github.com/mit-dci/lit@v0.0.0-20221102210550-8c3d3b49f2ce/wire/msgtx.go (about) 1 // Copyright (c) 2013-2016 The btcsuite developers 2 // Use of this source code is governed by an ISC 3 // license that can be found in the LICENSE file. 4 5 package wire 6 7 import ( 8 "bytes" 9 "fmt" 10 "io" 11 "strconv" 12 13 "github.com/mit-dci/lit/btcutil/chaincfg/chainhash" 14 ) 15 16 const ( 17 // TxVersion is the current latest supported transaction version. 18 TxVersion = 1 19 20 // MaxTxInSequenceNum is the maximum sequence number the sequence field 21 // of a transaction input can be. 22 MaxTxInSequenceNum uint32 = 0xffffffff 23 24 // MaxPrevOutIndex is the maximum index the index field of a previous 25 // outpoint can be. 26 MaxPrevOutIndex uint32 = 0xffffffff 27 ) 28 29 const ( 30 // defaultTxInOutAlloc is the default size used for the backing array 31 // for transaction inputs and outputs. The array will dynamically grow 32 // as needed, but this figure is intended to provide enough space for 33 // the number of inputs and outputs in a typical transaction without 34 // needing to grow the backing array multiple times. 35 defaultTxInOutAlloc = 15 36 37 // minTxInPayload is the minimum payload size for a transaction input. 38 // PreviousOutPoint.Hash + PreviousOutPoint.Index 4 bytes + Varint for 39 // SignatureScript length 1 byte + Sequence 4 bytes. 40 minTxInPayload = 9 + chainhash.HashSize 41 42 // maxTxInPerMessage is the maximum number of transactions inputs that 43 // a transaction which fits into a message could possibly have. 44 maxTxInPerMessage = (MaxMessagePayload / minTxInPayload) + 1 45 46 // minTxOutPayload is the minimum payload size for a transaction output. 47 // Value 8 bytes + Varint for PkScript length 1 byte. 48 minTxOutPayload = 9 49 50 // maxTxOutPerMessage is the maximum number of transactions outputs that 51 // a transaction which fits into a message could possibly have. 52 maxTxOutPerMessage = (MaxMessagePayload / minTxOutPayload) + 1 53 54 // minTxPayload is the minimum payload size for a transaction. Note 55 // that any realistically usable transaction must have at least one 56 // input or output, but that is a rule enforced at a higher layer, so 57 // it is intentionally not included here. 58 // Version 4 bytes + Varint number of transaction inputs 1 byte + Varint 59 // number of transaction outputs 1 byte + LockTime 4 bytes + min input 60 // payload + min output payload. 61 minTxPayload = 10 62 63 // freeListMaxScriptSize is the size of each buffer in the free list 64 // that is used for deserializing scripts from the wire before they are 65 // concatenated into a single contiguous buffers. This value was chosen 66 // because it is slightly more than twice the size of the vast majority 67 // of all "standard" scripts. Larger scripts are still deserialized 68 // properly as the free list will simply be bypassed for them. 69 freeListMaxScriptSize = 512 70 71 // freeListMaxItems is the number of buffers to keep in the free list 72 // to use for script deserialization. This value allows up to 100 73 // scripts per transaction being simultaneously deserialized by 125 74 // peers. Thus, the peak usage of the free list is 12,500 * 512 = 75 // 6,400,000 bytes. 76 freeListMaxItems = 12500 77 78 // maxWitnessItemsPerInput is the maximum number of witness items to 79 // be read for the witness data for a single TxIn. This number is 80 // derived using a possble lower bound for the encoding of a witness 81 // item: 1 byte for length + 1 byte for the witness item itself, or two 82 // bytes. This value is then divided by the currently allowed maximum 83 // "cost" for a transaction. 84 maxWitnessItemsPerInput = 4000000 85 86 // maxWitnessItemSize is the maximum allowed size for an item within 87 // an input's witness data. This number is derived from the fact that 88 // for script validation, each pushed item onto the stack must be less 89 // than 10k bytes. 90 maxWitnessItemSize = 4000000 91 ) 92 93 // scriptFreeList defines a free list of byte slices (up to the maximum number 94 // defined by the freeListMaxItems constant) that have a cap according to the 95 // freeListMaxScriptSize constant. It is used to provide temporary buffers for 96 // deserializing scripts in order to greatly reduce the number of allocations 97 // required. 98 // 99 // The caller can obtain a buffer from the free list by calling the Borrow 100 // function and should return it via the Return function when done using it. 101 type scriptFreeList chan []byte 102 103 // Borrow returns a byte slice from the free list with a length according the 104 // provided size. A new buffer is allocated if there are any items available. 