go-ethereum/core/vm/contracts.go

// Copyright 2014 The go-ethereum Authors
// This file is part of the go-ethereum library.
//
// The go-ethereum library is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// The go-ethereum library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.

package vm

import (
	"math/big"

	"github.com/ethereum/go-ethereum/common"
	"github.com/ethereum/go-ethereum/crypto"
	"github.com/ethereum/go-ethereum/logger"
	"github.com/ethereum/go-ethereum/logger/glog"
	"github.com/ethereum/go-ethereum/params"
)

// Precompiled contract is the basic interface for native Go contracts. The implementation
// requires a deterministic gas count based on the input size of the Run method of the
// contract.
type PrecompiledContract interface {
	RequiredGas(inputSize int) *big.Int // RequiredPrice calculates the contract gas use
	Run(input []byte) []byte            // Run runs the precompiled contract
}

// Precompiled contains the default set of ethereum contracts
var PrecompiledContracts = map[common.Address]PrecompiledContract{
	common.BytesToAddress([]byte{1}): &ecrecover{},
	common.BytesToAddress([]byte{2}): &sha256{},
	common.BytesToAddress([]byte{3}): &ripemd160{},
	common.BytesToAddress([]byte{4}): &dataCopy{},
}

// RunPrecompile runs and evaluate the output of a precompiled contract defined in contracts.go
func RunPrecompiledContract(p PrecompiledContract, input []byte, contract *Contract) (ret []byte, err error) {
	gas := p.RequiredGas(len(input))
	if contract.UseGas(gas) {
		ret = p.Run(input)

		return ret, nil
	} else {
		return nil, ErrOutOfGas
	}
}

// ECRECOVER implemented as a native contract
type ecrecover struct{}

func (c *ecrecover) RequiredGas(inputSize int) *big.Int {
	return params.EcrecoverGas
}

func (c *ecrecover) Run(in []byte) []byte {
	const ecRecoverInputLength = 128

	in = common.RightPadBytes(in, ecRecoverInputLength)
	// "in" is (hash, v, r, s), each 32 bytes
	// but for ecrecover we want (r, s, v)

	r := common.BytesToBig(in[64:96])
	s := common.BytesToBig(in[96:128])
	v := in[63] - 27

	// tighter sig s values in homestead only apply to tx sigs
	if common.Bytes2Big(in[32:63]).BitLen() > 0 || !crypto.ValidateSignatureValues(v, r, s, false) {
		glog.V(logger.Detail).Infof("ECRECOVER error: v, r or s value invalid")
		return nil
	}
	// v needs to be at the end for libsecp256k1
	pubKey, err := crypto.Ecrecover(in[:32], append(in[64:128], v))
	// make sure the public key is a valid one
	if err != nil {
		glog.V(logger.Detail).Infoln("ECRECOVER error: ", err)
		return nil
	}

	// the first byte of pubkey is bitcoin heritage
	return common.LeftPadBytes(crypto.Keccak256(pubKey[1:])[12:], 32)
}

// SHA256 implemented as a native contract
type sha256 struct{}

func (c *sha256) RequiredGas(inputSize int) *big.Int {
	n := big.NewInt(int64(inputSize+31) / 32)
	n.Mul(n, params.Sha256WordGas)
	return n.Add(n, params.Sha256Gas)
}
func (c *sha256) Run(in []byte) []byte {
	return crypto.Sha256(in)
}

// RIPMED160 implemented as a native contract
type ripemd160 struct{}

func (c *ripemd160) RequiredGas(inputSize int) *big.Int {
	n := big.NewInt(int64(inputSize+31) / 32)
	n.Mul(n, params.Ripemd160WordGas)
	return n.Add(n, params.Ripemd160Gas)
}
func (c *ripemd160) Run(in []byte) []byte {
	return common.LeftPadBytes(crypto.Ripemd160(in), 32)
}

// data copy implemented as a native contract
type dataCopy struct{}

func (c *dataCopy) RequiredGas(inputSize int) *big.Int {
	n := big.NewInt(int64(inputSize+31) / 32)
	n.Mul(n, params.IdentityWordGas)

