// Copyright (c) 2012-2021 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <common/bloom.h>

#include <hash.h>

#include <primitives/transaction.h>

#include <random.h>

#include <script/script.h>

#include <script/standard.h>

#include <span.h>

#include <streams.h>

#include <util/fastrange.h>

#include <algorithm>

#include <cmath>

#include <cstdlib>

#include <limits>

#include <vector>

static constexpr double LN2SQUARED = 0.4804530139182014246671025263266649717305529515945455;

static constexpr double LN2 = 0.6931471805599453094172321214581765680755001343602552;

CBloomFilter::CBloomFilter(const unsigned int nElements, const double nFPRate, const unsigned int nTweakIn, unsigned char nFlagsIn) :

    /**

     * The ideal size for a bloom filter with a given number of elements and false positive rate is:

     * - nElements * log(fp rate) / ln(2)^2

     * We ignore filter parameters which will create a bloom filter larger than the protocol limits

     */

    vData(std::min((unsigned int)(-1  / LN2SQUARED * nElements * log(nFPRate)), MAX_BLOOM_FILTER_SIZE * 8) / 8),

    /**

     * The ideal number of hash functions is filter size * ln(2) / number of elements

     * Again, we ignore filter parameters which will create a bloom filter with more hash functions than the protocol limits

     * See https://en.wikipedia.org/wiki/Bloom_filter for an explanation of these formulas

     */

    nHashFuncs(std::min((unsigned int)(vData.size() * 8 / nElements * LN2), MAX_HASH_FUNCS)),

    nTweak(nTweakIn),

    nFlags(nFlagsIn)

inline unsigned int CBloomFilter::Hash(unsigned int nHashNum, Span<const unsigned char> vDataToHash) const

    // 0xFBA4C795 chosen as it guarantees a reasonable bit difference between nHashNum values.

void CBloomFilter::insert(Span<const unsigned char> vKey)

        // Sets bit nIndex of vData

void CBloomFilter::insert(const COutPoint& outpoint)

bool CBloomFilter::contains(Span<const unsigned char> vKey) const

        // Checks bit nIndex of vData

bool CBloomFilter::contains(const COutPoint& outpoint) const

bool CBloomFilter::IsWithinSizeConstraints() const

bool CBloomFilter::IsRelevantAndUpdate(const CTransaction& tx)

    // Match if the filter contains the hash of tx

    //  for finding tx when they appear in a block

        // Match if the filter contains any arbitrary script data element in any scriptPubKey in tx

        // If this matches, also add the specific output that was matched.

        // This means clients don't have to update the filter themselves when a new relevant tx

        // is discovered in order to find spending transactions, which avoids round-tripping and race conditions.

        // Match if the filter contains an outpoint tx spends

        // Match if the filter contains any arbitrary script data element in any scriptSig in tx

CRollingBloomFilter::CRollingBloomFilter(const unsigned int nElements, const double fpRate)

    /* The optimal number of hash functions is log(fpRate) / log(0.5), but

     * restrict it to the range 1-50. */

    /* In this rolling bloom filter, we'll store between 2 and 3 generations of nElements / 2 entries. */

    /* The maximum fpRate = pow(1.0 - exp(-nHashFuncs * nMaxElements / nFilterBits), nHashFuncs)

     * =>          pow(fpRate, 1.0 / nHashFuncs) = 1.0 - exp(-nHashFuncs * nMaxElements / nFilterBits)

     * =>          1.0 - pow(fpRate, 1.0 / nHashFuncs) = exp(-nHashFuncs * nMaxElements / nFilterBits)

     * =>          log(1.0 - pow(fpRate, 1.0 / nHashFuncs)) = -nHashFuncs * nMaxElements / nFilterBits

     * =>          nFilterBits = -nHashFuncs * nMaxElements / log(1.0 - pow(fpRate, 1.0 / nHashFuncs))

     * =>          nFilterBits = -nHashFuncs * nMaxElements / log(1.0 - exp(logFpRate / nHashFuncs))

     */

    /* For each data element we need to store 2 bits. If both bits are 0, the

     * bit is treated as unset. If the bits are (01), (10), or (11), the bit is

     * treated as set in generation 1, 2, or 3 respectively.

     * These bits are stored in separate integers: position P corresponds to bit

     * (P & 63) of the integers data[(P >> 6) * 2] and data[(P >> 6) * 2 + 1]. */

/* Similar to CBloomFilter::Hash */

static inline uint32_t RollingBloomHash(unsigned int nHashNum, uint32_t nTweak, Span<const unsigned char> vDataToHash)

void CRollingBloomFilter::insert(Span<const unsigned char> vKey)

        /* Wipe old entries that used this generation number. */

        /* FastMod works with the upper bits of h, so it is safe to ignore that the lower bits of h are already used for bit. */

        /* The lowest bit of pos is ignored, and set to zero for the first bit, and to one for the second. */

bool CRollingBloomFilter::contains(Span<const unsigned char> vKey) const

        /* If the relevant bit is not set in either data[pos & ~1] or data[pos | 1], the filter does not contain vKey */

void CRollingBloomFilter::reset()