Merge ElementsProject#703: [0.18] Dynafed backport

f11f066 Generalize the number of epochs old a peg-in can be and still be valid (Gregory Sanders)
d47a7e0 feature_fedpeg.py: Run in various dynafed transition settings (Gregory Sanders)
5b2c79e Fix compilation of raw transaction operations with peg-in inputs (Gregory Sanders)
0a44ff6 p2sh-wrap peg-in addresses if fedpeg_program is p2sh-wrapped (Gregory Sanders)
be46069 Refactor IsPAKValid to not magically acquire chainparams (Gregory Sanders)
c6070be Remove script/standard dependence of ContextualCheckDynaFedHeader (Gregory Sanders)
d9431c0 Remove dyanfed.cpp's dependency on script/standard.h (Gregory Sanders)
a7dc478 After a reorg, boot all peg-ins and peg-outs from mempool (Gregory Sanders)
9a3b9b9 Enforce PAK checks on dynafed proposals (Gregory Sanders)
ffec609 Replace fedpeg template init check for pak one (Gregory Sanders)
8dc1de4 Update python test framework for DynaFedParamEntry fedpeg program (Gregory Sanders)
d3d2bc3 Add functional test for illegal proposals (Gregory Sanders)
25bdb0a Update dynafed functional test to new behavior (Gregory Sanders)
04cadcd fixup proposal checks (Gregory Sanders)
0a21f53 getnewblockhex fills out proposal fedpeg program (Gregory Sanders)
1892b67 Make future parent segwit versions in fedpegscripts be vacuously true (Gregory Sanders)
1122fc2 Add dynafed proposal restrictions (Gregory Sanders)
69e881a Add description of NextBlockIsParameterTransition (Gregory Sanders)
a7bb36f Remove misleading comment for ContextualCheckDynaFedHeader use (Gregory Sanders)
b7aaf4b Add fedpeg_program field in dynafed header (Gregory Sanders)
cc2f57a CreatePAKListFromExtensionSpace just uses FromBytes for correctness (Gregory Sanders)
7e4f88b Remove short-circuit dynafed vote fail for readability (Gregory Sanders)
285daab s/m_dyna_params/m_dynafed_params/ (Gregory Sanders)
e963834 Light explanation of dynamic federations fields (Gregory Sanders)
8f12b61 s/ConsensusParamEntry/DynaFedParamEntry/ (Gregory Sanders)
6ddf46c s/m_sbs_wit_limit/m_signblock_witness_limit/ (Gregory Sanders)
1d1cf23 s/HF_MASK/DYNAFED_HF_MASK/ (Gregory Sanders)
5e2aca1 s/d_params/dynafed_params/ (Gregory Sanders)
4829b3a signrawtransaction* should use up to date fedpegscript for peg-in signing (Gregory Sanders)
8bd7027 Dynafed RPC support, tests, and deployment for custom chains (Gregory Sanders)
f08756b OP_TRUE outputs should be allowed to be segwit-ified by decodescript (Gregory Sanders)
2eded09 Have removeForBlock boot transactions when required (Gregory Sanders)
0cfe03b Expose fedpeg fetching to consensus and mempool internals (Gregory Sanders)
b00515e GetTransactionSigOpCost shouldn't need fedpegscript to evaluate (Gregory Sanders)
b096f8d Add and update startup args for dynafed (Gregory Sanders)
8436710 Add unused dynamic genesis block style in chainparams (Gregory Sanders)
f2e3495 Create epoch length chainparam (Gregory Sanders)
85467c0 Set default of multi_data_permitted to enforce_pak (Gregory Sanders)
e1474d1 Correct comment about liquidv1 fedpeg matching template (Gregory Sanders)
4818e5e Miner should stop trying to account for old PAK system (Gregory Sanders)
f277ec5 Add miner ability to make dynafed blocks (Gregory Sanders)
f5e4632 ContextualCheckBlockHeader: dynafed doesn't call CheckChallenge (Gregory Sanders)
fb333b3 Introduce contextual block checks for dynafed (Gregory Sanders)
8f2194c Enable pak enforcement at mempool/block level when appropriate (Gregory Sanders)
fac525b ScriptHasValidPAKProof takes fedpeg as arg (Gregory Sanders)
144d486 Remove old mempool-booting logic (Gregory Sanders)
1c77824 Remove standardness checks for PAK (Gregory Sanders)
a306c0c Update PAK internals, helper functions (Gregory Sanders)
60d4093 Disable PAK loading from configuration on init, disable pak test (Gregory Sanders)
5e273e8 Add inactive versionbits dynafed deployment (Gregory Sanders)
1f470d3 ReadBlockFromDisk: do genesis block check before block proof check (Gregory Sanders)
cd5d87c Bump last old block version for versonbits due to elements (Gregory Sanders)
86ed316 Add python implementation of dynafed block serialization (Gregory Sanders)
7ec6c53 Deserialize merkle proofs without witness, which matters for dynafed (Gregory Sanders)
af485a8 Add fedpegscript-fetching helper (Gregory Sanders)
d1207bd calculate_contract: remove most template checks and assert in preperation for dynafed (Gregory Sanders)
21cf128 Add note on peg-in sigops (Gregory Sanders)
c37a8fe Add dynafed helper functions (Gregory Sanders)
fa1f497 Refactor block_proof to support dynafed (Gregory Sanders)
0402da6 Add dynamic federation blockheader fields to chaindb serialization (Gregory Sanders)
ab6e3e3 Add dynamic federations blockheader serialization with HF bit (Gregory Sanders)
f49c0a6 Define dynamic federations primitives (Gregory Sanders)

