicer
Kixunil:
ACK f6105ea417
Tree-SHA512: 20592e49cb93343b1aefa340c3c870e2e21c747711da68a6aa57342f59ff2981c30e9c91de7eab32bcd11da33f040f9df62008db991d93b549079f91a6908055
354e1e42ad fix: enforce minimal push for push_slice (ChrisCho-H)
Pull request description:
Currently `push_slice` doesn't check the standard minimal push rule, which could result in possible money loss(e.g. if non minimal push is used in output script of p2wsh or p2tr).
Introduce `push_slice_non_minimal` to provide the way to push as now, and change `push_slice` logic to follow standard minimal push rule.
99a4ddf5ab/src/script/script.cpp (L366)
ACKs for top commit:
tcharding:
ACK 354e1e42ad
apoelstra:
ACK 354e1e42ad98c7968827d03be563bc14d764a983; successfully ran local tests
Tree-SHA512: 01f53dbd2a1a3c9a9e4387f0aaa7801f9c4570996054503a38d09ed1646ab65a3249d227adcf4139ac37a111d795e6cf986c4c273d5660c20820d1b36ba46f57
d0e1cd72fe chore: Fix the typos in the comments and variables (dufucun)
Pull request description:
Fix the typos in the comments and variables
ACKs for top commit:
apoelstra:
ACK d0e1cd72fec87276034476f1f28c62124cf63c25; successfully ran local tests
Tree-SHA512: 267d2b6b47e5a4f9466507e9dceb62ce94c848b3edefee65b85c3ce31560d1be880ef1c03ffd7dac54198f1f470695b70e06a505f91174f2990639bc20bf86e4
0498f7b7b7 Remove Option return from `minimal_non_dust` (jrakibi)
Pull request description:
Closes#4221
This removes the `Option` return type from `minimal_non_dust
Overflow is only possible in 2 cases:
- `dust_relay_fee` would need to be excessively high
- script size would have to exceed ~6.15 × 10¹⁵ bytes (≈ 6 petabytes)
we now panic with the same message we had before in cf12ba262a/bitcoin/src/blockdata/script/borrowed.rs (L412)
ACKs for top commit:
tcharding:
ACK 0498f7b7b7
apoelstra:
ACK 0498f7b7b7d43cc015d6788efe826df25d6156a5; successfully ran local tests
Tree-SHA512: 826a5d4ebb9c237cdd261f7d8b25fb2118cfba7d79b031839a619e12c440cbd34bbf830ffe513c104ef34e8ae50320e314c736a55be9ba7a82ae50f6022b9cf0
we replace Option<Amount> return type with Amount in minimal_non_dust
- Use `.expect("dust_relay_fee or script length should not be absurdly large")` to handle overflow from .checked_mul()
`.expect()` is only triggered if the value calculateed overflows u64
such an overflow would require a script size exceeding ~6.15 petabytes
We have the `hex_lit` dependency for converting a hex string literal
to an array.
Currently we have a `test_hex_unwrap` macro in the `hex v0.3.0` release
but not on either `master` or the upcoming `v1.0.0-alpha.0` release.
This is making PRs around releasing and depending on the release more
noisy than required.
Use `hex_lit::hex` where possible (often needing an additional call to
`to_vec()`) and where not possible use `Vec::from_hex`.
We can use `deserialize_hex` when outside of the actual benchmark code
to simplify the functions.
Also add an additional test that benchmarks `deserialize_hex`.
InputWeightPrediction can be used to determine the weight needed
to calculate the effective_value. This simplifies the process for api
consumers by allowing an easier interface with which to use to predict
the weight. Prior to this change, it was required to manually calculate
the predicted weight for whichever input type was to be used.
ebaf162a96 Add push_relative_lock_time() and deprecate push_sequence() (Erick Cestari)
Pull request description:
This pr improves the script builder API to better align with Bitcoin semantics when working with relative timelocks:
- Add `push_relative_lock_time()` method that takes a `relative::LockTime` parameter, which correctly represents the semantic meaning when working with CHECKSEQUENCEVERIFY
- Deprecate `push_sequence()` in favor of `push_relative_lock_time()` to avoid confusion between sequence numbers and relative timelocks
This addresses a potential confusion point in the API where developers might incorrectly push raw sequence numbers in scripts when what they actually need is to push a relative locktime value that will be checked against the transaction's sequence numbers by CHECKSEQUENCEVERIFY.
