705ce7ed8c Merge bitcoin-core/secp256k1#1129: ElligatorSwift + integrated x-only DH
0702ecb061 Merge bitcoin-core/secp256k1#1338: Drop no longer needed `#include "../include/secp256k1.h"`
90e360acc2 Add doc/ellswift.md with ElligatorSwift explanation
4f091847c2 Add ellswift testing to CI
1bcea8c57f Add benchmarks for ellswift module
2d1d41acf8 Add ctime tests for ellswift module
df633cdeba Add _prefix and _bip324 ellswift_xdh hash functions
9695deb351 Add tests for ellswift module
c47917bbd6 Add ellswift module implementing ElligatorSwift
79e5b2a8b8 Add functions to test if X coordinate is valid
a597a5a9ce Add benchmark for key generation
30574f22ea Merge bitcoin-core/secp256k1#1349: Normalize ge produced from secp256k1_pubkey_load
45c5ca7675 Merge bitcoin-core/secp256k1#1350: scalar: introduce and use `secp256k1_{read,write}_be64` helpers
f1652528be Normalize ge produced from secp256k1_pubkey_load
7067ee54b4 tests: add tests for `secp256k1_{read,write}_be64`
740528caad scalar: use newly introduced `secp256k1_{read,write}_be64` helpers (4x64 impl.)
67214f5f7d Merge bitcoin-core/secp256k1#1339: scalar: refactor: use `secp256k1_{read,write}_be32` helpers
cb1a59275c Merge bitcoin-core/secp256k1#1341: docs: correct `pubkey` param descriptions for `secp256k1_keypair_{xonly_,}pub`
f3644287b1 docs: correct `pubkey` param descriptions for `secp256k1_keypair_{xonly_,}pub`
887183e7de scalar: use `secp256k1_{read,write}_be32` helpers (4x64 impl.)
52b84238de scalar: use `secp256k1_{read,write}_be32` helpers (8x32 impl.)
e449af6872 Drop no longer needed `#include "../include/secp256k1.h"`
60556c9f49 Merge bitcoin-core/secp256k1#1337: ci: Fix error D8037 in `cl.exe` (attempt 2)
db29bf220c ci: Remove quirk that runs dummy command after wineserver
c7db4942b3 ci: Fix error D8037 in `cl.exe`
7dae115861 Revert "ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe"
bf29f8d0a6 Merge bitcoin-core/secp256k1#1334: fix input range comment for `secp256k1_fe_add_int`
605e07e365 fix input range comment for `secp256k1_fe_add_int`
debf3e5c08 Merge bitcoin-core/secp256k1#1330: refactor: take use of `secp256k1_scalar_{zero,one}` constants
d75dc59b58 Merge bitcoin-core/secp256k1#1333: test: Warn if both `VERIFY` and `COVERAGE` are defined
ade5b36701 tests: add checks for scalar constants `secp256k1_scalar_{zero,one}`
e83801f5db test: Warn if both `VERIFY` and `COVERAGE` are defined
654246c635 refactor: take use of `secp256k1_scalar_{zero,one}` constants
908e02d596 Merge bitcoin-core/secp256k1#1328: build: Bump MSVC warning level up to W3
1549db0ca5 build: Level up MSVC warnings
20a5da5fb1 Merge bitcoin-core/secp256k1#1310: Refine release process
ad84603297 release process: clarify change log updates
6348bc7eee release process: fix process for maintenance release
79fa50b082 release process: mention targeted release schedule
165206789b release process: add sanity checks
09df0bfb23 Merge bitcoin-core/secp256k1#1327: ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe
27504d5c94 ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe
d373a7215b Merge bitcoin-core/secp256k1#1316: Do not invoke fe_is_zero on failed set_b32_limit
6433175ffe Do not invoke fe_is_zero on failed set_b32_limit
5f7903c73c Merge bitcoin-core/secp256k1#1318: build: Enable -DVERIFY for precomputation binaries
e9e4526a4e Merge bitcoin-core/secp256k1#1317: Make fe_cmov take max of magnitudes
5768b50229 build: Enable -DVERIFY for precomputation binaries
31b4bbee1e Make fe_cmov take max of magnitudes
83186db34a Merge bitcoin-core/secp256k1#1314: release cleanup: bump version after 0.3.2
95448ef2f8 release cleanup: bump version after 0.3.2
acf5c55ae6 Merge bitcoin-core/secp256k1#1312: release: Prepare for 0.3.2
d490ca2046 release: Prepare for 0.3.2
3e3d125b83 Merge bitcoin-core/secp256k1#1309: changelog: Catch up