Pull request description:

Tree-SHA512: dcc7f9f225dcc5921cc325e267e30367283afe4b8d88c9a008dccf72393b35245b50cc48eddce035b2dbbe2a0b669b5027998fc88f30bfc18cf78af7f0a484a4

src/Makefile.am

@@ -134,6 +134,7 @@ BITCOIN_CORE_H = \
   core_io.h \
   core_memusage.h \
   cuckoocache.h \
+  dynafed.h \
   fs.h \
   httprpc.h \
   httpserver.h \
@@ -401,10 +402,13 @@ libbitcoin_consensus_a_SOURCES = \
   arith_uint256.cpp \
   arith_uint256.h \
   asset.cpp \
+  chain.h \
+  chain.cpp \
   consensus/merkle.cpp \
   consensus/merkle.h \
   consensus/params.h \
   consensus/validation.h \
+  dynafed.cpp \
   hash.cpp \
   hash.h \
   prevector.h \

src/block_proof.cpp

@@ -19,21 +19,18 @@ bool CheckChallenge(const CBlockHeader& block, const CBlockIndex& indexLast, con
     }
 }
 
-void ResetChallenge(CBlockHeader& block, const CBlockIndex& indexLast, const Consensus::Params& params)
+static bool CheckProofGeneric(const CBlockHeader& block, const uint32_t max_block_signature_size, const CScript& challenge, const CScript& scriptSig, const CScriptWitness& witness)
 {
-    block.proof.challenge = indexLast.proof.challenge;
-}
-
-static bool CheckProofGeneric(const CBlockHeader& block, const Consensus::Params& params, const CScript& challenge)
-{
-    if (block.GetHash() == params.hashGenesisBlock)
-       return true;
+    // scriptSig or witness will be nonempty, but not both, so just compare both limits
+    if (scriptSig.size() > max_block_signature_size) {
+        return false;
+    }
 
-    if (block.proof.solution.size() > params.max_block_signature_size) {
+    if (witness.GetSerializedSize() > max_block_signature_size) {
         return false;
     }
 
