github.com/lbryio/lbcd@v0.22.119/wire/msgtx.go (about) 1 // Copyright (c) 2013-2016 The btcsuite developers 2 // Use of this source code is governed by an ISC 3 // license that can be found in the LICENSE file. 4 5 package wire 6 7 import ( 8 "bytes" 9 "fmt" 10 "io" 11 "strconv" 12 13 "github.com/lbryio/lbcd/chaincfg/chainhash" 14 ) 15 16 const ( 17 // TxVersion is the current latest supported transaction version. 18 TxVersion = 1 19 20 // MaxTxInSequenceNum is the maximum sequence number the sequence field 21 // of a transaction input can be. 22 MaxTxInSequenceNum uint32 = 0xffffffff 23 24 // MaxPrevOutIndex is the maximum index the index field of a previous 25 // outpoint can be. 26 MaxPrevOutIndex uint32 = 0xffffffff 27 28 // SequenceLockTimeDisabled is a flag that if set on a transaction 29 // input's sequence number, the sequence number will not be interpreted 30 // as a relative locktime. 31 SequenceLockTimeDisabled = 1 << 31 32 33 // SequenceLockTimeIsSeconds is a flag that if set on a transaction 34 // input's sequence number, the relative locktime has units of 512 35 // seconds. 36 SequenceLockTimeIsSeconds = 1 << 22 37 38 // SequenceLockTimeMask is a mask that extracts the relative locktime 39 // when masked against the transaction input sequence number. 40 SequenceLockTimeMask = 0x0000ffff 41 42 // SequenceLockTimeGranularity is the defined time based granularity 43 // for seconds-based relative time locks. When converting from seconds 44 // to a sequence number, the value is right shifted by this amount, 45 // therefore the granularity of relative time locks in 512 or 2^9 46 // seconds. Enforced relative lock times are multiples of 512 seconds. 47 SequenceLockTimeGranularity = 9 48 49 // defaultTxInOutAlloc is the default size used for the backing array for 50 // transaction inputs and outputs. The array will dynamically grow as needed, 51 // but this figure is intended to provide enough space for the number of 52 // inputs and outputs in a typical transaction without needing to grow the 53 // backing array multiple times. 54 defaultTxInOutAlloc = 15 55 56 // minTxInPayload is the minimum payload size for a transaction input. 57 // PreviousOutPoint.Hash + PreviousOutPoint.Index 4 bytes + Varint for 58 // SignatureScript length 1 byte + Sequence 4 bytes. 59 minTxInPayload = 9 + chainhash.HashSize 60 61 // maxTxInPerMessage is the maximum number of transactions inputs that 62 // a transaction which fits into a message could possibly have. 63 maxTxInPerMessage = (MaxMessagePayload / minTxInPayload) + 1 64 65 // MinTxOutPayload is the minimum payload size for a transaction output. 66 // Value 8 bytes + Varint for PkScript length 1 byte. 67 MinTxOutPayload = 9 68 69 // maxTxOutPerMessage is the maximum number of transactions outputs that 70 // a transaction which fits into a message could possibly have. 71 maxTxOutPerMessage = (MaxMessagePayload / MinTxOutPayload) + 1 72 73 // minTxPayload is the minimum payload size for a transaction. Note 74 // that any realistically usable transaction must have at least one 75 // input or output, but that is a rule enforced at a higher layer, so 76 // it is intentionally not included here. 77 // Version 4 bytes + Varint number of transaction inputs 1 byte + Varint 78 // number of transaction outputs 1 byte + LockTime 4 bytes + min input 79 // payload + min output payload. 80 minTxPayload = 10 81 82 // freeListMaxScriptSize is the size of each buffer in the free list 83 // that is used for deserializing scripts from the wire before they are 84 // concatenated into a single contiguous buffers. This value was chosen 85 // because it is slightly more than twice the size of the vast majority 86 // of all "standard" scripts. Larger scripts are still deserialized 87 // properly as the free list will simply be bypassed for them. 88 freeListMaxScriptSize = 512 89 90 // freeListMaxItems is the number of buffers to keep in the free list 91 // to use for script deserialization. This value allows up to 100 92 // scripts per transaction being simultaneously deserialized by 125 93 // peers. Thus, the peak usage of the free list is 12,500 * 512 = 94 // 6,400,000 bytes. 95 freeListMaxItems = 12500 96 97 // maxWitnessItemsPerInput is the maximum number of witness items to 98 // be read for the witness data for a single TxIn. This number is 99 // derived using a possble lower bound for the encoding of a witness 100 // item: 1 byte for length + 1 byte for the witness item itself, or two 101 // bytes. This value is then divided by the currently allowed maximum 102 // "cost" for a transaction. 103 maxWitnessItemsPerInput = 500000 104 105 // maxWitnessItemSize is the maximum allowed size for an item within 106 // an input's witness data. This number is derived from the fact that 107 // for script validation, each pushed item onto the stack must be less 108 // than 10k bytes. 