e8295d07ab Merge bitcoin-core/secp256k1#1311: Revert "Remove unused scratch space from API"
697e1ccf4a changelog: Catch up
3ad1027a40 Revert "Remove unused scratch space from API"
76b43f3443 changelog: Add entry for #1303
7d4f86d242 Merge bitcoin-core/secp256k1#1307: Mark more assembly outputs as early clobber
b54a0672ef Merge bitcoin-core/secp256k1#1304: build: Rename arm to arm32 and check if it's really supported
c6bb29b303 build: Rename `64bit` to `x86_64`
8c9ae37a5a Add release note
03246457a8 autotools: Add `SECP_ARM32_ASM_CHECK` macro
ed4ba238e2 cmake: Add `check_arm32_assembly` function
350b4bd6e6 Mark stack variables as early clobber for technical correctness
0c729ba70d Bugfix: mark outputs as early clobber in scalar x86_64 asm
3353d3c753 Merge bitcoin-core/secp256k1#1207: Split fe_set_b32 into reducing and normalizing variants
5b32602295 Split fe_set_b32 into reducing and normalizing variants
006ddc1f42 Merge bitcoin-core/secp256k1#1306: build: Make tests work with external default callbacks
1907f0f166 build: Make tests work with external default callbacks
fb3a806365 Merge bitcoin-core/secp256k1#1133: schnorrsig: Add test vectors for variable-length messages
cd54ac7c1c schnorrsig: Improve docs of schnorrsig_sign_custom
28687b0312 schnorrsig: Add BIP340 varlen test vectors
97a98bed1e schnorrsig: Refactor test vector code to allow varlen messages
ab5a917128 Merge bitcoin-core/secp256k1#1303: ct: Use more volatile
9eb6934f69 Merge bitcoin-core/secp256k1#1305: Remove unused scratch space from API
073d98a076 Merge bitcoin-core/secp256k1#1292: refactor: Make 64-bit shift explicit
17fa21733a ct: Be cautious and use volatile trick in more "conditional" paths
5fb336f9ce ct: Use volatile trick in scalar_cond_negate
712e7f8722 Remove unused scratch space from API
54d34b6c24 Merge bitcoin-core/secp256k1#1300: Avoid normalize conditional on VERIFY
c63ec88ebf Merge bitcoin-core/secp256k1#1066: Abstract out and merge all the magnitude/normalized logic
7fc642fa25 Simplify secp256k1_fe_{impl_,}verify
4e176ad5b9 Abstract out verify logic for fe_is_square_var
4371f98346 Abstract out verify logic for fe_add_int
89e324c6b9 Abstract out verify logic for fe_half
283cd80ab4 Abstract out verify logic for fe_get_bounds
d5aa2f0358 Abstract out verify logic for fe_inv{,_var}
3167646072 Abstract out verify logic for fe_from_storage
76d31e5047 Abstract out verify logic for fe_to_storage
1e6894bdd7 Abstract out verify logic for fe_cmov
be82bd8e03 Improve comments/checks for fe_sqrt
6ab35082ef Abstract out verify logic for fe_sqr
4c25f6efbd Abstract out verify logic for fe_mul
e179e651cb Abstract out verify logic for fe_add
7e7ad7ff57 Abstract out verify logic for fe_mul_int
65d82a3445 Abstract out verify logic for fe_negate
144670893e Abstract out verify logic for fe_get_b32
f7a7666aeb Abstract out verify logic for fe_set_b32
ce4d2093e8 Abstract out verify logic for fe_cmp_var
7d7d43c6dd Improve comments/check for fe_equal{,_var}
c5e788d672 Abstract out verify logic for fe_is_odd
d3f3fe8616 Abstract out verify logic for fe_is_zero
c701d9a471 Abstract out verify logic for fe_clear
19a2bfeeea Abstract out verify logic for fe_set_int
864f9db491 Abstract out verify logic for fe_normalizes_to_zero{,_var}
6c31371120 Abstract out verify logic for fe_normalize_var
e28b51f522 Abstract out verify logic for fe_normalize_weak
b6b6f9cb97 Abstract out verify logic for fe_normalize
7fa5195559 Bugfix: correct SECP256K1_FE_CONST mag/norm fields
e5cf4bf3ff build: Rename `arm` to `arm32`
b29566c51b Merge magnitude/normalized fields, move/improve comments
97c63b9039 Avoid normalize conditional on VERIFY
341cc19726 Merge bitcoin-core/secp256k1#1299: Infinity handling: ecmult_const(infinity) works, and group verification
bbc834467c Avoid secp256k1_ge_set_gej_zinv with uninitialized z
