mit-dci · adiabat · Nov 14, 2020 · Nov 14, 2020 · Nov 14, 2020 · Nov 14, 2020
diff --git a/util/types.go b/util/types.go
@@ -195,6 +195,7 @@ func (l *LeafData) DeserializeCompact(r io.Reader) (flag byte, err error) {
 		return
 	}
 	if flag == LeafFlagP2PKH {
+		// if it's P2PKH the flag alone is enough; no PKH data is given
 		return
 	}
 
@@ -525,6 +526,7 @@ func (ub *UBlock) SerializeCompactSize() int {
 // rebuilt from the block data.  Note that this leaves the blockhash
 // empty in the leaf data, so that needs to be filled in by lookup up
 // the headers (block height is provided)
+// The 2 things to rebuild here are outpoint and pkscript
 func (ub *UBlock) DeserializeCompact(r io.Reader) (err error) {
 	err = ub.Block.Deserialize(r)
 	if err != nil {
@@ -540,16 +542,46 @@ func (ub *UBlock) DeserializeCompact(r io.Reader) (err error) {
 			len(flags), len(ub.UtreexoData.Stxos))
 		return
 	}
+	// make sure the number of targets in the proof side matches the
+	// number of inputs in the block
 	proofsRemaining := len(flags)
 	for i, tx := range ub.Block.Transactions {
 		if i == 0 {
 			continue
 		}
 		proofsRemaining -= len(tx.TxIn)
 	}
+	// if it doesn't match, fail
 	if proofsRemaining != 0 {
 		err = fmt.Errorf("%d txos proven but %d inputs in block",
 			len(flags), len(flags)-proofsRemaining)
+		return
+	}
+	// we know the leaf data & inputs match up, at least in number, so
+	// rebuild the leaf data.  It could be wrong but we'll find out later
+	// if the hashes / proofs don't match.
+	txinInBlock := 0
+	for i, tx := range ub.Block.Transactions {
+		if i == 0 {
+			continue // skip coinbase
+		}
+		for _, in := range tx.TxIn {
+			// rebuild leaf data from this txin data (OP and PkScript)
+			// copy outpoint from block into leaf
+			ub.UtreexoData.Stxos[txinInBlock].Outpoint = in.PreviousOutPoint
+			// rebuild pkscript based on flag
+
+			// so far only P2PKH are omitted / recovered
+			if flags[txinInBlock] == LeafFlagP2PKH {
+				// get pubkey from sigscript
+				ub.UtreexoData.Stxos[txinInBlock].PkScript, err =
+					RecoverPkScriptP2PKH(in.SignatureScript)
+				if err != nil {
+					return
+				}
+			}
+			txinInBlock++
+		}
 	}
 
 	return

diff --git a/util/utils.go b/util/utils.go
@@ -10,6 +10,8 @@ import (
 	"sort"
 	"time"
 
+	"github.com/btcsuite/btcutil"
+
 	"github.com/btcsuite/btcd/chaincfg"
 	"github.com/btcsuite/btcd/wire"
 	"github.com/mit-dci/utreexo/accumulator"
@@ -313,3 +315,31 @@ func IsP2PKH(pks []byte) bool {
 		pks[0] == 0x76 && pks[1] == 0xa9 && pks[2] == 0x14 &&
 		pks[23] == 0x88 && pks[24] == 0xac
 }
+
+// given a P2PKH scriptSig, output the original scriptPubKey
+func RecoverPkScriptP2PKH(scriptSig []byte) ([]byte, error) {
+	if len(scriptSig) == 0 {
+		return nil, fmt.Errorf("RecoverPkScriptP2PKH give empty scriptSig")
+	}
+	siglen := scriptSig[0]
+	if len(scriptSig)+1 < int(siglen) {
+		return nil, fmt.Errorf("RecoverPkScriptP2PKH can't pop signature")
+	}
+	scriptSig = scriptSig[siglen+1:]
+	pklen := scriptSig[0]
+	if len(scriptSig)+1 < int(pklen) {
+		return nil, fmt.Errorf("RecoverPkScriptP2PKH can't pop pubkey")
+	}
+	pkh := btcutil.Hash160(scriptSig[1 : 1+pklen])
+	return p2pkhify(pkh), nil
+}
+
+// turns a pubkey hash into a normal bitcoin p2pkh spend script.
+// no checks on the input.  if it's not 20 bytes, will return a script
+// that won't work.
+func p2pkhify(pkh []byte) (script []byte) {
+	script = []byte{0x76, 0xa9, 0x14}
+	script = append(script, pkh...)
+	script = append(script, []byte{0x88, 0xac}...)
+	return
+}