1 package txscript
2 3 import (
4 "fmt"
5 "github.com/p9c/p9/pkg/btcaddr"
6 "github.com/p9c/p9/pkg/chaincfg"
7 )
8 9 // ScriptClass is an enumeration for the list of standard types of script.
10 type ScriptClass byte
11 12 // A bunch of constants
13 const (
14 // MaxDataCarrierSize is the maximum number of bytes allowed in pushed data to
15 // be considered a nulldata transaction
16 MaxDataCarrierSize = 80
17 // StandardVerifyFlags are the script flags which are used when executing
18 // transaction scripts to enforce additional checks which are required for the
19 // script to be considered standard. These checks help reduce issues related to
20 // transaction malleability as well as allow pay-to-script hash transactions.
21 // Note these flags are different than what is required for the consensus rules
22 // in that they are more strict.
23 // TODO: This definition does not belong here. It belongs in a policy package.
24 StandardVerifyFlags = ScriptBip16 |
25 ScriptVerifyDERSignatures |
26 ScriptVerifyStrictEncoding |
27 ScriptVerifyMinimalData |
28 ScriptStrictMultiSig |
29 ScriptDiscourageUpgradableNops |
30 ScriptVerifyCleanStack |
31 ScriptVerifyNullFail |
32 ScriptVerifyCheckLockTimeVerify |
33 // ScriptVerifyCheckSequenceVerify |
34 ScriptVerifyLowS |
35 ScriptStrictMultiSig |
36 // ScriptVerifyWitness |
37 // ScriptVerifyDiscourageUpgradeableWitnessProgram |
38 ScriptVerifyMinimalIf
39 // ScriptVerifyWitnessPubKeyType
40 41 // Classes of script payment known about in the blockchain.
42 43 NonStandardTy ScriptClass = iota // None of the recognized forms.
44 PubKeyTy // Pay pubkey.
45 PubKeyHashTy // Pay pubkey hash.
46 // WitnessV0PubKeyHashTy // Pay witness pubkey hash.
47 ScriptHashTy // Pay to script hash.
48 // WitnessV0ScriptHashTy // Pay to witness script hash.
49 MultiSigTy // Multi signature.
50 NullDataTy // Empty data-only (provably prunable).
51 )
52 53 // scriptClassToName houses the human-readable strings which describe each
54 // script class.
55 var scriptClassToName = []string{
56 NonStandardTy: "nonstandard",
57 PubKeyTy: "pubkey",
58 PubKeyHashTy: "pubkeyhash",
59 // WitnessV0PubKeyHashTy: "witness_v0_keyhash",
60 ScriptHashTy: "scripthash",
61 // WitnessV0ScriptHashTy: "witness_v0_scripthash",
62 MultiSigTy: "multisig",
63 NullDataTy: "nulldata",
64 }
65 66 // String implements the Stringer interface by returning the name of the enum
67 // script class. If the enum is invalid then "Invalid" will be returned.
68 func (t ScriptClass) String() string {
69 if int(t) > len(scriptClassToName) || int(t) < 0 {
70 return "Invalid"
71 }
72 return scriptClassToName[t]
73 }
74 75 // isPubkey returns true if the script passed is a pay-to-pubkey transaction,
76 // false otherwise.
77 func isPubkey(pops []parsedOpcode) bool {
78 // Valid pubkeys are either 33 or 65 bytes.
79 return len(pops) == 2 &&
80 (len(pops[0].data) == 33 || len(pops[0].data) == 65) &&
81 pops[1].opcode.value == OP_CHECKSIG
82 }
83 84 // isPubkeyHash returns true if the script passed is a pay-to-pubkey-hash
85 // transaction, false otherwise.
86 func isPubkeyHash(pops []parsedOpcode) bool {
87 return len(pops) == 5 &&
88 pops[0].opcode.value == OP_DUP &&
89 pops[1].opcode.value == OP_HASH160 &&
90 pops[2].opcode.value == OP_DATA_20 &&
91 pops[3].opcode.value == OP_EQUALVERIFY &&
92 pops[4].opcode.value == OP_CHECKSIG
93 }
94 95 // isMultiSig returns true if the passed script is a multisig transaction, false
96 // otherwise.
