str4d/1408-sighash-changes.diff

## 1408-sighash-changes.diff
diff --git a/src/gtest/test_checktransaction.cpp b/src/gtest/test_checktransaction.cpp
index 11607b2..f9caccc 100644
--- a/src/gtest/test_checktransaction.cpp
+++ b/src/gtest/test_checktransaction.cpp
@@ -354,23 +354,27 @@ TEST(checktransaction_tests, bad_txns_prevout_null) {
 }

 TEST(checktransaction_tests, bad_txns_invalid_joinsplit_signature) {
+    SelectParams(CBaseChainParams::REGTEST);
+
     CMutableTransaction mtx = GetValidTransaction();
     mtx.joinSplitSig[0] += 1;
     CTransaction tx(mtx);

     MockCValidationState state;
     EXPECT_CALL(state, DoS(100, false, REJECT_INVALID, "bad-txns-invalid-joinsplit-signature", false)).Times(1);
-    CheckTransactionWithoutProofVerification(tx, state);
+    ContextualCheckTransaction(tx, state, 0, 100);
 }

 TEST(checktransaction_tests, non_canonical_ed25519_signature) {
+    SelectParams(CBaseChainParams::REGTEST);
+
     CMutableTransaction mtx = GetValidTransaction();

     // Check that the signature is valid before we add L
     {
         CTransaction tx(mtx);
         MockCValidationState state;
-        EXPECT_TRUE(CheckTransactionWithoutProofVerification(tx, state));
+        EXPECT_TRUE(ContextualCheckTransaction(tx, state, 0, 100));
     }

     // Copied from libsodium/crypto_sign/ed25519/ref10/open.c
@@ -391,7 +395,7 @@ TEST(checktransaction_tests, non_canonical_ed25519_signature) {

     MockCValidationState state;
     EXPECT_CALL(state, DoS(100, false, REJECT_INVALID, "bad-txns-invalid-joinsplit-signature", false)).Times(1);
-    CheckTransactionWithoutProofVerification(tx, state);
+    ContextualCheckTransaction(tx, state, 0, 100);
 }

 TEST(checktransaction_tests, OverwinterConstructors) {
diff --git a/src/main.cpp b/src/main.cpp
index 170fb99..be97d46 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1797,7 +1797,8 @@ bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoins
 }// namespace Consensus

 bool ContextualCheckInputs(
-    const CTransaction& tx, CValidationState &state,
+    const CTransaction& tx,
+    CValidationState &state,
     const CCoinsViewCache &inputs,
     bool fScriptChecks,
     unsigned int flags,
@@ -2266,8 +2267,12 @@ bool ConnectBlock(const CBlock& block, CValidationState& state, CBlockIndex* pin
             if (nSigOps > MAX_BLOCK_SIGOPS)
                 return state.DoS(100, error("ConnectBlock(): too many sigops"),
                                  REJECT_INVALID, "bad-blk-sigops");
+        }
+
+        txdata.emplace_back(tx);

-            txdata.emplace_back(tx);
+        if (!tx.IsCoinBase())
+        {
             nFees += view.GetValueIn(tx)-tx.GetValueOut();

             std::vector<CScriptCheck> vChecks;
diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp
index 56dc250..6615347 100644
--- a/src/script/interpreter.cpp
+++ b/src/script/interpreter.cpp
@@ -233,7 +233,13 @@ bool static CheckMinimalPush(const valtype& data, opcodetype opcode) {
     return true;
 }

-bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror)
+bool EvalScript(
+    vector<vector<unsigned char> >& stack,
+    const CScript& script,
+    unsigned int flags,
+    const BaseSignatureChecker& checker,
+    uint32_t consensusBranchId,
+    ScriptError* serror)
 {
     static const CScriptNum bnZero(0);
     static const CScriptNum bnOne(1);
@@ -1108,11 +1114,18 @@ SigVersion SignatureHashVersion(const CTransaction& txTo)
     if (txTo.fOverwintered) {
         return SIGVERSION_OVERWINTER;
     } else {
-        return SIGVERSION_BASE;
+        return SIGVERSION_SPROUT;
     }
 }