0a2e0b2ae4 Make secp256k1_{fe,ge,gej}_verify work as no-op if non-VERIFY
f20266722a Add invariant checking to group elements
a18821d5b1 Always initialize output coordinates in secp256k1_ge_set_gej
3086cb90ac Expose secp256k1_fe_verify to other modules
a0e696fd4d Make secp256k1_ecmult_const handle infinity
24c768ae09 Merge bitcoin-core/secp256k1#1301: Avoid using bench_verify_data as bench_sign_data; merge them
2e65f1fdbc Avoid using bench_verify_data as bench_sign_data; merge them
1cf15ebd94 Merge bitcoin-core/secp256k1#1296: docs: complete interface description for `secp256k1_schnorrsig_sign_custom`
149c41cee1 docs: complete interface description for `secp256k1_schnorrsig_sign_custom`
f30c74866b Merge bitcoin-core/secp256k1#1270: cmake: Fix library ABI versioning
d1e48e5474 refactor: Make 64-bit shift explicit
b2e29e43d0 ci: Treat all compiler warnings as errors in "Windows (VS 2022)" task
3c81838856 Merge bitcoin-core/secp256k1#1289: cmake: Use full signature of `add_test()` command
755629bc03 cmake: Use full signature of `add_test()` command
bef448f9af cmake: Fix library ABI versioning
4b0f711d46 Merge bitcoin-core/secp256k1#1277: autotools: Clean up after adding Wycheproof
222ecaf661 Merge bitcoin-core/secp256k1#1284: cmake: Some improvements using `PROJECT_IS_TOP_LEVEL` variable
71f746c057 cmake: Include `include` directory for subtree builds
024a409484 Merge bitcoin-core/secp256k1#1240: cmake: Improve and document compiler flag checks
a8d059f76c cmake, doc: Document compiler flags
6ece1507cb cmake, refactor: Rename `try_add_compile_option` to `try_append_cflags`
19516ed3e9 cmake: Use `add_compile_options()` in `try_add_compile_option()`
4b84f4bf0f Merge bitcoin-core/secp256k1#1239: cmake: Bugfix and other improvements after bumping CMake up to 3.13
596b336ff6 Merge bitcoin-core/secp256k1#1234: cmake: Add dev-mode
6b7e5b717d Merge bitcoin-core/secp256k1#1275: build: Fix C4005 "macro redefinition" MSVC warnings in examples
1c89536718 Merge bitcoin-core/secp256k1#1286: tests: remove extra semicolon in macro
c4062d6b5d debug: move helper for printing buffers into util.h
7e977b3c50 autotools: Take VPATH builds into account when generating testvectors
2418d3260a autotools: Create src/wycheproof dir before creating file in it
8764034ed5 autotools: Make all "pregenerated" targets .PHONY
e1b9ce8811 autotools: Use same conventions for all pregenerated files
3858bad2c6 tests: remove extra semicolon in macro
1f33bb2b1c Merge bitcoin-core/secp256k1#1205: field: Improve docs +tests of secp256k1_fe_set_b32
162da73e9a tests: Add debug helper for printing buffers
e9fd3dff76 field: Improve docs and tests of secp256k1_fe_set_b32
f6bef03c0a Merge bitcoin-core/secp256k1#1283: Get rid of secp256k1_fe_const_b
5431b9decd cmake: Make `SECP256K1_INSTALL` default depend on `PROJECT_IS_TOP_LEVEL`
5ec1333d4f Merge bitcoin-core/secp256k1#1285: bench: Make sys/time.h a system include
68b16a1662 bench: Make sys/time.h a system include
162608cc98 cmake: Emulate `PROJECT_IS_TOP_LEVEL` for CMake<3.21
69e1ec0331 Get rid of secp256k1_fe_const_b
ce5ba9e24d gitignore: Add CMakeUserPresets.json
0a446a312f cmake: Add dev-mode CMake preset
a6f4bcf6e1 Merge bitcoin-core/secp256k1#1231: Move `SECP256K1_INLINE` macro definition out from `include/secp256k1.h`
a273d74b2e cmake: Improve version comparison
6a58b483ef cmake: Use `if(... IN_LIST ...)` command
2445808c02 cmake: Use dedicated `GENERATOR_IS_MULTI_CONFIG` property
9f8703ef17 cmake: Use dedicated `CMAKE_HOST_APPLE` variable
8c2017035a cmake: Use recommended `add_compile_definitions` command
04d4cc071a cmake: Add `DESCRIPTION` and `HOMEPAGE_URL` options to `project` command
8a8b6536ef cmake: Use `SameMinorVersion` compatibility mode
5b0444a3b5 Merge bitcoin-core/secp256k1#1263: cmake: Make installation optional
47ac3d63cd cmake: Make installation optional