97 func isMultiSig(pops []parsedOpcode) bool {
98 // The absolute minimum is 1 pubkey:
99 // OP_0/OP_1-16 <pubkey> OP_1 OP_CHECKMULTISIG
100 l := len(pops)
101 if l < 4 {
102 return false
103 }
104 if !isSmallInt(pops[0].opcode) {
105 return false
106 }
107 if !isSmallInt(pops[l-2].opcode) {
108 return false
109 }
110 if pops[l-1].opcode.value != OP_CHECKMULTISIG {
111 return false
112 }
113 // Verify the number of pubkeys specified matches the actual number of pubkeys provided.
114 if l-2-1 != asSmallInt(pops[l-2].opcode) {
115 return false
116 }
117 for _, pop := range pops[1 : l-2] {
118 // Valid pubkeys are either 33 or 65 bytes.
119 if len(pop.data) != 33 && len(pop.data) != 65 {
120 return false
121 }
122 }
123 return true
124 }
125 126 // isNullData returns true if the passed script is a null data transaction,
127 // false otherwise.
128 func isNullData(pops []parsedOpcode) bool {
129 // A nulldata transaction is either a single OP_RETURN or an OP_RETURN SMALLDATA
130 // (where SMALLDATA is a data push up to MaxDataCarrierSize bytes).
131 l := len(pops)
132 if l == 1 && pops[0].opcode.value == OP_RETURN {
133 return true
134 }
135 return l == 2 &&
136 pops[0].opcode.value == OP_RETURN &&
137 (isSmallInt(pops[1].opcode) || pops[1].opcode.value <=
138 OP_PUSHDATA4) &&
139 len(pops[1].data) <= MaxDataCarrierSize
140 }
141 142 // scriptType returns the type of the script being inspected from the known
143 // standard types.
144 func typeOfScript(pops []parsedOpcode) ScriptClass {
145 if isPubkey(pops) {
146 return PubKeyTy
147 } else if isPubkeyHash(pops) {
148 return PubKeyHashTy
149 // } else if isWitnessPubKeyHash(pops) {
150 // return WitnessV0PubKeyHashTy
151 } else if isScriptHash(pops) {
152 return ScriptHashTy
153 // } else if isWitnessScriptHash(pops) {
154 // return WitnessV0ScriptHashTy
155 } else if isMultiSig(pops) {
156 return MultiSigTy
157 } else if isNullData(pops) {
158 return NullDataTy
159 }
160 return NonStandardTy
161 }
162 163 // GetScriptClass returns the class of the script passed. NonStandardTy will be
164 // returned when the script does not parse.
165 func GetScriptClass(script []byte) ScriptClass {
166 pops, e := parseScript(script)
167 if e != nil {
168 return NonStandardTy
169 }
170 return typeOfScript(pops)
171 }
172 173 // expectedInputs returns the number of arguments required by a script. If the
174 // script is of unknown type such that the number can not be determined then -1
175 // is returned. We are an internal function and thus assume that class is the
176 // real class of pops (and we can thus assume things that were determined while
177 // finding out the type).
178 func expectedInputs(pops []parsedOpcode, class ScriptClass) int {
179 switch class {
180 case PubKeyTy:
181 return 1
182 case PubKeyHashTy:
183 return 2
184 // case WitnessV0PubKeyHashTy:
185 // return 2
186 case ScriptHashTy:
187 // Not including script. That is handled by the caller.
188 return 1
189 // case WitnessV0ScriptHashTy:
190 // // Not including script. That is handled by the caller.
191 // return 1
192 case MultiSigTy:
193 // Standard multisig has a push a small number for the number of sigs and number
194 // of keys. Chk the first push instruction to see how many arguments are
195 // expected. typeOfScript already checked this so we know it'll be a small int.
