/root/bitcoin/src/wallet/test/fuzz/scriptpubkeyman.cpp
Line | Count | Source |
1 | | // Copyright (c) 2023-present The Bitcoin Core developers |
2 | | // Distributed under the MIT software license, see the accompanying |
3 | | // file COPYING or http://www.opensource.org/licenses/mit-license.php. |
4 | | |
5 | | #include <addresstype.h> |
6 | | #include <chainparams.h> |
7 | | #include <coins.h> |
8 | | #include <key.h> |
9 | | #include <primitives/transaction.h> |
10 | | #include <psbt.h> |
11 | | #include <script/descriptor.h> |
12 | | #include <script/interpreter.h> |
13 | | #include <script/script.h> |
14 | | #include <script/signingprovider.h> |
15 | | #include <sync.h> |
16 | | #include <test/fuzz/FuzzedDataProvider.h> |
17 | | #include <test/fuzz/fuzz.h> |
18 | | #include <test/fuzz/util.h> |
19 | | #include <test/fuzz/util/descriptor.h> |
20 | | #include <test/util/setup_common.h> |
21 | | #include <test/util/time.h> |
22 | | #include <util/check.h> |
23 | | #include <util/time.h> |
24 | | #include <util/translation.h> |
25 | | #include <util/string.h> |
26 | | #include <validation.h> |
27 | | #include <wallet/context.h> |
28 | | #include <wallet/scriptpubkeyman.h> |
29 | | #include <wallet/test/util.h> |
30 | | #include <wallet/types.h> |
31 | | #include <wallet/wallet.h> |
32 | | #include <wallet/walletutil.h> |
33 | | |
34 | | #include <map> |
35 | | #include <memory> |
36 | | #include <optional> |
37 | | #include <string> |
38 | | #include <utility> |
39 | | #include <variant> |
40 | | |
41 | | namespace wallet { |
42 | | namespace { |
43 | | const TestingSetup* g_setup; |
44 | | |
45 | | //! The converter of mocked descriptors, needs to be initialized when the target is. |
46 | | MockedDescriptorConverter MOCKED_DESC_CONVERTER; |
47 | | |
48 | | void initialize_spkm() |
49 | 0 | { |
50 | 0 | static const auto testing_setup{MakeNoLogFileContext<const TestingSetup>()}; |
51 | 0 | g_setup = testing_setup.get(); |
52 | 0 | MOCKED_DESC_CONVERTER.Init(); |
53 | 0 | } |
54 | | |
55 | | void initialize_spkm_migration() |
56 | 0 | { |
57 | 0 | static const auto testing_setup{MakeNoLogFileContext<const TestingSetup>()}; |
58 | 0 | g_setup = testing_setup.get(); |
59 | 0 | } |
60 | | |
61 | | static std::optional<std::pair<WalletDescriptor, FlatSigningProvider>> CreateWalletDescriptor(FuzzedDataProvider& fuzzed_data_provider) |
62 | 0 | { |
63 | 0 | const std::string mocked_descriptor{fuzzed_data_provider.ConsumeRandomLengthString()}; |
64 | 0 | const auto desc_str{MOCKED_DESC_CONVERTER.GetDescriptor(mocked_descriptor)}; |
65 | 0 | if (!desc_str.has_value()) return std::nullopt; |
66 | 0 | if (IsTooExpensive(MakeUCharSpan(*desc_str))) return {}; |
67 | | |
68 | 0 | FlatSigningProvider keys; |
69 | 0 | std::string error; |
70 | 0 | std::vector<std::unique_ptr<Descriptor>> parsed_descs = Parse(desc_str.value(), keys, error, false); |