2e035af251 Merge bitcoin-core/secp256k1#1273: build: Make `SECP_VALGRIND_CHECK` preserve `CPPFLAGS`
5be353d658 Merge bitcoin-core/secp256k1#1279: tests: lint wycheproof's python script
08f4b1632d autotools: Move code around to tidy Makefile
04bf3f6778 Merge bitcoin-core/secp256k1#1230: Build: allow static or shared but not both
9ce9984f32 Merge bitcoin-core/secp256k1#1265: Remove bits argument from secp256k1_wnaf_const{_xonly}
566faa17d3 Merge bitcoin-core/secp256k1#1267: doc: clarify process for patch releases
ef49a11d29 build: allow static or shared but not both
35ada3b954 tests: lint wycheproof's python script
529b54d922 autotools: Move Wycheproof header from EXTRA_DIST to noinst_HEADERS
dc0657c762 build: Fix C4005 "macro redefinition" MSVC warnings in examples
1ecb94ebe9 build: Make `SECP_VALGRIND_CHECK` preserve `CPPFLAGS`
1b6fb5593c doc: clarify process for patch releases
a575339c02 Remove bits argument from secp256k1_wnaf_const (always 256)
36b0adf1b9 build: remove warning until it's reproducible
8e142ca410 Move `SECP256K1_INLINE` macro definition out from `include/secp256k1.h`
77445898a5 Remove `SECP256K1_INLINE` usage from examples
ca92a35d01 field: Simplify code in secp256k1_fe_set_b32
d93f62e369 field: Verify field element even after secp256k1_fe_set_b32 fails
git-subtree-dir: src/secp256k1
git-subtree-split: 705ce7ed8c1557a31e1bfc99be06082c5098d9f5
e639364495 validation: add missing insert to m_dirty_blockindex (Martin Zumsande)
Pull request description:
When the status of a block index is changed, we must add it to `m_dirty_blockindex` or the change might not get persisted to disk.
This is missing from one spot in `FindMostWorkChain()`, where `BLOCK_FAILED_CHILD` is set.
Since we have [code](f0758d8a66/src/node/blockstorage.cpp (L284-L287)) that later sets missing `BLOCK_FAILED_CHILD` during the next startup, I don't think that this can lead to bad block indexes in practice, but I still think it's worth fixing.
ACKs for top commit:
TheCharlatan:
ACK e639364495
stickies-v:
ACK e639364495
Tree-SHA512: a97af9c173e31b90b677a1f95de822e08078d78013de5fa5fe4c3bec06f45d6e1823b7694cdacb887d031329e4b4afc6a2003916e0ae131279dee71f43e1f478
bdea2bb114 scripted-diff: Following the C++ Standard rules for identifiers with _. (Brotcrunsher)
Pull request description:
Any identifier starting with 2 _ is reserved for the compiler and thus must not be used.
See: https://stackoverflow.com/a/228797/7130273
ACKs for top commit:
MarcoFalke:
lgtm ACK bdea2bb114
Tree-SHA512: 74c8e676449f3f61476d846bfd2c514103c8914e13c4a0db841203abdc0267c25ddc6ed57d6791459efe3edea17753a1b53c3795071ddfe8aba8662521063407
1a572ce7d6 test: refactor: introduce `generate_keypair` helper with WIF support (Sebastian Falbesoner)
Pull request description:
In functional tests it is a quite common scenario to generate fresh elliptic curve keypairs, which is currently a bit cumbersome as it involves multiple steps, e.g.:
privkey = ECKey()
privkey.generate()
privkey_wif = bytes_to_wif(privkey.get_bytes())
pubkey = privkey.get_pubkey().get_bytes()
Simplify this by providing a new `generate_keypair` helper function that returns the private key either as `ECKey` object or as WIF-string (depending on the boolean `wif` parameter) and the public key as byte-string; these formats are what we mostly need (currently we don't use `ECPubKey` objects from generated keypairs anywhere).
With this, most of the affected code blocks following the pattern above can be replaced by one-liners, e.g.:
privkey, pubkey = generate_keypair(wif=True)
Note that after this commit, the only direct uses of `ECKey` remain in situations where we want to set the private key explicitly, e.g. in MiniWallet (test/functional/test_framework/wallet.py) or the test for the signet miner script (test/functional/tool_signet_miner.py).