196 // Also, due to the original bitcoind bug where OP_CHECKMULTISIG pops an
197 // additional item from the stack, add an extra expected input for the extra
198 // push that is required to compensate.
199 return asSmallInt(pops[0].opcode) + 1
200 case NullDataTy:
201 fallthrough
202 default:
203 return -1
204 }
205 }
206 207 // ScriptInfo houses information about a script pair that is determined by
208 // CalcScriptInfo.
209 type ScriptInfo struct {
210 // PkScriptClass is the class of the public key script and is equivalent to
211 // calling GetScriptClass on it.
212 PkScriptClass ScriptClass
213 // NumInputs is the number of inputs provided by the public key script.
214 NumInputs int
215 // ExpectedInputs is the number of outputs required by the signature script and
216 // any pay-to-script-hash scripts. The number will be -1 if unknown.
217 ExpectedInputs int
218 // SigOps is the number of signature operations in the script pair.
219 SigOps int
220 }
221 222 // CalcScriptInfo returns a structure providing data about the provided script
223 // pair. It will error if the pair is in someway invalid such that they can not
224 // be analysed, i.e. if they do not parse or the pkScript is not a push-only
225 // script
226 func CalcScriptInfo(sigScript, pkScript []byte, bip16 bool) (si *ScriptInfo, e error) {
227 var sigPops []parsedOpcode
228 if sigPops, e = parseScript(sigScript); E.Chk(e) {
229 return
230 }
231 var pkPops []parsedOpcode
232 if pkPops, e = parseScript(pkScript); E.Chk(e) {
233 return
234 }
235 // Push only sigScript makes little sense.
236 si = new(ScriptInfo)
237 si.PkScriptClass = typeOfScript(pkPops)
238 // Can't have a signature script that doesn't just push data.
239 if !isPushOnly(sigPops) {
240 return nil, scriptError(
241 ErrNotPushOnly,
242 "signature script is not push only",
243 )
244 }
245 si.ExpectedInputs = expectedInputs(pkPops, si.PkScriptClass)
246 switch {
247 // Count sigops taking into account pay-to-script-hash.
248 case si.PkScriptClass == ScriptHashTy && bip16:
249 // The pay-to-hash-script is the final data push of the signature script.
250 script := sigPops[len(sigPops)-1].data
251 shPops, e := parseScript(script)
252 if e != nil {
253 return nil, e
254 }
255 shInputs := expectedInputs(shPops, typeOfScript(shPops))
256 if shInputs == -1 {
257 si.ExpectedInputs = -1
258 } else {
259 si.ExpectedInputs += shInputs
260 }
261 si.SigOps = getSigOpCount(shPops, true)
262 // All entries pushed to stack (or are OP_RESERVED and exec will fail).
263 si.NumInputs = len(sigPops)
264 // // If segwit is active, and this is a regular p2wkh output, then we'll treat the script as a p2pkh output in
265 // // essence.
266 // case si.PkScriptClass == WitnessV0PubKeyHashTy && segwit:
267 // si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
268 // si.NumInputs = len(witness)
269 // // We'll attempt to detect the nested p2sh case so we can accurately count the signature operations involved.
270 // case si.PkScriptClass == ScriptHashTy &&
271 // IsWitnessProgram(sigScript[1:]) && bip16 && segwit:
272 // // Extract the pushed witness program from the sigScript so we can determine the
273 // // number of expected inputs.
274 // pkPops, _ := parseScript(sigScript[1:])
275 // shInputs := expectedInputs(pkPops, typeOfScript(pkPops))
276 // if shInputs == -1 {
277 // si.ExpectedInputs = -1
278 // } else {
279 // si.ExpectedInputs += shInputs
280 // }
281 // si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
282 // si.NumInputs = len(witness)
283 // si.NumInputs += len(sigPops)
284 // // If segwit is active, and this is a p2wsh output, then we'll need to examine
285 // // the witness script to generate accurate script info.