71 | 0 | if (parsed_descs.empty()) return std::nullopt; |
72 | | |
73 | 0 | WalletDescriptor w_desc{std::move(parsed_descs.at(0)), /*creation_time=*/0, /*range_start=*/0, /*range_end=*/1, /*next_index=*/1}; |
74 | 0 | return std::make_pair(w_desc, keys); |
75 | 0 | } |
76 | | |
77 | | static DescriptorScriptPubKeyMan* CreateDescriptor(WalletDescriptor& wallet_desc, FlatSigningProvider& keys, CWallet& keystore) |
78 | 0 | { |
79 | 0 | LOCK(keystore.cs_wallet); Line | Count | Source | 266 | 0 | #define LOCK(cs) UniqueLock UNIQUE_NAME(criticalblock)(MaybeCheckNotHeld(cs), #cs, __FILE__, __LINE__) Line | Count | Source | 11 | 0 | #define UNIQUE_NAME(name) PASTE2(name, __COUNTER__) Line | Count | Source | 9 | 0 | #define PASTE2(x, y) PASTE(x, y) Line | Count | Source | 8 | 0 | #define PASTE(x, y) x ## y |
|
|
|
|
80 | 0 | auto spk_manager_res = keystore.AddWalletDescriptor(wallet_desc, keys, /*label=*/"", /*internal=*/false); |
81 | 0 | if (!spk_manager_res) return nullptr; |
82 | 0 | return &spk_manager_res.value().get(); |
83 | 0 | }; |
84 | | |
85 | | FUZZ_TARGET(scriptpubkeyman, .init = initialize_spkm) |
86 | 0 | { |
87 | 0 | SeedRandomStateForTest(SeedRand::ZEROS); |
88 | 0 | FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()}; |
89 | 0 | NodeClockContext clock_ctx{ConsumeTime(fuzzed_data_provider)}; |
90 | 0 | const auto& node{g_setup->m_node}; |
91 | 0 | Chainstate& chainstate{node.chainman->ActiveChainstate()}; |
92 | 0 | std::unique_ptr<CWallet> wallet_ptr{std::make_unique<CWallet>(node.chain.get(), "", CreateMockableWalletDatabase())}; |
93 | 0 | CWallet& wallet{*wallet_ptr}; |
94 | 0 | { |
95 | 0 | LOCK(wallet.cs_wallet); Line | Count | Source | 266 | 0 | #define LOCK(cs) UniqueLock UNIQUE_NAME(criticalblock)(MaybeCheckNotHeld(cs), #cs, __FILE__, __LINE__) Line | Count | Source | 11 | 0 | #define UNIQUE_NAME(name) PASTE2(name, __COUNTER__) Line | Count | Source | 9 | 0 | #define PASTE2(x, y) PASTE(x, y) Line | Count | Source | 8 | 0 | #define PASTE(x, y) x ## y |
|
|
|
|
96 | 0 | wallet.SetWalletFlag(WALLET_FLAG_DESCRIPTORS); |
97 | 0 | wallet.SetLastBlockProcessed(chainstate.m_chain.Height(), chainstate.m_chain.Tip()->GetBlockHash()); |
98 | 0 | wallet.m_keypool_size = 1; |
99 | 0 | } |
100 | |
|
101 | 0 | auto wallet_desc{CreateWalletDescriptor(fuzzed_data_provider)}; |
102 | 0 | if (!wallet_desc.has_value()) return; |
103 | 0 | auto spk_manager{CreateDescriptor(wallet_desc->first, wallet_desc->second, wallet)}; |
104 | 0 | if (spk_manager == nullptr) return; |
105 | | |
106 | 0 | if (fuzzed_data_provider.ConsumeBool()) { |
107 | 0 | auto wallet_desc{CreateWalletDescriptor(fuzzed_data_provider)}; |
108 | 0 | if (!wallet_desc.has_value()) { |
109 | 0 | return; |
110 | 0 | } |
111 | 0 | std::string error; |
112 | 0 | if (spk_manager->CanUpdateToWalletDescriptor(wallet_desc->first, error)) { |