ACKs for top commit:
instagibbs:
ACK 1a572ce7d6
kevkevinpal:
reACK [1a572ce](1a572ce7d6)
stratospher:
ACK 1a572ce7. neat to have this since keypair generation is done in lots of places.
Tree-SHA512: ceb695ba7b34dc9f65357b55be03e67609e7e13a178083d405284eff4d8d3c5cea4fb0b6632658604a533f38ebfefc33e0c375995cc21ebc7843442ad764287b
0000f55293 ci: Run fuzz target even if input folder is empty (MarcoFalke)
Pull request description:
This should catch trivial integer sanitizer bugs if the author and all reviewers forget to look for them.
ACKs for top commit:
brunoerg:
reACK 0000f55293
dergoegge:
reACK 0000f55293
Tree-SHA512: f139b9d56f0cf1aae339c2890721c77c88d1fea77b73d492c1386ec99b4f393c5b664029919ff4a22e4e8a2929f085699a148c6acc2cc3e40df8a72fd39ff474
fa76f0d0ef refactor: Make m_count_with_* in CTxMemPoolEntry int64_t, drop UBSAN supp (MarcoFalke)
Pull request description:
This is a refactor as long as no signed integer overflow appears. In normal operation and absent bugs, signed integer overflow should never happen in the touched code paths.
The main benefit of this refactor is to drop the file-wide ubsan suppression `unsigned-integer-overflow:txmempool.cpp`.
For now, this only changes the internal private representation and the publicly returned type remains `uint64_t`.
ACKs for top commit:
glozow:
ACK fa76f0d0ef
ryanofsky:
Code review ACK fa76f0d0ef
Tree-SHA512: a09e33a915d60c65d369d44ba1a45ce4a6a76e6dc2bea43216ba02b5eab0b74e214b2c7cc44360493f2c483d18d96e4636b7a75b23050976efc80e38de852c39
a1e653828b test: Add test for migrating default wallet and plain file wallet (Andrew Chow)
bdbe3fd76b wallet: Generated migrated wallet's path from walletdir and name (Andrew Chow)
Pull request description:
This PR fixes an assertion error that is hit during the setup of the new database during migration of a wallet that was not contained in a wallet dir. Also added a test for this case as well as one for migrating the default wallet.
ACKs for top commit:
ryanofsky:
Code review ACK a1e653828b
furszy:
ACK a1e65382
Tree-SHA512: 96b218c0de8567d8650ec96e1bf58b0f8ca4c4726f5efc6362453979b56b9d569baea0bb09befb3a5aed8d16d29bf75ed5cd8ffc432bbd4cbcad3ac5574bc479
daa5a658c0 refactor: rename BCLog::BLOCKSTORE to BLOCKSTORAGE (Jon Atack)
cf622b214b doc: release note re raising on invalid -debug/debugexclude/loglevel (Jon Atack)
6cb1c66041 init: remove config option names from translated -loglevel strings (Jon Atack)
2547829272 test: -loglevel raises on invalid values (Jon Atack)
a9c295888b init: raise on invalid loglevel config option (Jon Atack)
b0c3995393 test: -debug and -debugexclude raise on invalid values (Jon Atack)
4c3c19d943 init: raise on invalid debug/debugexclude config options (Jon Atack)
Pull request description:
and rename BCLog::BLOCKSTORE to BLOCKSTORAGE so the enum is the same as its value like the other BCLog enums.
Per discussion in bitcoin-core-dev IRC today from https://bitcoin-irc.chaincode.com/bitcoin-core-dev/2023-05-11#921458.
ACKs for top commit:
achow101:
ACK daa5a658c0
ryanofsky:
Code review ACK daa5a658c0. Just translated string template cleanup since last review
pinheadmz:
re-ACK daa5a658c0
Tree-SHA512: 4c107a93d8e8ce4e2ee81d44aec672526ca354ec390b241221067f68204beac8b4ba7a65748bcfa124ff2245c4307fa9243ec4fe0b464d0fa69c787fb322c3cc
a72af2e833 bench: disable birth time block skip for wallet_create_tx.cpp (furszy)
Pull request description:
As the benchmarks inside `wallet_create_tx.cpp` assert the wallet
balance at the end, they require all blocks to be scanned by the wallet.
So, we need to ensure that no blocks are skipped by the recently added
wallet birth time functionality.
This just means setting the wallet birth time to the genesis block time.
