Coverage Report

Created: 2026-04-29 19:21

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/tmp/bitcoin/src/script/sigcache.cpp
Line
Count
Source
1
// Copyright (c) 2009-2010 Satoshi Nakamoto
2
// Copyright (c) 2009-present The Bitcoin Core developers
3
// Distributed under the MIT software license, see the accompanying
4
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6
#include <script/sigcache.h>
7
8
#include <crypto/sha256.h>
9
#include <pubkey.h>
10
#include <random.h>
11
#include <script/interpreter.h>
12
#include <span.h>
13
#include <uint256.h>
14
#include <util/log.h>
15
16
#include <mutex>
17
#include <shared_mutex>
18
#include <vector>
19
20
SignatureCache::SignatureCache(const size_t max_size_bytes)
21
1.19k
{
22
1.19k
    uint256 nonce = GetRandHash();
23
    // We want the nonce to be 64 bytes long to force the hasher to process
24
    // this chunk, which makes later hash computations more efficient. We
25
    // just write our 32-byte entropy, and then pad with 'E' for ECDSA and
26
    // 'S' for Schnorr (followed by 0 bytes).
27
1.19k
    static constexpr unsigned char PADDING_ECDSA[32] = {'E'};
28
1.19k
    static constexpr unsigned char PADDING_SCHNORR[32] = {'S'};
29
1.19k
    m_salted_hasher_ecdsa.Write(nonce.begin(), 32);
30
1.19k
    m_salted_hasher_ecdsa.Write(PADDING_ECDSA, 32);
31
1.19k
    m_salted_hasher_schnorr.Write(nonce.begin(), 32);
32
1.19k
    m_salted_hasher_schnorr.Write(PADDING_SCHNORR, 32);
33
34
1.19k
    const auto [num_elems, approx_size_bytes] = setValid.setup_bytes(max_size_bytes);
35
1.19k
    LogInfo("Using %zu MiB out of %zu MiB requested for signature cache, able to store %zu elements",
36
1.19k
              approx_size_bytes >> 20, max_size_bytes >> 20, num_elems);
37
1.19k
}
38
39
void SignatureCache::ComputeEntryECDSA(uint256& entry, const uint256& hash, const std::vector<unsigned char>& vchSig, const CPubKey& pubkey) const
40
129k
{
41
129k
    CSHA256 hasher = m_salted_hasher_ecdsa;
42
129k
    hasher.Write(hash.begin(), 32).Write(pubkey.data(), pubkey.size()).Write(vchSig.data(), vchSig.size()).Finalize(entry.begin());
43
129k
}
44
45
void SignatureCache::ComputeEntrySchnorr(uint256& entry, const uint256& hash, std::span<const unsigned char> sig, const XOnlyPubKey& pubkey) const
46
260k
{
47
260k
    CSHA256 hasher = m_salted_hasher_schnorr;
48
260k
    hasher.Write(hash.begin(), 32).Write(pubkey.data(), pubkey.size()).Write(sig.data(), sig.size()).Finalize(entry.begin());
49
260k
}
50
51
bool SignatureCache::Get(const uint256& entry, const bool erase)
52
389k
{
53
389k
    std::shared_lock<std::shared_mutex> lock(cs_sigcache);
54
389k
    return setValid.contains(entry, erase);
55
389k
}
56
57
void SignatureCache::Set(const uint256& entry)
58
10.7k
{
59
10.7k
    std::unique_lock<std::shared_mutex> lock(cs_sigcache);
60
10.7k
    setValid.insert(entry);
61
10.7k
}
62
63
bool CachingTransactionSignatureChecker::VerifyECDSASignature(const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
64
129k
{
65
129k
    uint256 entry;
66
129k
    m_signature_cache.ComputeEntryECDSA(entry, sighash, vchSig, pubkey);
67
129k
    if (m_signature_cache.Get(entry, !store))
68
62.7k
        return true;
69
66.9k
    if (!TransactionSignatureChecker::VerifyECDSASignature(vchSig, pubkey, sighash))
70
1.07k
        return false;
71
65.8k
    if (store)
72
8.30k
        m_signature_cache.Set(entry);
73
65.8k
    return true;
74
66.9k
}
75
76
bool CachingTransactionSignatureChecker::VerifySchnorrSignature(std::span<const unsigned char> sig, const XOnlyPubKey& pubkey, const uint256& sighash) const
77
260k
{
78
260k
    uint256 entry;
79
260k
    m_signature_cache.ComputeEntrySchnorr(entry, sighash, sig, pubkey);
80
260k
    if (m_signature_cache.Get(entry, !store)) return true;
81
18.3k
    if (!TransactionSignatureChecker::VerifySchnorrSignature(sig, pubkey, sighash)) return false;
82
18.0k
    if (store) m_signature_cache.Set(entry);
83
18.0k
    return true;
84
18.3k
}