From f61f73c36c0c6819dcbd61e015cc4f8709e7f4f4 Mon Sep 17 00:00:00 2001
From: Ignacio <ignacio@iovlabs.org>
Date: Thu, 15 Oct 2020 22:14:18 -0300
Subject: [PATCH] Move RSK output to the last output

To avoid possible malleability attacks, RSK discards solutions with more than 128 bytes after RSK tag.
Therefor, RSK output should be one of the last or the last output in the Coinbase.

RSKd code condition could be found here:
https://github.com/rsksmart/rskj/blob/master/rskj-core/src/main/java/co/rsk/validators/ProofOfWorkRule.java#L202
---
 src/bitcoin/StratumBitcoin.cc | 49 +++++++++++++++++++----------------
 1 file changed, 26 insertions(+), 23 deletions(-)

diff --git a/src/bitcoin/StratumBitcoin.cc b/src/bitcoin/StratumBitcoin.cc
index ae5e4a0db..5cd7004ea 100644
--- a/src/bitcoin/StratumBitcoin.cc
+++ b/src/bitcoin/StratumBitcoin.cc
@@ -805,29 +805,6 @@ bool StratumJobBitcoin::initFromGbt(
       cbOut.push_back(rootStateTxOut);
     }
 #endif
-    //
-    // output[3] (optional): RSK merge mining
-    //
-    if (latestRskBlockJson.isInitialized()) {
-      DLOG(INFO) << "RSK blockhash: " << blockHashForMergedMining_;
-      string rskBlockTag =
-          "\x6a\x29\x52\x53\x4B\x42\x4C\x4F\x43\x4B\x3A"; // "RSKBLOCK:"
-      vector<char> rskTag(rskBlockTag.begin(), rskBlockTag.end());
-      vector<char> binBuf;
-
-      Hex2Bin(blockHashForMergedMining_.c_str(), binBuf);
-
-      rskTag.insert(std::end(rskTag), std::begin(binBuf), std::end(binBuf));
-
-      CTxOut rskTxOut;
-      rskTxOut.scriptPubKey = CScript(
-          (unsigned char *)rskTag.data(),
-          (unsigned char *)rskTag.data() + rskTag.size());
-      rskTxOut.nValue = AMOUNT_TYPE(0);
-
-      cbOut.push_back(rskTxOut);
-    }
-
     //
     // output[3] (optional): VCASH merge mining
     //
@@ -852,6 +829,32 @@ bool StratumJobBitcoin::initFromGbt(
       cbOut.push_back(vcashTxOut);
     }
 
+    //
+    // output[3] (optional): RSK merge mining
+    // 
+    // To avoid possible malleability attacks, RSK discards solutions with more than 128 bytes after RSK tag.
+    // Therefor, RSK output should be one of the last or the last output in the Coinbase.
+    //
+    if (latestRskBlockJson.isInitialized()) {
+      DLOG(INFO) << "RSK blockhash: " << blockHashForMergedMining_;
+      string rskBlockTag =
+          "\x6a\x29\x52\x53\x4B\x42\x4C\x4F\x43\x4B\x3A"; // "RSKBLOCK:"
+      vector<char> rskTag(rskBlockTag.begin(), rskBlockTag.end());
+      vector<char> binBuf;
+
+      Hex2Bin(blockHashForMergedMining_.c_str(), binBuf);
+
+      rskTag.insert(std::end(rskTag), std::begin(binBuf), std::end(binBuf));
+
+      CTxOut rskTxOut;
+      rskTxOut.scriptPubKey = CScript(
+          (unsigned char *)rskTag.data(),
+          (unsigned char *)rskTag.data() + rskTag.size());
+      rskTxOut.nValue = AMOUNT_TYPE(0);
+
+      cbOut.push_back(rskTxOut);
+    }
+
     if (nmcAuxBits_ == 0u && latestVcashBlockJson.isInitialized()) {
       nmcAuxBits_ = latestVcashBlockJson.getBits();
       nmcRpcAddr_ = vcashdRpcAddress_;