So the wallet is always older than any new block.
ACKs for top commit:
achow101:
ACK a72af2e833
hernanmarino:
ACK a72af2e833
TheCharlatan:
ACK a72af2e833
Tree-SHA512: d3148659bd633d20978736e1292e3456a2c6dd2b6c8f60625a4160e16818d923487c889237eb3f34693f7dd78b7d124b89afdc56e4c9fad370026d0733ef1e08
faa05d1965 fuzz: Fix implicit-integer-sign-change in wallet/fees fuzz target (MarcoFalke)
Pull request description:
This fixes a bug in the fuzz target.
```
echo 'OiAAAPr//wAAAAAAAAA=' | base64 --decode > /tmp/a
UBSAN_OPTIONS="suppressions=$(pwd)/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1" FUZZ=wallet_fees ./src/test/fuzz/fuzz /tmp/a
```
```
wallet/fees.cpp:58:58: runtime error: implicit conversion from type 'unsigned int' of value 4294574080 (32-bit, unsigned) to type 'int' changed the value to -393216 (32-bit, signed)
#0 0x5625ef46a094 in wallet::GetMinimumFeeRate(wallet::CWallet const&, wallet::CCoinControl const&, FeeCalculation*) src/wallet/fees.cpp:58:58
#1 0x5625eedd467f in wallet::(anonymous namespace)::wallet_fees_fuzz_target(Span<unsigned char const>) src/wallet/test/fuzz/fees.cpp:64:11
...
SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change wallet/fees.cpp:58:58 in
ACKs for top commit:
dergoegge:
tACK faa05d1965
brunoerg:
ACK faa05d1965
Tree-SHA512: 66a4020d6a4153a92c7023e9f94ec6279862566db7236ce3cf6951b7fbee616dc88a56fe9502de4099d74f9840439b20a984b0733fb432e43129e774bcc2a6e6
d2b39e09bc test: ensure old fee_estimate.dat not read on restart and flushed (ismaelsadeeq)
cf219f29f3 tx fees, policy: read stale fee estimates with a regtest-only option (ismaelsadeeq)
3eb241a141 tx fees, policy: do not read estimates of old fee_estimates.dat (ismaelsadeeq)
5b886f2b43 tx fees, policy: periodically flush fee estimates to fee_estimates.dat (ismaelsadeeq)
Pull request description:
Fixes#27555
The issue arises when an old `fee_estimates.dat` file is sometimes read during initialization.
Or after an unclean shutdown, the latest fee estimates are not flushed to `fee_estimates.dat`.
If the fee estimates in the old file are old, they can cause transactions to become stuck in the mempool.
This PR ensures that nodes do not use stale estimates from the old file during initialization. If `fee_estimates.dat`
has not been updated for 60 hours or more, it is considered stale and will not be read during initialization. To avoid
having old estimates, the `fee_estimates.dat` file will be flushed periodically every hour. As mentioned #27555
> "The immediate improvement would be to store fee estimates to disk once an hour or so to reduce the chance of having an old file. From there, this case could probably be detected, and refuse to serve estimates until we sync."
In addition, I will follow-up PR to persist the `mempoolminfee` across restarts.
ACKs for top commit:
willcl-ark:
ACK d2b39e09bc
instagibbs:
reACK d2b39e09bc
glozow:
ACK d2b39e09bc. One nit if you follow up.
Tree-SHA512: 4f6e0c296995d0eea5cf80c6aefdd79b7295a6a0ba446f2166f32afc105fe4f831cfda1ad3abd13c5c752b4fbea982cf4b97eaeda2af1fd7184670d41edcfeec
Any identifier starting with two _, or one _ followed by a capital letter is reserved for the compiler and thus must not be used. See: https://stackoverflow.com/a/228797/7130273
-BEGIN VERIFY SCRIPT-
s() { git grep -l "$1" src | xargs sed -i "s/$1/$2/g"; }
s '__pushKV' 'pushKVEnd'
s '_EraseTx' 'EraseTxNoLock'
s '_Other' 'Other'
-END VERIFY SCRIPT-
40b333e21f fuzz: wallet, add target for CoinControl (Ayush Singh)
Pull request description:
This PR adds fuzz coverage for `wallet/coincontrol`.
Motivation: Issue [#27272](https://github.com/bitcoin/bitcoin/issues/27272#issue-1628327906)
The idea is to create different/unique instances of `COutPoint` by placing it inside the `CallOneOf` function, which may or may not be consumed by all of the `CoinControl` file's methods.