109 maxWitnessItemSize = 11000 110 ) 111 112 // TxFlagMarker is the first byte of the FLAG field in a bitcoin tx 113 // message. It allows decoders to distinguish a regular serialized 114 // transaction from one that would require a different parsing logic. 115 // 116 // Position of FLAG in a bitcoin tx message: 117 // 118 // ┌─────────┬────────────────────┬─────────────┬─────┐ 119 // │ VERSION │ FLAG │ TX-IN-COUNT │ ... │ 120 // │ 4 bytes │ 2 bytes (optional) │ varint │ │ 121 // └─────────┴────────────────────┴─────────────┴─────┘ 122 // 123 // Zooming into the FLAG field: 124 // 125 // ┌── FLAG ─────────────┬────────┐ 126 // │ TxFlagMarker (0x00) │ TxFlag │ 127 // │ 1 byte │ 1 byte │ 128 // └─────────────────────┴────────┘ 129 const TxFlagMarker = 0x00 130 131 // TxFlag is the second byte of the FLAG field in a bitcoin tx message. 132 // It indicates the decoding logic to use in the transaction parser, if 133 // TxFlagMarker is detected in the tx message. 134 // 135 // As of writing this, only the witness flag (0x01) is supported, but may be 136 // extended in the future to accommodate auxiliary non-committed fields. 137 type TxFlag = byte 138 139 const ( 140 // WitnessFlag is a flag specific to witness encoding. If the TxFlagMarker 141 // is encountered followed by the WitnessFlag, then it indicates a 142 // transaction has witness data. This allows decoders to distinguish a 143 // serialized transaction with witnesses from a legacy one. 144 WitnessFlag TxFlag = 0x01 145 ) 146 147 // scriptFreeList defines a free list of byte slices (up to the maximum number 148 // defined by the freeListMaxItems constant) that have a cap according to the 149 // freeListMaxScriptSize constant. It is used to provide temporary buffers for 150 // deserializing scripts in order to greatly reduce the number of allocations 151 // required. 152 // 153 // The caller can obtain a buffer from the free list by calling the Borrow 154 // function and should return it via the Return function when done using it. 155 type scriptFreeList chan []byte 156 157 // Borrow returns a byte slice from the free list with a length according the 158 // provided size. A new buffer is allocated if there are any items available. 159 // 160 // When the size is larger than the max size allowed for items on the free list 161 // a new buffer of the appropriate size is allocated and returned. It is safe 162 // to attempt to return said buffer via the Return function as it will be 163 // ignored and allowed to go the garbage collector. 164 func (c scriptFreeList) Borrow(size uint64) []byte { 165 if size > freeListMaxScriptSize { 166 return make([]byte, size) 167 } 168 169 var buf []byte 170 select { 171 case buf = <-c: 172 default: 173 buf = make([]byte, freeListMaxScriptSize) 174 } 175 return buf[:size] 176 } 177 178 // Return puts the provided byte slice back on the free list when it has a cap 179 // of the expected length. The buffer is expected to have been obtained via 180 // the Borrow function. Any slices that are not of the appropriate size, such 181 // as those whose size is greater than the largest allowed free list item size 182 // are simply ignored so they can go to the garbage collector. 183 func (c scriptFreeList) Return(buf []byte) { 184 // Ignore any buffers returned that aren't the expected size for the 185 // free list. 186 if cap(buf) != freeListMaxScriptSize { 187 return 188 } 189 190 // Return the buffer to the free list when it's not full. Otherwise let 191 // it be garbage collected. 192 select { 193 case c <- buf: 194 default: 195 // Let it go to the garbage collector. 196 } 197 } 198 199 // Create the concurrent safe free list to use for script deserialization. As 200 // previously described, this free list is maintained to significantly reduce 201 // the number of allocations. 202 var scriptPool scriptFreeList = make(chan []byte, freeListMaxItems) 203 204 // OutPoint defines a bitcoin data type that is used to track previous 205 // transaction outputs. 206 type OutPoint struct { 207 Hash chainhash.Hash 208 Index uint32 209 } 210 211 // NewOutPoint returns a new bitcoin transaction outpoint point with the 212 // provided hash and index. 213 func NewOutPoint(hash *chainhash.Hash, index uint32) *OutPoint { 214 return &OutPoint{ 215 Hash: *hash, 216 Index: index, 217 } 218 } 219 220 // String returns the OutPoint in the human-readable form "hash:index". 221 func (o OutPoint) String() string { 222 // Allocate enough for hash string, colon, and 10 digits. Although 223 // at the time of writing, the number of digits can be no greater than 224 // the length of the decimal representation of maxTxOutPerMessage, the 225 // maximum message payload may increase in the future and this 226 // optimization may go unnoticed, so allocate space for 10 decimal 227 // digits, which will fit any uint32. 