105 // 106 // When the size is larger than the max size allowed for items on the free list 107 // a new buffer of the appropriate size is allocated and returned. It is safe 108 // to attempt to return said buffer via the Return function as it will be 109 // ignored and allowed to go the garbage collector. 110 func (c scriptFreeList) Borrow(size uint64) []byte { 111 if size > freeListMaxScriptSize { 112 return make([]byte, size, size) 113 } 114 115 var buf []byte 116 select { 117 case buf = <-c: 118 default: 119 buf = make([]byte, freeListMaxScriptSize) 120 } 121 return buf[:size] 122 } 123 124 // Return puts the provided byte slice back on the free list when it has a cap 125 // of the expected length. The buffer is expected to have been obtained via 126 // the Borrow function. Any slices that are not of the appropriate size, such 127 // as those whose size is greater than the largest allowed free list item size 128 // are simply ignored so they can go to the garbage collector. 129 func (c scriptFreeList) Return(buf []byte) { 130 // Ignore any buffers returned that aren't the expected size for the 131 // free list. 132 if cap(buf) != freeListMaxScriptSize { 133 return 134 } 135 136 // Return the buffer to the free list when it's not full. Otherwise let 137 // it be garbage collected. 138 select { 139 case c <- buf: 140 default: 141 // Let it go to the garbage collector. 142 } 143 } 144 145 // Create the concurrent safe free list to use for script deserialization. As 146 // previously described, this free list is maintained to significantly reduce 147 // the number of allocations. 148 var scriptPool scriptFreeList = make(chan []byte, freeListMaxItems) 149 150 // OutPoint defines a bitcoin data type that is used to track previous 151 // transaction outputs. 152 type OutPoint struct { 153 Hash chainhash.Hash `json:"hash"` 154 Index uint32 `json:"i"` 155 } 156 157 // NewOutPoint returns a new bitcoin transaction outpoint point with the 158 // provided hash and index. 159 func NewOutPoint(hash *chainhash.Hash, index uint32) *OutPoint { 160 return &OutPoint{ 161 Hash: *hash, 162 Index: index, 163 } 164 } 165 166 // String returns the OutPoint in the human-readable form "hash:index". 167 func (o OutPoint) String() string { 168 // Allocate enough for hash string, colon, and 10 digits. Although 169 // at the time of writing, the number of digits can be no greater than 170 // the length of the decimal representation of maxTxOutPerMessage, the 171 // maximum message payload may increase in the future and this 172 // optimization may go unnoticed, so allocate space for 10 decimal 173 // digits, which will fit any uint32. 174 buf := make([]byte, 2*chainhash.HashSize+1, 2*chainhash.HashSize+1+10) 175 copy(buf, o.Hash.String()) 176 buf[2*chainhash.HashSize] = ';' 177 buf = strconv.AppendUint(buf, uint64(o.Index), 10) 178 return string(buf) 179 } 180 181 // TxIn defines a bitcoin transaction input. 182 type TxIn struct { 183 PreviousOutPoint OutPoint `json:"prevop"` 184 SignatureScript []byte `json:"sigscript"` 185 Witness TxWitness `json:"wit"` 186 Sequence uint32 `json:"seq"` 187 } 188 189 // SerializeSize returns the number of bytes it would take to serialize the 190 // the transaction input. 191 func (t *TxIn) SerializeSize() int { 192 // Outpoint Hash 32 bytes + Outpoint Index 4 bytes + Sequence 4 bytes + 193 // serialized varint size for the length of SignatureScript + 194 // SignatureScript bytes. 195 return 40 + VarIntSerializeSize(uint64(len(t.SignatureScript))) + 196 len(t.SignatureScript) 197 } 198 199 // NewTxIn returns a new bitcoin transaction input with the provided 200 // previous outpoint point and signature script with a default sequence of 201 // MaxTxInSequenceNum. 202 func NewTxIn(prevOut *OutPoint, signatureScript []byte, witness [][]byte) *TxIn { 203 return &TxIn{ 204 PreviousOutPoint: *prevOut, 205 SignatureScript: signatureScript, 206 Witness: witness, 207 Sequence: MaxTxInSequenceNum, 208 } 209 } 210 211 // TxWitness defines the witness for a TxIn. A witness is to be interpreted as 212 // a slice of byte slices, or a stack with one or many elements. 213 type TxWitness [][]byte 214 215 // SerializeSize returns the number of bytes it would take to serialize the the 216 // transaction input's witness. 217 func (t TxWitness) SerializeSize() int { 218 // A varint to signal the number of element the witness has. 219 n := VarIntSerializeSize(uint64(len(t))) 220 221 // For each element in the witness, we'll need a varint to signal the 222 // size of the element, then finally the number of bytes the element 223 // itself comprises. 