This is my first PR on Bitcoin Core, and I will try my best to address any reviews/changes ASAP. I'm also working on fuzz harness files for other files in the wallet and plan to open PR for them soon.
ACKs for top commit:
kevkevinpal:
reACK [40b333e](40b333e21f)
MarcoFalke:
lgtm ACK 40b333e21f
achow101:
ACK 40b333e21f
brunoerg:
crACK 40b333e21f
dergoegge:
ACK 40b333e21f
Tree-SHA512: 174769f4e86df8590b532b85480fd620082587e84e50e49ca9b52f0588a219355362cefd66250dd9942e86019d27af4ca599b45e871e9f147d2cc0ba97c4aa7b
In functional tests it is a quite common scenario to generate fresh
elliptic curve keypairs, which is currently a bit cumbersome as it
involves multiple steps, e.g.:
privkey = ECKey()
privkey.generate()
privkey_wif = bytes_to_wif(privkey.get_bytes())
pubkey = privkey.get_pubkey().get_bytes()
Simplify this by providing a new `generate_keypair` helper function that
returns the private key either as `ECKey` object or as WIF-string
(depending on the boolean `wif` parameter) and the public key as
byte-string; these formats are what we mostly need (currently we don't
use `ECPubKey` objects from generated keypairs anywhere).
With this, most of the affected code blocks following the pattern above
can be replaced by one-liners, e.g.:
privkey, pubkey = generate_keypair(wif=True)
Note that after this commit, the only direct uses of `ECKey` remain in
situations where we want to set the private key explicitly, e.g. in
MiniWallet (test/functional/test_framework/wallet.py) or the test for
the signet miner script (test/functional/tool_signet_miner.py).
As the benchmarks inside wallet_create_tx.cpp assert the
wallet balance at the end, they require all
blocks to be scanned by the wallet. So, we need
to ensure that no blocks are skipped by the recently
added wallet birth time functionality.
This just means setting the wallet birthtime to the
genesis block time. So the wallet is always older than
any new block.
5524fa00fa doc: add release note about removal of `deprecatedrpc=walletwarningfield` flag (Sebastian Falbesoner)
5c77db7354 Restorewallet/createwallet help documentation fixups/improvements (Jon Atack)
a00ae31fcc rpc: remove deprecated "warning" field from {create,load,restore,unload}wallet (Sebastian Falbesoner)
Pull request description:
The "warning" string field for wallet creating/loading RPCs (`createwallet`, `loadwallet`, `unloadwallet` and `restorewallet`) has been deprecated with the configuration option `-deprecatedrpc=walletwarningfield` in PR #27279 (released in v25.0). For the next release v26.0, the field and the configuration option can be removed.
ACKs for top commit:
achow101:
ACK 5524fa00fa
jonatack:
ACK 5524fa00fa
Tree-SHA512: 8212f72067d08095304018b8a95d2ebef630004b65123483fbbfb078cc5709c2d825bbc35b16ea5f6b28ae7377347382d7e9afaf7bdbf0575d2c229d970784de
fc6c17b838 build: make sure we can overwrite config.{guess,sub} (0xb10c)
Pull request description:
Since ea7b8528 (#26422), `autogen.sh` overwrites the `build-aux/config.{guess, sub}` files (installed there by `autoreconf`) with the `depends/config.{guess, sub}` files if these are newer.
The `autoreconf` tool copies them from it's `share/autoconf/build-aux/` directory. Specifically on NixOS, the `share/autoconf/build-aux/` files are located in the nix-store and are read-only. `autoreconf` preserves the read-only permissions when copying. Overwriting them with our `depends/config.{guess, sub}` files subsequently fails.
To make sure we can overwrite the files, set write permissions to the current user and group before overwriting. This fixes the problem on NixOS.