	return n.Add(n, params.IdentityGas)
}
func (c *dataCopy) Run(in []byte) []byte {
	return in
}
all: update license information 2015-07-07 02:54:22 +02:00			`// Copyright 2014 The go-ethereum Authors`
all: update license headers to distiguish GPL/LGPL All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library". 2015-07-22 18:48:40 +02:00			`// This file is part of the go-ethereum library.`
all: update license information 2015-07-07 02:54:22 +02:00			`//`
all: fix license headers one more time I forgot to update one instance of "go-ethereum" in commit 3f047be5a. 2015-07-23 18:35:11 +02:00			`// The go-ethereum library is free software: you can redistribute it and/or modify`
all: update license information 2015-07-07 02:54:22 +02:00			`// it under the terms of the GNU Lesser General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
all: update license headers to distiguish GPL/LGPL All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library". 2015-07-22 18:48:40 +02:00			`// The go-ethereum library is distributed in the hope that it will be useful,`
all: update license information 2015-07-07 02:54:22 +02:00			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
all: update license headers to distiguish GPL/LGPL All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library". 2015-07-22 18:48:40 +02:00			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
all: update license information 2015-07-07 02:54:22 +02:00			`// GNU Lesser General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Lesser General Public License`
all: update license headers to distiguish GPL/LGPL All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library". 2015-07-22 18:48:40 +02:00			`// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.`
all: update license information 2015-07-07 02:54:22 +02:00
Moved ethvm => vm 2014-10-18 13:31:20 +02:00			`package vm`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00
			`import (`
			`"math/big"`

Moved ethutil => common 2015-03-16 11:27:38 +01:00			`"github.com/ethereum/go-ethereum/common"`
vm: explicit error checks in ecrecover. closes #505 2015-03-18 20:56:06 -07:00			`"github.com/ethereum/go-ethereum/crypto"`
Use logger.Error instead of 0 with glog 2015-04-07 12:48:13 +02:00			`"github.com/ethereum/go-ethereum/logger"`
Forward and log EC recover err and remove dup pubkey len check 2015-04-05 19:31:18 +02:00			`"github.com/ethereum/go-ethereum/logger/glog"`
Read most protocol params from common/params.json * Add params package with exported variables generated from github.com/ethereum/common/blob/master/params.json * Use params package variables in applicable places * Add check for minimum gas limit in validation of block's gas limit * Remove common/params.json from go-ethereum to avoid outdated version of it 2015-04-02 05:17:15 +02:00			`"github.com/ethereum/go-ethereum/params"`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`)`

core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`// Precompiled contract is the basic interface for native Go contracts. The implementation`
			`// requires a deterministic gas count based on the input size of the Run method of the`
			`// contract.`
			`type PrecompiledContract interface {`
			`RequiredGas(inputSize int) *big.Int // RequiredPrice calculates the contract gas use`
			`Run(input []byte) []byte // Run runs the precompiled contract`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`}`

core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`// Precompiled contains the default set of ethereum contracts`
			`var PrecompiledContracts = map[common.Address]PrecompiledContract{`
			`common.BytesToAddress([]byte{1}): &ecrecover{},`
			`common.BytesToAddress([]byte{2}): &sha256{},`
			`common.BytesToAddress([]byte{3}): &ripemd160{},`
			`common.BytesToAddress([]byte{4}): &dataCopy{},`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`}`

core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`// RunPrecompile runs and evaluate the output of a precompiled contract defined in contracts.go`
			`func RunPrecompiledContract(p PrecompiledContract, input []byte, contract *Contract) (ret []byte, err error) {`
			`gas := p.RequiredGas(len(input))`
			`if contract.UseGas(gas) {`
			`ret = p.Run(input)`

			`return ret, nil`
			`} else {`
			`return nil, ErrOutOfGas`
remove pre compiled for tests 2015-01-13 10:30:52 +01:00			`}`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`}`

core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`// ECRECOVER implemented as a native contract`
			`type ecrecover struct{}`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00
core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`func (c ecrecover) RequiredGas(inputSize int) big.Int {`
			`return params.EcrecoverGas`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`}`