224 for _, witItem := range t { 225 n += VarIntSerializeSize(uint64(len(witItem))) 226 n += len(witItem) 227 } 228 229 return n 230 } 231 232 // TxOut defines a bitcoin transaction output. 233 type TxOut struct { 234 Value int64 `json:"val"` 235 PkScript []byte `json:"pkscript"` 236 } 237 238 // SerializeSize returns the number of bytes it would take to serialize the 239 // the transaction output. 240 func (t *TxOut) SerializeSize() int { 241 // Value 8 bytes + serialized varint size for the length of PkScript + 242 // PkScript bytes. 243 return 8 + VarIntSerializeSize(uint64(len(t.PkScript))) + len(t.PkScript) 244 } 245 246 // NewTxOut returns a new bitcoin transaction output with the provided 247 // transaction value and public key script. 248 func NewTxOut(value int64, pkScript []byte) *TxOut { 249 return &TxOut{ 250 Value: value, 251 PkScript: pkScript, 252 } 253 } 254 255 // MsgTx implements the Message interface and represents a bitcoin tx message. 256 // It is used to deliver transaction information in response to a getdata 257 // message (MsgGetData) for a given transaction. 258 // 259 // Use the AddTxIn and AddTxOut functions to build up the list of transaction 260 // inputs and outputs. 261 type MsgTx struct { 262 Version int32 263 TxIn []*TxIn 264 TxOut []*TxOut 265 LockTime uint32 266 } 267 268 // AddTxIn adds a transaction input to the message. 269 func (msg *MsgTx) AddTxIn(ti *TxIn) { 270 msg.TxIn = append(msg.TxIn, ti) 271 } 272 273 // AddTxOut adds a transaction output to the message. 274 func (msg *MsgTx) AddTxOut(to *TxOut) { 275 msg.TxOut = append(msg.TxOut, to) 276 } 277 278 // TxHash generates the Hash for the transaction. 279 func (msg *MsgTx) TxHash() chainhash.Hash { 280 // Encode the transaction and calculate double sha256 on the result. 281 // Ignore the error returns since the only way the encode could fail 282 // is being out of memory or due to nil pointers, both of which would 283 // cause a run-time panic. 284 buf := bytes.NewBuffer(make([]byte, 0, msg.SerializeSizeStripped())) 285 _ = msg.SerializeNoWitness(buf) 286 return chainhash.DoubleHashH(buf.Bytes()) 287 } 288 289 // WitnessHash generates the hash of the transaction serialized according to 290 // the new witness serialization defined in BIP0141 and BIP0144. The final 291 // output is used within the Segregated Witness commitment of all the witnesses 292 // within a block. If a transaction has no witness data, then the witness hash, 293 // is the same as its txid. 294 func (msg *MsgTx) WitnessHash() chainhash.Hash { 295 if msg.HasWitness() { 296 buf := bytes.NewBuffer(make([]byte, 0, msg.SerializeSize())) 297 _ = msg.Serialize(buf) 298 return chainhash.DoubleHashH(buf.Bytes()) 299 } 300 301 return msg.TxHash() 302 } 303 304 // Copy creates a deep copy of a transaction so that the original does not get 305 // modified when the copy is manipulated. 306 func (msg *MsgTx) Copy() *MsgTx { 307 // Create new tx and start by copying primitive values and making space 308 // for the transaction inputs and outputs. 309 newTx := MsgTx{ 310 Version: msg.Version, 311 TxIn: make([]*TxIn, 0, len(msg.TxIn)), 312 TxOut: make([]*TxOut, 0, len(msg.TxOut)), 313 LockTime: msg.LockTime, 314 } 315 316 // Deep copy the old TxIn data. 317 for _, oldTxIn := range msg.TxIn { 318 // Deep copy the old previous outpoint. 319 oldOutPoint := oldTxIn.PreviousOutPoint 320 newOutPoint := OutPoint{} 321 newOutPoint.Hash.SetBytes(oldOutPoint.Hash[:]) 322 newOutPoint.Index = oldOutPoint.Index 323 324 // Deep copy the old signature script. 325 var newScript []byte 326 oldScript := oldTxIn.SignatureScript 327 oldScriptLen := len(oldScript) 328 if oldScriptLen > 0 { 329 newScript = make([]byte, oldScriptLen, oldScriptLen) 330 copy(newScript, oldScript[:oldScriptLen]) 331 } 332 333 // Create new txIn with the deep copied data. 334 newTxIn := TxIn{ 335 PreviousOutPoint: newOutPoint, 336 SignatureScript: newScript, 337 Sequence: oldTxIn.Sequence, 338 } 339 340 // If the transaction is witnessy, then also copy the 341 // witnesses. 