脚本是交易数据中的核心部分。可用于锁定输出和解锁输入。
当向某人支付比特币时,我们要为交易输入设置解锁脚本,向别人证明我们有全力使用该输入,同时我们还需要对交易输出添加锁定脚本,确保只有接收者能解锁该输出。
比特币系统专门设计了一套脚本语言,用于完成诸如加锁、解锁的操作(但不限于这些操作)。这套脚本语言是基于堆栈的解释型语言。
举个例子,比如脚本:2 3 ADD 5 EQUAL,则该脚本的执行过程如下:
1. 将数据 2 压入栈顶
2. 将数据 3 压入栈顶
3. 从栈顶取出两条数据相加,并把相加的结果压入栈顶
4. 从栈顶取出两条数据,判断这两条数据是否相同,并把判断结果压入栈顶
在实现环节,脚本由多个操作单元组成,这些单元可以是数据单元,也可以是计算单元。仍以上例为例:
2、3、5是数据单元、ADD、EQUAL是计算单元。因此脚本2 3 ADD 5 EQUAL会被封装成5个操作单元。
脚本的逻辑结构如下(实例):
// The program is a set of chunks where each element is either [opcode] or [data, data, data ...]
// 脚本程序中包含的脚本单元集合。脚本单元可能是具体操作,也可能是数据
protected List chunks;
// Unfortunately, scripts are not ever re-serialized or canonicalized when used in signature hashing. Thus we
// must preserve the exact bytes that we read off the wire, along with the parsed form.
// 脚本程序的原始字节数组(在签名验证时会使用,因此需要精确的保留下来)
protected byte[] program;
核心代码 - 数据解析
//标准的脚本单元,包括:
//复制栈顶数据(OP_DUP),对栈顶数据进行HASH160运算(OP_HASH160)、
//比较栈顶的两个值是否相等(OP_EQUALVERIFY)、检查签名是否正确(OP_CHECKSIG)
private static final ScriptChunk[] STANDARD_TRANSACTION_SCRIPT_CHUNKS = {
new ScriptChunk(ScriptOpCodes.OP_DUP, null, 0),
new ScriptChunk(ScriptOpCodes.OP_HASH160, null, 1),
new ScriptChunk(ScriptOpCodes.OP_EQUALVERIFY, null, 23),
new ScriptChunk(ScriptOpCodes.OP_CHECKSIG, null, 24),
};
/**
* 解析脚本数据,生成脚本对象
* To run a script, first we parse it which breaks it up into chunks representing pushes of data or logical
* opcodes. Then we can run the parsed chunks.
* 为了运行脚本,首先我们要将脚本分割成多个单元,每个单元用于表示单条数据和单个操作。之后我们在堆栈上逐一运行每个脚本单元。
*
* The reason for this split, instead of just interpreting directly, is to make it easier
* to reach into a programs structure and pull out bits of data without having to run it.
* This is necessary to render the to/from addresses of transactions in a user interface.
* Bitcoin Core does something similar.
* 不直接解释脚本,而是将脚本分割成多个单元的原因是,可以更方便地了解程序结构并抽出数据,而无需运行它。
*/
private void parse(byte[] program) throws ScriptException {
//定义脚本中包含的单元集合,初始化设置数组长度为5,既包含5个单元
chunks = new ArrayList<>(5); // Common size.
ByteArrayInputStream bis = new ByteArrayInputStream(program);
int initialSize = bis.available();
while (bis.available() > 0) {
//计算读取的起始位置
int startLocationInProgram = initialSize - bis.available();
int opcode = bis.read(); //读取操作符
long dataToRead = -1; //待读取的数据长度
//如果操作符的值小于OP_PUSHDATA1,则待读取的数据长度为dataToRead
//如果操作符的值等于OP_PUSHDATA1,则读取之后的一个字节数据,作为待读取的数据长度
//如果操作符的值等于OP_PUSHDATA2,则读取之后的两个字节数据,作为待读取的数据长度
//如果操作符的值等于OP_PUSHDATA4,则读取之后的四个字节数据,作为待读取的数据长度
//上面的这些操作都是将数据压入栈
if (opcode >= 0 && opcode < OP_PUSHDATA1) {
// Read some bytes of data, where how many is the opcode value itself.
dataToRead = opcode;
} else if (opcode == OP_PUSHDATA1) {
if (bis.available() < 1) throw new ScriptException(ScriptError.SCRIPT_ERR_UNKNOWN_ERROR, "Unexpected end of script");
dataToRead = bis.read();
} else if (opcode == OP_PUSHDATA2) {
// Read a short, then read that many bytes of data.
if (bis.available() < 2) throw new ScriptException(ScriptError.SCRIPT_ERR_UNKNOWN_ERROR, "Unexpected end of script");
dataToRead = Utils.readUint16FromStream(bis);
} else if (opcode == OP_PUSHDATA4) {
// Read a uint32, then read that many bytes of data.
