Commit graph

31 commits

Author SHA1 Message Date
Sjors Provoost
4357158c47
wallet: return and display signer error
Both RPC and GUI now render a useful error message instead of (silently) failing.

Replace bool with util::Result<void> to clarify that this either succeeds or returns an error message.
2024-04-16 17:47:43 +02:00
Sjors Provoost
dc55531087
wallet: compare address returned by displayaddress
Update external signer documentation to reflect this requirement, which HWI already implements.
2024-04-16 17:47:43 +02:00
ismaelsadeeq
4614332fc4
test: remove unnecessary finalizepsbt rpc calls 2023-09-06 11:52:19 -04:00
Hennadii Stepanov
6a7686b446
scripted-diff: Specify Python major version explicitly on Windows
Using `py.exe` launcher might by fragile depending on how Python was
installed. Specifying the Python version explicitly fixes test errors
like this:
```
RunCommandParseJSON error: process(py C:\Users\hebasto\bitcoin\test\functional\mocks\signer.py enumerate) returned 9009: Python was not found...
```

-BEGIN VERIFY SCRIPT-
sed -i 's|"py "|"py -3 "|g' $(git grep -l '"py "' -- test/functional)
-END VERIFY SCRIPT-
2023-08-03 14:57:45 +01:00
fanquake
32e2ffc393
Remove the syscall sandbox
After initially being merged in #20487, it's no-longer clear that an
internal syscall sandboxing mechanism is something that Bitcoin Core
should have/maintain, especially when compared to better
maintained/supported alterantives, i.e firejail.

Note that given where it's used, the sandbox also gets dragged into the
kernel.

There is some related discussion in #24771.

This should not require any sort of deprecation, as this was only ever
an opt-in, experimental feature.

Closes #24771.
2023-06-16 10:38:19 +01:00
Andrew Chow
34ac3f438a
Merge bitcoin/bitcoin#26485: RPC: Accept options as named-only parameters
2cd28e9fef rpc: Add check for unintended option/parameter name clashes (Ryan Ofsky)
95d7de0964 test: Update python tests to use named parameters instead of options objects (Ryan Ofsky)
96233146dd RPC: Allow RPC methods accepting options to take named parameters (Ryan Ofsky)
702b56d2a8 RPC: Add add OBJ_NAMED_PARAMS type (Ryan Ofsky)

Pull request description:

  Allow RPC methods which take an `options` parameter (`importmulti`, `listunspent`, `fundrawtransaction`, `bumpfee`, `send`, `sendall`, `walletcreatefundedpsbt`, `simulaterawtransaction`), to accept the options as named parameters, without the need for nested JSON objects.

  This makes it possible to make calls like:

  ```sh
  src/bitcoin-cli -named bumpfee txid fee_rate=10
  ```

  instead of

  ```sh
  src/bitcoin-cli -named bumpfee txid options='{"fee_rate": 10}'
  ```

  RPC help is also updated to show options as top level named arguments instead of as nested objects.

  <details><summary>diff</summary>
  <p>

  ```diff
  @@ -15,16 +15,17 @@

   Arguments:
   1. txid                           (string, required) The txid to be bumped
  -2. options                        (json object, optional)
  +2. options                        (json object, optional) Options object that can be used to pass named arguments, listed below.
  +
  +Named Arguments:
  -     {
  -       "conf_target": n,          (numeric, optional, default=wallet -txconfirmtarget) Confirmation target in blocks
  +conf_target                       (numeric, optional, default=wallet -txconfirmtarget) Confirmation target in blocks

  -       "fee_rate": amount,        (numeric or string, optional, default=not set, fall back to wallet fee estimation)
  +fee_rate                          (numeric or string, optional, default=not set, fall back to wallet fee estimation)
                                     Specify a fee rate in sat/vB instead of relying on the built-in fee estimator.
                                     Must be at least 1.000 sat/vB higher than the current transaction fee rate.
                                     WARNING: before version 0.21, fee_rate was in BTC/kvB. As of 0.21, fee_rate is in sat/vB.

  -       "replaceable": bool,       (boolean, optional, default=true) Whether the new transaction should still be
  +replaceable                       (boolean, optional, default=true) Whether the new transaction should still be
                                     marked bip-125 replaceable. If true, the sequence numbers in the transaction will
                                     be left unchanged from the original. If false, any input sequence numbers in the
                                     original transaction that were less than 0xfffffffe will be increased to 0xfffffffe
  @@ -32,11 +33,10 @@
                                     still be replaceable in practice, for example if it has unconfirmed ancestors which
                                     are replaceable).

  -       "estimate_mode": "str",    (string, optional, default="unset") The fee estimate mode, must be one of (case insensitive):
  +estimate_mode                     (string, optional, default="unset") The fee estimate mode, must be one of (case insensitive):
                                     "unset"
                                     "economical"
                                     "conservative"
  -     }

   Result:
   {                    (json object)
  ```