342 if len(oldTxIn.Witness) != 0 { 343 // Deep copy the old witness data. 344 newTxIn.Witness = make([][]byte, len(oldTxIn.Witness)) 345 for i, oldItem := range oldTxIn.Witness { 346 newItem := make([]byte, len(oldItem)) 347 copy(newItem, oldItem) 348 newTxIn.Witness[i] = newItem 349 } 350 } 351 352 // Finally, append this fully copied txin. 353 newTx.TxIn = append(newTx.TxIn, &newTxIn) 354 } 355 356 // Deep copy the old TxOut data. 357 for _, oldTxOut := range msg.TxOut { 358 // Deep copy the old PkScript 359 var newScript []byte 360 oldScript := oldTxOut.PkScript 361 oldScriptLen := len(oldScript) 362 if oldScriptLen > 0 { 363 newScript = make([]byte, oldScriptLen, oldScriptLen) 364 copy(newScript, oldScript[:oldScriptLen]) 365 } 366 367 // Create new txOut with the deep copied data and append it to 368 // new Tx. 369 newTxOut := TxOut{ 370 Value: oldTxOut.Value, 371 PkScript: newScript, 372 } 373 newTx.TxOut = append(newTx.TxOut, &newTxOut) 374 } 375 376 return &newTx 377 } 378 379 // BtcDecode decodes r using the bitcoin protocol encoding into the receiver. 380 // This is part of the Message interface implementation. 381 // See Deserialize for decoding transactions stored to disk, such as in a 382 // database, as opposed to decoding transactions from the wire. 383 func (msg *MsgTx) BtcDecode(r io.Reader, pver uint32, enc MessageEncoding) error { 384 version, err := binarySerializer.Uint32(r, littleEndian) 385 if err != nil { 386 return err 387 } 388 msg.Version = int32(version) 389 390 count, err := ReadVarInt(r, pver) 391 if err != nil { 392 return err 393 } 394 395 // A count of zero (meaning no TxIn's to the uninitiated) indicates 396 // this is a transaction with witness data. 397 var flag [1]byte 398 if count == 0 && enc == WitnessEncoding { 399 // Next, we need to read the flag, which is a single byte. 400 if _, err = io.ReadFull(r, flag[:]); err != nil { 401 return err 402 } 403 404 // At the moment, the flag MUST be 0x01. In the future other 405 // flag types may be supported. 406 if flag[0] != 0x01 { 407 str := fmt.Sprintf("witness tx but flag byte is %x", flag) 408 return messageError("MsgTx.BtcDecode", str) 409 } 410 411 // With the Segregated Witness specific fields decoded, we can 412 // now read in the actual txin count. 413 count, err = ReadVarInt(r, pver) 414 if err != nil { 415 return err 416 } 417 } 418 419 // Prevent more input transactions than could possibly fit into a 420 // message. It would be possible to cause memory exhaustion and panics 421 // without a sane upper bound on this count. 422 if count > uint64(maxTxInPerMessage) { 423 str := fmt.Sprintf("too many input transactions to fit into "+ 424 "max message size [count %d, max %d]", count, 425 maxTxInPerMessage) 426 return messageError("MsgTx.BtcDecode", str) 427 } 428 429 // returnScriptBuffers is a closure that returns any script buffers that 430 // were borrowed from the pool when there are any deserialization 431 // errors. This is only valid to call before the final step which 432 // replaces the scripts with the location in a contiguous buffer and 433 // returns them. 434 returnScriptBuffers := func() { 435 for _, txIn := range msg.TxIn { 436 if txIn == nil { 437 continue 438 } 439 440 if txIn.SignatureScript != nil { 441 scriptPool.Return(txIn.SignatureScript) 442 } 443 444 for _, witnessElem := range txIn.Witness { 445 scriptPool.Return(witnessElem) 446 } 447 } 448 for _, txOut := range msg.TxOut { 449 if txOut == nil || txOut.PkScript == nil { 450 continue 451 } 452 scriptPool.Return(txOut.PkScript) 453 } 454 } 455 456 // Deserialize the inputs. 457 var totalScriptSize uint64 458 txIns := make([]TxIn, count) 459 msg.TxIn = make([]*TxIn, count) 460 for i := uint64(0); i < count; i++ { 461 // The pointer is set now in case a script buffer is borrowed 462 // and needs to be returned to the pool on error. 463 ti := &txIns[i] 464 msg.TxIn[i] = ti 465 err = readTxIn(r, pver, msg.Version, ti) 466 if err != nil { 467 returnScriptBuffers() 468 return err 469 } 470 totalScriptSize += uint64(len(ti.SignatureScript)) 471 } 472 473 count, err = ReadVarInt(r, pver) 474 if err != nil { 475 returnScriptBuffers() 476 return err 477 } 478 479 // Prevent more output transactions than could possibly fit into a 480 // message. It would be possible to cause memory exhaustion and panics 481 // without a sane upper bound on this count. 482 if count > uint64(maxTxOutPerMessage) { 483 returnScriptBuffers() 484 str := fmt.Sprintf("too many output transactions to fit into "+ 485 "max message size [count %d, max %d]", count, 486 maxTxOutPerMessage) 487 return messageError("MsgTx.BtcDecode", str) 488 } 489 490 // Deserialize the outputs. 491 txOuts := make([]TxOut, count) 492 msg.TxOut = make([]*TxOut, count) 493 for i := uint64(0); i < count; i++ { 494 // The pointer is set now in case a script buffer is borrowed 495 // and needs to be returned to the pool on error. 