286 // case si.PkScriptClass == WitnessV0ScriptHashTy && segwit:
287 // // The witness script is the final element of the witness stack.
288 // witnessScript := witness[len(witness)-1]
289 // pops, _ := parseScript(witnessScript)
290 // shInputs := expectedInputs(pops, typeOfScript(pops))
291 // if shInputs == -1 {
292 // si.ExpectedInputs = -1
293 // } else {
294 // si.ExpectedInputs += shInputs
295 // }
296 // si.SigOps = GetWitnessSigOpCount(sigScript, pkScript, witness)
297 // si.NumInputs = len(witness)
298 default:
299 si.SigOps = getSigOpCount(pkPops, true)
300 // All entries pushed to stack (or are OP_RESERVED and exec will fail).
301 si.NumInputs = len(sigPops)
302 }
303 return si, nil
304 }
305 306 // CalcMultiSigStats returns the number of public keys and signatures from a
307 // multi-signature transaction script. The passed script MUST already be known
308 // to be a multi-signature script.
309 func CalcMultiSigStats(script []byte) (int, int, error) {
310 pops, e := parseScript(script)
311 if e != nil {
312 return 0, 0, e
313 }
314 // A multi-signature script is of the pattern:
315 //
316 // NUM_SIGS PUBKEY PUBKEY PUBKEY... NUM_PUBKEYS OP_CHECKMULTISIG
317 //
318 // Therefore the number of signatures is the oldest item on the stack and the
319 // number of pubkeys is the 2nd to last. Also, the absolute minimum for a
320 // multi-signature script is 1 pubkey, so at least 4 items must be on the stack
321 // per:
322 //
323 // OP_1 PUBKEY OP_1 OP_CHECKMULTISIG
324 if len(pops) < 4 {
325 str := fmt.Sprintf("script %x is not a multisig script", script)
326 return 0, 0, scriptError(ErrNotMultisigScript, str)
327 }
328 numSigs := asSmallInt(pops[0].opcode)
329 numPubKeys := asSmallInt(pops[len(pops)-2].opcode)
330 return numPubKeys, numSigs, nil
331 }
332 333 // payToPubKeyHashScript creates a new script to pay a transaction output to a
334 // 20-byte pubkey hash. It is expected that the input is a valid hash.
335 func payToPubKeyHashScript(pubKeyHash []byte) ([]byte, error) {
336 return NewScriptBuilder().AddOp(OP_DUP).AddOp(OP_HASH160).
337 AddData(pubKeyHash).AddOp(OP_EQUALVERIFY).AddOp(OP_CHECKSIG).
338 Script()
339 }
340 341 // // payToWitnessPubKeyHashScript creates a new script to pay to a version 0
342 // // pubkey hash witness program. The passed hash is expected to be valid.
343 // func payToWitnessPubKeyHashScript(pubKeyHash []byte) ([]byte, error) {
344 // return NewScriptBuilder().AddOp(OP_0).AddData(pubKeyHash).Script()
345 // }
346 347 // payToScriptHashScript creates a new script to pay a transaction output to a
348 // script hash. It is expected that the input is a valid hash.
349 func payToScriptHashScript(scriptHash []byte) ([]byte, error) {
350 return NewScriptBuilder().AddOp(OP_HASH160).AddData(scriptHash).
351 AddOp(OP_EQUAL).Script()
352 }
353 354 // payToWitnessPubKeyHashScript creates a new script to pay to a version 0
355 // script hash witness program. The passed hash is expected to be valid.
356 func payToWitnessScriptHashScript(scriptHash []byte) ([]byte, error) {
357 return NewScriptBuilder().AddOp(OP_0).AddData(scriptHash).Script()
358 }
359 360 // payToPubkeyScript creates a new script to pay a transaction output to a
361 // public key. It is expected that the input is a valid pubkey.
362 func payToPubKeyScript(serializedPubKey []byte) ([]byte, error) {
363 return NewScriptBuilder().AddData(serializedPubKey).
364 AddOp(OP_CHECKSIG).Script()
365 }
366 367 // PayToAddrScript creates a new script to pay a transaction output to a the specified address.
