Branch data Line data Source code
1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : : // Copyright (c) 2009-present The Bitcoin Core developers
3 : : // Distributed under the MIT software license, see the accompanying
4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 : :
6 : : #ifndef BITCOIN_POLICY_POLICY_H
7 : : #define BITCOIN_POLICY_POLICY_H
8 : :
9 : : #include <consensus/amount.h>
10 : : #include <consensus/consensus.h>
11 : : #include <primitives/transaction.h>
12 : : #include <script/interpreter.h>
13 : : #include <script/solver.h>
14 : : #include <util/feefrac.h>
15 : :
16 : : #include <cstdint>
17 : : #include <string>
18 : :
19 : : class CCoinsViewCache;
20 : : class CFeeRate;
21 : : class CScript;
22 : :
23 : : /** Default for -blockmaxweight, which controls the range of block weights the mining code will create **/
24 : : static constexpr unsigned int DEFAULT_BLOCK_MAX_WEIGHT{MAX_BLOCK_WEIGHT};
25 : : /** Default for -blockreservedweight **/
26 : : static constexpr unsigned int DEFAULT_BLOCK_RESERVED_WEIGHT{8000};
27 : : /** Default sigops cost to reserve for coinbase transaction outputs when creating block templates. */
28 : : static constexpr unsigned int DEFAULT_COINBASE_OUTPUT_MAX_ADDITIONAL_SIGOPS{400};
29 : : /** This accounts for the block header, var_int encoding of the transaction count and a minimally viable
30 : : * coinbase transaction. It adds an additional safety margin, because even with a thorough understanding
31 : : * of block serialization, it's easy to make a costly mistake when trying to squeeze every last byte.
32 : : * Setting a lower value is prevented at startup. */
33 : : static constexpr unsigned int MINIMUM_BLOCK_RESERVED_WEIGHT{2000};
34 : : /** Default for -blockmintxfee, which sets the minimum feerate for a transaction in blocks created by mining code **/
35 : : static constexpr unsigned int DEFAULT_BLOCK_MIN_TX_FEE{1};
36 : : /** The maximum weight for transactions we're willing to relay/mine */
37 : : static constexpr int32_t MAX_STANDARD_TX_WEIGHT{400000};
38 : : /** The minimum non-witness size for transactions we're willing to relay/mine: one larger than 64 */
39 : : static constexpr unsigned int MIN_STANDARD_TX_NONWITNESS_SIZE{65};
40 : : /** Maximum number of signature check operations in an IsStandard() P2SH script */
41 : : static constexpr unsigned int MAX_P2SH_SIGOPS{15};
42 : : /** The maximum number of sigops we're willing to relay/mine in a single tx */
43 : : static constexpr unsigned int MAX_STANDARD_TX_SIGOPS_COST{MAX_BLOCK_SIGOPS_COST/5};
44 : : /** The maximum number of potentially executed legacy signature operations in a single standard tx */
45 : : static constexpr unsigned int MAX_TX_LEGACY_SIGOPS{2'500};
46 : : /** Default for -incrementalrelayfee, which sets the minimum feerate increase for mempool limiting or replacement **/
47 : : static constexpr unsigned int DEFAULT_INCREMENTAL_RELAY_FEE{100};
48 : : /** Default for -bytespersigop */
49 : : static constexpr unsigned int DEFAULT_BYTES_PER_SIGOP{20};
50 : : /** Default for -permitbaremultisig */
51 : : static constexpr bool DEFAULT_PERMIT_BAREMULTISIG{true};
52 : : /** The maximum number of witness stack items in a standard P2WSH script */
53 : : static constexpr unsigned int MAX_STANDARD_P2WSH_STACK_ITEMS{100};
54 : : /** The maximum size in bytes of each witness stack item in a standard P2WSH script */
55 : : static constexpr unsigned int MAX_STANDARD_P2WSH_STACK_ITEM_SIZE{80};
56 : : /** The maximum size in bytes of each witness stack item in a standard BIP 342 script (Taproot, leaf version 0xc0) */
57 : : static constexpr unsigned int MAX_STANDARD_TAPSCRIPT_STACK_ITEM_SIZE{80};
58 : : /** The maximum size in bytes of a standard witnessScript */
59 : : static constexpr unsigned int MAX_STANDARD_P2WSH_SCRIPT_SIZE{3600};
60 : : /** The maximum size of a standard ScriptSig */
61 : : static constexpr unsigned int MAX_STANDARD_SCRIPTSIG_SIZE{1650};
62 : : /** Min feerate for defining dust.
