Merge #2908: [Core] Fix Exchange address activation

d7d30dc Change exchange address functional tests (Duddino) 6c01283 Fix Exchange address activation (Duddino) Pull request description: Change exchange address activation with the following: - Before 5.6 activation, accept TxOuts with OP_EXCHANGEADDR, even if they have sapling data in it - Before 5.6 activation, treat OP_EXCHANGEADDR as OP_UNKNOWN, thus rejecting any attempt at spending them - After 5.6 activation, keep things as is (Don't accept exchange address UTXOs if the tx has sapling data) ACKs for top commit: d7d30dc Liquid369: tACK d7d30dc panleone: utACK d7d30dc Tree-SHA512: 34f2cb7e8c2ce71c3e4fcc6fd977853e4828381e23a65b85cc8f86b95da7fe640b1d28c337d9f32df4d8d833225794a8cd1120474c1ab2c58062afc55612f3b5
PIVX-Project · Feb 20, 2024 · 8c359dd · 8c359dd
2 parents 4ca4c39 + d7d30dc
commit 8c359dd
Show file tree

Hide file tree

Showing 8 changed files with 49 additions and 23 deletions.
diff --git a/src/consensus/tx_verify.cpp b/src/consensus/tx_verify.cpp
@@ -116,9 +116,6 @@ bool CheckTransaction(const CTransaction& tx, CValidationState& state, bool fCol
  }
 
  bool hasExchangeUTXOs = tx.HasExchangeAddr();
- int nTxHeight = chainActive.Height();
- if (hasExchangeUTXOs && !Params().GetConsensus().NetworkUpgradeActive(nTxHeight, Consensus::UPGRADE_V5_6))
- return state.DoS(100, false, REJECT_INVALID, "bad-exchange-address-not-started");
 
  if (tx.IsCoinBase()) {
  if (tx.vin[0].scriptSig.size() < 2 || tx.vin[0].scriptSig.size() > 150)

diff --git a/src/policy/policy.h b/src/policy/policy.h
@@ -45,7 +45,8 @@ static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VE
  SCRIPT_VERIFY_NULLDUMMY |
  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS |
  SCRIPT_VERIFY_CLEANSTACK |
- SCRIPT_VERIFY_LOW_S;
+ SCRIPT_VERIFY_LOW_S |
+ SCRIPT_VERIFY_EXCHANGEADDR;
 
 /** For convenience, standard but not mandatory verify flags. */
 static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;

diff --git a/src/sapling/sapling_validation.cpp b/src/sapling/sapling_validation.cpp
@@ -33,8 +33,8 @@ bool CheckTransaction(const CTransaction& tx, CValidationState& state, CAmount&
 
  // From here, all of the checks are done in v3+ transactions.
 
- // if the tx has shielded data, cannot be a coinstake, coinbase, zcspend and zcmint or exchange address
- if (tx.IsCoinStake() || tx.IsCoinBase() || tx.HasZerocoinSpendInputs() || tx.HasZerocoinMintOutputs() || tx.HasExchangeAddr())
+ // if the tx has shielded data, cannot be a coinstake, coinbase, zcspend and zcmint
+ if (tx.IsCoinStake() || tx.IsCoinBase() || tx.HasZerocoinSpendInputs() || tx.HasZerocoinMintOutputs())
  return state.DoS(100, error("%s: Sapling version with invalid data", __func__),
  REJECT_INVALID, "bad-txns-invalid-sapling");
 
@@ -160,6 +160,12 @@ bool ContextualCheckTransaction(
 
  if (hasShieldedData) {
  uint256 dataToBeSigned;
+
+ if (tx.HasExchangeAddr() && Params().GetConsensus().NetworkUpgradeActive(nHeight, Consensus::UPGRADE_V5_6)) {
+ return state.DoS(100, error("%s: Sapling version with invalid data", __func__),
+ REJECT_INVALID, "bad-txns-exchange-addr-has-sapling");
+ }
+
  // Empty output script.
  CScript scriptCode;
  try {

diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp
@@ -334,6 +334,10 @@ bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript&
  break;
 