-uint256 SignatureHash(const CScript& scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType, const CAmount& amount, uint32_t consensusBranchId, const PrecomputedTransactionData* cache)
+uint256 SignatureHash(
+    const CScript& scriptCode,
+    const CTransaction& txTo,
+    unsigned int nIn,
+    int nHashType,
+    const CAmount& amount,
+    uint32_t consensusBranchId,
+    const PrecomputedTransactionData* cache)
 {
     if (nIn >= txTo.vin.size() && nIn != NOT_AN_INPUT) {
         //  nIn out of range
@@ -1203,12 +1216,17 @@ uint256 SignatureHash(const CScript& scriptCode, const CTransaction& txTo, unsig
     return ss.GetHash();
 }

-bool TransactionSignatureChecker::VerifySignature(const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
+bool TransactionSignatureChecker::VerifySignature(
+    const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
 {
     return pubkey.Verify(sighash, vchSig);
 }

-bool TransactionSignatureChecker::CheckSig(const vector<unsigned char>& vchSigIn, const vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
+bool TransactionSignatureChecker::CheckSig(
+    const vector<unsigned char>& vchSigIn,
+    const vector<unsigned char>& vchPubKey,
+    const CScript& scriptCode,
+    uint32_t consensusBranchId) const
 {
     CPubKey pubkey(vchPubKey);
     if (!pubkey.IsValid())
@@ -1271,7 +1289,13 @@ bool TransactionSignatureChecker::CheckLockTime(const CScriptNum& nLockTime) con
 }


-bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror)
+bool VerifyScript(
+    const CScript& scriptSig,
+    const CScript& scriptPubKey,
+    unsigned int flags,
+    const BaseSignatureChecker& checker,
+    uint32_t consensusBranchId,
+    ScriptError* serror)
 {
     set_error(serror, SCRIPT_ERR_UNKNOWN_ERROR);

diff --git a/src/script/interpreter.h b/src/script/interpreter.h
index aab799a..7f2956e 100644
--- a/src/script/interpreter.h
+++ b/src/script/interpreter.h
@@ -97,16 +97,27 @@ struct PrecomputedTransactionData

 enum SigVersion
 {
-    SIGVERSION_BASE = 0,
+    SIGVERSION_SPROUT = 0,
     SIGVERSION_OVERWINTER = 1,
 };

-uint256 SignatureHash(const CScript &scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType, const CAmount& amount, uint32_t consensusBranchId, const PrecomputedTransactionData* cache = NULL);
+uint256 SignatureHash(
+    const CScript &scriptCode,
+    const CTransaction& txTo,
+    unsigned int nIn,
+    int nHashType,
+    const CAmount& amount,
+    uint32_t consensusBranchId,
+    const PrecomputedTransactionData* cache = NULL);

 class BaseSignatureChecker
 {
 public:
-    virtual bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
+    virtual bool CheckSig(
+        const std::vector<unsigned char>& scriptSig,
+        const std::vector<unsigned char>& vchPubKey,
+        const CScript& scriptCode,
+        uint32_t consensusBranchId) const
     {
         return false;
     }
@@ -146,7 +157,19 @@ public:
     MutableTransactionSignatureChecker(const CMutableTransaction* txToIn, unsigned int nInIn, const CAmount& amount) : TransactionSignatureChecker(&txTo, nInIn, amount), txTo(*txToIn) {}
 };

-bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* error = NULL);
-bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror = NULL);
+bool EvalScript(
+    std::vector<std::vector<unsigned char> >& stack,
+    const CScript& script,
+    unsigned int flags,
+    const BaseSignatureChecker& checker,
+    uint32_t consensusBranchId,
+    ScriptError* error = NULL);
+bool VerifyScript(
+    const CScript& scriptSig,
+    const CScript& scriptPubKey,
+    unsigned int flags,
+    const BaseSignatureChecker& checker,
+    uint32_t consensusBranchId,
+    ScriptError* serror = NULL);

 #endif // BITCOIN_SCRIPT_INTERPRETER_H
diff --git a/src/script/sign.cpp b/src/script/sign.cpp
index 0fe89ec..1aade84 100644
--- a/src/script/sign.cpp
+++ b/src/script/sign.cpp
@@ -168,7 +168,14 @@ void UpdateTransaction(CMutableTransaction& tx, unsigned int nIn, const Signatur
     tx.vin[nIn].scriptSig = data.scriptSig;
 }

-bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, uint32_t consensusBranchId)
+bool SignSignature(
+    const CKeyStore &keystore,
+    const CScript& fromPubKey,
+    CMutableTransaction& txTo,
+    unsigned int nIn,
+    const CAmount& amount,
+    int nHashType,
+    uint32_t consensusBranchId)
 {
     assert(nIn < txTo.vin.size());

@@ -181,7 +188,13 @@ bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutabl
     return ret;
 }

-bool SignSignature(const CKeyStore &keystore, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, uint32_t consensusBranchId)
+bool SignSignature(
+    const CKeyStore &keystore,
+    const CTransaction& txFrom,
+    CMutableTransaction& txTo,
+    unsigned int nIn,
+    int nHashType,
+    uint32_t consensusBranchId)
 {
     assert(nIn < txTo.vin.size());
     CTxIn& txin = txTo.vin[nIn];
@@ -319,7 +332,11 @@ SignatureData CombineSignatures(const CScript& scriptPubKey, const BaseSignature
     vector<vector<unsigned char> > vSolutions;
     Solver(scriptPubKey, txType, vSolutions);

-    return CombineSignatures(scriptPubKey, checker, txType, vSolutions, Stacks(scriptSig1, consensusBranchId), Stacks(scriptSig2, consensusBranchId), consensusBranchId).Output();
+    return CombineSignatures(
+        scriptPubKey, checker, txType, vSolutions,
+        Stacks(scriptSig1, consensusBranchId),
+        Stacks(scriptSig2, consensusBranchId),
+        consensusBranchId).Output();
 }

 namespace {
@@ -329,7 +346,11 @@ class DummySignatureChecker : public BaseSignatureChecker
 public:
     DummySignatureChecker() {}

-    bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
+    bool CheckSig(
+        const std::vector<unsigned char>& scriptSig,
+        const std::vector<unsigned char>& vchPubKey,
+        const CScript& scriptCode,
+        uint32_t consensusBranchId) const
     {
         return true;
     }
@@ -342,7 +363,11 @@ const BaseSignatureChecker& DummySignatureCreator::Checker() const
     return dummyChecker;
 }

-bool DummySignatureCreator::CreateSig(std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, uint32_t consensusBranchId) const
+bool DummySignatureCreator::CreateSig(
+    std::vector<unsigned char>& vchSig,
+    const CKeyID& keyid,
+    const CScript& scriptCode,
+    uint32_t consensusBranchId) const
 {
     // Create a dummy signature that is a valid DER-encoding
     vchSig.assign(72, '\000');
diff --git a/src/script/sign.h b/src/script/sign.h
index 1e9bde1..edd913d 100644
--- a/src/script/sign.h
+++ b/src/script/sign.h
@@ -70,11 +70,29 @@ struct SignatureData {
 bool ProduceSignature(const BaseSignatureCreator& creator, const CScript& scriptPubKey, SignatureData& sigdata, uint32_t consensusBranchId);

 /** Produce a script signature for a transaction. */
-bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, uint32_t consensusBranchId);
-bool SignSignature(const CKeyStore& keystore, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, uint32_t consensusBranchId);
+bool SignSignature(
+    const CKeyStore &keystore,
+    const CScript& fromPubKey,
+    CMutableTransaction& txTo,
+    unsigned int nIn,
+    const CAmount& amount,
+    int nHashType,
+    uint32_t consensusBranchId);
+bool SignSignature(
+    const CKeyStore& keystore,
+    const CTransaction& txFrom,
+    CMutableTransaction& txTo,
+    unsigned int nIn,
+    int nHashType,
+    uint32_t consensusBranchId);

 /** Combine two script signatures using a generic signature checker, intelligently, possibly with OP_0 placeholders. */
-SignatureData CombineSignatures(const CScript& scriptPubKey, const BaseSignatureChecker& checker, const SignatureData& scriptSig1, const SignatureData& scriptSig2, uint32_t consensusBranchId);
+SignatureData CombineSignatures(
+    const CScript& scriptPubKey,
+    const BaseSignatureChecker& checker,
+    const SignatureData& scriptSig1,
+    const SignatureData& scriptSig2,
+    uint32_t consensusBranchId);

