Loop over all inputs doing inexpensive validity checks first,
and then loop over them a second time doing expensive signature
checks. This helps prevent possible CPU exhaustion attacks
where an attacker tries to make a victim waste time checking
signatures for invalid transactions.
// The first loop above does all the inexpensive checks.
// Only if ALL inputs pass do we perform expensive ECDSA signature checks.
// Helps prevent CPU exhaustion attacks.
for(unsignedinti=0;i<vin.size();i++)
{
COutPointprevout=vin[i].prevout;
assert(inputs.count(prevout.hash)>0);
CTxIndex&txindex=inputs[prevout.hash].first;
CTransaction&txPrev=inputs[prevout.hash].second;
// Check for conflicts (double-spend)
// Check for conflicts (double-spend)
// This doesn't trigger the DoS code on purpose; if it did, it would make it easier
// This doesn't trigger the DoS code on purpose; if it did, it would make it easier
// for an attacker to attempt to split the network.
// for an attacker to attempt to split the network.
if(!txindex.vSpent[prevout.n].IsNull())
if(!txindex.vSpent[prevout.n].IsNull())
returnfMiner?false:error("ConnectInputs() : %s prev tx already used at %s",GetHash().ToString().substr(0,10).c_str(),txindex.vSpent[prevout.n].ToString().c_str());
returnfMiner?false:error("ConnectInputs() : %s prev tx already used at %s",GetHash().ToString().substr(0,10).c_str(),txindex.vSpent[prevout.n].ToString().c_str());