113 | 0 | auto new_spk_manager{CreateDescriptor(wallet_desc->first, wallet_desc->second, wallet)}; |
114 | 0 | if (new_spk_manager != nullptr) spk_manager = new_spk_manager; |
115 | 0 | } |
116 | 0 | } |
117 | | |
118 | 0 | bool good_data{true}; |
119 | 0 | LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 20) {Line | Count | Source | 23 | 0 | for (unsigned _count{limit}; (condition) && _count; --_count) |
|
120 | 0 | CallOneOf( |
121 | 0 | fuzzed_data_provider, |
122 | 0 | [&] { |
123 | 0 | const CScript script{ConsumeScript(fuzzed_data_provider)}; |
124 | 0 | if (spk_manager->IsMine(script)) { |
125 | 0 | assert(spk_manager->GetScriptPubKeys().contains(script)); |
126 | 0 | } |
127 | 0 | }, |
128 | 0 | [&] { |
129 | 0 | auto spks{spk_manager->GetScriptPubKeys()}; |
130 | 0 | for (const CScript& spk : spks) { |
131 | 0 | assert(spk_manager->IsMine(spk)); |
132 | 0 | CTxDestination dest; |
133 | 0 | bool extract_dest{ExtractDestination(spk, dest)}; |
134 | 0 | if (extract_dest) { |
135 | 0 | const std::string msg{fuzzed_data_provider.ConsumeRandomLengthString()}; |
136 | 0 | PKHash pk_hash{std::get_if<PKHash>(&dest) && fuzzed_data_provider.ConsumeBool() ? |
137 | 0 | *std::get_if<PKHash>(&dest) : |
138 | 0 | PKHash{ConsumeUInt160(fuzzed_data_provider)}}; |
139 | 0 | std::string str_sig; |
140 | 0 | (void)spk_manager->SignMessage(msg, pk_hash, str_sig); |
141 | 0 | (void)spk_manager->GetMetadata(dest); |
142 | 0 | } |
143 | 0 | } |
144 | 0 | }, |
145 | 0 | [&] { |
146 | 0 | auto spks{spk_manager->GetScriptPubKeys()}; |
147 | 0 | if (!spks.empty()) { |
148 | 0 | auto& spk{PickValue(fuzzed_data_provider, spks)}; |
149 | 0 | (void)spk_manager->MarkUnusedAddresses(spk); |
150 | 0 | } |
151 | 0 | }, |
152 | 0 | [&] { |
153 | 0 | LOCK(spk_manager->cs_desc_man); Line | Count | Source | 266 | 0 | #define LOCK(cs) UniqueLock UNIQUE_NAME(criticalblock)(MaybeCheckNotHeld(cs), #cs, __FILE__, __LINE__) Line | Count | Source | 11 | 0 | #define UNIQUE_NAME(name) PASTE2(name, __COUNTER__) Line | Count | Source | 9 | 0 | #define PASTE2(x, y) PASTE(x, y) Line | Count | Source | 8 | 0 | #define PASTE(x, y) x ## y |
|
|
|
|
154 | 0 | auto wallet_desc{spk_manager->GetWalletDescriptor()}; |
155 | 0 | if (wallet_desc.descriptor->IsSingleType()) { |
156 | 0 | auto output_type{wallet_desc.descriptor->GetOutputType()}; |
157 | 0 | if (output_type.has_value()) { |
158 | 0 | auto dest{spk_manager->GetNewDestination(*output_type)}; |
159 | 0 | if (dest) { |
160 | 0 | assert(IsValidDestination(*dest)); |
161 | 0 | assert(spk_manager->IsHDEnabled()); |
162 | 0 | } |
163 | 0 | } |
164 | 0 | } |
165 | 0 | }, |
166 | 0 | [&] { |
167 | 0 | CMutableTransaction tx_to; |
168 | 0 | const std::optional<CMutableTransaction> opt_tx_to{ConsumeDeserializable<CMutableTransaction>(fuzzed_data_provider, TX_WITH_WITNESS)}; |