-    // Some anti-DoS flags, though consensus.max_block_signature_size caps the possible
+    // Some anti-DoS flags, though max_block_signature_size caps the possible
     // danger in malleation of the block witness data.
     unsigned int proof_flags = SCRIPT_VERIFY_P2SH // For cleanstack evalution under segwit flag
         | SCRIPT_VERIFY_STRICTENC // Minimally-sized DER sigs
@@ -42,26 +39,36 @@ static bool CheckProofGeneric(const CBlockHeader& block, const Consensus::Params
         | SCRIPT_VERIFY_MINIMALDATA // Pushes are minimally-sized
         | SCRIPT_VERIFY_SIGPUSHONLY // Witness is push-only
         | SCRIPT_VERIFY_LOW_S // Stop easiest signature fiddling
-        | SCRIPT_VERIFY_WITNESS // Required for cleanstack eval in VerifyScript
+        | SCRIPT_VERIFY_WITNESS // Witness and to enforce cleanstack
         | SCRIPT_NO_SIGHASH_BYTE; // non-Check(Multi)Sig signatures will not have sighash byte
-    return GenericVerifyScript(block.proof.solution, challenge, proof_flags, block);
+    return GenericVerifyScript(scriptSig, witness, challenge, proof_flags, block);
 }
 
 bool CheckProof(const CBlockHeader& block, const Consensus::Params& params)
 {
     if (g_signed_blocks) {
-        return CheckProofGeneric(block, params, params.signblockscript);
+        const DynaFedParams& dynafed_params = block.m_dynafed_params;
+        if (dynafed_params.IsNull()) {
+            return CheckProofGeneric(block, params.max_block_signature_size, params.signblockscript, block.proof.solution, CScriptWitness());
+        } else {
+            return CheckProofGeneric(block, dynafed_params.m_current.m_signblock_witness_limit, dynafed_params.m_current.m_signblockscript, CScript(), block.m_signblock_witness);
+        }
     } else {
         return CheckProofOfWork(block.GetHash(), block.nBits, params);
     }
 }
 
 bool CheckProofSignedParent(const CBlockHeader& block, const Consensus::Params& params)
 {
-    return CheckProofGeneric(block, params, params.parent_chain_signblockscript);
-}
-
-void ResetProof(CBlockHeader& block)
-{
-    block.proof.solution.clear();
+    const DynaFedParams& dynafed_params = block.m_dynafed_params;
+    if (dynafed_params.IsNull()) {
+        return CheckProofGeneric(block, params.max_block_signature_size, params.parent_chain_signblockscript, block.proof.solution, CScriptWitness());
+    } else {
+        // Dynamic federations means we cannot validate the signer set
+        // at least without tracking the parent chain more directly.
+        // Note that we do not even serialize dynamic federation block witness data
+        // currently for merkle proofs which is the only context in which
+        // this function is currently used.
+        return true;
+    }
 }

src/block_proof.h

@@ -20,8 +20,6 @@ class CScript;
 /** Check on header proof, depending on chain type, PoW or signed **/
 bool CheckProof(const CBlockHeader& block, const Consensus::Params&);
 bool CheckProofSignedParent(const CBlockHeader& block, const Consensus::Params&);
-void ResetProof(CBlockHeader& block);
 bool CheckChallenge(const CBlockHeader& block, const CBlockIndex& indexLast, const Consensus::Params&);
-void ResetChallenge(CBlockHeader& block, const CBlockIndex& indexLast, const Consensus::Params&);
 
 #endif // BITCOIN_BLOCK_PROOF_H

src/chain.h

@@ -221,6 +221,9 @@ class CBlockIndex
     uint32_t nBits;
     uint32_t nNonce;
     CProof proof;
+    // Dynamic federation fields
+    DynaFedParams dynafed_params;
+    CScriptWitness m_signblock_witness;
 
     //! (memory only) Sequential id assigned to distinguish order in which blocks are received.
     int32_t nSequenceId;
@@ -250,6 +253,8 @@ class CBlockIndex
         nBits          = 0;
         nNonce         = 0;
         proof.SetNull();
+        dynafed_params.SetNull();
+        m_signblock_witness.SetNull();
     }
 
     CBlockIndex()
@@ -267,6 +272,8 @@ class CBlockIndex
         nBits          = block.nBits;
         nNonce         = block.nNonce;
         proof          = block.proof;
+        dynafed_params       = block.m_dynafed_params;
+        m_signblock_witness = block.m_signblock_witness;
     }
 