228 buf := make([]byte, 2*chainhash.HashSize+1, 2*chainhash.HashSize+1+10) 229 copy(buf, o.Hash.String()) 230 buf[2*chainhash.HashSize] = ':' 231 buf = strconv.AppendUint(buf, uint64(o.Index), 10) 232 return string(buf) 233 } 234 235 // TxIn defines a bitcoin transaction input. 236 type TxIn struct { 237 PreviousOutPoint OutPoint 238 SignatureScript []byte 239 Witness TxWitness 240 Sequence uint32 241 } 242 243 // SerializeSize returns the number of bytes it would take to serialize the 244 // the transaction input. 245 func (t *TxIn) SerializeSize() int { 246 // Outpoint Hash 32 bytes + Outpoint Index 4 bytes + Sequence 4 bytes + 247 // serialized varint size for the length of SignatureScript + 248 // SignatureScript bytes. 249 return 40 + VarIntSerializeSize(uint64(len(t.SignatureScript))) + 250 len(t.SignatureScript) 251 } 252 253 // NewTxIn returns a new bitcoin transaction input with the provided 254 // previous outpoint point and signature script with a default sequence of 255 // MaxTxInSequenceNum. 256 func NewTxIn(prevOut *OutPoint, signatureScript []byte, witness [][]byte) *TxIn { 257 return &TxIn{ 258 PreviousOutPoint: *prevOut, 259 SignatureScript: signatureScript, 260 Witness: witness, 261 Sequence: MaxTxInSequenceNum, 262 } 263 } 264 265 // TxWitness defines the witness for a TxIn. A witness is to be interpreted as 266 // a slice of byte slices, or a stack with one or many elements. 267 type TxWitness [][]byte 268 269 // SerializeSize returns the number of bytes it would take to serialize the the 270 // transaction input's witness. 271 func (t TxWitness) SerializeSize() int { 272 // A varint to signal the number of elements the witness has. 273 n := VarIntSerializeSize(uint64(len(t))) 274 275 // For each element in the witness, we'll need a varint to signal the 276 // size of the element, then finally the number of bytes the element 277 // itself comprises. 278 for _, witItem := range t { 279 n += VarIntSerializeSize(uint64(len(witItem))) 280 n += len(witItem) 281 } 282 283 return n 284 } 285 286 // TxOut defines a bitcoin transaction output. 287 type TxOut struct { 288 Value int64 289 PkScript []byte 290 } 291 292 // SerializeSize returns the number of bytes it would take to serialize the 293 // the transaction output. 294 func (t *TxOut) SerializeSize() int { 295 // Value 8 bytes + serialized varint size for the length of PkScript + 296 // PkScript bytes. 297 return 8 + VarIntSerializeSize(uint64(len(t.PkScript))) + len(t.PkScript) 298 } 299 300 // NewTxOut returns a new bitcoin transaction output with the provided 301 // transaction value and public key script. 302 func NewTxOut(value int64, pkScript []byte) *TxOut { 303 return &TxOut{ 304 Value: value, 305 PkScript: pkScript, 306 } 307 } 308 309 // MsgTx implements the Message interface and represents a bitcoin tx message. 310 // It is used to deliver transaction information in response to a getdata 311 // message (MsgGetData) for a given transaction. 312 // 313 // Use the AddTxIn and AddTxOut functions to build up the list of transaction 314 // inputs and outputs. 315 type MsgTx struct { 316 Version int32 317 TxIn []*TxIn 318 TxOut []*TxOut 319 LockTime uint32 320 } 321 322 // AddTxIn adds a transaction input to the message. 323 func (msg *MsgTx) AddTxIn(ti *TxIn) { 324 msg.TxIn = append(msg.TxIn, ti) 325 } 326 327 // AddTxOut adds a transaction output to the message. 328 func (msg *MsgTx) AddTxOut(to *TxOut) { 329 msg.TxOut = append(msg.TxOut, to) 330 } 331 332 // TxHash generates the Hash for the transaction. 333 func (msg *MsgTx) TxHash() chainhash.Hash { 334 // Encode the transaction and calculate double sha256 on the result. 335 // Ignore the error returns since the only way the encode could fail 336 // is being out of memory or due to nil pointers, both of which would 337 // cause a run-time panic. 338 buf := bytes.NewBuffer(make([]byte, 0, msg.SerializeSizeStripped())) 339 _ = msg.SerializeNoWitness(buf) 340 return chainhash.DoubleHashH(buf.Bytes()) 341 } 342 343 // WitnessHash generates the hash of the transaction serialized according to 344 // the new witness serialization defined in BIP0141 and BIP0144. The final 345 // output is used within the Segregated Witness commitment of all the witnesses 346 // within a block. If a transaction has no witness data, then the witness hash, 347 // is the same as its txid. 348 func (msg *MsgTx) WitnessHash() chainhash.Hash { 349 if msg.HasWitness() { 350 buf := bytes.NewBuffer(make([]byte, 0, msg.SerializeSize())) 351 _ = msg.Serialize(buf) 352 return chainhash.DoubleHashH(buf.Bytes()) 353 } 354 355 return msg.TxHash() 356 } 357 358 // Copy creates a deep copy of a transaction so that the original does not get 359 // modified when the copy is manipulated. 