2016-12-31 18:01:21 +00:00
|
|
|
// Copyright (c) 2012-2016 The Bitcoin Core developers
|
2014-12-13 04:09:33 +00:00
|
|
|
// Distributed under the MIT software license, see the accompanying
|
2014-03-18 09:11:00 +00:00
|
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
2013-04-13 05:13:08 +00:00
|
|
|
|
2015-11-17 16:35:44 +00:00
|
|
|
#include "consensus/merkle.h"
|
2014-10-30 22:50:15 +00:00
|
|
|
#include "merkleblock.h"
|
2013-04-13 05:13:08 +00:00
|
|
|
#include "serialize.h"
|
2014-10-30 22:50:15 +00:00
|
|
|
#include "streams.h"
|
2013-04-13 05:13:08 +00:00
|
|
|
#include "uint256.h"
|
2014-12-16 14:43:03 +00:00
|
|
|
#include "arith_uint256.h"
|
2014-10-30 22:50:15 +00:00
|
|
|
#include "version.h"
|
2015-03-12 08:34:42 +00:00
|
|
|
#include "test/test_bitcoin.h"
|
2016-11-07 14:04:57 +00:00
|
|
|
#include "test/test_random.h"
|
2013-04-13 05:13:08 +00:00
|
|
|
|
|
|
|
#include <vector>
|
|
|
|
|
2014-11-22 14:44:43 +00:00
|
|
|
#include <boost/assign/list_of.hpp>
|
2013-04-13 05:13:08 +00:00
|
|
|
#include <boost/test/unit_test.hpp>
|
2012-10-27 19:08:45 +00:00
|
|
|
|
|
|
|
class CPartialMerkleTreeTester : public CPartialMerkleTree
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
// flip one bit in one of the hashes - this should break the authentication
|
|
|
|
void Damage() {
|
2015-01-07 01:11:16 +00:00
|
|
|
unsigned int n = insecure_rand() % vHash.size();
|
|
|
|
int bit = insecure_rand() % 256;
|
2014-12-16 14:43:03 +00:00
|
|
|
*(vHash[n].begin() + (bit>>3)) ^= 1<<(bit&7);
|
2012-10-27 19:08:45 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2015-03-12 08:34:42 +00:00
|
|
|
BOOST_FIXTURE_TEST_SUITE(pmt_tests, BasicTestingSetup)
|
2012-10-27 19:08:45 +00:00
|
|
|
|
|
|
|
BOOST_AUTO_TEST_CASE(pmt_test1)
|
|
|
|
{
|
2015-01-07 01:11:16 +00:00
|
|
|
seed_insecure_rand(false);
|
2012-10-27 19:08:45 +00:00
|
|
|
static const unsigned int nTxCounts[] = {1, 4, 7, 17, 56, 100, 127, 256, 312, 513, 1000, 4095};
|
|
|
|
|
2016-06-07 19:22:48 +00:00
|
|
|
for (int i = 0; i < 12; i++) {
|
|
|
|
unsigned int nTx = nTxCounts[i];
|
2012-10-27 19:08:45 +00:00
|
|
|
|
|
|
|
// build a block with some dummy transactions
|
|
|
|
CBlock block;
|
|
|
|
for (unsigned int j=0; j<nTx; j++) {
|
2014-06-07 11:53:27 +00:00
|
|
|
CMutableTransaction tx;
|
2015-01-07 01:11:16 +00:00
|
|
|
tx.nLockTime = j; // actual transaction data doesn't matter; just make the nLockTime's unique
|
2016-11-11 01:34:17 +00:00
|
|
|
block.vtx.push_back(MakeTransactionRef(std::move(tx)));
|
2012-10-27 19:08:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// calculate actual merkle root and height
|
2015-11-17 16:35:44 +00:00
|
|
|
uint256 merkleRoot1 = BlockMerkleRoot(block);
|
2014-12-15 08:11:16 +00:00
|
|
|
std::vector<uint256> vTxid(nTx, uint256());
|
2012-10-27 19:08:45 +00:00
|
|
|
for (unsigned int j=0; j<nTx; j++)
|
2016-11-11 01:26:00 +00:00
|
|
|
vTxid[j] = block.vtx[j]->GetHash();
|
2012-10-27 19:08:45 +00:00
|
|
|
int nHeight = 1, nTx_ = nTx;
|
|
|
|
while (nTx_ > 1) {
|
|
|
|
nTx_ = (nTx_+1)/2;
|
|
|
|
nHeight++;
|
|