169 | 0 | if (!opt_tx_to) { |
170 | 0 | good_data = false; |
171 | 0 | return; |
172 | 0 | } |
173 | 0 | tx_to = *opt_tx_to; |
174 | |
|
175 | 0 | std::map<COutPoint, Coin> coins{ConsumeCoins(fuzzed_data_provider)}; |
176 | 0 | const int sighash{fuzzed_data_provider.ConsumeIntegral<int>()}; |
177 | 0 | std::map<int, bilingual_str> input_errors; |
178 | 0 | (void)spk_manager->SignTransaction(tx_to, coins, sighash, input_errors); |
179 | 0 | }, |
180 | 0 | [&] { |
181 | 0 | std::optional<PartiallySignedTransaction> opt_psbt{ConsumeDeserializable<PartiallySignedTransaction>(fuzzed_data_provider)}; |
182 | 0 | if (!opt_psbt) { |
183 | 0 | good_data = false; |
184 | 0 | return; |
185 | 0 | } |
186 | 0 | auto psbt{*opt_psbt}; |
187 | 0 | const PrecomputedTransactionData txdata{PrecomputePSBTData(psbt)}; |
188 | 0 | std::optional<int> sighash_type{fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 151)}; |
189 | 0 | if (sighash_type == 151) sighash_type = std::nullopt; |
190 | 0 | auto sign = fuzzed_data_provider.ConsumeBool(); |
191 | 0 | auto bip32derivs = fuzzed_data_provider.ConsumeBool(); |
192 | 0 | auto finalize = fuzzed_data_provider.ConsumeBool(); |
193 | 0 | (void)spk_manager->FillPSBT(psbt, txdata, sighash_type, sign, bip32derivs, nullptr, finalize); |
194 | 0 | } |
195 | 0 | ); |
196 | 0 | } |
197 | |
|
198 | 0 | std::string descriptor; |
199 | 0 | (void)spk_manager->GetDescriptorString(descriptor, /*priv=*/fuzzed_data_provider.ConsumeBool()); |
200 | 0 | (void)spk_manager->GetEndRange(); |
201 | 0 | (void)spk_manager->GetKeyPoolSize(); |
202 | 0 | } |
203 | | |
204 | | FUZZ_TARGET(spkm_migration, .init = initialize_spkm_migration) |
205 | 0 | { |
206 | 0 | SeedRandomStateForTest(SeedRand::ZEROS); |
207 | 0 | FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()}; |
208 | 0 | SetMockTime(ConsumeTime(fuzzed_data_provider)); |
209 | 0 | const auto& node{g_setup->m_node}; |
210 | 0 | Chainstate& chainstate{node.chainman->ActiveChainstate()}; |
211 | |
|
212 | 0 | std::unique_ptr<CWallet> wallet_ptr{std::make_unique<CWallet>(node.chain.get(), "", CreateMockableWalletDatabase())}; |
213 | 0 | CWallet& wallet{*wallet_ptr}; |
214 | 0 | wallet.m_keypool_size = 1; |
215 | 0 | { |
216 | 0 | LOCK(wallet.cs_wallet); Line | Count | Source | 266 | 0 | #define LOCK(cs) UniqueLock UNIQUE_NAME(criticalblock)(MaybeCheckNotHeld(cs), #cs, __FILE__, __LINE__) Line | Count | Source | 11 | 0 | #define UNIQUE_NAME(name) PASTE2(name, __COUNTER__) Line | Count | Source | 9 | 0 | #define PASTE2(x, y) PASTE(x, y) Line | Count | Source | 8 | 0 | #define PASTE(x, y) x ## y |
|
|
|
|
217 | 0 | wallet.UnsetWalletFlag(WALLET_FLAG_DESCRIPTORS); |
218 | 0 | wallet.SetLastBlockProcessed(chainstate.m_chain.Height(), chainstate.m_chain.Tip()->GetBlockHash()); |
219 | 0 | } |
220 | |
|
221 | 0 | auto& legacy_data{*wallet.GetOrCreateLegacyDataSPKM()}; |