368 func PayToAddrScript(addr btcaddr.Address) ([]byte, error) {
369 const nilAddrErrStr = "unable to generate payment script for nil address"
370 switch addr := addr.(type) {
371 case *btcaddr.PubKeyHash:
372 if addr == nil {
373 return nil, scriptError(
374 ErrUnsupportedAddress,
375 nilAddrErrStr,
376 )
377 }
378 return payToPubKeyHashScript(addr.ScriptAddress())
379 case *btcaddr.ScriptHash:
380 if addr == nil {
381 return nil, scriptError(
382 ErrUnsupportedAddress,
383 nilAddrErrStr,
384 )
385 }
386 return payToScriptHashScript(addr.ScriptAddress())
387 case *btcaddr.PubKey:
388 if addr == nil {
389 return nil, scriptError(
390 ErrUnsupportedAddress,
391 nilAddrErrStr,
392 )
393 }
394 return payToPubKeyScript(addr.ScriptAddress())
395 // case *util.AddressWitnessPubKeyHash:
396 // if addr == nil {
397 // return nil, scriptError(ErrUnsupportedAddress,
398 // nilAddrErrStr)
399 // }
400 // return payToWitnessPubKeyHashScript(addr.ScriptAddress())
401 // case *util.AddressWitnessScriptHash:
402 // if addr == nil {
403 // return nil, scriptError(ErrUnsupportedAddress,
404 // nilAddrErrStr)
405 // }
406 // return payToWitnessScriptHashScript(addr.ScriptAddress())
407 }
408 str := fmt.Sprintf(
409 "unable to generate payment script for unsupported "+
410 "address type %T", addr,
411 )
412 return nil, scriptError(ErrUnsupportedAddress, str)
413 }
414 415 // NullDataScript creates a provably-prunable script containing OP_RETURN
416 // followed by the passed data. An ScriptError with the error code
417 // errTooMuchNullData will be returned if the length of the passed data exceeds
418 // MaxDataCarrierSize.
419 func NullDataScript(data []byte) ([]byte, error) {
420 if len(data) > MaxDataCarrierSize {
421 str := fmt.Sprintf(
422 "data size %d is larger than max "+
423 "allowed size %d", len(data), MaxDataCarrierSize,
424 )
425 return nil, scriptError(ErrTooMuchNullData, str)
426 }
427 return NewScriptBuilder().AddOp(OP_RETURN).AddData(data).Script()
428 }
429 430 // MultiSigScript returns a valid script for a multisignature redemption where
431 // nrequired of the keys in pubkeys are required to have signed the transaction
432 // for success. An ScriptError with the error code errTooManyRequiredSigs will
433 // be returned if nrequired is larger than the number of keys provided.
434 func MultiSigScript(pubkeys []*btcaddr.PubKey, nrequired int) ([]byte, error) {
435 if len(pubkeys) < nrequired {
436 str := fmt.Sprintf(
437 "unable to generate multisig script with "+
438 "%d required signatures when there are only %d public "+
439 "keys available", nrequired, len(pubkeys),
440 )
441 return nil, scriptError(ErrTooManyRequiredSigs, str)
442 }
443 builder := NewScriptBuilder().AddInt64(int64(nrequired))
444 for _, key := range pubkeys {
445 builder.AddData(key.ScriptAddress())
446 }
447 builder.AddInt64(int64(len(pubkeys)))
448 builder.AddOp(OP_CHECKMULTISIG)
449 return builder.Script()
450 }
451 452 // PushedData returns an array of byte slices containing any pushed data found
453 // in the passed script. This includes OP_0, but not OP_1 - OP_16.
