6 "github.com/vapor/crypto/ed25519/chainkd"
7 "github.com/vapor/crypto/sha3pool"
8 chainjson "github.com/vapor/encoding/json"
9 "github.com/vapor/errors"
10 "github.com/vapor/protocol/vm"
14 // SignatureWitness is a sign struct
15 SignatureWitness struct {
16 // Quorum is the number of signatures required.
17 Quorum int `json:"quorum"`
19 // Keys are the identities of the keys to sign with.
20 Keys []keyID `json:"keys"`
22 // Program is the predicate part of the signature program, whose hash is what gets
23 // signed. If empty, it is computed during Sign from the outputs
24 // and the current input of the transaction.
25 Program chainjson.HexBytes `json:"program"`
27 // Sigs are signatures of Program made from each of the Keys
29 Sigs []chainjson.HexBytes `json:"signatures"`
33 XPub chainkd.XPub `json:"xpub"`
34 DerivationPath []chainjson.HexBytes `json:"derivation_path"`
38 // ErrEmptyProgram is a type of error
39 var ErrEmptyProgram = errors.New("empty signature program")
41 // Sign populates sw.Sigs with as many signatures of the predicate in
42 // sw.Program as it can from the overlapping set of keys in sw.Keys.
44 // If sw.Program is empty, it is populated with an _inferred_ predicate:
45 // a program committing to aspects of the current
46 // transaction. Specifically, the program commits to:
47 // - the mintime and maxtime of the transaction (if non-zero)
48 // - the outputID of the current input
49 // - the assetID, amount, control program of each output.
50 func (sw *SignatureWitness) Sign(tpl *Template, index uint32, xprv chainkd.XPrv) error {
51 // Compute the predicate to sign. This is either a
52 // txsighash program if tpl.AllowAdditional is false (i.e., the tx is complete
53 // and no further changes are allowed) or a program enforcing
54 // constraints derived from the existing outputs and current input.
55 if len(sw.Program) == 0 {
57 sw.Program, err = buildSigProgram(tpl, tpl.SigningInstructions[index].Position)
61 if len(sw.Program) == 0 {
62 return ErrEmptyProgram
65 if len(sw.Sigs) < len(sw.Keys) {
66 // Each key in sw.Keys may produce a signature in sw.Sigs. Make
67 // sure there are enough slots in sw.Sigs and that we preserve any
68 // sigs already present.
69 newSigs := make([]chainjson.HexBytes, len(sw.Keys))
70 copy(newSigs, sw.Sigs)
74 sha3pool.Sum256(h[:], sw.Program)
75 for i, keyID := range sw.Keys {
76 if len(sw.Sigs[i]) > 0 {
77 // Already have a signature for this key
80 path := make([][]byte, len(keyID.DerivationPath))
81 for i, p := range keyID.DerivationPath {
84 if keyID.XPub.String() != xprv.XPub().String() {
88 sigBytes := xprv.Sign(h[:])
89 // This break is ordered to avoid signing transaction successfully only once for a multiple-sign account
90 // that consist of different keys by the same password. Exit immediately when the signature is success,
91 // it means that only one signature will be successful in the loop for this multiple-sign account.
98 func (sw SignatureWitness) Materialize(args *[][]byte) error {
99 // This is the value of N for the CHECKPREDICATE call. The code
100 // assumes that everything already in the arg list before this call
101 // to Materialize is input to the signature program, so N is
103 *args = append(*args, vm.Int64Bytes(int64(len(*args))))
106 for i := 0; i < len(sw.Sigs) && nsigs < sw.Quorum; i++ {
107 if len(sw.Sigs[i]) > 0 {
108 *args = append(*args, sw.Sigs[i])
112 *args = append(*args, sw.Program)
116 // MarshalJSON convert struct to json
117 func (sw SignatureWitness) MarshalJSON() ([]byte, error) {
119 Type string `json:"type"`
120 Quorum int `json:"quorum"`
121 Keys []keyID `json:"keys"`
122 Sigs []chainjson.HexBytes `json:"signatures"`
129 return json.Marshal(obj)