|
|
}
|
|
|
|
|
|
|
|
// check with random subsets with inclusion chances 1, 1/2, 1/4, ..., 1/128
|
|
|
|
for (int att = 1; att < 15; att++) {
|
|
|
|
// build random subset of txid's
|
|
|
|
std::vector<bool> vMatch(nTx, false);
|
|
|
|
std::vector<uint256> vMatchTxid1;
|
|
|
|
for (unsigned int j=0; j<nTx; j++) {
|
2015-01-07 01:11:16 +00:00
|
|
|
bool fInclude = (insecure_rand() & ((1 << (att/2)) - 1)) == 0;
|
2012-10-27 19:08:45 +00:00
|
|
|
vMatch[j] = fInclude;
|
|
|
|
if (fInclude)
|
|
|
|
vMatchTxid1.push_back(vTxid[j]);
|
|
|
|
}
|
|
|
|
|
|
|
|
// build the partial merkle tree
|
|
|
|
CPartialMerkleTree pmt1(vTxid, vMatch);
|
|
|
|
|
|
|
|
// serialize
|
|
|
|
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
|
|
|
|
ss << pmt1;
|
|
|
|
|
|
|
|
// verify CPartialMerkleTree's size guarantees
|
|
|
|
unsigned int n = std::min<unsigned int>(nTx, 1 + vMatchTxid1.size()*nHeight);
|
|
|
|
BOOST_CHECK(ss.size() <= 10 + (258*n+7)/8);
|
|
|
|
|
|
|
|
// deserialize into a tester copy
|
|
|
|
CPartialMerkleTreeTester pmt2;
|
|
|
|
ss >> pmt2;
|
|
|
|
|
|
|
|
// extract merkle root and matched txids from copy
|
|
|
|
std::vector<uint256> vMatchTxid2;
|
2016-02-19 00:31:12 +00:00
|
|
|
std::vector<unsigned int> vIndex;
|
|
|
|
uint256 merkleRoot2 = pmt2.ExtractMatches(vMatchTxid2, vIndex);
|
2012-10-27 19:08:45 +00:00
|
|
|
|
|
|
|
// check that it has the same merkle root as the original, and a valid one
|
|
|
|
BOOST_CHECK(merkleRoot1 == merkleRoot2);
|
2014-12-15 08:11:16 +00:00
|
|
|
BOOST_CHECK(!merkleRoot2.IsNull());
|
2012-10-27 19:08:45 +00:00
|
|
|
|
|
|
|
// check that it contains the matched transactions (in the same order!)
|
|
|
|
BOOST_CHECK(vMatchTxid1 == vMatchTxid2);
|
|
|
|
|
|
|
|
// check that random bit flips break the authentication
|
|
|
|
for (int j=0; j<4; j++) {
|
|
|
|
CPartialMerkleTreeTester pmt3(pmt2);
|
|
|
|
pmt3.Damage();
|
|
|
|
std::vector<uint256> vMatchTxid3;
|
2016-02-19 00:31:12 +00:00
|
|
|
uint256 merkleRoot3 = pmt3.ExtractMatches(vMatchTxid3, vIndex);
|
2012-10-27 19:08:45 +00:00
|
|
|
BOOST_CHECK(merkleRoot3 != merkleRoot1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-11-22 14:44:43 +00:00
|
|
|
BOOST_AUTO_TEST_CASE(pmt_malleability)
|
|
|
|
{
|
2014-12-16 14:43:03 +00:00
|
|
|
std::vector<uint256> vTxid = boost::assign::list_of
|
|
|
|
(ArithToUint256(1))(ArithToUint256(2))
|
|
|
|
(ArithToUint256(3))(ArithToUint256(4))
|
|
|
|
(ArithToUint256(5))(ArithToUint256(6))
|
|
|
|
(ArithToUint256(7))(ArithToUint256(8))
|
|
|
|
(ArithToUint256(9))(ArithToUint256(10))
|
|
|
|
(ArithToUint256(9))(ArithToUint256(10));
|
2014-11-22 14:44:43 +00:00
|
|
|
std::vector<bool> vMatch = boost::assign::list_of(false)(false)(false)(false)(false)(false)(false)(false)(false)(true)(true)(false);
|
|
|
|
|
|
|
|
CPartialMerkleTree tree(vTxid, vMatch);
|
2016-02-19 00:31:12 +00:00
|
|
|
std::vector<unsigned int> vIndex;
|
|
|
|
BOOST_CHECK(tree.ExtractMatches(vTxid, vIndex).IsNull());
|
2014-11-22 14:44:43 +00:00
|
|
|
}
|
|
|
|
|
2012-10-27 19:08:45 +00:00
|
|
|
BOOST_AUTO_TEST_SUITE_END()
|