// Though this is allowed, because its value cannot be > 520, it should never actually be used
if (bis.available() < 4) throw new ScriptException(ScriptError.SCRIPT_ERR_UNKNOWN_ERROR, "Unexpected end of script");
dataToRead = Utils.readUint32FromStream(bis);
}
ScriptChunk chunk;
//如果待读取的数据长度为-1,则表明不是将外部数据压入栈,则操作符可能是出栈或控制操作
//如果待读取的数据长度不为-1,则代表该操作为将外部数据压入栈的操作
if (dataToRead == -1) {
chunk = new ScriptChunk(opcode, null, startLocationInProgram);
} else {
if (dataToRead > bis.available())
throw new ScriptException(ScriptError.SCRIPT_ERR_BAD_OPCODE, "Push of data element that is larger than remaining data");
byte[] data = new byte[(int)dataToRead];
//读取并校验数据
checkState(dataToRead == 0 || bis.read(data, 0, (int)dataToRead) == dataToRead);
chunk = new ScriptChunk(opcode, data, startLocationInProgram);
}
// Save some memory by eliminating redundant copies of the same chunk objects.
// 通过排除多余的操作副本,来节约内存(内存中会缓存一些常见的操作单元,从而减少重复创建,来节约内存)
for (ScriptChunk c : STANDARD_TRANSACTION_SCRIPT_CHUNKS) {
if (c.equals(chunk)) chunk = c;
}
//将脚本单元添加到脚本的单元集合中
chunks.add(chunk);
}
}
操作单元分为数据单元和运算单元。
- 运算单元 用于将数据压入栈,待后续进行运算
- 运算单元 用于从栈中取出数据,并进行运算,并将运算的结果压入栈
操作单元的逻辑结构如下:
/** Operation to be executed. Opcodes are defined in {@link ScriptOpCodes}. */
public final int opcode; //操作符,不同的操作符代表不通过的运算,参见ScriptOpCodes
/**
* For push operations, this is the vector to be pushed on the stack. For {@link ScriptOpCodes#OP_0}, the vector is
* empty. Null for non-push operations.
* 如果是数据单元,则代表将数据压入栈顶,如果是运算单元,则该字段为空
*/
@Nullable
public final byte[] data;
private int startLocationInProgram; //该单元在脚本中的起始位置
核心代码 - 操作符
// push value
public static final int OP_0 = 0x00; // push empty vector 空操作(占位使用)
//数据操作符,用于将数据压入栈
public static final int OP_FALSE = OP_0;
public static final int OP_PUSHDATA1 = 0x4c;
public static final int OP_PUSHDATA2 = 0x4d;
public static final int OP_PUSHDATA4 = 0x4e;
public static final int OP_1NEGATE = 0x4f;
public static final int OP_RESERVED = 0x50;
public static final int OP_1 = 0x51;
public static final int OP_TRUE = OP_1;
public static final int OP_2 = 0x52;
public static final int OP_3 = 0x53;
public static final int OP_4 = 0x54;
public static final int OP_5 = 0x55;
public static final int OP_6 = 0x56;
public static final int OP_7 = 0x57;
public static final int OP_8 = 0x58;
public static final int OP_9 = 0x59;
public static final int OP_10 = 0x5a;
public static final int OP_11 = 0x5b;
public static final int OP_12 = 0x5c;
public static final int OP_13 = 0x5d;
public static final int OP_14 = 0x5e;
public static final int OP_15 = 0x5f;
public static final int OP_16 = 0x60;
// control 控制操作符,IF、ELSE等
public static final int OP_NOP = 0x61;
public static final int OP_VER = 0x62;
public static final int OP_IF = 0x63;
public static final int OP_NOTIF = 0x64;
public static final int OP_VERIF = 0x65;
public static final int OP_VERNOTIF = 0x66;
public static final int OP_ELSE = 0x67;
public static final int OP_ENDIF = 0x68;
public static final int OP_VERIFY = 0x69;
public static final int OP_RETURN = 0x6a;
// stack ops 栈操作符 复制栈顶、出栈等
public static final int OP_TOALTSTACK = 0x6b;
public static final int OP_FROMALTSTACK = 0x6c;
public static final int OP_2DROP = 0x6d;