Closes#4301
ACKs for top commit:
apoelstra:
ACK ebaf162a962494329c6cb5f6d375a6a4a97fe83b; successfully ran local tests
tcharding:
ACK ebaf162a96
Tree-SHA512: 52c37b6e8bbcaa3f9346c5fd5db26eba69169bce13f915906df95fdc65204067fd75f803f8b5adad76978c9baad553c99281628736db4d1d317b149ab257d81f
157fe48dfd minor docstring fixups (planetBoy)
Pull request description:
ACKs for top commit:
apoelstra:
ACK 157fe48dfdc4029a0db63b393d8d9fd32a197e30; successfully ran local tests
Tree-SHA512: 29fe6168ff729f0f65f32a2c6ad28d45e36e0761cac4455b57b891f9c0bd2622db51a21b4961d33fa5a8934302eefca4a77c20732bf047e2721a5bc5d655c340
This commit improves the script builder API to better align with Bitcoin
semantics when working with relative timelocks:
- Add push_relative_lock_time() method that takes a relative::LockTime
parameter, which correctly represents the semantic meaning when working
with CHECKSEQUENCEVERIFY
- Deprecate push_sequence() in favor of push_relative_lock_time() to avoid
confusion between sequence numbers and relative timelocks
This addresses a potential confusion point in the API where developers
might incorrectly push raw sequence numbers in scripts when what they
actually need is to push a relative locktime value that will be checked
against the transaction's sequence numbers by CHECKSEQUENCEVERIFY.
7b193b5125 fix err P2WPKH to P2WSH (planetBoy)
Pull request description:
The correction is important because “P2WPK” is not a valid name. In the BIP141 specifications, the correct terms are “P2WPKH” and “P2WSH”.
ACKs for top commit:
Kixunil:
ACK 7b193b5125
apoelstra:
ACK 7b193b5125336263f672f2e2c69447cc3ae58926; successfully ran local tests
Tree-SHA512: 951bcde2c28e2086a69043c1ed27bde0935df0918f418c5f6f89ed476ba9e182e99eec545a438f79ca4e1704ce496d443b5bc9e368a53dd583a884f1da405865
492073f288 Strengthen the type of `taproot_control_block()` (Martin Habovstiak)
e8a42d5851 Unify/reduce usage of `unsafe` (Martin Habovstiak)
d42364bd9d Swap around the fields in `Address` (Martin Habovstiak)
7a115e3cf1 Make `Address` obey sanity rules (Martin Habovstiak)
bc6da1fe07 Swap around the fields in `sha256t::Hash` (Martin Habovstiak)
8ee088df74 Make `sha256t` obey sanity rules (Martin Habovstiak)
Pull request description:
Well, I thought this PR will be just the last commit... 😅
Anyway, this implements a bunch of changes to allow returning `ControlBlock` from `Witness` method(s). One cool side effect is that this PR also reduces the number of `unsafe` blocks.
ACKs for top commit:
apoelstra:
ACK 492073f28876406f8fe5a07a8a2495c8e0ba1fb3; successfully ran local tests
Tree-SHA512: 11979517cc310abf25644fc93a75deccacae66af8ba2d9b4011fdc3f414b15fac7e748399c7eef492ca850c11b7aacc3f24ec46fccf95e6d57a400212979637e
The type returned by `Witness::taproot_control_block()` was just `&[u8]`
which wasn't very nice since users then had to manually decode it which
so far also required allocation. Thanks to previous improvements to
`ControlBlock` it is now possible to return a `ControlBlock` type
directly.
To avoid expensive checks, this change adds a new type
`SerializedXOnlyPublicKey` which is a wrapper around `[u8; 32]` that is
used in `ControlBlock` if complete checking is undesirable. It is then
used in the `ControlBlock` returned from
`Witness::taproot_control_block`. Users can still conveniently validate
the key using `to_validated` method.
It then uses this type in the recently-added `P2TrSpend` type. As a side
effect this checks more properties of `Witness` when calling unrelated
methods on `Witness`. From correctness perspective this should be OK: a
witness obtained from a verified source will be correct anyway and, if
these checks were done by the caller, they can be removed.
From performance perspective, if the `Witness` was obtained from a
verified source (e.g. using Bitcoin Core RPC) these checks are wasted
CPU time. But they shouldn't be too expensive, we already avoid
`secp256k1` overhead and, given that they always succeed in such case,
they should be easy to branch-predict.
Since the introduction of `Script` `unsafe` started slowly creeping in
as more types with similar semantics were added. The `unsafe` in these
cases is just for trivial conversions between various pointer-like
types. As such, it's possible to move these into a single macro that
takes care of the conversions at one place and avoid repeating the same
`unsafe` code in the codebase. This decreases the cost of audits which
now only need to happen in `internals`, focuses any changes to happen in
that single macro and decreases the chance that we will mess up
similarly to the recent `try_into().expect()` issue (but this time with
UB rather than panic).
The new macro accepts syntax very similar to the already-existing struct
declarations with these differences:
* The struct MUST NOT have `#[repr(transparent)]` - it's added by the
macro
* If the struct uses `PhantomData` it must be the first field and the
real data must be the second field (to allow unsized types).
* The struct must be immediately followed by an impl block containing at
least on conversion function.
* If the struct has generics the impl block has to use the same names of
generics.
* The conversion functions don't have bodies (similarly to required
trait methods) and have a fixed set of allowed signatures.
* Underscore (`_`) must be used in place of the inner type in the
conversion function parameters.