222 | |
|
223 | 0 | std::vector<CKey> keys; |
224 | 0 | LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 30) {Line | Count | Source | 23 | 0 | for (unsigned _count{limit}; (condition) && _count; --_count) |
|
225 | 0 | const auto key{ConsumePrivateKey(fuzzed_data_provider)}; |
226 | 0 | if (!key.IsValid()) return; |
227 | 0 | auto pub_key{key.GetPubKey()}; |
228 | 0 | if (!pub_key.IsFullyValid()) return; |
229 | 0 | if (legacy_data.LoadKey(key, pub_key) && std::find(keys.begin(), keys.end(), key) == keys.end()) keys.push_back(key); |
230 | 0 | } |
231 | | |
232 | 0 | bool add_hd_chain{fuzzed_data_provider.ConsumeBool() && !keys.empty()}; |
233 | 0 | CHDChain hd_chain; |
234 | 0 | auto version{fuzzed_data_provider.ConsumeBool() ? CHDChain::VERSION_HD_CHAIN_SPLIT : CHDChain::VERSION_HD_BASE}; |
235 | 0 | CKey hd_key; |
236 | 0 | if (add_hd_chain) { |
237 | 0 | hd_key = PickValue(fuzzed_data_provider, keys); |
238 | 0 | hd_chain.nVersion = version; |
239 | 0 | hd_chain.seed_id = hd_key.GetPubKey().GetID(); |
240 | 0 | legacy_data.LoadHDChain(hd_chain); |
241 | 0 | } |
242 | |
|
243 | 0 | bool add_inactive_hd_chain{fuzzed_data_provider.ConsumeBool() && !keys.empty()}; |
244 | 0 | if (add_inactive_hd_chain) { |
245 | 0 | hd_key = PickValue(fuzzed_data_provider, keys); |
246 | 0 | hd_chain.nVersion = fuzzed_data_provider.ConsumeBool() ? CHDChain::VERSION_HD_CHAIN_SPLIT : CHDChain::VERSION_HD_BASE; |
247 | 0 | hd_chain.seed_id = hd_key.GetPubKey().GetID(); |
248 | 0 | legacy_data.AddInactiveHDChain(hd_chain); |
249 | 0 | } |
250 | |
|
251 | 0 | bool watch_only = false; |
252 | 0 | const auto pub_key = ConsumeDeserializable<CPubKey>(fuzzed_data_provider); |
253 | 0 | if (!pub_key || !pub_key->IsFullyValid()) return; |
254 | 0 | auto script_dest{GetScriptForDestination(WitnessV0KeyHash{*pub_key})}; |
255 | 0 | if (fuzzed_data_provider.ConsumeBool()) { |
256 | 0 | script_dest = GetScriptForDestination(CTxDestination{PKHash(*pub_key)}); |
257 | 0 | } |
258 | 0 | if (legacy_data.LoadWatchOnly(script_dest)) watch_only = true; |
259 | |
|
260 | 0 | size_t added_script{0}; |
261 | 0 | bool good_data{true}; |
262 | 0 | LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 30) {Line | Count | Source | 23 | 0 | for (unsigned _count{limit}; (condition) && _count; --_count) |
|
263 | 0 | CallOneOf( |
264 | 0 | fuzzed_data_provider, |
265 | 0 | [&] { |
266 | 0 | CKey key; |
267 | 0 | if (!keys.empty()) { |
268 | 0 | key = PickValue(fuzzed_data_provider, keys); |
269 | 0 | } else { |
270 | 0 | key = ConsumePrivateKey(fuzzed_data_provider, /*compressed=*/fuzzed_data_provider.ConsumeBool()); |
271 | 0 | } |
272 | 0 | if (!key.IsValid()) return; |
273 | 0 | auto pub_key{key.GetPubKey()}; |
274 | 0 | CScript script; |
275 | 0 | CallOneOf( |
276 | 0 | fuzzed_data_provider, |
277 | 0 | [&] { |