360 func (msg *MsgTx) Copy() *MsgTx { 361 // Create new tx and start by copying primitive values and making space 362 // for the transaction inputs and outputs. 363 newTx := MsgTx{ 364 Version: msg.Version, 365 TxIn: make([]*TxIn, 0, len(msg.TxIn)), 366 TxOut: make([]*TxOut, 0, len(msg.TxOut)), 367 LockTime: msg.LockTime, 368 } 369 370 // Deep copy the old TxIn data. 371 for _, oldTxIn := range msg.TxIn { 372 // Deep copy the old previous outpoint. 373 oldOutPoint := oldTxIn.PreviousOutPoint 374 newOutPoint := OutPoint{} 375 newOutPoint.Hash.SetBytes(oldOutPoint.Hash[:]) 376 newOutPoint.Index = oldOutPoint.Index 377 378 // Deep copy the old signature script. 379 var newScript []byte 380 oldScript := oldTxIn.SignatureScript 381 oldScriptLen := len(oldScript) 382 if oldScriptLen > 0 { 383 newScript = make([]byte, oldScriptLen) 384 copy(newScript, oldScript[:oldScriptLen]) 385 } 386 387 // Create new txIn with the deep copied data. 388 newTxIn := TxIn{ 389 PreviousOutPoint: newOutPoint, 390 SignatureScript: newScript, 391 Sequence: oldTxIn.Sequence, 392 } 393 394 // If the transaction is witnessy, then also copy the 395 // witnesses. 396 if len(oldTxIn.Witness) != 0 { 397 // Deep copy the old witness data. 398 newTxIn.Witness = make([][]byte, len(oldTxIn.Witness)) 399 for i, oldItem := range oldTxIn.Witness { 400 newItem := make([]byte, len(oldItem)) 401 copy(newItem, oldItem) 402 newTxIn.Witness[i] = newItem 403 } 404 } 405 406 // Finally, append this fully copied txin. 407 newTx.TxIn = append(newTx.TxIn, &newTxIn) 408 } 409 410 // Deep copy the old TxOut data. 411 for _, oldTxOut := range msg.TxOut { 412 // Deep copy the old PkScript 413 var newScript []byte 414 oldScript := oldTxOut.PkScript 415 oldScriptLen := len(oldScript) 416 if oldScriptLen > 0 { 417 newScript = make([]byte, oldScriptLen) 418 copy(newScript, oldScript[:oldScriptLen]) 419 } 420 421 // Create new txOut with the deep copied data and append it to 422 // new Tx. 423 newTxOut := TxOut{ 424 Value: oldTxOut.Value, 425 PkScript: newScript, 426 } 427 newTx.TxOut = append(newTx.TxOut, &newTxOut) 428 } 429 430 return &newTx 431 } 432 433 // BtcDecode decodes r using the bitcoin protocol encoding into the receiver. 434 // This is part of the Message interface implementation. 435 // See Deserialize for decoding transactions stored to disk, such as in a 436 // database, as opposed to decoding transactions from the wire. 437 func (msg *MsgTx) BtcDecode(r io.Reader, pver uint32, enc MessageEncoding) error { 438 version, err := binarySerializer.Uint32(r, littleEndian) 439 if err != nil { 440 return err 441 } 442 msg.Version = int32(version) 443 444 count, err := ReadVarInt(r, pver) 445 if err != nil { 446 return err 447 } 448 449 // A count of zero (meaning no TxIn's to the uninitiated) means that the 450 // value is a TxFlagMarker, and hence indicates the presence of a flag. 451 var flag [1]TxFlag 452 if count == TxFlagMarker && enc == WitnessEncoding { 453 // The count varint was in fact the flag marker byte. Next, we need to 454 // read the flag value, which is a single byte. 455 if _, err = io.ReadFull(r, flag[:]); err != nil { 456 return err 457 } 458 459 // At the moment, the flag MUST be WitnessFlag (0x01). In the future 460 // other flag types may be supported. 461 if flag[0] != WitnessFlag { 462 str := fmt.Sprintf("witness tx but flag byte is %x", flag) 463 return messageError("MsgTx.BtcDecode", str) 464 } 465 466 // With the Segregated Witness specific fields decoded, we can 467 // now read in the actual txin count. 468 count, err = ReadVarInt(r, pver) 469 if err != nil { 470 return err 471 } 472 } 473 474 // Prevent more input transactions than could possibly fit into a 475 // message. It would be possible to cause memory exhaustion and panics 476 // without a sane upper bound on this count. 477 if count > uint64(maxTxInPerMessage) { 478 str := fmt.Sprintf("too many input transactions to fit into "+ 479 "max message size [count %d, max %d]", count, 480 maxTxInPerMessage) 481 return messageError("MsgTx.BtcDecode", str) 482 } 483 484 // returnScriptBuffers is a closure that returns any script buffers that 485 // were borrowed from the pool when there are any deserialization 486 // errors. This is only valid to call before the final step which 487 // replaces the scripts with the location in a contiguous buffer and 488 // returns them. 489 returnScriptBuffers := func() { 490 for _, txIn := range msg.TxIn { 491 if txIn == nil { 492 continue 493 } 494 495 if txIn.SignatureScript != nil { 496 scriptPool.Return(txIn.SignatureScript) 497 } 498 499 for _, witnessElem := range txIn.Witness { 500 if witnessElem != nil { 501 scriptPool.Return(witnessElem) 502 } 503 } 504 } 505 for _, txOut := range msg.TxOut { 506 if txOut == nil || txOut.PkScript == nil { 507 continue 508 } 509 scriptPool.Return(txOut.PkScript) 510 } 511 } 512 513 // Deserialize the inputs. 