496 to := &txOuts[i] 497 msg.TxOut[i] = to 498 err = readTxOut(r, pver, msg.Version, to) 499 if err != nil { 500 returnScriptBuffers() 501 return err 502 } 503 totalScriptSize += uint64(len(to.PkScript)) 504 } 505 506 // If the transaction's flag byte isn't 0x00 at this point, then one or 507 // more of its inputs has accompanying witness data. 508 if flag[0] != 0 && enc == WitnessEncoding { 509 for _, txin := range msg.TxIn { 510 // For each input, the witness is encoded as a stack 511 // with one or more items. Therefore, we first read a 512 // varint which encodes the number of stack items. 513 witCount, err := ReadVarInt(r, pver) 514 if err != nil { 515 returnScriptBuffers() 516 return err 517 } 518 519 // Prevent a possible memory exhaustion attack by 520 // limiting the witCount value to a sane upper bound. 521 if witCount > maxWitnessItemsPerInput { 522 str := fmt.Sprintf("too many witness items to fit "+ 523 "into max message size [count %d, max %d]", 524 witCount, maxWitnessItemsPerInput) 525 returnScriptBuffers() 526 return messageError("MsgTx.BtcDecode", str) 527 } 528 529 // Then for witCount number of stack items, each item 530 // has a varint length prefix, followed by the witness 531 // item itself. 532 txin.Witness = make([][]byte, witCount) 533 for j := uint64(0); j < witCount; j++ { 534 witPush, err := readScript(r, pver, 535 maxWitnessItemSize, "script witness item") 536 if err != nil { 537 returnScriptBuffers() 538 return err 539 } 540 txin.Witness[j] = witPush 541 totalScriptSize += uint64(len(witPush)) 542 } 543 } 544 } 545 546 msg.LockTime, err = binarySerializer.Uint32(r, littleEndian) 547 if err != nil { 548 returnScriptBuffers() 549 return err 550 } 551 552 // Create a single allocation to house all of the scripts and set each 553 // input signature script and output public key script to the 554 // appropriate subslice of the overall contiguous buffer. Then, return 555 // each individual script buffer back to the pool so they can be reused 556 // for future deserializations. This is done because it significantly 557 // reduces the number of allocations the garbage collector needs to 558 // track, which in turn improves performance and drastically reduces the 559 // amount of runtime overhead that would otherwise be needed to keep 560 // track of millions of small allocations. 561 // 562 // NOTE: It is no longer valid to call the returnScriptBuffers closure 563 // after these blocks of code run because it is already done and the 564 // scripts in the transaction inputs and outputs no longer point to the 565 // buffers. 566 var offset uint64 567 scripts := make([]byte, totalScriptSize) 568 for i := 0; i < len(msg.TxIn); i++ { 569 // Copy the signature script into the contiguous buffer at the 570 // appropriate offset. 571 signatureScript := msg.TxIn[i].SignatureScript 572 copy(scripts[offset:], signatureScript) 573 574 // Reset the signature script of the transaction input to the 575 // slice of the contiguous buffer where the script lives. 576 scriptSize := uint64(len(signatureScript)) 577 end := offset + scriptSize 578 msg.TxIn[i].SignatureScript = scripts[offset:end:end] 579 offset += scriptSize 580 581 for j := 0; j < len(msg.TxIn[i].Witness); j++ { 582 // Copy each item within the witness stack for this 583 // input into the contiguous buffer at the appropriate 584 // offset. 585 witnessElem := msg.TxIn[i].Witness[j] 586 copy(scripts[offset:], witnessElem) 587 588 // Reset the witness item within the stack to the slice 589 // of the contiguous buffer where the witness lives. 590 witnessElemSize := uint64(len(witnessElem)) 591 end := offset + witnessElemSize 592 msg.TxIn[i].Witness[j] = scripts[offset:end:end] 593 offset += witnessElemSize 594 595 // Return the temporary buffer used for the witness stack 596 // item to the pool. 597 scriptPool.Return(witnessElem) 598 } 599 600 // Return the temporary script buffer to the pool. 601 scriptPool.Return(signatureScript) 602 } 603 for i := 0; i < len(msg.TxOut); i++ { 604 // Copy the public key script into the contiguous buffer at the 605 // appropriate offset. 606 pkScript := msg.TxOut[i].PkScript 607 copy(scripts[offset:], pkScript) 608 609 // Reset the public key script of the transaction output to the 610 // slice of the contiguous buffer where the script lives. 