454 func PushedData(script []byte) ([][]byte, error) {
455 pops, e := parseScript(script)
456 if e != nil {
457 return nil, e
458 }
459 var data [][]byte
460 for _, pop := range pops {
461 if pop.data != nil {
462 data = append(data, pop.data)
463 } else if pop.opcode.value == OP_0 {
464 data = append(data, nil)
465 }
466 }
467 return data, nil
468 }
469 470 // ExtractPkScriptAddrs returns the type of script, addresses and required
471 // signatures associated with the passed PkScript. Note that it only works for
472 // 'standard' transaction script types. Any data such as public keys which are
473 // invalid are omitted from the results.
474 func ExtractPkScriptAddrs(pkScript []byte, chainParams *chaincfg.Params) (ScriptClass, []btcaddr.Address, int, error) {
475 var addrs []btcaddr.Address
476 var requiredSigs int
477 // No valid addresses or required signatures if the script doesn't parse.
478 pops, e := parseScript(pkScript)
479 if e != nil {
480 return NonStandardTy, nil, 0, e
481 }
482 scriptClass := typeOfScript(pops)
483 switch scriptClass {
484 case PubKeyHashTy:
485 // A pay-to-pubkey-hash script is of the form: OP_DUP OP_HASH160 <hash>
486 // OP_EQUALVERIFY OP_CHECKSIG Therefore the pubkey hash is the 3rd item on the
487 // stack. Skip the pubkey hash if it's invalid for some reason.
488 requiredSigs = 1
489 addr, e := btcaddr.NewPubKeyHash(
490 pops[2].data,
491 chainParams,
492 )
493 if e == nil {
494 addrs = append(addrs, addr)
495 }
496 // case WitnessV0PubKeyHashTy:
497 // // A pay-to-witness-pubkey-hash script is of the form: OP_0 <20-byte hash>
498 // // Therefore, the pubkey hash is the second item on the stack. Skip the pubkey
499 // // hash if it's invalid for some reason.
500 // requiredSigs = 1
501 // addr, e := util.NewAddressWitnessPubKeyHash(pops[1].data,
502 // chainParams)
503 // if e == nil {
504 // addrs = append(addrs, addr)
505 // }
506 case PubKeyTy:
507 // A pay-to-pubkey script is of the form: <pubkey> OP_CHECKSIG Therefore the pubkey is the first item on the
508 // stack. Skip the pubkey if it's invalid for some reason.
509 requiredSigs = 1
510 addr, e := btcaddr.NewPubKey(pops[0].data, chainParams)
511 if e == nil {
512 addrs = append(addrs, addr)
513 }
514 case ScriptHashTy:
515 // A pay-to-script-hash script is of the form: OP_HASH160 <scripthash> OP_EQUAL Therefore the script hash is the
516 // 2nd item on the stack. Skip the script hash if it's invalid for some reason.
517 requiredSigs = 1
518 addr, e := btcaddr.NewScriptHashFromHash(
519 pops[1].data,
520 chainParams,
521 )
522 if e == nil {
523 addrs = append(addrs, addr)
524 }
525 // case WitnessV0ScriptHashTy:
526 // // A pay-to-witness-script-hash script is of the form: OP_0 <32-byte hash>
527 // // Therefore, the script hash is the second item on the stack. Skip the script
528 // // hash if it's invalid for some reason.
529 // requiredSigs = 1
530 // addr, e := util.NewAddressWitnessScriptHash(pops[1].data,
531 // chainParams)
532 // if e == nil {
533 // addrs = append(addrs, addr)
534 // }
535 case MultiSigTy:
536 // A multi-signature script is of the form: <numsigs> <pubkey> <pubkey>
537 // <pubkey>... <numpubkeys> OP_CHECKMULTISIG Therefore the number of required
538 // signatures is the 1st item on the stack and the number of public keys is the
539 // 2nd to last item on the stack.
540 requiredSigs = asSmallInt(pops[0].opcode)
541 numPubKeys := asSmallInt(pops[len(pops)-2].opcode)
542 // Extract the public keys while skipping any that are invalid.
543 addrs = make([]btcaddr.Address, 0, numPubKeys)
544 for i := 0; i < numPubKeys; i++ {
545 addr, e := btcaddr.NewPubKey(
546 pops[i+1].data,
547 chainParams,
548 )
549 if e == nil {
550 addrs = append(addrs, addr)
551 }
552 }
553 case NullDataTy:
554 // Null data transactions have no addresses or required signatures.