  case OP_EXCHANGEADDR:
+ // Not enabled, treat as OP_UNKNOWN
+ if (!(flags & SCRIPT_VERIFY_EXCHANGEADDR)) {
+ return set_error(serror, SCRIPT_ERR_BAD_OPCODE);
+ }
  if (!script.IsPayToExchangeAddress())
  return set_error(serror, SCRIPT_ERR_EXCHANGEADDRVERIFY);
  break;

diff --git a/src/script/interpreter.h b/src/script/interpreter.h
@@ -80,7 +80,11 @@ enum
  // Verify CHECKLOCKTIMEVERIFY
  //
  // See BIP65 for details.
- SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1U << 9)
+ SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1U << 9),
+
+ // Verify OP_EXCHANGEADDR.
+ // Treat as UNKNOWN before 5.6 activation
+ SCRIPT_VERIFY_EXCHANGEADDR = (1U << 10),
 };
 
 bool CheckSignatureEncoding(const std::vector<unsigned char> &vchSig, unsigned int flags, ScriptError* serror);

diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp
@@ -47,6 +47,7 @@ static std::map<std::string, unsigned int> mapFlagNames = {
  {std::string("DISCOURAGE_UPGRADABLE_NOPS"), (unsigned int)SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS},
  {std::string("CLEANSTACK"), (unsigned int)SCRIPT_VERIFY_CLEANSTACK},
  {std::string("CHECKLOCKTIMEVERIFY"), (unsigned int)SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY},
+ {std::string("EXCHANGEADDRVERIFY"), (unsigned int)SCRIPT_VERIFY_EXCHANGEADDR},
 };
 
 unsigned int ParseScriptFlags(std::string strFlags)

diff --git a/src/validation.cpp b/src/validation.cpp
@@ -569,12 +569,15 @@ static bool AcceptToMemoryPoolWorker(CTxMemPool& pool, CValidationState &state,
  }
 
  bool fCLTVIsActivated = consensus.NetworkUpgradeActive(chainHeight, Consensus::UPGRADE_BIP65);
-
+ bool exchangeAddrActivated = consensus.NetworkUpgradeActive(chainHeight, Consensus::UPGRADE_V5_6);
  // Check against previous transactions
  // This is done last to help prevent CPU exhaustion denial-of-service attacks.
  int flags = STANDARD_SCRIPT_VERIFY_FLAGS;
  if (fCLTVIsActivated)
  flags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY;
+ if (exchangeAddrActivated)
+ flags |= SCRIPT_VERIFY_EXCHANGEADDR;
+
 
  PrecomputedTransactionData precomTxData(tx);
  if (!CheckInputs(tx, state, view, true, flags, true, precomTxData)) {
@@ -593,6 +596,8 @@ static bool AcceptToMemoryPoolWorker(CTxMemPool& pool, CValidationState &state,
  flags = MANDATORY_SCRIPT_VERIFY_FLAGS;
  if (fCLTVIsActivated)
  flags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY;
+ if (exchangeAddrActivated)
+ flags |= SCRIPT_VERIFY_EXCHANGEADDR;
  if (!CheckInputs(tx, state, view, true, flags, true, precomTxData)) {
  return error("%s: BUG! PLEASE REPORT THIS! ConnectInputs failed against MANDATORY but not STANDARD flags %s, %s",
  __func__, hash.ToString(), FormatStateMessage(state));
@@ -1496,8 +1501,10 @@ static bool ConnectBlock(const CBlock& block, CValidationState& state, CBlockInd
 
  // If scripts won't be checked anyways, don't bother seeing if CLTV is activated
  bool fCLTVIsActivated = false;
+ bool exchangeAddrActivated = false;
  if (fScriptChecks && pindex->pprev) {
  fCLTVIsActivated = consensus.NetworkUpgradeActive(pindex->pprev->nHeight, Consensus::UPGRADE_BIP65);
+ exchangeAddrActivated = consensus.NetworkUpgradeActive(pindex->pprev->nHeight, Consensus::UPGRADE_V5_6);
  }
 