611 scriptSize := uint64(len(pkScript)) 612 end := offset + scriptSize 613 msg.TxOut[i].PkScript = scripts[offset:end:end] 614 offset += scriptSize 615 616 // Return the temporary script buffer to the pool. 617 scriptPool.Return(pkScript) 618 } 619 620 return nil 621 } 622 623 // Deserialize decodes a transaction from r into the receiver using a format 624 // that is suitable for long-term storage such as a database while respecting 625 // the Version field in the transaction. This function differs from BtcDecode 626 // in that BtcDecode decodes from the bitcoin wire protocol as it was sent 627 // across the network. The wire encoding can technically differ depending on 628 // the protocol version and doesn't even really need to match the format of a 629 // stored transaction at all. As of the time this comment was written, the 630 // encoded transaction is the same in both instances, but there is a distinct 631 // difference and separating the two allows the API to be flexible enough to 632 // deal with changes. 633 func (msg *MsgTx) Deserialize(r io.Reader) error { 634 // At the current time, there is no difference between the wire encoding 635 // at protocol version 0 and the stable long-term storage format. As 636 // a result, make use of BtcDecode. 637 return msg.BtcDecode(r, 0, WitnessEncoding) 638 } 639 640 // DeserializeNoWitness decodes a transaction from r into the receiver, where 641 // the transaction encoding format within r MUST NOT utilize the new 642 // serialization format created to encode transaction bearing witness data 643 // within inputs. 644 func (msg *MsgTx) DeserializeNoWitness(r io.Reader) error { 645 return msg.BtcDecode(r, 0, BaseEncoding) 646 } 647 648 // BtcEncode encodes the receiver to w using the bitcoin protocol encoding. 649 // This is part of the Message interface implementation. 650 // See Serialize for encoding transactions to be stored to disk, such as in a 651 // database, as opposed to encoding transactions for the wire. 652 func (msg *MsgTx) BtcEncode(w io.Writer, pver uint32, enc MessageEncoding) error { 653 err := binarySerializer.PutUint32(w, littleEndian, uint32(msg.Version)) 654 if err != nil { 655 return err 656 } 657 658 // If the encoding version is set to WitnessEncoding, and the Flags 659 // field for the MsgTx aren't 0x00, then this indicates the transaction 660 // is to be encoded using the new witness inclusionary structure 661 // defined in BIP0144. 662 if enc == WitnessEncoding && msg.HasWitness() { 663 // After the txn's Version field, we include two additional 664 // bytes specific to the witness encoding. The first byte is an 665 // always 0x00 marker byte, which allows decoders to 666 // distinguish a serialized transaction with witnesses from a 667 // regular (legacy) one. The second byte is the Flag field, 668 // which at the moment is always 0x01, but way be extended in 669 // the future to accommodate auxiliary non-committed fields. 670 if _, err := w.Write([]byte{0x00, 0x01}); err != nil { 671 return err 672 } 673 } 674 675 count := uint64(len(msg.TxIn)) 676 err = WriteVarInt(w, pver, count) 677 if err != nil { 678 return err 679 } 680 681 for _, ti := range msg.TxIn { 682 err = writeTxIn(w, pver, msg.Version, ti) 683 if err != nil { 684 return err 685 } 686 } 687 688 count = uint64(len(msg.TxOut)) 689 err = WriteVarInt(w, pver, count) 690 if err != nil { 691 return err 692 } 693 694 for _, to := range msg.TxOut { 695 err = WriteTxOut(w, pver, msg.Version, to) 696 if err != nil { 697 return err 698 } 699 } 700 701 // If this transaction is a witness transaction, and the witness 702 // encoded is desired, then encode the witness for each of the inputs 703 // within the transaction. 704 if enc == WitnessEncoding && msg.HasWitness() { 705 for _, ti := range msg.TxIn { 706 err = writeTxWitness(w, pver, msg.Version, ti.Witness) 707 if err != nil { 708 return err 709 } 710 } 711 } 712 713 err = binarySerializer.PutUint32(w, littleEndian, msg.LockTime) 714 if err != nil { 715 return err 716 } 717 718 return nil 719 } 720 721 // HasWitness returns false if none of the inputs within the transaction 722 // contain witness data, true false otherwise. 723 func (msg *MsgTx) HasWitness() bool { 724 for _, txIn := range msg.TxIn { 725 if len(txIn.Witness) != 0 { 726 return true 727 } 728 } 729 730 return false 731 } 732 733 // Serialize encodes the transaction to w using a format that suitable for 734 // long-term storage such as a database while respecting the Version field in 735 // the transaction. This function differs from BtcEncode in that BtcEncode 736 // encodes the transaction to the bitcoin wire protocol in order to be sent 737 // across the network. The wire encoding can technically differ depending on 738 // the protocol version and doesn't even really need to match the format of a 739 // stored transaction at all. As of the time this comment was written, the 740 // encoded transaction is the same in both instances, but there is a distinct 741 // difference and separating the two allows the API to be flexible enough to 742 // deal with changes. 