 /** Extract signature data from a transaction, and insert it. */
 SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn);
diff --git a/src/script/zcashconsensus.cpp b/src/script/zcashconsensus.cpp
index ec494d9..dbec305 100644
--- a/src/script/zcashconsensus.cpp
+++ b/src/script/zcashconsensus.cpp
@@ -88,7 +88,13 @@ int zcashconsensus_verify_script(const unsigned char *scriptPubKey, unsigned int
         PrecomputedTransactionData txdata(tx);
         CAmount am(0);
         uint32_t consensusBranchId = SPROUT_BRANCH_ID;
-        return VerifyScript(tx.vin[nIn].scriptSig, CScript(scriptPubKey, scriptPubKey + scriptPubKeyLen), flags, TransactionSignatureChecker(&tx, nIn, am, txdata), consensusBranchId, NULL);
+        return VerifyScript(
+            tx.vin[nIn].scriptSig,
+            CScript(scriptPubKey, scriptPubKey + scriptPubKeyLen),
+            flags,
+            TransactionSignatureChecker(&tx, nIn, am, txdata),
+            consensusBranchId,
+            NULL);
     } catch (const std::exception&) {
         return set_error(err, zcashconsensus_ERR_TX_DESERIALIZE); // Error deserializing
     }
diff --git a/src/test/data/bitcoin-util-test.json b/src/test/data/bitcoin-util-test.json
index c23befe..3e98741 100644
--- a/src/test/data/bitcoin-util-test.json
+++ b/src/test/data/bitcoin-util-test.json
@@ -53,7 +53,7 @@
      "in=4d49a71ec9da436f71ec4ee231d04f292a29cd316f598bb7068feccabdc59485:0",
      "set=privatekeys:[\"5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf\"]",
      "set=prevtxs:[{\"txid\":\"4d49a71ec9da436f71ec4ee231d04f292a29cd316f598bb7068feccabdc59485\",\"vout\":0,\"scriptPubKey\":\"76a91491b24bf9f5288532960ac687abb035127b1d28a588ac\"}]",
-     "sign=ALL",
+     "sign=1:ALL",
      "outaddr=0.001:t1Ruz6gK4QPZoPPGpHaieupnnh62mktjQE7"],
     "output_cmp": "txcreatesign.hex"
   }
diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp
index 709f097..80173a2 100644
--- a/src/test/transaction_tests.cpp
+++ b/src/test/transaction_tests.cpp
@@ -429,7 +429,7 @@ BOOST_AUTO_TEST_CASE(test_simple_joinsplit_invalidity)
         jsdesc->nullifiers[1] = GetRandHash();

         BOOST_CHECK(CheckTransactionWithoutProofVerification(newTx, state));
-        BOOST_CHECK(!ContextualCheckTransaction(newTx, state, 1, 100));
+        BOOST_CHECK(!ContextualCheckTransaction(newTx, state, 0, 100));
         BOOST_CHECK(state.GetRejectReason() == "bad-txns-invalid-joinsplit-signature");

         // Empty output script.
@@ -443,7 +443,7 @@ BOOST_AUTO_TEST_CASE(test_simple_joinsplit_invalidity)
                                     ) == 0);

         BOOST_CHECK(CheckTransactionWithoutProofVerification(newTx, state));
-        BOOST_CHECK(ContextualCheckTransaction(newTx, state, 1, 100));
+        BOOST_CHECK(ContextualCheckTransaction(newTx, state, 0, 100));
     }
     {
         // Ensure that values within the joinsplit are well-formed.
	diff --git a/src/gtest/test_checktransaction.cpp b/src/gtest/test_checktransaction.cpp
	index 11607b2..f9caccc 100644
	--- a/src/gtest/test_checktransaction.cpp
	+++ b/src/gtest/test_checktransaction.cpp
	@@ -354,23 +354,27 @@ TEST(checktransaction_tests, bad_txns_prevout_null) {
	}

	TEST(checktransaction_tests, bad_txns_invalid_joinsplit_signature) {
	+ SelectParams(CBaseChainParams::REGTEST);
	+
	CMutableTransaction mtx = GetValidTransaction();
	mtx.joinSplitSig[0] += 1;
	CTransaction tx(mtx);