63 : : * Changing the dust limit changes which transactions are
64 : : * standard and should be done with care and ideally rarely. It makes sense to
65 : : * only increase the dust limit after prior releases were already not creating
66 : : * outputs below the new threshold */
67 : : static constexpr unsigned int DUST_RELAY_TX_FEE{3000};
68 : : /** Default for -minrelaytxfee, minimum relay fee for transactions */
69 : : static constexpr unsigned int DEFAULT_MIN_RELAY_TX_FEE{100};
70 : : /** Maximum number of transactions per cluster (default) */
71 : : static constexpr unsigned int DEFAULT_CLUSTER_LIMIT{64};
72 : : /** Maximum size of cluster in virtual kilobytes */
73 : : static constexpr unsigned int DEFAULT_CLUSTER_SIZE_LIMIT_KVB{101};
74 : : /** Default for -limitancestorcount, max number of in-mempool ancestors */
75 : : static constexpr unsigned int DEFAULT_ANCESTOR_LIMIT{25};
76 : : /** Default for -limitdescendantcount, max number of in-mempool descendants */
77 : : static constexpr unsigned int DEFAULT_DESCENDANT_LIMIT{25};
78 : : /** Default for -datacarrier */
79 : : static const bool DEFAULT_ACCEPT_DATACARRIER = true;
80 : : /**
81 : : * Default setting for -datacarriersize in vbytes.
82 : : */
83 : : static const unsigned int MAX_OP_RETURN_RELAY = MAX_STANDARD_TX_WEIGHT / WITNESS_SCALE_FACTOR;
84 : : /**
85 : : * An extra transaction can be added to a package, as long as it only has one
86 : : * ancestor and is no larger than this. Not really any reason to make this
87 : : * configurable as it doesn't materially change DoS parameters.
88 : : */
89 : : static constexpr unsigned int EXTRA_DESCENDANT_TX_SIZE_LIMIT{10000};
90 : :
91 : : /**
92 : : * Maximum number of ephemeral dust outputs allowed.
93 : : */
94 : : static constexpr unsigned int MAX_DUST_OUTPUTS_PER_TX{1};
95 : :
96 : : /**
97 : : * Mandatory script verification flags that all new transactions must comply with for
98 : : * them to be valid. Failing one of these tests may trigger a DoS ban;
99 : : * see CheckInputScripts() for details.
100 : : *
101 : : * Note that this does not affect consensus validity; see GetBlockScriptFlags()
102 : : * for that.
103 : : */
104 : : static constexpr script_verify_flags MANDATORY_SCRIPT_VERIFY_FLAGS{SCRIPT_VERIFY_P2SH |
105 : : SCRIPT_VERIFY_DERSIG |
106 : : SCRIPT_VERIFY_NULLDUMMY |
107 : : SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY |
108 : : SCRIPT_VERIFY_CHECKSEQUENCEVERIFY |
109 : : SCRIPT_VERIFY_WITNESS |
110 : : SCRIPT_VERIFY_TAPROOT};
111 : :
112 : : /**
113 : : * Standard script verification flags that standard transactions will comply
114 : : * with. However we do not ban/disconnect nodes that forward txs violating
115 : : * the additional (non-mandatory) rules here, to improve forwards and
116 : : * backwards compatibility.
117 : : */
118 : : static constexpr script_verify_flags STANDARD_SCRIPT_VERIFY_FLAGS{MANDATORY_SCRIPT_VERIFY_FLAGS |
119 : : SCRIPT_VERIFY_STRICTENC |
120 : : SCRIPT_VERIFY_MINIMALDATA |
121 : : SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS |
122 : : SCRIPT_VERIFY_CLEANSTACK |
123 : : SCRIPT_VERIFY_MINIMALIF |
124 : : SCRIPT_VERIFY_NULLFAIL |
125 : : SCRIPT_VERIFY_LOW_S |
126 : : SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM |
127 : : SCRIPT_VERIFY_WITNESS_PUBKEYTYPE |
128 : : SCRIPT_VERIFY_CONST_SCRIPTCODE |
129 : : SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION |
130 : : SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS |
131 : : SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE};
132 : :
133 : : /** For convenience, standard but not mandatory verify flags. */
134 : : static constexpr script_verify_flags STANDARD_NOT_MANDATORY_VERIFY_FLAGS{STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS};
135 : :
136 : : /** Used as the flags parameter to sequence and nLocktime checks in non-consensus code. */
137 : : static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS{LOCKTIME_VERIFY_SEQUENCE};
138 : :
139 : : CAmount GetDustThreshold(const CTxOut& txout, const CFeeRate& dustRelayFee);
140 : :
141 : : bool IsDust(const CTxOut& txout, const CFeeRate& dustRelayFee);
142 : :
143 : : bool IsStandard(const CScript& scriptPubKey, TxoutType& whichType);
144 : :
145 : : /** Get the vout index numbers of all dust outputs */
146 : : std::vector<uint32_t> GetDust(const CTransaction& tx, CFeeRate dust_relay_rate);
147 : :
148 : : // Changing the default transaction version requires a two step process: first
149 : : // adapting relay policy by bumping TX_MAX_STANDARD_VERSION, and then later
150 : : // allowing the new transaction version in the wallet/RPC.