278 | 0 | script = GetScriptForDestination(CTxDestination{PKHash(pub_key)}); |
279 | 0 | }, |
280 | 0 | [&] { |
281 | 0 | script = GetScriptForDestination(WitnessV0KeyHash(pub_key)); |
282 | 0 | }, |
283 | 0 | [&] { |
284 | 0 | std::optional<CScript> script_opt{ConsumeDeserializable<CScript>(fuzzed_data_provider)}; |
285 | 0 | if (!script_opt) { |
286 | 0 | good_data = false; |
287 | 0 | return; |
288 | 0 | } |
289 | 0 | script = script_opt.value(); |
290 | 0 | } |
291 | 0 | ); |
292 | 0 | if (fuzzed_data_provider.ConsumeBool()) script = GetScriptForDestination(ScriptHash(script)); |
293 | 0 | if (!legacy_data.HaveCScript(CScriptID(script)) && legacy_data.AddCScript(script)) added_script++; |
294 | 0 | }, |
295 | 0 | [&] { |
296 | 0 | CKey key; |
297 | 0 | if (!keys.empty()) { |
298 | 0 | key = PickValue(fuzzed_data_provider, keys); |
299 | 0 | } else { |
300 | 0 | key = ConsumePrivateKey(fuzzed_data_provider, /*compressed=*/fuzzed_data_provider.ConsumeBool()); |
301 | 0 | } |
302 | 0 | if (!key.IsValid()) return; |
303 | 0 | const auto num_keys{fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, MAX_PUBKEYS_PER_MULTISIG)}; |
304 | 0 | std::vector<CPubKey> pubkeys; |
305 | 0 | pubkeys.emplace_back(key.GetPubKey()); |
306 | 0 | for (size_t i = 1; i < num_keys; i++) { |
307 | 0 | if (fuzzed_data_provider.ConsumeBool()) { |
308 | 0 | pubkeys.emplace_back(key.GetPubKey()); |
309 | 0 | } else { |
310 | 0 | CKey private_key{ConsumePrivateKey(fuzzed_data_provider, /*compressed=*/fuzzed_data_provider.ConsumeBool())}; |
311 | 0 | if (!private_key.IsValid()) return; |
312 | 0 | pubkeys.emplace_back(private_key.GetPubKey()); |
313 | 0 | } |
314 | 0 | } |
315 | 0 | if (pubkeys.size() < num_keys) return; |
316 | 0 | CScript multisig_script{GetScriptForMultisig(num_keys, pubkeys)}; |
317 | 0 | if (!legacy_data.HaveCScript(CScriptID(multisig_script)) && legacy_data.AddCScript(multisig_script)) { |
318 | 0 | added_script++; |
319 | 0 | } |
320 | 0 | } |
321 | 0 | ); |
322 | 0 | } |
323 | |
|
324 | 0 | auto result{legacy_data.MigrateToDescriptor()}; |
325 | 0 | assert(result); |
326 | 0 | size_t added_chains{static_cast<size_t>(add_hd_chain) + static_cast<size_t>(add_inactive_hd_chain)}; |
327 | 0 | if ((add_hd_chain && version >= CHDChain::VERSION_HD_CHAIN_SPLIT) || (!add_hd_chain && add_inactive_hd_chain)) { |
328 | 0 | added_chains *= 2; |
329 | 0 | } |
330 | 0 | size_t added_size{keys.size() + added_chains}; |
331 | 0 | if (added_script > 0) { |
332 | 0 | assert(result->desc_spkms.size() >= added_size); |
333 | 0 | } else { |
334 | 0 | assert(result->desc_spkms.size() == added_size); |
335 | 0 | } |
336 | 0 | if (watch_only) assert(!result->watch_descs.empty()); |
337 | 0 | if (!result->solvable_descs.empty()) assert(added_script > 0); |
338 | 0 | } |
339 | | |
340 | | } // namespace |
341 | | } // namespace wallet |