	MockCValidationState state;
	EXPECT_CALL(state, DoS(100, false, REJECT_INVALID, "bad-txns-invalid-joinsplit-signature", false)).Times(1);
	- CheckTransactionWithoutProofVerification(tx, state);
	+ ContextualCheckTransaction(tx, state, 0, 100);
	}

	TEST(checktransaction_tests, non_canonical_ed25519_signature) {
	+ SelectParams(CBaseChainParams::REGTEST);
	+
	CMutableTransaction mtx = GetValidTransaction();

	// Check that the signature is valid before we add L
	{
	CTransaction tx(mtx);
	MockCValidationState state;
	- EXPECT_TRUE(CheckTransactionWithoutProofVerification(tx, state));
	+ EXPECT_TRUE(ContextualCheckTransaction(tx, state, 0, 100));
	}

	// Copied from libsodium/crypto_sign/ed25519/ref10/open.c
	@@ -391,7 +395,7 @@ TEST(checktransaction_tests, non_canonical_ed25519_signature) {

	MockCValidationState state;
	EXPECT_CALL(state, DoS(100, false, REJECT_INVALID, "bad-txns-invalid-joinsplit-signature", false)).Times(1);
	- CheckTransactionWithoutProofVerification(tx, state);
	+ ContextualCheckTransaction(tx, state, 0, 100);
	}

	TEST(checktransaction_tests, OverwinterConstructors) {
	diff --git a/src/main.cpp b/src/main.cpp
	index 170fb99..be97d46 100644
	--- a/src/main.cpp
	+++ b/src/main.cpp
	@@ -1797,7 +1797,8 @@ bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoins
	}// namespace Consensus

	bool ContextualCheckInputs(
	- const CTransaction& tx, CValidationState &state,
	+ const CTransaction& tx,
	+ CValidationState &state,
	const CCoinsViewCache &inputs,
	bool fScriptChecks,
	unsigned int flags,
	@@ -2266,8 +2267,12 @@ bool ConnectBlock(const CBlock& block, CValidationState& state, CBlockIndex* pin
	if (nSigOps > MAX_BLOCK_SIGOPS)
	return state.DoS(100, error("ConnectBlock(): too many sigops"),
	REJECT_INVALID, "bad-blk-sigops");
	+ }
	+
	+ txdata.emplace_back(tx);

	- txdata.emplace_back(tx);
	+ if (!tx.IsCoinBase())
	+ {
	nFees += view.GetValueIn(tx)-tx.GetValueOut();

	std::vector<CScriptCheck> vChecks;
	diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp
	index 56dc250..6615347 100644
	--- a/src/script/interpreter.cpp
	+++ b/src/script/interpreter.cpp
	@@ -233,7 +233,13 @@ bool static CheckMinimalPush(const valtype& data, opcodetype opcode) {
	return true;
	}

	-bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror)
	+bool EvalScript(
	+ vector<vector<unsigned char> >& stack,
	+ const CScript& script,
	+ unsigned int flags,
	+ const BaseSignatureChecker& checker,
	+ uint32_t consensusBranchId,
	+ ScriptError* serror)
	{
	static const CScriptNum bnZero(0);
	static const CScriptNum bnOne(1);
	@@ -1108,11 +1114,18 @@ SigVersion SignatureHashVersion(const CTransaction& txTo)
	if (txTo.fOverwintered) {
	return SIGVERSION_OVERWINTER;
	} else {
	- return SIGVERSION_BASE;
	+ return SIGVERSION_SPROUT;
	}
	}

	-uint256 SignatureHash(const CScript& scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType, const CAmount& amount, uint32_t consensusBranchId, const PrecomputedTransactionData* cache)
	+uint256 SignatureHash(
	+ const CScript& scriptCode,
	+ const CTransaction& txTo,
	+ unsigned int nIn,
	+ int nHashType,
	+ const CAmount& amount,
	+ uint32_t consensusBranchId,
	+ const PrecomputedTransactionData* cache)
	{
	if (nIn >= txTo.vin.size() && nIn != NOT_AN_INPUT) {
	// nIn out of range
	@@ -1203,12 +1216,17 @@ uint256 SignatureHash(const CScript& scriptCode, const CTransaction& txTo, unsig
	return ss.GetHash();
	}