     CDiskBlockPos GetBlockPos() const {
@@ -301,6 +308,8 @@ class CBlockIndex
         block.nBits          = nBits;
         block.nNonce         = nNonce;
         block.proof          = proof;
+        block.m_dynafed_params  = dynafed_params;
+        block.m_signblock_witness = m_signblock_witness;
         return block;
     }
 
@@ -423,13 +432,35 @@ class CDiskBlockIndex : public CBlockIndex
             READWRITE(VARINT(nUndoPos));
 
         // block header
-        READWRITE(this->nVersion);
+
+        // Detect dynamic federation block serialization using "HF bit",
+        // or the signed bit which is invalid in Bitcoin
+        bool is_dyna = false;
+        int32_t nVersion;
+        if (ser_action.ForRead()) {
+            READWRITE(nVersion);
+            is_dyna = nVersion < 0;
+            this->nVersion = ~CBlockHeader::DYNAFED_HF_MASK & nVersion;
+        } else {
+            nVersion = this->nVersion;
+            if (!dynafed_params.IsNull()) {
+                nVersion |= CBlockHeader::DYNAFED_HF_MASK;
+                is_dyna = true;
+            }
+            READWRITE(nVersion);
+        }
+
         READWRITE(hashPrev);
         READWRITE(hashMerkleRoot);
         READWRITE(nTime);
         // For compatibility with elements 0.14 based chains
         if (g_signed_blocks) {
-            READWRITE(proof);
+            if (is_dyna) {
+                READWRITE(dynafed_params);
+                READWRITE(m_signblock_witness.stack);
+            } else {
+                READWRITE(proof);
+            }
         } else {
             READWRITE(nBits);
             READWRITE(nNonce);
@@ -449,6 +480,7 @@ class CDiskBlockIndex : public CBlockIndex
         block.nBits           = nBits;
         block.nNonce          = nNonce;
         block.proof           = proof;
+        block.m_dynafed_params   = dynafed_params;
         return block.GetHash();
     }
 

src/chainparams.cpp

@@ -134,6 +134,7 @@ class CMainParams : public CChainParams {
         g_signed_blocks = false;
         g_con_elementsmode = false;
         g_con_blockheightinheader = false;
+        consensus.total_valid_epochs = 0;
 
         /**
          * The message start string is designed to be unlikely to occur in normal data.
@@ -263,6 +264,7 @@ class CTestNetParams : public CChainParams {
         g_signed_blocks = false;
         g_con_elementsmode = false;
         g_con_blockheightinheader = false;
+        consensus.total_valid_epochs = 0;
 
         pchMessageStart[0] = 0x0b;
         pchMessageStart[1] = 0x11;
@@ -366,6 +368,7 @@ class CRegTestParams : public CChainParams {
         g_signed_blocks = false;
         g_con_elementsmode = false;
         g_con_blockheightinheader = false;
+        consensus.total_valid_epochs = 0;
 
         pchMessageStart[0] = 0xfa;
         pchMessageStart[1] = 0xbf;
@@ -482,6 +485,11 @@ class CCustomParams : public CRegTestParams {
 
         consensus.nMinimumChainWork = uint256S(args.GetArg("-con_nminimumchainwork", "0x0"));
         consensus.defaultAssumeValid = uint256S(args.GetArg("-con_defaultassumevalid", "0x00"));
+        // TODO: Embed in genesis block in nTime field with new genesis block type
+        consensus.dynamic_epoch_length = args.GetArg("-dynamic_epoch_length", 10);
+        // TODO: pass in serialized vector of byte vectors, parse into extension space
+        // Junk keys for testing
+        consensus.first_extension_space = {ParseHex("02fcba7ecf41bc7e1be4ee122d9d22e3333671eb0a3a87b5cdf099d59874e1940f02fcba7ecf41bc7e1be4ee122d9d22e3333671eb0a3a87b5cdf099d59874e1940f")};
 
         nPruneAfterHeight = (uint64_t)args.GetArg("-npruneafterheight", nPruneAfterHeight);
         fDefaultConsistencyChecks = args.GetBoolArg("-fdefaultconsistencychecks", fDefaultConsistencyChecks);
@@ -558,7 +566,7 @@ class CCustomParams : public CRegTestParams {
         enforce_pak = args.GetBoolArg("-enforce_pak", false);
 
