NOTE: This function is not currently invoked by ConnectBlock(), so we * should consider upgrade issues if we change which consensus rules are * enforced in this function (eg by adding a new consensus rule). See comment * in ConnectBlock(). * Note that -reindex-chainstate skips the validation that happens here! */
| 3847 | * Note that -reindex-chainstate skips the validation that happens here! |
| 3848 | */ |
| 3849 | static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, const CBlockIndex* pindexPrev) |
| 3850 | { |
| 3851 | const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1; |
| 3852 | |
| 3853 | // Enforce BIP113 (Median Time Past). |
| 3854 | int nLockTimeFlags = 0; |
| 3855 | if (DeploymentActiveAfter(pindexPrev, consensusParams, Consensus::DEPLOYMENT_CSV)) { |
| 3856 | assert(pindexPrev != nullptr); |
| 3857 | nLockTimeFlags |= LOCKTIME_MEDIAN_TIME_PAST; |
| 3858 | } |
| 3859 | |
| 3860 | int64_t nLockTimeCutoff = (nLockTimeFlags & LOCKTIME_MEDIAN_TIME_PAST) |
| 3861 | ? pindexPrev->GetMedianTimePast() |
| 3862 | : block.GetBlockTime(); |
| 3863 | |
| 3864 | // Check that all transactions are finalized |
| 3865 | for (const auto& tx : block.vtx) { |
| 3866 | if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) { |
| 3867 | return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction"); |
| 3868 | } |
| 3869 | } |
| 3870 | |
| 3871 | // Enforce rule that the coinbase starts with serialized block height |
| 3872 | if (DeploymentActiveAfter(pindexPrev, consensusParams, Consensus::DEPLOYMENT_HEIGHTINCB)) |
| 3873 | { |
| 3874 | CScript expect = CScript() << nHeight; |
| 3875 | if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() || |
| 3876 | !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) { |
| 3877 | return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase"); |
| 3878 | } |
| 3879 | } |
| 3880 | |
| 3881 | // Coinbase transaction can not have input witness data which is not covered |
| 3882 | // (or committed to) by the witness or regular merkle tree |
| 3883 | for (const auto& inwit : block.vtx[0]->witness.vtxinwit) { |
| 3884 | if (!inwit.vchIssuanceAmountRangeproof.empty() || |
| 3885 | !inwit.vchInflationKeysRangeproof.empty() || |
| 3886 | !inwit.m_pegin_witness.IsNull()) { |
| 3887 | return state.Invalid(BlockValidationResult::BLOCK_MUTATED, "bad-cb-witness", "Coinbase has invalid input witness data."); |
| 3888 | } |
| 3889 | } |
| 3890 | |
| 3891 | // Validation for witness commitments. |
| 3892 | // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the |
| 3893 | // coinbase (where 0x0000....0000 is used instead). |
| 3894 | // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained). |
| 3895 | // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header). |
| 3896 | // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are |
| 3897 | // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are |
| 3898 | // multiple, the last one is used. |
| 3899 | bool fHaveWitness = false; |
| 3900 | if (DeploymentActiveAfter(pindexPrev, consensusParams, Consensus::DEPLOYMENT_SEGWIT)) { |
| 3901 | int commitpos = GetWitnessCommitmentIndex(block); |
| 3902 | if (commitpos != NO_WITNESS_COMMITMENT) { |
| 3903 | bool malleated = false; |
| 3904 | uint256 hashWitness = BlockWitnessMerkleRoot(block, &malleated); |
| 3905 | // The malleation check is ignored; as the transaction tree itself |
| 3906 | // already does not permit it, it is impossible to trigger in the |