The existing code can simply call the macro with simple changes and get
the same behavior without any direct use of `unsafe`. This change
already calls the macro for all relevant existing types. There are still
some usages left unrelated to the macro, except one additional
conversion in reverse direction on `Script`. It could be moved as well
but since it's on a single place so far it's not really required.
84bee2f7b0 Simplify `Witness` construction in tests (Martin Habovstiak)
3551ec2c69 Don't access internalls of `Witness` in tests (Martin Habovstiak)
c8078360d2 Impl `PartialEq` between `Witness` and containers (Martin Habovstiak)
587a66da47 Add a bunch of missing conversions for `Witness` (Martin Habovstiak)
Pull request description:
This is supposed to go in front of #4250
`Witness` lacked a bunch of APIs that were making it harder to use and test, so this also adds them in addition to cleaning up tests. (I only realized they are missing when I tried to clean up tests and got a bunch of errors.)
ACKs for top commit:
tcharding:
ACK 84bee2f7b0
apoelstra:
ACK 84bee2f7b06a7bd1f435aaad18fa76a15188326e; successfully ran local tests
Tree-SHA512: 7973f2a56b070babba7b4c632f45858154ccd00f8e77956ad2d28cb66e1fd18ff60d92c031ba3b76d0958e4acd34adfca10607fa26ec569dfd52ba1c1e2c79eb
The `Witness`-related tests were constructing `Witness` in
over-complicated way by serializing `Vec<Vec<u8>>` and then
deserializing `Witness` even though they were not supposed to test
serialization but Taproot accessor methods. This was difficult to
understand and maintain.
This change simplifies them to just construct the `Witness` from array
of `Vec<u8>`s using the recently-added constructors. Note that we
already have serialization tests written separately so we're not losing
meaningful coverage here.
9ea2e9262f Don't use references to `TaprootMerkleBranchBuf` (Martin Habovstiak)
c528f52894 Change `Deref::Target` of `TaprootMerkleBranchBuf` (Martin Habovstiak)
04a4efbe63 Introduce unsized `TaprootMerkleBranch` (Martin Habovstiak)
370c2597c6 Add `as_mut_slice` to `TaprootMerkleBranchBuf` (Martin Habovstiak)
33d75659da Push `merkle_branch` module one level deeper. (Martin Habovstiak)
277045bad7 Add `Buf` suffix to `TaprootMerkleBranch` (Martin Habovstiak)
Pull request description:
This implements a bunch of changes needed to make `ControlBlock` alloc-free. In particular, this allows constructing `Witness` without the intermediate allocation. It is also a step towards having `P2TrSpend` public.
Closes#1614
This also intentionally does **not** address decoding of `ControlBlock` from `Witness` since I'm not sure about the API.
Rationale for doing the `Buf` rename: while doing it with `Script` was very painful it shouldn't be here since it's not used that often and also we can just backport the first commit with deprecated type alias. I was thinking of having `TaprootMerkleBr` but it'd be inconsistent and the name is silly.
(Also if anyone is wondering why I did this: I was too exhausted to do more important stuff but felt like doing something nice and easy like this.)
ACKs for top commit:
tcharding:
ACK 9ea2e9262f
apoelstra:
ACK 9ea2e9262fbc04ea6fad33047de0fc1ead999dc7; successfully ran local tests
Tree-SHA512: c5e3ea61d10fbe0cbce5e900943e3cef77a175a62043c500b3ff6df57a96f00692d80fb1c4dd75bca9a704201baab6ddfcc430b12c7ecabc43968198466fed9d
We have a ton of calls to `from_sat_unchecked` for small constants which
were clearly in range, e.g. in fee.rs. Add a new constfn for these
cases. Don't bother making a generic Into<u32>/Into<u16> variant because
there isn't an obvious name for it.
There are 7 instances where we're using this method with values that are
out of range, which we leave as from_sat_unchecked for now.
`TaprootMerkleBranchBuf` being a vec introduced intermediate allocation
when creating or decoding `Witness`. However the representation on the
wire is the same as in-memory (aside from `#[repr(transparent)]`) so
this allocation wasn't really needed.
This commit introduces `TaprootMerkleBranch` type which is unsized and
can be used in place of `TaprootMerkleBranchBuf` within `ControlBlock`.
Aside from removing the intermediate allocation, this improves the API a
bit: the conversion from array to other type is no longer needed because
it's performed by `ControlBlock` in its methods. Thus, consumers who
have an array can simply set it as `merkle_branch` field and then encode
the `ControlBlock` into witness. A convenience method is also provided
to push the `ControlBlock` along with other parts at the end of the
`Witness`.
Tobin C. Harding
Fmt Bot
merge-script
Luis Schwab
ChrisCho-H
Jamil Lambert
dufucun
jrakibi
Maxim Evtush
yancy
Bilog WEB3
planetBoy
Erick Cestari
Martin Habovstiak
healthyyyoung