         // Allow multiple op_return outputs by relay policy
-        multi_data_permitted = args.GetBoolArg("-multi_data_permitted", true);
+        multi_data_permitted = args.GetBoolArg("-multi_data_permitted", enforce_pak);
 
         // bitcoin regtest is the parent chain by default
         parentGenesisBlockHash = uint256S(args.GetArg("-parentgenesisblockhash", "0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"));
@@ -577,6 +585,8 @@ class CCustomParams : public CRegTestParams {
         uint256 entropy;
         GenerateAssetEntropy(entropy,  COutPoint(uint256(commit), 0), parentGenesisBlockHash);
 
+        consensus.total_valid_epochs = args.GetArg("-total_valid_epochs", 2);
+
         // Elements serialization uses derivation, bitcoin serialization uses 0x00
         if (g_con_elementsmode) {
             CalculateAsset(consensus.pegged_asset, entropy);
@@ -600,6 +610,10 @@ class CCustomParams : public CRegTestParams {
         consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nStartTime = args.GetArg("-con_csv_deploy_start", Consensus::BIP9Deployment::ALWAYS_ACTIVE);
         consensus.vDeployments[Consensus::DEPLOYMENT_CSV].nTimeout = Consensus::BIP9Deployment::NO_TIMEOUT;
 
+        consensus.vDeployments[Consensus::DEPLOYMENT_DYNA_FED].bit = 25;
+        consensus.vDeployments[Consensus::DEPLOYMENT_DYNA_FED].nStartTime = args.GetArg("-con_dyna_deploy_start", Consensus::BIP9Deployment::ALWAYS_ACTIVE);
+        consensus.vDeployments[Consensus::DEPLOYMENT_DYNA_FED].nTimeout = Consensus::BIP9Deployment::NO_TIMEOUT;
+
     }
 
     void SetGenesisBlock() {
@@ -613,6 +627,11 @@ class CCustomParams : public CRegTestParams {
             if (initialFreeCoins != 0 || initial_reissuance_tokens != 0) {
                 AppendInitialIssuance(genesis, COutPoint(uint256(commit), 0), parentGenesisBlockHash, (initialFreeCoins > 0) ? 1 : 0, initialFreeCoins, (initial_reissuance_tokens > 0) ? 1 : 0, initial_reissuance_tokens, CScript() << OP_TRUE);
             }
+        } else if (consensus.genesis_style == "dynamic") {
+            // Liquid v2 HF, from genesis. Upgrading networks still use "elements".
+            // TODO fill out genesis block with special commitments including epoch
+            // length in nTime
+            throw std::runtime_error(strprintf("Invalid -genesis_style (%s)", consensus.genesis_style));
         } else {
             throw std::runtime_error(strprintf("Invalid -genesis_style (%s)", consensus.genesis_style));
         }

src/chainparamsbase.cpp

@@ -42,11 +42,13 @@ void SetupChainParamsBaseOptions()
     gArgs.AddArg("-con_parentpowlimit", "The proof-of-work limit value for the parent chain.", false, OptionsCategory::CHAINPARAMS);
     gArgs.AddArg("-con_parent_chain_signblockscript", "Whether parent chain uses pow or signed blocks. If the parent chain uses signed blocks, the challenge (scriptPubKey) script. If not, an empty string. (default: empty script [ie parent uses pow])", false, OptionsCategory::CHAINPARAMS);
 