514 var totalScriptSize uint64 515 txIns := make([]TxIn, count) 516 msg.TxIn = make([]*TxIn, count) 517 for i := uint64(0); i < count; i++ { 518 // The pointer is set now in case a script buffer is borrowed 519 // and needs to be returned to the pool on error. 520 ti := &txIns[i] 521 msg.TxIn[i] = ti 522 err = readTxIn(r, pver, msg.Version, ti) 523 if err != nil { 524 returnScriptBuffers() 525 return err 526 } 527 totalScriptSize += uint64(len(ti.SignatureScript)) 528 } 529 530 count, err = ReadVarInt(r, pver) 531 if err != nil { 532 returnScriptBuffers() 533 return err 534 } 535 536 // Prevent more output transactions than could possibly fit into a 537 // message. It would be possible to cause memory exhaustion and panics 538 // without a sane upper bound on this count. 539 if count > uint64(maxTxOutPerMessage) { 540 returnScriptBuffers() 541 str := fmt.Sprintf("too many output transactions to fit into "+ 542 "max message size [count %d, max %d]", count, 543 maxTxOutPerMessage) 544 return messageError("MsgTx.BtcDecode", str) 545 } 546 547 // Deserialize the outputs. 548 txOuts := make([]TxOut, count) 549 msg.TxOut = make([]*TxOut, count) 550 for i := uint64(0); i < count; i++ { 551 // The pointer is set now in case a script buffer is borrowed 552 // and needs to be returned to the pool on error. 553 to := &txOuts[i] 554 msg.TxOut[i] = to 555 err = readTxOut(r, pver, msg.Version, to) 556 if err != nil { 557 returnScriptBuffers() 558 return err 559 } 560 totalScriptSize += uint64(len(to.PkScript)) 561 } 562 563 // If the transaction's flag byte isn't 0x00 at this point, then one or 564 // more of its inputs has accompanying witness data. 565 if flag[0] != 0 && enc == WitnessEncoding { 566 for _, txin := range msg.TxIn { 567 // For each input, the witness is encoded as a stack 568 // with one or more items. Therefore, we first read a 569 // varint which encodes the number of stack items. 570 witCount, err := ReadVarInt(r, pver) 571 if err != nil { 572 returnScriptBuffers() 573 return err 574 } 575 576 // Prevent a possible memory exhaustion attack by 577 // limiting the witCount value to a sane upper bound. 578 if witCount > maxWitnessItemsPerInput { 579 returnScriptBuffers() 580 str := fmt.Sprintf("too many witness items to fit "+ 581 "into max message size [count %d, max %d]", 582 witCount, maxWitnessItemsPerInput) 583 return messageError("MsgTx.BtcDecode", str) 584 } 585 586 // Then for witCount number of stack items, each item 587 // has a varint length prefix, followed by the witness 588 // item itself. 589 txin.Witness = make([][]byte, witCount) 590 for j := uint64(0); j < witCount; j++ { 591 txin.Witness[j], err = readScript(r, pver, 592 maxWitnessItemSize, "script witness item") 593 if err != nil { 594 returnScriptBuffers() 595 return err 596 } 597 totalScriptSize += uint64(len(txin.Witness[j])) 598 } 599 } 600 } 601 602 msg.LockTime, err = binarySerializer.Uint32(r, littleEndian) 603 if err != nil { 604 returnScriptBuffers() 605 return err 606 } 607 608 // Create a single allocation to house all of the scripts and set each 609 // input signature script and output public key script to the 610 // appropriate subslice of the overall contiguous buffer. Then, return 611 // each individual script buffer back to the pool so they can be reused 612 // for future deserializations. This is done because it significantly 613 // reduces the number of allocations the garbage collector needs to 614 // track, which in turn improves performance and drastically reduces the 615 // amount of runtime overhead that would otherwise be needed to keep 616 // track of millions of small allocations. 617 // 618 // NOTE: It is no longer valid to call the returnScriptBuffers closure 619 // after these blocks of code run because it is already done and the 620 // scripts in the transaction inputs and outputs no longer point to the 621 // buffers. 622 var offset uint64 623 scripts := make([]byte, totalScriptSize) 624 for i := 0; i < len(msg.TxIn); i++ { 625 // Copy the signature script into the contiguous buffer at the 626 // appropriate offset. 627 signatureScript := msg.TxIn[i].SignatureScript 628 copy(scripts[offset:], signatureScript) 629 630 // Reset the signature script of the transaction input to the 631 // slice of the contiguous buffer where the script lives. 632 scriptSize := uint64(len(signatureScript)) 633 end := offset + scriptSize 634 msg.TxIn[i].SignatureScript = scripts[offset:end:end] 635 offset += scriptSize 636 637 // Return the temporary script buffer to the pool. 638 scriptPool.Return(signatureScript) 639 640 for j := 0; j < len(msg.TxIn[i].Witness); j++ { 641 // Copy each item within the witness stack for this 642 // input into the contiguous buffer at the appropriate 643 // offset. 644 witnessElem := msg.TxIn[i].Witness[j] 645 copy(scripts[offset:], witnessElem) 646 647 // Reset the witness item within the stack to the slice 648 // of the contiguous buffer where the witness lives. 