151 : : static constexpr decltype(CTransaction::version) TX_MIN_STANDARD_VERSION{1};
152 : : static constexpr decltype(CTransaction::version) TX_MAX_STANDARD_VERSION{3};
153 : :
154 : : /**
155 : : * Check for standard transaction types
156 : : * @return True if all outputs (scriptPubKeys) use only standard transaction forms
157 : : */
158 : : bool IsStandardTx(const CTransaction& tx, const std::optional<unsigned>& max_datacarrier_bytes, bool permit_bare_multisig, const CFeeRate& dust_relay_fee, std::string& reason);
159 : : /**
160 : : * Check for standard transaction types
161 : : * @param[in] mapInputs Map of previous transactions that have outputs we're spending
162 : : * @return True if all inputs (scriptSigs) use only standard transaction forms
163 : : */
164 : : bool AreInputsStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs);
165 : : /**
166 : : * Check if the transaction is over standard P2WSH resources limit:
167 : : * 3600bytes witnessScript size, 80bytes per witness stack element, 100 witness stack elements
168 : : * These limits are adequate for multisignatures up to n-of-100 using OP_CHECKSIG, OP_ADD, and OP_EQUAL.
169 : : *
170 : : * Also enforce a maximum stack item size limit and no annexes for tapscript spends.
171 : : */
172 : : bool IsWitnessStandard(const CTransaction& tx, const CCoinsViewCache& mapInputs);
173 : : /**
174 : : * Check whether this transaction spends any witness program but P2A, including not-yet-defined ones.
175 : : * May return `false` early for consensus-invalid transactions.
176 : : */
177 : : bool SpendsNonAnchorWitnessProg(const CTransaction& tx, const CCoinsViewCache& prevouts);
178 : :
179 : : /** Compute the virtual transaction size (weight reinterpreted as bytes). */
180 : : int64_t GetVirtualTransactionSize(int64_t nWeight, int64_t nSigOpCost, unsigned int bytes_per_sigop);
181 : : int64_t GetVirtualTransactionSize(const CTransaction& tx, int64_t nSigOpCost, unsigned int bytes_per_sigop);
182 : : int64_t GetVirtualTransactionInputSize(const CTxIn& tx, int64_t nSigOpCost, unsigned int bytes_per_sigop);
183 : :
184 : 46705 : static inline int64_t GetVirtualTransactionSize(const CTransaction& tx)
185 : : {
186 [ + - + - ]: 46699 : return GetVirtualTransactionSize(tx, 0, 0);
[ + - # # ]
[ + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- ][ + - +
- + - # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # # # #
# # ][ + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - + -
+ - + - +
- + - +
- ][ + - +
- + - +
- ]
187 : : }
188 : :
189 : 2 : static inline int64_t GetVirtualTransactionInputSize(const CTxIn& tx)
190 : : {
191 [ + - ]: 2 : return GetVirtualTransactionInputSize(tx, 0, 0);
192 : : }
193 : :
194 : : int64_t GetSigOpsAdjustedWeight(int64_t weight, int64_t sigop_cost, unsigned int bytes_per_sigop);
195 : :
196 [ + - ]: 76893 : static inline FeePerVSize ToFeePerVSize(FeePerWeight feerate) { return {feerate.fee, (feerate.size + WITNESS_SCALE_FACTOR - 1) / WITNESS_SCALE_FACTOR}; }
197 : :
198 : : #endif // BITCOIN_POLICY_POLICY_H
|