743 func (msg *MsgTx) Serialize(w io.Writer) error { 744 // At the current time, there is no difference between the wire encoding 745 // at protocol version 0 and the stable long-term storage format. As 746 // a result, make use of BtcEncode. 747 // 748 // Passing a encoding type of WitnessEncoding to BtcEncode for MsgTx 749 // indicates that the transaction's witnesses (if any) should be 750 // serialized according to the new serialization structure defined in 751 // BIP0144. 752 return msg.BtcEncode(w, 0, WitnessEncoding) 753 } 754 755 // SerializeWitness encodes the transaction to w in an identical manner to 756 // Serialize, however even if the source transaction has inputs with witness 757 // data, the old serialization format will still be used. 758 func (msg *MsgTx) SerializeNoWitness(w io.Writer) error { 759 return msg.BtcEncode(w, 0, BaseEncoding) 760 } 761 762 // baseSize returns the serialized size of the transaction without accounting 763 // for any witness data. 764 func (msg *MsgTx) baseSize() int { 765 // Version 4 bytes + LockTime 4 bytes + Serialized varint size for the 766 // number of transaction inputs and outputs. 767 n := 8 + VarIntSerializeSize(uint64(len(msg.TxIn))) + 768 VarIntSerializeSize(uint64(len(msg.TxOut))) 769 770 for _, txIn := range msg.TxIn { 771 n += txIn.SerializeSize() 772 } 773 774 for _, txOut := range msg.TxOut { 775 n += txOut.SerializeSize() 776 } 777 778 return n 779 } 780 781 // SerializeSize returns the number of bytes it would take to serialize the 782 // the transaction. 783 func (msg *MsgTx) SerializeSize() int { 784 n := msg.baseSize() 785 786 if msg.HasWitness() { 787 // The marker, and flag fields take up two additional bytes. 788 n += 2 789 790 // Additionally, factor in the serialized size of each of the 791 // witnesses for each txin. 792 for _, txin := range msg.TxIn { 793 n += txin.Witness.SerializeSize() 794 } 795 } 796 797 return n 798 } 799 800 // SerializeSizeStripped returns the number of bytes it would take to serialize 801 // the transaction, excluding any included witness data. 802 func (msg *MsgTx) SerializeSizeStripped() int { 803 return msg.baseSize() 804 } 805 806 // Command returns the protocol command string for the message. This is part 807 // of the Message interface implementation. 808 func (msg *MsgTx) Command() string { 809 return CmdTx 810 } 811 812 // MaxPayloadLength returns the maximum length the payload can be for the 813 // receiver. This is part of the Message interface implementation. 814 func (msg *MsgTx) MaxPayloadLength(pver uint32) uint32 { 815 return MaxBlockPayload 816 } 817 818 // PkScriptLocs returns a slice containing the start of each public key script 819 // within the raw serialized transaction. The caller can easily obtain the 820 // length of each script by using len on the script available via the 821 // appropriate transaction output entry. 822 func (msg *MsgTx) PkScriptLocs() []int { 823 numTxOut := len(msg.TxOut) 824 if numTxOut == 0 { 825 return nil 826 } 827 828 // The starting offset in the serialized transaction of the first 829 // transaction output is: 830 // 831 // Version 4 bytes + serialized varint size for the number of 832 // transaction inputs and outputs + serialized size of each transaction 833 // input. 834 n := 4 + VarIntSerializeSize(uint64(len(msg.TxIn))) + 835 VarIntSerializeSize(uint64(numTxOut)) 836 837 // If this transaction has a witness input, the an additional two bytes 838 // for the marker, and flag byte need to be taken into account. 839 if msg.TxIn[0].Witness != nil { 840 n += 2 841 } 842 843 for _, txIn := range msg.TxIn { 844 n += txIn.SerializeSize() 845 } 846 847 // Calculate and set the appropriate offset for each public key script. 848 pkScriptLocs := make([]int, numTxOut) 849 for i, txOut := range msg.TxOut { 850 // The offset of the script in the transaction output is: 851 // 852 // Value 8 bytes + serialized varint size for the length of 853 // PkScript. 854 n += 8 + VarIntSerializeSize(uint64(len(txOut.PkScript))) 855 pkScriptLocs[i] = n 856 n += len(txOut.PkScript) 857 } 858 859 return pkScriptLocs 860 } 861 862 // NewMsgTx returns a new bitcoin tx message that conforms to the Message 863 // interface. The return instance has a default version of TxVersion and there 864 // are no transaction inputs or outputs. Also, the lock time is set to zero 865 // to indicate the transaction is valid immediately as opposed to some time in 866 // future. 