Disallow automatic conversion between disparate hash types #17938

pull Empact wants to merge 8 commits into bitcoin:master from Empact:hash-conversion changing 11 files +122 −42
  1. Empact commented at 12:53 AM on January 16, 2020: member

    This bases the script/standard hash types, TxDestination-related and CScriptID on a base template which does not silently convert the underlying uintN type.

    Inspired by and built on #17924. Commits are small and focused to ease review.

    Note some of these changes may be relative to existing bugs of the same sort as #17924. See particularly "Convert CPubKey to WitnessV0KeyHash directly" and "Remove an apparently unnecessary conversion".

  2. Empact cross-referenced this on Jan 16, 2020 from issue Bug: IsUsedDestination shouldn't use key id as script id for ScriptHash by instagibbs
  3. DrahtBot commented at 2:54 AM on January 16, 2020: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #19326 (Simplify hash.h interface using Spans by sipa)
    • #19183 ([WIP DONOTMERGE] Replace boost with C++17 by MarcoFalke)
    • #19114 (scripted-diff: TxoutType C++11 scoped enum class by MarcoFalke)
    • #16841 (Replace GetScriptForWitness with GetScriptForDestination by meshcollider)
    • #15294 ([moveonly] wallet: Extract RipeMd160 by Empact)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  4. DrahtBot added the label GUI on Jan 16, 2020
  5. DrahtBot added the label RPC/REST/ZMQ on Jan 16, 2020
  6. DrahtBot added the label Tests on Jan 16, 2020
  7. DrahtBot added the label Wallet on Jan 16, 2020
  8. instagibbs commented at 5:34 PM on January 16, 2020: member

    concept ACK, will review deeper if base is merged

  9. Empact force-pushed on Jan 16, 2020
  10. fanquake removed the label GUI on Jan 17, 2020
  11. fanquake removed the label Tests on Jan 17, 2020
  12. Sjors commented at 8:57 AM on January 17, 2020: member

    Code review ACK 730267fd969cded98982b6c6762080dca2332939

  13. Empact commented at 6:05 PM on January 17, 2020: member

    @instagibbs rebased now that #17924 is merged

  14. Empact commented at 10:48 PM on January 29, 2020: member

    @instagibbs how about a review?

  15. laanwj commented at 2:08 PM on February 5, 2020: member

    Concept ACK, I like the idea of using explicit and separate types here to prevent non-sensible conversions, if you can use language features to avoid bugs that's very good.

  16. Empact requested review from Sjors on Feb 6, 2020
  17. Empact requested review from ryanofsky on Feb 6, 2020
  18. Empact requested review from achow101 on Feb 6, 2020
  19. Empact requested review from instagibbs on Feb 6, 2020
  20. practicalswift commented at 6:46 AM on February 11, 2020: contributor

    Concept ACK: explicit conversion is better (and safer!) than implicit conversion

  21. DrahtBot cross-referenced this on Feb 11, 2020 from issue wallet: Pass in transactions and messages for signing instead of exporting the private keys by achow101
  22. DrahtBot cross-referenced this on Feb 11, 2020 from issue refactor: Abstract boost::variant out by elichai
  23. DrahtBot cross-referenced this on Feb 11, 2020 from issue refactor: deduplicate the message sign/verify code by vasild
  24. DrahtBot cross-referenced this on Feb 11, 2020 from issue Replace GetScriptForWitness with GetScriptForDestination by meshcollider
  25. DrahtBot cross-referenced this on Feb 11, 2020 from issue BIP-322: Generic signed message format by kallewoof
  26. DrahtBot cross-referenced this on Feb 11, 2020 from issue refactor: Extract RipeMd160 by Empact
  27. DrahtBot cross-referenced this on Feb 12, 2020 from issue Native Descriptor Wallets using DescriptorScriptPubKeyMan by achow101
  28. DrahtBot cross-referenced this on Feb 21, 2020 from issue External signer support - Wallet Box edition by Sjors
  29. DrahtBot cross-referenced this on Feb 22, 2020 from issue UI external signer support (e.g. hardware wallet) by Sjors
  30. DrahtBot cross-referenced this on Feb 24, 2020 from issue refactor: consolidate sendmany and sendtoaddress code by Sjors
  31. DrahtBot added the label Needs rebase on Feb 25, 2020
  32. Empact force-pushed on Feb 28, 2020
  33. DrahtBot removed the label Needs rebase on Feb 28, 2020
  34. Empact commented at 2:04 AM on February 28, 2020: member

    Rebased, dropped one commit, as #17577 removed the relevant verifymessage conversion.

  35. DrahtBot added the label Needs rebase on Mar 9, 2020
  36. Empact force-pushed on Mar 10, 2020
  37. Empact commented at 11:56 AM on March 10, 2020: member

    Rebased after merge of #18115

  38. Sjors commented at 1:31 PM on March 10, 2020: member

    Travis sad.