  CCheckQueueControl<CScriptCheck> control(fScriptChecks && nScriptCheckThreads ? &scriptcheckqueue : nullptr);
@@ -1575,6 +1582,8 @@ static bool ConnectBlock(const CBlock& block, CValidationState& state, CBlockInd
  unsigned int flags = SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_DERSIG;
  if (fCLTVIsActivated)
  flags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY;
+ if (exchangeAddrActivated)
+ flags |= SCRIPT_VERIFY_EXCHANGEADDR;
 
  bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
  if (!CheckInputs(tx, state, view, fScriptChecks, flags, fCacheResults, precomTxData[i], nScriptCheckThreads ? &vChecks : nullptr))

diff --git a/test/functional/feature_exchangeaddr.py b/test/functional/feature_exchangeaddr.py
@@ -44,7 +44,6 @@ def run_test(self):
  # Sign the transaction
  signed_tx = self.nodes[0].signrawtransaction(ToHex(tx))
 
- # Send the raw transaction
  # Before the upgrade, this should fail if OP_EXCHANGEADDR is disallowed
  error_code = -26
  error_message = "scriptpubkey"
@@ -56,18 +55,22 @@ def run_test(self):
  # Attempt to send funds from transparent address to exchange address
  ex_addr_validation_result = self.nodes[0].validateaddress(ex_addr)
  assert_equal(ex_addr_validation_result['isvalid'], True)
- # This should fail to be sent
- error_code = -4
- error_message = "bad-exchange-address-not-started"
- assert_raises_rpc_error(
- error_code,
- error_message,
- self.nodes[0].sendtoaddress,
- ex_addr, 1.0
- )
+ # This should succeed even before the upgrade
+ self.nodes[0].sendtoaddress(ex_addr, 1.0)
 
+ # Check wallet version
+ wallet_info = self.nodes[0].getwalletinfo()
+ if wallet_info['walletversion'] >= FEATURE_PRE_SPLIT_KEYPOOL:
+ sapling_addr = self.nodes[0].getnewshieldaddress()
+ self.nodes[0].sendtoaddress(sapling_addr, 2.0)
+ self.nodes[0].generate(1)
+ sap_to_ex = [{"address": ex_addr, "amount": Decimal('1')}]
+ # Shield data should be allowed before activation
+ self.nodes[0].shieldsendmany(sapling_addr, sap_to_ex)
+ else:
+ self.nodes[0].generate(1)
  # Mine and activate exchange addresses
- self.nodes[0].generate(194)
+ self.nodes[0].generate(193)
  assert_equal(self.nodes[0].getblockcount(), 1000)
  self.nodes[0].generate(1)
 
@@ -83,8 +86,10 @@ def run_test(self):
 
  # Verify balance
  node_bal = self.nodes[1].getbalance()
- assert_equal(node_bal, 2)
-
+ if wallet_info['walletversion'] >= FEATURE_PRE_SPLIT_KEYPOOL:
+ assert_equal(node_bal, 4)
+ else:
+ assert_equal(node_bal, 3)
  # Attempt to send funds from exchange address back to transparent address
  tx2 = self.nodes[0].sendtoaddress(t_addr_2, 1.0)
  self.nodes[0].generate(6)
@@ -96,7 +101,6 @@ def run_test(self):
 
  # Transparent to Shield to Exchange should fail
  # Check wallet version
- wallet_info = self.nodes[0].getwalletinfo()
  if wallet_info['walletversion'] < FEATURE_PRE_SPLIT_KEYPOOL:
  self.log.info("Pre-HD wallet version detected. Skipping Shield tests.")
  return
@@ -107,7 +111,7 @@ def run_test(self):
 
  # Expect shieldsendmany to fail with bad-txns-invalid-sapling
  expected_error_code = -4
- expected_error_message = "Failed to accept tx in the memory pool (reason: bad-txns-invalid-sapling)"
+ expected_error_message = "Failed to accept tx in the memory pool (reason: bad-txns-exchange-addr-has-sapling)"
  assert_raises_rpc_error(
  expected_error_code,
  expected_error_message,