From d96be02e5680cf3c4a590659abf235d2bd3ebb4c Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 17 Oct 2018 09:47:34 +0300
Subject: [PATCH] BCH Nov2018 HF: enforce verify_cleanstack

---
 script/src/flags.rs                    | 5 +++++
 script/src/interpreter.rs              | 1 -
 verification/src/accept_transaction.rs | 6 +++++-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/script/src/flags.rs b/script/src/flags.rs
index 068c0e1a..72b196c0 100644
--- a/script/src/flags.rs
+++ b/script/src/flags.rs
@@ -144,6 +144,11 @@ impl VerificationFlags {
 		self
 	}
 
+	pub fn verify_cleanstack(mut self, value: bool) -> Self {
+		self.verify_cleanstack = value;
+		self
+	}
+
 	pub fn verify_discourage_upgradable_witness_program(mut self, value: bool) -> Self {
 		self.verify_discourage_upgradable_witness_program = value;
 		self
diff --git a/script/src/interpreter.rs b/script/src/interpreter.rs
index 8ef14189..bea21450 100644
--- a/script/src/interpreter.rs
+++ b/script/src/interpreter.rs
@@ -346,7 +346,6 @@ pub fn verify_script(
         // Disallow CLEANSTACK without P2SH, as otherwise a switch CLEANSTACK->P2SH+CLEANSTACK
         // would be possible, which is not a softfork (and P2SH should be one).
 		assert!(flags.verify_p2sh);
-		assert!(flags.verify_witness);
 		if stack.len() != 1 {
 			return Err(Error::Cleanstack);
 		}
diff --git a/verification/src/accept_transaction.rs b/verification/src/accept_transaction.rs
index 67e739b3..e3c35287 100644
--- a/verification/src/accept_transaction.rs
+++ b/verification/src/accept_transaction.rs
@@ -309,6 +309,7 @@ pub struct TransactionEval<'a> {
 	verify_monolith_opcodes: bool,
 	verify_magnetic_anomaly_opcodes: bool,
 	verify_sigpushonly: bool,
+	verify_cleanstack: bool,
 	signature_version: SignatureVersion,
 }
 
@@ -347,6 +348,7 @@ impl<'a> TransactionEval<'a> {
 		let verify_witness = deployments.segwit();
 		let verify_nulldummy = verify_witness;
 		let verify_sigpushonly = verify_magnetic_anomaly_opcodes;
+		let verify_cleanstack = verify_magnetic_anomaly_opcodes;
 
 		TransactionEval {
 			transaction: transaction,
@@ -362,6 +364,7 @@ impl<'a> TransactionEval<'a> {
 			verify_monolith_opcodes: verify_monolith_opcodes,
 			verify_magnetic_anomaly_opcodes: verify_magnetic_anomaly_opcodes,
 			verify_sigpushonly: verify_sigpushonly,
+			verify_cleanstack: verify_cleanstack,
 			signature_version: signature_version,
 		}
 	}
@@ -413,7 +416,8 @@ impl<'a> TransactionEval<'a> {
 				.verify_bin2num(self.verify_monolith_opcodes)
 				.verify_num2bin(self.verify_monolith_opcodes)
 				.verify_checkdatasig(self.verify_magnetic_anomaly_opcodes)
-				.verify_sigpushonly(self.verify_sigpushonly);
+				.verify_sigpushonly(self.verify_sigpushonly)
+				.verify_cleanstack(self.verify_cleanstack);
 
 			try!(verify_script(&input, &output, &script_witness, &flags, &checker, self.signature_version)
 				.map_err(|e| TransactionError::Signature(index, e)));