public static final int OP_2DUP = 0x6e;
public static final int OP_3DUP = 0x6f;
public static final int OP_2OVER = 0x70;
public static final int OP_2ROT = 0x71;
public static final int OP_2SWAP = 0x72;
public static final int OP_IFDUP = 0x73;
public static final int OP_DEPTH = 0x74;
public static final int OP_DROP = 0x75;
public static final int OP_DUP = 0x76;
public static final int OP_NIP = 0x77;
public static final int OP_OVER = 0x78;
public static final int OP_PICK = 0x79;
public static final int OP_ROLL = 0x7a;
public static final int OP_ROT = 0x7b;
public static final int OP_SWAP = 0x7c;
public static final int OP_TUCK = 0x7d;
// splice ops 字符串处理操作
public static final int OP_CAT = 0x7e;
public static final int OP_SUBSTR = 0x7f;
public static final int OP_LEFT = 0x80;
public static final int OP_RIGHT = 0x81;
public static final int OP_SIZE = 0x82;
// bit logic 逻辑运算操作符
public static final int OP_INVERT = 0x83;
public static final int OP_AND = 0x84;
public static final int OP_OR = 0x85;
public static final int OP_XOR = 0x86;
public static final int OP_EQUAL = 0x87;
public static final int OP_EQUALVERIFY = 0x88;
public static final int OP_RESERVED1 = 0x89;
public static final int OP_RESERVED2 = 0x8a;
// numeric 数值运算操作符
public static final int OP_1ADD = 0x8b;
public static final int OP_1SUB = 0x8c;
public static final int OP_2MUL = 0x8d;
public static final int OP_2DIV = 0x8e;
public static final int OP_NEGATE = 0x8f;
public static final int OP_ABS = 0x90;
public static final int OP_NOT = 0x91;
public static final int OP_0NOTEQUAL = 0x92;
public static final int OP_ADD = 0x93;
public static final int OP_SUB = 0x94;
public static final int OP_MUL = 0x95;
public static final int OP_DIV = 0x96;
public static final int OP_MOD = 0x97;
public static final int OP_LSHIFT = 0x98;
public static final int OP_RSHIFT = 0x99;
public static final int OP_BOOLAND = 0x9a;
public static final int OP_BOOLOR = 0x9b;
public static final int OP_NUMEQUAL = 0x9c;
public static final int OP_NUMEQUALVERIFY = 0x9d;
public static final int OP_NUMNOTEQUAL = 0x9e;
public static final int OP_LESSTHAN = 0x9f;
public static final int OP_GREATERTHAN = 0xa0;
public static final int OP_LESSTHANOREQUAL = 0xa1;
public static final int OP_GREATERTHANOREQUAL = 0xa2;
public static final int OP_MIN = 0xa3;
public static final int OP_MAX = 0xa4;
public static final int OP_WITHIN = 0xa5;
// crypto 加解密操作符
public static final int OP_RIPEMD160 = 0xa6;
public static final int OP_SHA1 = 0xa7;
public static final int OP_SHA256 = 0xa8;
public static final int OP_HASH160 = 0xa9;
public static final int OP_HASH256 = 0xaa;
public static final int OP_CODESEPARATOR = 0xab;
public static final int OP_CHECKSIG = 0xac;
public static final int OP_CHECKSIGVERIFY = 0xad;
public static final int OP_CHECKMULTISIG = 0xae;
public static final int OP_CHECKMULTISIGVERIFY = 0xaf;
// block state 区块状态
/** Check lock time of the block. Introduced in BIP 65, replacing OP_NOP2 */
public static final int OP_CHECKLOCKTIMEVERIFY = 0xb1;
public static final int OP_CHECKSEQUENCEVERIFY = 0xb2;
// expansion 扩展操作符
public static final int OP_NOP1 = 0xb0;
上一篇:(三) 区块链数据结构 – 交易
下一篇:区块链算法 – Secp256k1 签名生成和验证算法 以及证明过程