core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`func (c *ecrecover) Run(in []byte) []byte {`
			`const ecRecoverInputLength = 128`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00
core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`in = common.RightPadBytes(in, ecRecoverInputLength)`
Pad precompiled EC recover input and add validations 2015-06-09 15:41:15 +02:00			`// "in" is (hash, v, r, s), each 32 bytes`
			`// but for ecrecover we want (r, s, v)`
Cleanup. 2015-03-29 15:02:49 +02:00
Pad precompiled EC recover input and add validations 2015-06-09 15:41:15 +02:00			`r := common.BytesToBig(in[64:96])`
			`s := common.BytesToBig(in[96:128])`
accounts, core, crypto, internal: use normalised V during signature handling (#3455) To address increasing complexity in code that handles signatures, this PR discards all notion of "different" signature types at the library level. Both the crypto and accounts package is reduced to only be able to produce plain canonical secp256k1 signatures. This makes the crpyto APIs much cleaner, simpler and harder to abuse. 2017-01-05 12:35:23 +02:00			`v := in[63] - 27`
Pad precompiled EC recover input and add validations 2015-06-09 15:41:15 +02:00
parmas, crypto, core, core/vm: homestead consensus protocol changes * change gas cost for contract creating txs * invalidate signature with s value greater than secp256k1 N / 2 * OOG contract creation if not enough gas to store code * new difficulty adjustment algorithm * new DELEGATECALL op code 2015-11-27 15:40:29 +01:00			`// tighter sig s values in homestead only apply to tx sigs`
accounts, core, crypto, internal: use normalised V during signature handling (#3455) To address increasing complexity in code that handles signatures, this PR discards all notion of "different" signature types at the library level. Both the crypto and accounts package is reduced to only be able to produce plain canonical secp256k1 signatures. This makes the crpyto APIs much cleaner, simpler and harder to abuse. 2017-01-05 12:35:23 +02:00			`if common.Bytes2Big(in[32:63]).BitLen() > 0 \|\| !crypto.ValidateSignatureValues(v, r, s, false) {`
core/vm: hide ecrecover error message Fixes #2825 2016-08-05 23:12:52 +02:00			`glog.V(logger.Detail).Infof("ECRECOVER error: v, r or s value invalid")`
vm: explicit error checks in ecrecover. closes #505 2015-03-18 20:56:06 -07:00			`return nil`
			`}`
accounts, core, crypto, internal: use normalised V during signature handling (#3455) To address increasing complexity in code that handles signatures, this PR discards all notion of "different" signature types at the library level. Both the crypto and accounts package is reduced to only be able to produce plain canonical secp256k1 signatures. This makes the crpyto APIs much cleaner, simpler and harder to abuse. 2017-01-05 12:35:23 +02:00			`// v needs to be at the end for libsecp256k1`
			`pubKey, err := crypto.Ecrecover(in[:32], append(in[64:128], v))`
Cleanup. 2015-03-29 15:02:49 +02:00			`// make sure the public key is a valid one`
Forward and log EC recover err and remove dup pubkey len check 2015-04-05 19:31:18 +02:00			`if err != nil {`
core/vm: hide ecrecover error message Fixes #2825 2016-08-05 23:12:52 +02:00			`glog.V(logger.Detail).Infoln("ECRECOVER error: ", err)`
vm: explicit error checks in ecrecover. closes #505 2015-03-18 20:56:06 -07:00			`return nil`
			`}`
Cleanup. 2015-03-29 15:02:49 +02:00
vm: explicit error checks in ecrecover. closes #505 2015-03-18 20:56:06 -07:00			`// the first byte of pubkey is bitcoin heritage`
all: Rename crypto.Sha3{,Hash}() to crypto.Keccak256{,Hash}() As we aren't really using the standarized SHA-3 2016-02-21 18:40:27 +00:00			`return common.LeftPadBytes(crypto.Keccak256(pubKey[1:])[12:], 32)`
Precompiled crypto contracts 2014-10-08 12:01:36 +02:00			`}`
Precompiled contract & Depth change * Added pre-compiled contract 0x04 (mem cpy) * Changed depth error to return the gas instead of consuming 2015-01-05 17:37:30 +01:00
core/vm: improved EVM run loop & instruction calling (#3378) The run loop, which previously contained custom opcode executes have been removed and has been simplified to a few checks. Each operation consists of 4 elements: execution function, gas cost function, stack validation function and memory size function. The execution function implements the operation's runtime behaviour, the gas cost function implements the operation gas costs function and greatly depends on the memory and stack, the stack validation function validates the stack and makes sure that enough items can be popped off and pushed on and the memory size function calculates the memory required for the operation and returns it. This commit also allows the EVM to go unmetered. This is helpful for offline operations such as contract calls. 2017-01-05 11:52:10 +01:00			`// SHA256 implemented as a native contract`
			`type sha256 struct{}`

			`func (c sha256) RequiredGas(inputSize int) big.Int {`
			`n := big.NewInt(int64(inputSize+31) / 32)`
			`n.Mul(n, params.Sha256WordGas)`
			`return n.Add(n, params.Sha256Gas)`
			`}`
			`func (c *sha256) Run(in []byte) []byte {`
			`return crypto.Sha256(in)`
			`}`

			`// RIPMED160 implemented as a native contract`
			`type ripemd160 struct{}`

			`func (c ripemd160) RequiredGas(inputSize int) big.Int {`
			`n := big.NewInt(int64(inputSize+31) / 32)`
			`n.Mul(n, params.Ripemd160WordGas)`
			`return n.Add(n, params.Ripemd160Gas)`
			`}`
			`func (c *ripemd160) Run(in []byte) []byte {`
			`return common.LeftPadBytes(crypto.Ripemd160(in), 32)`
			`}`

			`// data copy implemented as a native contract`
			`type dataCopy struct{}`

			`func (c dataCopy) RequiredGas(inputSize int) big.Int {`
			`n := big.NewInt(int64(inputSize+31) / 32)`
			`n.Mul(n, params.IdentityWordGas)`

			`return n.Add(n, params.IdentityGas)`
			`}`
			`func (c *dataCopy) Run(in []byte) []byte {`
Precompiled contract & Depth change * Added pre-compiled contract 0x04 (mem cpy) * Changed depth error to return the gas instead of consuming 2015-01-05 17:37:30 +01:00			`return in`
			`}`