867 func NewMsgTx() *MsgTx { 868 return &MsgTx{ 869 Version: TxVersion, 870 TxIn: make([]*TxIn, 0, defaultTxInOutAlloc), 871 TxOut: make([]*TxOut, 0, defaultTxInOutAlloc), 872 } 873 } 874 875 // readOutPoint reads the next sequence of bytes from r as an OutPoint. 876 func readOutPoint(r io.Reader, pver uint32, version int32, op *OutPoint) error { 877 _, err := io.ReadFull(r, op.Hash[:]) 878 if err != nil { 879 return err 880 } 881 882 op.Index, err = binarySerializer.Uint32(r, littleEndian) 883 if err != nil { 884 return err 885 } 886 887 return nil 888 } 889 890 // writeOutPoint encodes op to the bitcoin protocol encoding for an OutPoint 891 // to w. 892 func writeOutPoint(w io.Writer, pver uint32, version int32, op *OutPoint) error { 893 _, err := w.Write(op.Hash[:]) 894 if err != nil { 895 return err 896 } 897 898 err = binarySerializer.PutUint32(w, littleEndian, op.Index) 899 if err != nil { 900 return err 901 } 902 return nil 903 } 904 905 // readScript reads a variable length byte array that represents a transaction 906 // script. It is encoded as a varInt containing the length of the array 907 // followed by the bytes themselves. An error is returned if the length is 908 // greater than the passed maxAllowed parameter which helps protect against 909 // memory exhaustion attacks and forced panics thorugh malformed messages. The 910 // fieldName parameter is only used for the error message so it provides more 911 // context in the error. 912 func readScript(r io.Reader, pver uint32, maxAllowed uint32, fieldName string) ([]byte, error) { 913 count, err := ReadVarInt(r, pver) 914 if err != nil { 915 return nil, err 916 } 917 918 // Prevent byte array larger than the max message size. It would 919 // be possible to cause memory exhaustion and panics without a sane 920 // upper bound on this count. 921 if count > uint64(maxAllowed) { 922 str := fmt.Sprintf("%s is larger than the max allowed size "+ 923 "[count %d, max %d]", fieldName, count, maxAllowed) 924 return nil, messageError("readScript", str) 925 } 926 927 b := scriptPool.Borrow(count) 928 _, err = io.ReadFull(r, b) 929 if err != nil { 930 scriptPool.Return(b) 931 return nil, err 932 } 933 return b, nil 934 } 935 936 // readTxIn reads the next sequence of bytes from r as a transaction input 937 // (TxIn). 938 func readTxIn(r io.Reader, pver uint32, version int32, ti *TxIn) error { 939 err := readOutPoint(r, pver, version, &ti.PreviousOutPoint) 940 if err != nil { 941 return err 942 } 943 944 ti.SignatureScript, err = readScript(r, pver, MaxMessagePayload, 945 "transaction input signature script") 946 if err != nil { 947 return err 948 } 949 950 err = readElement(r, &ti.Sequence) 951 if err != nil { 952 return err 953 } 954 955 return nil 956 } 957 958 // writeTxIn encodes ti to the bitcoin protocol encoding for a transaction 959 // input (TxIn) to w. 960 func writeTxIn(w io.Writer, pver uint32, version int32, ti *TxIn) error { 961 err := writeOutPoint(w, pver, version, &ti.PreviousOutPoint) 962 if err != nil { 963 return err 964 } 965 966 err = WriteVarBytes(w, pver, ti.SignatureScript) 967 if err != nil { 968 return err 969 } 970 971 err = binarySerializer.PutUint32(w, littleEndian, ti.Sequence) 972 if err != nil { 973 return err 974 } 975 976 return nil 977 } 978 979 // readTxOut reads the next sequence of bytes from r as a transaction output 980 // (TxOut). 981 func readTxOut(r io.Reader, pver uint32, version int32, to *TxOut) error { 982 err := readElement(r, &to.Value) 983 if err != nil { 984 return err 985 } 986 987 to.PkScript, err = readScript(r, pver, MaxMessagePayload, 988 "transaction output public key script") 989 if err != nil { 990 return err 991 } 992 993 return nil 994 } 995 996 // WriteTxOut encodes to into the bitcoin protocol encoding for a transaction 997 // output (TxOut) to w. 998 // 999 // NOTE: This function is exported in order to allow txscript to compute the 1000 // new sighashes for witness transactions (BIP0143). 1001 func WriteTxOut(w io.Writer, pver uint32, version int32, to *TxOut) error { 1002 err := binarySerializer.PutUint64(w, littleEndian, uint64(to.Value)) 1003 if err != nil { 1004 return err 1005 } 1006 1007 err = WriteVarBytes(w, pver, to.PkScript) 1008 if err != nil { 1009 return err 1010 } 1011 return nil 1012 } 1013 1014 // writeTxWitness encodes the bitcoin protocol encoding for a transaction 1015 // input's witness into to w. 1016 func writeTxWitness(w io.Writer, pver uint32, version int32, wit [][]byte) error { 1017 err := WriteVarInt(w, pver, uint64(len(wit))) 1018 if err != nil { 1019 return err 1020 } 1021 for _, item := range wit { 1022 err = WriteVarBytes(w, pver, item) 1023 if err != nil { 1024 return err 1025 } 1026 } 1027 return nil 1028 }