-    gArgs.AddArg("-fedpegscript", "The script for the federated peg.", false, OptionsCategory::CHAINPARAMS);
-    gArgs.AddArg("-enforce_pak", "Causes standardness checks to enforce Pegout Authorization Key(PAK) validation, and miner to include PAK commitments when configured. Can not be set when acceptnonstdtx is set to true.", false, OptionsCategory::ELEMENTS);
-    gArgs.AddArg("-multi_data_permitted", "Allow relay of multiple OP_RETURN outputs. (default: true)", false, OptionsCategory::ELEMENTS);
-    gArgs.AddArg("-pak", "Entries in the PAK list. Order of entries matter.", false, OptionsCategory::ELEMENTS);
+    gArgs.AddArg("-fedpegscript", "The script for the federated peg enforce from genesis block. This script may stop being enforced once dynamic federations activates.", false, OptionsCategory::CHAINPARAMS);
+    gArgs.AddArg("-enforce_pak", "Causes standardness checks to enforce Pegout Authorization Key(PAK) validation before dynamic federations, and consensus enforcement after.", false, OptionsCategory::ELEMENTS);
+    gArgs.AddArg("-multi_data_permitted", "Allow relay of multiple OP_RETURN outputs. (default: -enforce_pak)", false, OptionsCategory::ELEMENTS);
     gArgs.AddArg("-con_csv_deploy_start", "Starting height for CSV deployment. (default: -1, which means ACTIVE from genesis)", false, OptionsCategory::ELEMENTS);
+    gArgs.AddArg("-con_dyna_deploy_start", "Starting height for Dynamic Federations deployment. Once active, signblockscript becomes a BIP141 WSH scriptPubKey of the original signblockscript. All other dynamic parameters stay constant.(default: -1, which means ACTIVE from genesis)", false, OptionsCategory::ELEMENTS);
+    gArgs.AddArg("-dynamic_epoch_length", "Per-chain parameter that sets how many blocks dynamic federation voting and enforcement are in effect for.", false, OptionsCategory::ELEMENTS);
+    gArgs.AddArg("-total_valid_epochs", "Per-chain parameter that sets how long a particular fedpegscript is in effect for.", false, OptionsCategory::ELEMENTS);
     // END ELEMENTS
     //
 }

src/consensus/params.h

@@ -22,6 +22,7 @@ enum DeploymentPos
     DEPLOYMENT_TESTDUMMY,
     DEPLOYMENT_CSV, // Deployment of BIP68, BIP112, and BIP113.
     DEPLOYMENT_SEGWIT, // Deployment of BIP141, BIP143, and BIP147.
+    DEPLOYMENT_DYNA_FED, // Deployment of dynamic federation
     // NOTE: Also add new deployments to VersionBitsDeploymentInfo in versionbits.cpp
     MAX_VERSION_BITS_DEPLOYMENTS
 };
@@ -99,6 +100,13 @@ struct Params {
     CScript signblockscript;
     uint32_t max_block_signature_size;
     // g_signed_blocks - Whether blocks are signed or not, get around circular dep
+    // Set positive to avoid division by 0
+    // for non-dynafed chains and unit tests
+    uint32_t dynamic_epoch_length = std::numeric_limits<uint32_t>::max();
+    // Used to seed the extension space for first dynamic blocks
+    std::vector<std::vector<unsigned char>> first_extension_space;
+    // Used to allow M-epoch-old peg-in addresses as deposits
+    size_t total_valid_epochs;
 };
 } // namespace Consensus
 

src/consensus/tx_verify.cpp

@@ -157,24 +157,28 @@ int64_t GetTransactionSigOpCost(const CTransaction& tx, const CCoinsViewCache& i
         nSigOps += GetP2SHSigOpCount(tx, inputs) * WITNESS_SCALE_FACTOR;
     }
 