  39. DrahtBot removed the label Needs rebase on Mar 10, 2020
  40. Empact force-pushed on Mar 11, 2020
  41. laanwj commented at 4:00 PM on March 19, 2020: member

    ACK 4b7de7c402270388794203496728c4baa56c4877

  43. DrahtBot cross-referenced this on May 30, 2020 from issue scripted-diff: TxoutType C++11 scoped enum class by MarcoFalke
  44. DrahtBot cross-referenced this on Jun 6, 2020 from issue [WIP DONOTMERGE] Replace boost with C++17 (std::shared_mutex) by MarcoFalke
  45. achow101 approved
  46. achow101 commented at 7:49 PM on June 11, 2020: member

    ACK 4b7de7c402270388794203496728c4baa56c4877

  47. DrahtBot cross-referenced this on Jun 16, 2020 from issue Replace boost::filesystem with std::filesystem by kiminuo
  48. meshcollider commented at 8:46 AM on June 17, 2020: contributor

    Code review ACK 4b7de7c402270388794203496728c4baa56c4877

  49. meshcollider commented at 8:56 AM on June 17, 2020: contributor

    There is a build error unfortunately

    wallet/scriptpubkeyman.cpp:2054:25: error: no matching function for call to ‘CKeyID::CKeyID(const PKHash&)’
     CKeyID key_id(pkhash);
                         ^
  50. MarcoFalke added the label Waiting for author on Jun 17, 2020
  51. Empact force-pushed on Jun 18, 2020
  52. Empact commented at 10:38 PM on June 18, 2020: member

    Rebased, and the fix is in https://github.com/bitcoin/bitcoin/pull/17938/commits/1236555761b79c44f4bc9676260321b8c7095a6f

    I'm not sure what's up with Appveyor, and I'm happy to squash.

  53. MarcoFalke commented at 11:47 AM on June 19, 2020: member

    I think it makes sense to squash fixup commits that fix a compile-failure. Otherwise it is not possible to compile earlier commits.

  54. DrahtBot cross-referenced this on Jun 19, 2020 from issue Simplify hash.h interface using Spans by sipa
  55. Prefer explicit uint160 conversion 0a5ea32ce6
  56. Prefer explicit CScriptID construction 3fcc468123
  57. Convert CPubKey to WitnessV0KeyHash directly
    The round-tripping through PKHash has no effect, and is
potentially misleading as such.
    a9e451f144
  58. Use explicit conversion from PKHash -> CKeyID
    These types are equivalent, in data etc, so they need only their
data cast across.

Note a function is used rather than a casting
operator as CKeyID is defined at a lower level than script/standard
    2c54217f91
  59. Use explicit conversion from WitnessV0KeyHash -> CKeyID
    These types are equivalent, in data etc, so they need only their
data cast across.
    f32c1e07fd
  60. Explicitly support conversion between equivalent hash types
    ScriptHash <-> CScriptID
CKeyID -> PKHash
PKHash -> WitnessV0KeyHash
    966a22d859
  61. Remove an apparently unnecessary conversion
    CScript -> CScriptID -> ScriptHash is unnecessary because
ScriptHash and CScriptID do the same thing.
    fa9ef2cdbe
  62. Disallow automatic conversion between hash types
    A templated BaseHash does not allow for automatic conversion, thus
conversions much be explicitly allowed / whitelisted, which will
reduce the risk of unintended conversions.
    4d7369125a
  63. Empact force-pushed on Jun 19, 2020
  64. Empact commented at 8:04 PM on June 19, 2020: member

    Squashed the fix and rebased.

  65. achow101 commented at 10:24 PM on June 19, 2020: member

    ACK 4d7369125a82214ea42b808a32b71b315a5c3c72

    Only change since last is to handle a newly introduced conversion. That's also a good example of the benefits that this PR brings.

  66. meshcollider commented at 8:03 AM on June 21, 2020: contributor

    re-utACK 4d7369125a82214ea42b808a32b71b315a5c3c72

  67. meshcollider merged this on Jun 21, 2020
  68. meshcollider closed this on Jun 21, 2020
  69. Empact deleted the branch on Jun 21, 2020
  70. ryanofsky cross-referenced this on Jul 7, 2020 from issue Multiprocess bitcoin by ryanofsky
  71. Fabcien referenced this in commit 79bd38319d on Feb 3, 2021
  72. MarcoFalke removed the label Waiting for author on Apr 4, 2021
  73. kwvg cross-referenced this on May 19, 2021 from issue Merge #19660, #19373, #19841, #13862, #13866, #17280, #17682 and partial #19326, #14978: Auxiliary Backports by kwvg
  74. furszy cross-referenced this on Sep 7, 2021 from issue [Refactor] Differentiate destinations from lookup keys and disallow automatic conversion between them by furszy
  75. bitcoin locked this on Aug 18, 2022
Contributors
EmpactDrahtBotinstagibbsSjorslaanwjpracticalswiftachow101meshcolliderMarcoFalke


Sjorsinstagibbsryanofsky

Labels
WalletRPC/REST/ZMQ
Linked (view graph)
#10102 Multiprocess bitcoin#17924 Bug: IsUsedDestination shouldn't use key id as script id for ScriptHash
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:54 UTC