	-bool TransactionSignatureChecker::VerifySignature(const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
	+bool TransactionSignatureChecker::VerifySignature(
	+ const std::vector<unsigned char>& vchSig, const CPubKey& pubkey, const uint256& sighash) const
	{
	return pubkey.Verify(sighash, vchSig);
	}

	-bool TransactionSignatureChecker::CheckSig(const vector<unsigned char>& vchSigIn, const vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
	+bool TransactionSignatureChecker::CheckSig(
	+ const vector<unsigned char>& vchSigIn,
	+ const vector<unsigned char>& vchPubKey,
	+ const CScript& scriptCode,
	+ uint32_t consensusBranchId) const
	{
	CPubKey pubkey(vchPubKey);
	if (!pubkey.IsValid())
	@@ -1271,7 +1289,13 @@ bool TransactionSignatureChecker::CheckLockTime(const CScriptNum& nLockTime) con
	}


	-bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror)
	+bool VerifyScript(
	+ const CScript& scriptSig,
	+ const CScript& scriptPubKey,
	+ unsigned int flags,
	+ const BaseSignatureChecker& checker,
	+ uint32_t consensusBranchId,
	+ ScriptError* serror)
	{
	set_error(serror, SCRIPT_ERR_UNKNOWN_ERROR);

	diff --git a/src/script/interpreter.h b/src/script/interpreter.h
	index aab799a..7f2956e 100644
	--- a/src/script/interpreter.h
	+++ b/src/script/interpreter.h
	@@ -97,16 +97,27 @@ struct PrecomputedTransactionData

	enum SigVersion
	{
	- SIGVERSION_BASE = 0,
	+ SIGVERSION_SPROUT = 0,
	SIGVERSION_OVERWINTER = 1,
	};

	-uint256 SignatureHash(const CScript &scriptCode, const CTransaction& txTo, unsigned int nIn, int nHashType, const CAmount& amount, uint32_t consensusBranchId, const PrecomputedTransactionData* cache = NULL);
	+uint256 SignatureHash(
	+ const CScript &scriptCode,
	+ const CTransaction& txTo,
	+ unsigned int nIn,
	+ int nHashType,
	+ const CAmount& amount,
	+ uint32_t consensusBranchId,
	+ const PrecomputedTransactionData* cache = NULL);

	class BaseSignatureChecker
	{
	public:
	- virtual bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
	+ virtual bool CheckSig(
	+ const std::vector<unsigned char>& scriptSig,
	+ const std::vector<unsigned char>& vchPubKey,
	+ const CScript& scriptCode,
	+ uint32_t consensusBranchId) const
	{
	return false;
	}
	@@ -146,7 +157,19 @@ public:
	MutableTransactionSignatureChecker(const CMutableTransaction* txToIn, unsigned int nInIn, const CAmount& amount) : TransactionSignatureChecker(&txTo, nInIn, amount), txTo(*txToIn) {}
	};

	-bool EvalScript(std::vector<std::vector<unsigned char> >& stack, const CScript& script, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* error = NULL);
	-bool VerifyScript(const CScript& scriptSig, const CScript& scriptPubKey, unsigned int flags, const BaseSignatureChecker& checker, uint32_t consensusBranchId, ScriptError* serror = NULL);
	+bool EvalScript(
	+ std::vector<std::vector<unsigned char> >& stack,
	+ const CScript& script,
	+ unsigned int flags,
	+ const BaseSignatureChecker& checker,
	+ uint32_t consensusBranchId,
	+ ScriptError* error = NULL);
	+bool VerifyScript(
	+ const CScript& scriptSig,
	+ const CScript& scriptPubKey,
	+ unsigned int flags,
	+ const BaseSignatureChecker& checker,
	+ uint32_t consensusBranchId,
	+ ScriptError* serror = NULL);

	#endif // BITCOIN_SCRIPT_INTERPRETER_H
	diff --git a/src/script/sign.cpp b/src/script/sign.cpp
	index 0fe89ec..1aade84 100644
	--- a/src/script/sign.cpp
	+++ b/src/script/sign.cpp
	@@ -168,7 +168,14 @@ void UpdateTransaction(CMutableTransaction& tx, unsigned int nIn, const Signatur
	tx.vin[nIn].scriptSig = data.scriptSig;
	}