+    // Note that we only count segwit sigops for peg-in inputs
     for (unsigned int i = 0; i < tx.vin.size(); i++)
     {
-        CTxOut prevout;
+        CScript scriptPubKey;
         if (tx.vin[i].m_is_pegin) {
             std::string err;
-            // Make sure witness exists and is properly formatted
-            if (tx.witness.vtxinwit.size() != tx.vin.size() || !IsValidPeginWitness(tx.witness.vtxinwit[i].m_pegin_witness, tx.vin[i].prevout, err, false)) {
+            // Make sure witness exists and has enough peg-in witness fields for
+            // the claim_script
+            if (tx.witness.vtxinwit.size() != tx.vin.size() ||
+                    tx.witness.vtxinwit[i].m_pegin_witness.stack.size() < 4) {
                 continue;
             }
-            prevout = GetPeginOutputFromWitness(tx.witness.vtxinwit[i].m_pegin_witness);
+            const auto pegin_witness = tx.witness.vtxinwit[i].m_pegin_witness;
+            scriptPubKey = CScript(pegin_witness.stack[3].begin(), pegin_witness.stack[3].end());
         } else {
             const Coin& coin = inputs.AccessCoin(tx.vin[i].prevout);
             assert(!coin.IsSpent());
-            prevout = coin.out;
+            scriptPubKey = coin.out.scriptPubKey;
         }
 
         const CScriptWitness* pScriptWitness = tx.witness.vtxinwit.size() > i ? &tx.witness.vtxinwit[i].scriptWitness : NULL;
-        nSigOps += CountWitnessSigOps(tx.vin[i].scriptSig, prevout.scriptPubKey, pScriptWitness, flags);
+        nSigOps += CountWitnessSigOps(tx.vin[i].scriptSig, scriptPubKey, pScriptWitness, flags);
     }
     return nSigOps;
 }
@@ -239,7 +243,7 @@ bool CheckTransaction(const CTransaction& tx, CValidationState &state, bool fChe
 }
 
 namespace Consensus {
-bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoinsViewCache& inputs, int nSpendHeight, CAmountMap& fee_map, std::set<std::pair<uint256, COutPoint>>& setPeginsSpent, std::vector<CCheck*> *pvChecks, const bool cacheStore, bool fScriptChecks)
+bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoinsViewCache& inputs, int nSpendHeight, CAmountMap& fee_map, std::set<std::pair<uint256, COutPoint>>& setPeginsSpent, std::vector<CCheck*> *pvChecks, const bool cacheStore, bool fScriptChecks, const std::vector<std::pair<CScript, CScript>>& fedpegscripts)
 {
     // are the actual inputs available?
     if (!inputs.HaveInputs(tx)) {
@@ -254,7 +258,7 @@ bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoins
         if (tx.vin[i].m_is_pegin) {
             // Check existence and validity of pegin witness
             std::string err;
-            if (tx.witness.vtxinwit.size() <= i || !IsValidPeginWitness(tx.witness.vtxinwit[i].m_pegin_witness, prevout, err, true)) {
+            if (tx.witness.vtxinwit.size() <= i || !IsValidPeginWitness(tx.witness.vtxinwit[i].m_pegin_witness, fedpegscripts, prevout, err, true)) {
                 return state.DoS(0, false, REJECT_PEGIN, "bad-pegin-witness", false, err);
             }
             std::pair<uint256, COutPoint> pegin = std::make_pair(uint256(tx.witness.vtxinwit[i].m_pegin_witness.stack[2]), prevout);

src/consensus/tx_verify.h

@@ -31,7 +31,7 @@ namespace Consensus {
  * @param[out] fee_map Set to the transaction fee if successful.
  * Preconditions: tx.IsCoinBase() is false.
  */
-bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoinsViewCache& inputs, int nSpendHeight, CAmountMap& fee_map, std::set<std::pair<uint256, COutPoint>>& setPeginsSpent, std::vector<CCheck*> *pvChecks, const bool cacheStore, bool fScriptChecks);
+bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoinsViewCache& inputs, int nSpendHeight, CAmountMap& fee_map, std::set<std::pair<uint256, COutPoint>>& setPeginsSpent, std::vector<CCheck*> *pvChecks, const bool cacheStore, bool fScriptChecks, const std::vector<std::pair<CScript, CScript>>& fedpegscripts);
 } // namespace Consensus
 
 /** Auxiliary functions for transaction validation (ideally should not be exposed) */