649 witnessElemSize := uint64(len(witnessElem)) 650 end := offset + witnessElemSize 651 msg.TxIn[i].Witness[j] = scripts[offset:end:end] 652 offset += witnessElemSize 653 654 // Return the temporary buffer used for the witness stack 655 // item to the pool. 656 scriptPool.Return(witnessElem) 657 } 658 } 659 for i := 0; i < len(msg.TxOut); i++ { 660 // Copy the public key script into the contiguous buffer at the 661 // appropriate offset. 662 pkScript := msg.TxOut[i].PkScript 663 copy(scripts[offset:], pkScript) 664 665 // Reset the public key script of the transaction output to the 666 // slice of the contiguous buffer where the script lives. 667 scriptSize := uint64(len(pkScript)) 668 end := offset + scriptSize 669 msg.TxOut[i].PkScript = scripts[offset:end:end] 670 offset += scriptSize 671 672 // Return the temporary script buffer to the pool. 673 scriptPool.Return(pkScript) 674 } 675 676 return nil 677 } 678 679 // Deserialize decodes a transaction from r into the receiver using a format 680 // that is suitable for long-term storage such as a database while respecting 681 // the Version field in the transaction. This function differs from BtcDecode 682 // in that BtcDecode decodes from the bitcoin wire protocol as it was sent 683 // across the network. The wire encoding can technically differ depending on 684 // the protocol version and doesn't even really need to match the format of a 685 // stored transaction at all. As of the time this comment was written, the 686 // encoded transaction is the same in both instances, but there is a distinct 687 // difference and separating the two allows the API to be flexible enough to 688 // deal with changes. 689 func (msg *MsgTx) Deserialize(r io.Reader) error { 690 // At the current time, there is no difference between the wire encoding 691 // at protocol version 0 and the stable long-term storage format. As 692 // a result, make use of BtcDecode. 693 return msg.BtcDecode(r, 0, WitnessEncoding) 694 } 695 696 // DeserializeNoWitness decodes a transaction from r into the receiver, where 697 // the transaction encoding format within r MUST NOT utilize the new 698 // serialization format created to encode transaction bearing witness data 699 // within inputs. 700 func (msg *MsgTx) DeserializeNoWitness(r io.Reader) error { 701 return msg.BtcDecode(r, 0, BaseEncoding) 702 } 703 704 // BtcEncode encodes the receiver to w using the bitcoin protocol encoding. 705 // This is part of the Message interface implementation. 706 // See Serialize for encoding transactions to be stored to disk, such as in a 707 // database, as opposed to encoding transactions for the wire. 708 func (msg *MsgTx) BtcEncode(w io.Writer, pver uint32, enc MessageEncoding) error { 709 err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) 710 if err != nil { 711 return err 712 } 713 714 // If the encoding version is set to WitnessEncoding, and the Flags 715 // field for the MsgTx aren't 0x00, then this indicates the transaction 716 // is to be encoded using the new witness inclusionary structure 717 // defined in BIP0144. 718 doWitness := enc == WitnessEncoding && msg.HasWitness() 719 if doWitness { 720 // After the transaction's Version field, we include two additional 721 // bytes specific to the witness encoding. This byte sequence is known 722 // as a flag. The first byte is a marker byte (TxFlagMarker) and the 723 // second one is the flag value to indicate presence of witness data. 724 if _, err := w.Write([]byte{TxFlagMarker, WitnessFlag}); err != nil { 725 return err 726 } 727 } 728 729 count := uint64(len(msg.TxIn)) 730 err = WriteVarInt(w, pver, count) 731 if err != nil { 732 return err 733 } 734 735 for _, ti := range msg.TxIn { 736 err = writeTxIn(w, pver, msg.Version, ti) 737 if err != nil { 738 return err 739 } 740 } 741 742 count = uint64(len(msg.TxOut)) 743 err = WriteVarInt(w, pver, count) 744 if err != nil { 745 return err 746 } 747 748 for _, to := range msg.TxOut { 749 err = WriteTxOut(w, pver, msg.Version, to) 750 if err != nil { 751 return err 752 } 753 } 754 755 // If this transaction is a witness transaction, and the witness 756 // encoded is desired, then encode the witness for each of the inputs 757 // within the transaction. 758 if doWitness { 759 for _, ti := range msg.TxIn { 760 err = writeTxWitness(w, pver, msg.Version, ti.Witness) 761 if err != nil { 762 return err 763 } 764 } 765 } 766 767 return binarySerializer.PutUint32(w, littleEndian, msg.LockTime) 768 } 769 770 // HasWitness returns false if none of the inputs within the transaction 771 // contain witness data, true false otherwise. 