	-bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, uint32_t consensusBranchId)
	+bool SignSignature(
	+ const CKeyStore &keystore,
	+ const CScript& fromPubKey,
	+ CMutableTransaction& txTo,
	+ unsigned int nIn,
	+ const CAmount& amount,
	+ int nHashType,
	+ uint32_t consensusBranchId)
	{
	assert(nIn < txTo.vin.size());

	@@ -181,7 +188,13 @@ bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutabl
	return ret;
	}

	-bool SignSignature(const CKeyStore &keystore, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, uint32_t consensusBranchId)
	+bool SignSignature(
	+ const CKeyStore &keystore,
	+ const CTransaction& txFrom,
	+ CMutableTransaction& txTo,
	+ unsigned int nIn,
	+ int nHashType,
	+ uint32_t consensusBranchId)
	{
	assert(nIn < txTo.vin.size());
	CTxIn& txin = txTo.vin[nIn];
	@@ -319,7 +332,11 @@ SignatureData CombineSignatures(const CScript& scriptPubKey, const BaseSignature
	vector<vector<unsigned char> > vSolutions;
	Solver(scriptPubKey, txType, vSolutions);

	- return CombineSignatures(scriptPubKey, checker, txType, vSolutions, Stacks(scriptSig1, consensusBranchId), Stacks(scriptSig2, consensusBranchId), consensusBranchId).Output();
	+ return CombineSignatures(
	+ scriptPubKey, checker, txType, vSolutions,
	+ Stacks(scriptSig1, consensusBranchId),
	+ Stacks(scriptSig2, consensusBranchId),
	+ consensusBranchId).Output();
	}

	namespace {
	@@ -329,7 +346,11 @@ class DummySignatureChecker : public BaseSignatureChecker
	public:
	DummySignatureChecker() {}

	- bool CheckSig(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, uint32_t consensusBranchId) const
	+ bool CheckSig(
	+ const std::vector<unsigned char>& scriptSig,
	+ const std::vector<unsigned char>& vchPubKey,
	+ const CScript& scriptCode,
	+ uint32_t consensusBranchId) const
	{
	return true;
	}
	@@ -342,7 +363,11 @@ const BaseSignatureChecker& DummySignatureCreator::Checker() const
	return dummyChecker;
	}

	-bool DummySignatureCreator::CreateSig(std::vector<unsigned char>& vchSig, const CKeyID& keyid, const CScript& scriptCode, uint32_t consensusBranchId) const
	+bool DummySignatureCreator::CreateSig(
	+ std::vector<unsigned char>& vchSig,
	+ const CKeyID& keyid,
	+ const CScript& scriptCode,
	+ uint32_t consensusBranchId) const
	{
	// Create a dummy signature that is a valid DER-encoding
	vchSig.assign(72, '\000');
	diff --git a/src/script/sign.h b/src/script/sign.h
	index 1e9bde1..edd913d 100644
	--- a/src/script/sign.h
	+++ b/src/script/sign.h
	@@ -70,11 +70,29 @@ struct SignatureData {
	bool ProduceSignature(const BaseSignatureCreator& creator, const CScript& scriptPubKey, SignatureData& sigdata, uint32_t consensusBranchId);

	/** Produce a script signature for a transaction. */
	-bool SignSignature(const CKeyStore &keystore, const CScript& fromPubKey, CMutableTransaction& txTo, unsigned int nIn, const CAmount& amount, int nHashType, uint32_t consensusBranchId);
	-bool SignSignature(const CKeyStore& keystore, const CTransaction& txFrom, CMutableTransaction& txTo, unsigned int nIn, int nHashType, uint32_t consensusBranchId);
	+bool SignSignature(
	+ const CKeyStore &keystore,
	+ const CScript& fromPubKey,
	+ CMutableTransaction& txTo,
	+ unsigned int nIn,
	+ const CAmount& amount,
	+ int nHashType,
	+ uint32_t consensusBranchId);
	+bool SignSignature(
	+ const CKeyStore& keystore,
	+ const CTransaction& txFrom,
	+ CMutableTransaction& txTo,
	+ unsigned int nIn,
	+ int nHashType,
	+ uint32_t consensusBranchId);