555 case NonStandardTy:
556 // Don't attempt to extract addresses or required signatures for nonstandard
557 // transactions.
558 }
559 return scriptClass, addrs, requiredSigs, nil
560 }
561 562 // AtomicSwapDataPushes houses the data pushes found in atomic swap contracts.
563 type AtomicSwapDataPushes struct {
564 RecipientHash160 [20]byte
565 RefundHash160 [20]byte
566 SecretHash [32]byte
567 SecretSize int64
568 LockTime int64
569 }
570 571 // ExtractAtomicSwapDataPushes returns the data pushes from an atomic swap
572 // contract. If the script is not an atomic swap contract,
573 //
574 // ExtractAtomicSwapDataPushes returns (nil, nil). Non-nil errors are returned
575 // for unparsable scripts. NOTE: Atomic swaps are not considered standard script
576 // types by the dcrd mempool policy and should be used with P2SH. The atomic
577 // swap format is also expected to change to use a more secure hash function in
578 // the future. This function is only defined in the txscript package due to API
579 // limitations which prevent callers using txscript to parse nonstandard
580 // scripts.
581 func ExtractAtomicSwapDataPushes(version uint16, pkScript []byte) (*AtomicSwapDataPushes, error) {
582 pops, e := parseScript(pkScript)
583 if e != nil {
584 return nil, e
585 }
586 if len(pops) != 20 {
587 return nil, nil
588 }
589 isAtomicSwap := pops[0].opcode.value == OP_IF &&
590 pops[1].opcode.value == OP_SIZE &&
591 canonicalPush(pops[2]) &&
592 pops[3].opcode.value == OP_EQUALVERIFY &&
593 pops[4].opcode.value == OP_SHA256 &&
594 pops[5].opcode.value == OP_DATA_32 &&
595 pops[6].opcode.value == OP_EQUALVERIFY &&
596 pops[7].opcode.value == OP_DUP &&
597 pops[8].opcode.value == OP_HASH160 &&
598 pops[9].opcode.value == OP_DATA_20 &&
599 pops[10].opcode.value == OP_ELSE &&
600 canonicalPush(pops[11]) &&
601 pops[12].opcode.value == OP_CHECKLOCKTIMEVERIFY &&
602 pops[13].opcode.value == OP_DROP &&
603 pops[14].opcode.value == OP_DUP &&
604 pops[15].opcode.value == OP_HASH160 &&
605 pops[16].opcode.value == OP_DATA_20 &&
606 pops[17].opcode.value == OP_ENDIF &&
607 pops[18].opcode.value == OP_EQUALVERIFY &&
608 pops[19].opcode.value == OP_CHECKSIG
609 if !isAtomicSwap {
610 return nil, nil
611 }
612 pushes := new(AtomicSwapDataPushes)
613 copy(pushes.SecretHash[:], pops[5].data)
614 copy(pushes.RecipientHash160[:], pops[9].data)
615 copy(pushes.RefundHash160[:], pops[16].data)
616 if pops[2].data != nil {
617 locktime, e := makeScriptNum(pops[2].data, true, 5)
618 if e != nil {
619 return nil, nil
620 }
621 pushes.SecretSize = int64(locktime)
622 } else if op := pops[2].opcode; isSmallInt(op) {
623 pushes.SecretSize = int64(asSmallInt(op))
624 } else {
625 return nil, nil
626 }
627 if pops[11].data != nil {
628 locktime, e := makeScriptNum(pops[11].data, true, 5)
629 if e != nil {
630 return nil, nil
631 }
632 pushes.LockTime = int64(locktime)
633 } else if op := pops[11].opcode; isSmallInt(op) {
634 pushes.LockTime = int64(asSmallInt(op))
635 } else {
636 return nil, nil
637 }
638 return pushes, nil
639 }
640