fixes#27873
ACKs for top commit:
dergoegge:
tACK fc6c17b838
fanquake:
ACK fc6c17b838
Tree-SHA512: e8a31f739d5b598b2fe9fe6fc3d02303c117a6adccc49b8d0fea4980027a64f915a0e1e00e4788dce6113ef1b9ec9acf9e4164486f6e4904bad405f20b6746a0
a97c59f12d test: p2p: check misbehavior for non-continuous headers messages (Sebastian Falbesoner)
Pull request description:
This PR adds missing test coverage for a peer sending a `headers` message where the headers don't connect to each other, which should be treated as misbehaving (not disconnecting though, as the score increase is only 20). The relevant code path is `PeerManagerImpl::ProcessHeadersMessage` -> `PeerManagerImpl::CheckHeadersPoW` -> `PeerManagerImpl::CheckHeadersAreContinuous`:
17acb2782a/src/net_processing.cpp (L2415-L2419)17acb2782a/src/net_processing.cpp (L2474-L2484)
ACKs for top commit:
sr-gi:
ACK a97c59f12d
achow101:
ACK a97c59f12d
instagibbs:
ACK a97c59f12d
Tree-SHA512: 3f8d6a2492e5c8b63c7b11be2e4ec455f83581b2c58f2d4e705baadfe8d7c6377296d6cd0eda679d291a13d8930b09443f8e3d183795df34b780c703d5d3aeb3
fa8ef7d138 refactor: Avoid copy of bilingual_str when formatting, Fix ADL violation (MarcoFalke)
Pull request description:
This refactor shouldn't change behavior, but may fix compile errors such as https://github.com/bitcoin/bitcoin/pull/27862#issuecomment-1592516184
ACKs for top commit:
achow101:
ACK fa8ef7d138
ryanofsky:
Code review ACK fa8ef7d138. Looks great! Thanks for updating
hebasto:
ACK fa8ef7d138, I have reviewed the code and it looks OK.
Tree-SHA512: 903019962f27b5432b8e3af052b472238ef68d3ee165148c9d2232bf290309075f9f17d8d06c9b5c7fddb89c1a9c3a4c09c6310af01e8561adc0244a30db0857
6779e6ed7f test: clean up is node stopped (dimitaracev)
Pull request description:
Fixes#27893
Use f'strings for the message when asserting `expected_ret_code` and `return_code`. Change the `expected_ret_code` from an optional to have a default value of `0`.
cc MarcoFalke
ACKs for top commit:
MarcoFalke:
lgtm ACK 6779e6ed7f
stickies-v:
ACK 6779e6ed7f
brunoerg:
ACK 6779e6ed7f
Tree-SHA512: af84e7ffe467ced29236dee9206687786a2efb89ab8b039c3ebfb93ea23fc273206cd51f20c9fb6bee4135770e9a649538942571d9c0be83ba9535fa8e59cb28
The return type of TranslateArg is std::string, which creates a copy.
Fix this by moving everything into a lambda that takes a reference and
returns a reference.
Also, the format function is called without specifying the namespace it
lives in. Fix this by specifying the namespace. See also:
7a59865793/doc/developer-notes.md (L117-L137).
3b2acfcfec build: suppress external warnings by default (fanquake)
Pull request description:
I think we are at the point where it make more sense to make this the default, than not. It's already used in the CI, and I assume most building locally are also utilising it.
ACKs for top commit:
achow101:
ACK 3b2acfcfec
hebasto:
ACK 3b2acfcfec
stickies-v:
ACK 3b2acfcfec
Tree-SHA512: be20203381c03dea8b5d64876c56bf8bb8defdfd6fc6d5398b71d3f28d0209c4bd1374f108df708aaa8867fda818a9bc611d1908c9fbb74f8cccdfbc5aff05af
162602b208 fuzz: wallet, add target for `fees` (brunoerg)
Pull request description:
This PR adds fuzz coverage for `wallet/fees`. Some functions may use or not (non default) values from `wallet`, `CCoinControl` or `FeeCalculation`. So the logic is to make the test sometimes fill up some attributes and others no.
Obs: As soon as this PR gets some reviews, I can open the proper PR to `qa-assets` as well.
ACKs for top commit:
Xekyo:
ACK 162602b208
MarcoFalke:
lgtm ACK 162602b208
dergoegge:
Code review ACK 162602b208
Tree-SHA512: 6545802f27aafb60bf5a119af514e9425b643780dea6650bba766bb5be813f2aaddb7afc7f0efa2943ceb26f5ea08b42c95a3c0df897493c71f2d2f99e9e4236
This commit adds tests to ensure that old fee_estimates.dat files
are not read and that fee_estimates are periodically flushed to the
fee_estimates.dat file.
Additionaly it tests the -regtestonly option -acceptstalefeeestimates.
If -acceptstalefeeestimates option is passed stale fee estimates can now
be read when operating in regtest environments.
Additionally, this commit updates all declarations of the CBlockPolicyEstimator
class to include a the second constructor variable.
This is a refactor as long as no signed integer overflow appears. In
normal operation and absent bugs, signed integer overflow should never
happen in the touched code paths.
The main benefit of this refactor is to drop the file-wide ubsan
suppression unsigned-integer-overflow:txmempool.cpp.
For now, this only changes the internal private representation and the
publicly returned type remains uint64_t.