	/** Combine two script signatures using a generic signature checker, intelligently, possibly with OP_0 placeholders. */
	-SignatureData CombineSignatures(const CScript& scriptPubKey, const BaseSignatureChecker& checker, const SignatureData& scriptSig1, const SignatureData& scriptSig2, uint32_t consensusBranchId);
	+SignatureData CombineSignatures(
	+ const CScript& scriptPubKey,
	+ const BaseSignatureChecker& checker,
	+ const SignatureData& scriptSig1,
	+ const SignatureData& scriptSig2,
	+ uint32_t consensusBranchId);

	/** Extract signature data from a transaction, and insert it. */
	SignatureData DataFromTransaction(const CMutableTransaction& tx, unsigned int nIn);
	diff --git a/src/script/zcashconsensus.cpp b/src/script/zcashconsensus.cpp
	index ec494d9..dbec305 100644
	--- a/src/script/zcashconsensus.cpp
	+++ b/src/script/zcashconsensus.cpp
	@@ -88,7 +88,13 @@ int zcashconsensus_verify_script(const unsigned char *scriptPubKey, unsigned int
	PrecomputedTransactionData txdata(tx);
	CAmount am(0);
	uint32_t consensusBranchId = SPROUT_BRANCH_ID;
	- return VerifyScript(tx.vin[nIn].scriptSig, CScript(scriptPubKey, scriptPubKey + scriptPubKeyLen), flags, TransactionSignatureChecker(&tx, nIn, am, txdata), consensusBranchId, NULL);
	+ return VerifyScript(
	+ tx.vin[nIn].scriptSig,
	+ CScript(scriptPubKey, scriptPubKey + scriptPubKeyLen),
	+ flags,
	+ TransactionSignatureChecker(&tx, nIn, am, txdata),
	+ consensusBranchId,
	+ NULL);
	} catch (const std::exception&) {
	return set_error(err, zcashconsensus_ERR_TX_DESERIALIZE); // Error deserializing
	}
	diff --git a/src/test/data/bitcoin-util-test.json b/src/test/data/bitcoin-util-test.json
	index c23befe..3e98741 100644
	--- a/src/test/data/bitcoin-util-test.json
	+++ b/src/test/data/bitcoin-util-test.json
	@@ -53,7 +53,7 @@
	"in=4d49a71ec9da436f71ec4ee231d04f292a29cd316f598bb7068feccabdc59485:0",
	"set=privatekeys:[\"5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf\"]",
	"set=prevtxs:[{\"txid\":\"4d49a71ec9da436f71ec4ee231d04f292a29cd316f598bb7068feccabdc59485\",\"vout\":0,\"scriptPubKey\":\"76a91491b24bf9f5288532960ac687abb035127b1d28a588ac\"}]",
	- "sign=ALL",
	+ "sign=1:ALL",
	"outaddr=0.001:t1Ruz6gK4QPZoPPGpHaieupnnh62mktjQE7"],
	"output_cmp": "txcreatesign.hex"
	}
	diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp
	index 709f097..80173a2 100644
	--- a/src/test/transaction_tests.cpp
	+++ b/src/test/transaction_tests.cpp
	@@ -429,7 +429,7 @@ BOOST_AUTO_TEST_CASE(test_simple_joinsplit_invalidity)
	jsdesc->nullifiers[1] = GetRandHash();

	BOOST_CHECK(CheckTransactionWithoutProofVerification(newTx, state));
	- BOOST_CHECK(!ContextualCheckTransaction(newTx, state, 1, 100));
	+ BOOST_CHECK(!ContextualCheckTransaction(newTx, state, 0, 100));
	BOOST_CHECK(state.GetRejectReason() == "bad-txns-invalid-joinsplit-signature");

	// Empty output script.
	@@ -443,7 +443,7 @@ BOOST_AUTO_TEST_CASE(test_simple_joinsplit_invalidity)
	) == 0);

	BOOST_CHECK(CheckTransactionWithoutProofVerification(newTx, state));
	- BOOST_CHECK(ContextualCheckTransaction(newTx, state, 1, 100));
	+ BOOST_CHECK(ContextualCheckTransaction(newTx, state, 0, 100));
	}
	{
	// Ensure that values within the joinsplit are well-formed.