StealthCoin.Find does not allow P2SH payment by default (DDOS risk)

MetacoSA · Nov 2, 2014 · 3586e46 · 3586e46
1 parent c02ce50
commit 3586e46
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 14 deletions.
diff --git a/NBitcoin.Tests/transaction_tests.cs b/NBitcoin.Tests/transaction_tests.cs
@@ -343,10 +343,8 @@ void CanBuildStealthTransactionCore(bool p2sh)
 				.BuildTransaction(true);
 			Assert.True(builder.Verify(tx));
 
-			Assert.NotNull(darkSatoshi.GetPayments(tx, scanKey).FirstOrDefault());
-
 			//Satoshi scans a StealthCoin in the transaction with his scan key
-			var stealthCoin = StealthCoin.Find(tx, darkSatoshi, scanKey);
+			var stealthCoin = StealthCoin.Find(tx, darkSatoshi, scanKey, allowP2sh: p2sh);
 			Assert.NotNull(stealthCoin);
 
 			//Satoshi sends back the money to Bob

diff --git a/NBitcoin/Coin.cs b/NBitcoin/Coin.cs
@@ -282,9 +282,17 @@ public Script Redeem
 			set;
 		}
 
-		public static StealthCoin Find(Transaction tx, BitcoinStealthAddress address, Key scan)
-		{
-			var payment = address.GetPayments(tx, scan).FirstOrDefault();
+		/// <summary>
+		/// Scan the Transaction for StealthCoin given address and scan key
+		/// </summary>
+		/// <param name="tx">The transaction to scan</param>
+		/// <param name="address">The stealth address</param>
+		/// <param name="scan">The scan private key</param>
+		/// <param name="allowP2sh">Support P2SH stealth payment, this weaken the scanner to DDOS attacks</param>
+		/// <returns></returns>
+		public static StealthCoin Find(Transaction tx, BitcoinStealthAddress address, Key scan, bool allowP2sh = false)
+		{
+			var payment = address.GetPayments(tx, scan, allowP2sh).FirstOrDefault();
 			if(payment == null)
 				return null;
 			var txId = tx.GetHash();

diff --git a/NBitcoin/Scanning/StealthPaymentScanner.cs b/NBitcoin/Scanning/StealthPaymentScanner.cs
@@ -9,7 +9,7 @@ namespace NBitcoin.Scanning
 {
 	public class StealthPaymentScanner : Scanner
 	{
-		
+
 		public StealthPaymentScanner(BitcoinStealthAddress address, Key scan)
 		{
 			if(address == null)
@@ -39,13 +39,13 @@ public Key Scan
 
 		public override Coins ScanCoins(uint256 txId, Transaction tx, int height)
 		{
-			var payments = StealthPayment.GetPayments(tx, Address, Scan);
+			var payments = StealthPayment.GetPayments(tx, Address, Scan, false);
 			return new Coins(tx, txout => Match(txout, payments), height);
 		}
 
 		private bool Match(TxOut txout, StealthPayment[] payments)
 		{
-			return payments.Any(p=>p.ScriptPubKey == txout.ScriptPubKey && !txout.IsDust);
+			return payments.Any(p => p.ScriptPubKey == txout.ScriptPubKey && !txout.IsDust);
 		}
 
 		public override IEnumerable<TxIn> FindSpent(IEnumerable<Transaction> transactions)

diff --git a/NBitcoin/Stealth/BitcoinStealthAddress.cs b/NBitcoin/Stealth/BitcoinStealthAddress.cs
@@ -110,9 +110,9 @@ public bool Match(StealthMetadata metadata)
 			return Match(metadata.BitField);
 		}
 
-		public StealthPayment[] GetPayments(Transaction transaction)
+		public StealthPayment[] GetPayments(Transaction transaction, bool allowP2sh = false)
 		{
-			return StealthPayment.GetPayments(transaction, null, null);
+			return StealthPayment.GetPayments(transaction, null, null, allowP2sh);
 		}
 	}
 	public class BitcoinStealthAddress : Base58Data
@@ -229,9 +229,17 @@ public override Base58Type Type
 		}
 
 
-		public StealthPayment[] GetPayments(Transaction transaction, Key scanKey)
+		/// <summary>
+		/// Scan the Transaction for StealthCoin given address and scan key
+		/// </summary>
+		/// <param name="tx">The transaction to scan</param>
+		/// <param name="address">The stealth address</param>
+		/// <param name="scan">The scan private key</param>
+		/// <param name="allowP2sh">Support P2SH stealth payment, this weaken the scanner to DDOS attacks</param>
+		/// <returns></returns>
+		public StealthPayment[] GetPayments(Transaction transaction, Key scanKey, bool allowP2sh = false)
 		{
-			return StealthPayment.GetPayments(transaction, this, scanKey);
+			return StealthPayment.GetPayments(transaction, this, scanKey, allowP2sh);
 		}
 
 		public StealthPayment CreatePayment(Key ephemKey = null, bool p2sh = false)

diff --git a/NBitcoin/Stealth/StealthPayment.cs b/NBitcoin/Stealth/StealthPayment.cs
@@ -140,7 +140,7 @@ public void AddToTransaction(Transaction transaction, Money value)
 			transaction.Outputs.Add(new TxOut(value, ScriptPubKey));
 		}
 
-		public static StealthPayment[] GetPayments(Transaction transaction, BitcoinStealthAddress address, Key scan)
+		public static StealthPayment[] GetPayments(Transaction transaction, BitcoinStealthAddress address, Key scan, bool allowP2sh = false)
 		{
 			List<StealthPayment> result = new List<StealthPayment>();
 			for(int i = 0 ; i < transaction.Outputs.Count - 1 ; i++)
@@ -155,6 +155,8 @@ public static StealthPayment[] GetPayments(Transaction transaction, BitcoinSteal
 
 					if(scriptId != null)
 					{
+						if(!allowP2sh)
+							continue;
 						if(address == null)
 							throw new ArgumentNullException("address");
 						redeem = CreatePaymentScript(address, metadata.EphemKey, scan);