772 func (msg *MsgTx) HasWitness() bool { 773 for _, txIn := range msg.TxIn { 774 if len(txIn.Witness) != 0 { 775 return true 776 } 777 } 778 779 return false 780 } 781 782 // Serialize encodes the transaction to w using a format that suitable for 783 // long-term storage such as a database while respecting the Version field in 784 // the transaction. This function differs from BtcEncode in that BtcEncode 785 // encodes the transaction to the bitcoin wire protocol in order to be sent 786 // across the network. The wire encoding can technically differ depending on 787 // the protocol version and doesn't even really need to match the format of a 788 // stored transaction at all. As of the time this comment was written, the 789 // encoded transaction is the same in both instances, but there is a distinct 790 // difference and separating the two allows the API to be flexible enough to 791 // deal with changes. 792 func (msg *MsgTx) Serialize(w io.Writer) error { 793 // At the current time, there is no difference between the wire encoding 794 // at protocol version 0 and the stable long-term storage format. As 795 // a result, make use of BtcEncode. 796 // 797 // Passing a encoding type of WitnessEncoding to BtcEncode for MsgTx 798 // indicates that the transaction's witnesses (if any) should be 799 // serialized according to the new serialization structure defined in 800 // BIP0144. 801 return msg.BtcEncode(w, 0, WitnessEncoding) 802 } 803 804 // SerializeNoWitness encodes the transaction to w in an identical manner to 805 // Serialize, however even if the source transaction has inputs with witness 806 // data, the old serialization format will still be used. 807 func (msg *MsgTx) SerializeNoWitness(w io.Writer) error { 808 return msg.BtcEncode(w, 0, BaseEncoding) 809 } 810 811 // baseSize returns the serialized size of the transaction without accounting 812 // for any witness data. 813 func (msg *MsgTx) baseSize() int { 814 // Version 4 bytes + LockTime 4 bytes + Serialized varint size for the 815 // number of transaction inputs and outputs. 816 n := 8 + VarIntSerializeSize(uint64(len(msg.TxIn))) + 817 VarIntSerializeSize(uint64(len(msg.TxOut))) 818 819 for _, txIn := range msg.TxIn { 820 n += txIn.SerializeSize() 821 } 822 823 for _, txOut := range msg.TxOut { 824 n += txOut.SerializeSize() 825 } 826 827 return n 828 } 829 830 // SerializeSize returns the number of bytes it would take to serialize the 831 // the transaction. 832 func (msg *MsgTx) SerializeSize() int { 833 n := msg.baseSize() 834 835 if msg.HasWitness() { 836 // The marker, and flag fields take up two additional bytes. 837 n += 2 838 839 // Additionally, factor in the serialized size of each of the 840 // witnesses for each txin. 841 for _, txin := range msg.TxIn { 842 n += txin.Witness.SerializeSize() 843 } 844 } 845 846 return n 847 } 848 849 // SerializeSizeStripped returns the number of bytes it would take to serialize 850 // the transaction, excluding any included witness data. 851 func (msg *MsgTx) SerializeSizeStripped() int { 852 return msg.baseSize() 853 } 854 855 // Command returns the protocol command string for the message. This is part 856 // of the Message interface implementation. 857 func (msg *MsgTx) Command() string { 858 return CmdTx 859 } 860 861 // MaxPayloadLength returns the maximum length the payload can be for the 862 // receiver. This is part of the Message interface implementation. 863 func (msg *MsgTx) MaxPayloadLength(pver uint32) uint32 { 864 return MaxBlockPayload 865 } 866 867 // PkScriptLocs returns a slice containing the start of each public key script 868 // within the raw serialized transaction. The caller can easily obtain the 869 // length of each script by using len on the script available via the 870 // appropriate transaction output entry. 871 func (msg *MsgTx) PkScriptLocs() []int { 872 numTxOut := len(msg.TxOut) 873 if numTxOut == 0 { 874 return nil 875 } 876 877 // The starting offset in the serialized transaction of the first 878 // transaction output is: 879 // 880 // Version 4 bytes + serialized varint size for the number of 881 // transaction inputs and outputs + serialized size of each transaction 882 // input. 883 n := 4 + VarIntSerializeSize(uint64(len(msg.TxIn))) + 884 VarIntSerializeSize(uint64(numTxOut)) 885 886 // If this transaction has a witness input, the an additional two bytes 887 // for the marker, and flag byte need to be taken into account. 888 if len(msg.TxIn) > 0 && msg.TxIn[0].Witness != nil { 889 n += 2 890 } 891 892 for _, txIn := range msg.TxIn { 893 n += txIn.SerializeSize() 894 } 895 896 // Calculate and set the appropriate offset for each public key script. 897 pkScriptLocs := make([]int, numTxOut) 898 for i, txOut := range msg.TxOut { 899 // The offset of the script in the transaction output is: 900 // 901 // Value 8 bytes + serialized varint size for the length of 902 // PkScript. 903 n += 8 + VarIntSerializeSize(uint64(len(txOut.PkScript))) 904 pkScriptLocs[i] = n 905 n += len(txOut.PkScript) 906 } 907 908 return pkScriptLocs 909 } 910 911 // NewMsgTx returns a new bitcoin tx message that conforms to the Message 912 // interface. The return instance has a default version of TxVersion and there 913 // are no transaction inputs or outputs. Also, the lock time is set to zero 914 // to indicate the transaction is valid immediately as opposed to some time in 915 // future. 916 func NewMsgTx(version int32) *MsgTx { 917 return &MsgTx{ 918 Version: version, 919 TxIn: make([]*TxIn, 0, defaultTxInOutAlloc), 920 TxOut: make([]*TxOut, 0, defaultTxInOutAlloc), 921 } 922 } 923 924 // readOutPoint reads the next sequence of bytes from r as an OutPoint. 925 func readOutPoint(r io.Reader, pver uint32, version int32, op *OutPoint) error { 926 _, err := io.ReadFull(r, op.Hash[:]) 927 if err != nil { 928 return err 929 } 930 931 op.Index, err = binarySerializer.Uint32(r, littleEndian) 932 return err 933 } 934 935 // writeOutPoint encodes op to the bitcoin protocol encoding for an OutPoint 936 // to w. 937 func writeOutPoint(w io.Writer, pver uint32, version int32, op *OutPoint) error { 938 _, err := w.Write(op.Hash[:]) 939 if err != nil { 940 return err 941 } 942 943 return binarySerializer.PutUint32(w, littleEndian, op.Index) 944 } 945 946 // readScript reads a variable length byte array that represents a transaction 947 // script. It is encoded as a varInt containing the length of the array 948 // followed by the bytes themselves. An error is returned if the length is 949 // greater than the passed maxAllowed parameter which helps protect against 950 // memory exhaustion attacks and forced panics through malformed messages. The 951 // fieldName parameter is only used for the error message so it provides more 952 // context in the error. 953 func readScript(r io.Reader, pver uint32, maxAllowed uint32, fieldName string) ([]byte, error) { 954 count, err := ReadVarInt(r, pver) 955 if err != nil { 956 return nil, err 957 } 958 959 // Prevent byte array larger than the max message size. It would 960 // be possible to cause memory exhaustion and panics without a sane 961 // upper bound on this count. 962 if count > uint64(maxAllowed) { 963 str := fmt.Sprintf("%s is larger than the max allowed size "+ 964 "[count %d, max %d]", fieldName, count, maxAllowed) 965 return nil, messageError("readScript", str) 966 } 967 968 b := scriptPool.Borrow(count) 969 _, err = io.ReadFull(r, b) 970 if err != nil { 971 scriptPool.Return(b) 972 return nil, err 973 } 974 return b, nil 975 } 976 977 // readTxIn reads the next sequence of bytes from r as a transaction input 978 // (TxIn). 979 func readTxIn(r io.Reader, pver uint32, version int32, ti *TxIn) error { 980 err := readOutPoint(r, pver, version, &ti.PreviousOutPoint) 981 if err != nil { 982 return err 983 } 984 985 ti.SignatureScript, err = readScript(r, pver, MaxMessagePayload, 986 "transaction input signature script") 987 if err != nil { 988 return err 989 } 990 991 return readElement(r, &ti.Sequence) 992 } 993 994 // writeTxIn encodes ti to the bitcoin protocol encoding for a transaction 995 // input (TxIn) to w. 996 func writeTxIn(w io.Writer, pver uint32, version int32, ti *TxIn) error { 997 err := writeOutPoint(w, pver, version, &ti.PreviousOutPoint) 998 if err != nil { 999 return err 1000 } 1001 1002 err = WriteVarBytes(w, pver, ti.SignatureScript) 1003 if err != nil { 1004 return err 1005 } 1006 1007 return binarySerializer.PutUint32(w, littleEndian, ti.Sequence) 1008 } 1009 1010 // readTxOut reads the next sequence of bytes from r as a transaction output 1011 // (TxOut). 1012 func readTxOut(r io.Reader, pver uint32, version int32, to *TxOut) error { 1013 err := readElement(r, &to.Value) 1014 if err != nil { 1015 return err 1016 } 1017 1018 to.PkScript, err = readScript(r, pver, MaxMessagePayload, 1019 "transaction output public key script") 1020 return err 1021 } 1022 1023 // WriteTxOut encodes to into the bitcoin protocol encoding for a transaction 1024 // output (TxOut) to w. 1025 // 1026 // NOTE: This function is exported in order to allow txscript to compute the 1027 // new sighashes for witness transactions (BIP0143). 1028 func WriteTxOut(w io.Writer, pver uint32, version int32, to *TxOut) error { 1029 err := binarySerializer.PutUint64(w, littleEndian, uint64(to.Value)) 1030 if err != nil { 1031 return err 1032 } 1033 1034 return WriteVarBytes(w, pver, to.PkScript) 1035 } 1036 1037 // writeTxWitness encodes the bitcoin protocol encoding for a transaction 1038 // input's witness into to w. 1039 func writeTxWitness(w io.Writer, pver uint32, version int32, wit [][]byte) error { 1040 err := WriteVarInt(w, pver, uint64(len(wit))) 1041 if err != nil { 1042 return err 1043 } 1044 for _, item := range wit { 1045 err = WriteVarBytes(w, pver, item) 1046 if err != nil { 1047 return err 1048 } 1049 } 1050 return nil 1051 }