  </p>
  </details>

  **Review suggestion:** To understand this PR, it is probably easiest to review the commits in reverse order because the last commit shows the external API changes, the middle commit shows the internal API changes, and the first commit contains the low-level implementation.

ACKs for top commit:
  achow101:
    ACK 2cd28e9fef

Tree-SHA512: 50f6e78fa622826dab3f810400d8c1a03a98a090b1f2fea79729c58ad8cff955554bd44c2a5975f62a526b900dda68981862fd7d7d05c17f94f5b5d847317436
2023-06-01 15:30:31 -04:00
Ryan Ofsky
95d7de0964 test: Update python tests to use named parameters instead of options objects 2023-05-03 11:27:51 -05:00
Sjors Provoost
bd13dc2f46
Switch hardened derivation marker to h in descriptors
This makes it easier to handle descriptor strings manually. E.g. an RPC call that takes an array of descriptors can now use '["desc": ".../0h/..."]'.

Both markers can still be parsed. The default for new descriptors is changed to h. In normalized form h is also used. For private keys the chosen marker is preserved in a round trip.

The hdkeypath field in getaddressinfo is also impacted by this change.
2023-04-04 18:33:08 +02:00
Jon Atack
459cb637ac script, test: fix python linter E275 errors with flake8 5.0.4 2023-01-03 10:59:56 -08:00
Hennadii Stepanov
306ccd4927
scripted-diff: Bump copyright headers
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-

Commits of previous years:
- 2021: f47dda2c58
- 2020: fa0074e2d8
- 2019: aaaaad6ac9
2022-12-24 23:49:50 +00:00
Andrew Chow
cbcad79eef
Merge bitcoin/bitcoin#21576: rpc, gui: bumpfee signer support
2c07cfacd1 gui: bumpfee signer support (Sjors Provoost)
7e02a33297 rpc: bumpfee signer support (Sjors Provoost)
304ece9945 rpc: document bools in FillPSBT() calls (Sjors Provoost)

Pull request description:

  The `bumpfee` RPC call and GUI fee bump interface now work with an external signer.

ACKs for top commit:
  achow101:
    ACK 2c07cfacd1
  furszy:
    code review ACK 2c07cfac
  jarolrod:
    tACK 2c07cfa

Tree-SHA512: 0c7b931f76fac67c9e33b9b935f29af6f69ac67a5ffcc586ed2f1676feac427735b1d971723b29ef332bb6fb5762949598ebbf728587e8f0ded95a9bfbb3e7a4
2022-12-20 15:30:17 -05:00
MacroFake
555519d082
test: Remove wallet option from non-wallet tests
Review note: The changes are complete, because self.options.descriptors
is set to None in parse_args (test_framework.py).

A value of None implies -disablewallet, see the previous commit.

So if a call to add_wallet_options is missing, it will lead to a test
failure when the wallet is compiled in.
2022-11-10 17:19:13 +01:00
fanquake
28cf756971
Merge bitcoin/bitcoin#23578: Add external signer taproot support
796b020c37 wallet: add taproot support to external signer (Sjors Provoost)

Pull request description:

  Builds on #22558 (merged on 2022-06-28).

  [HWI 2.1.0](https://github.com/bitcoin-core/HWI/releases/tag/2.1.0) or newer is required to import and use taproot descriptors. Older versions will work, but won't import a taproot descriptor.

  Tested with HWI 2.1.1:
  * Trezor T (firmware v2.5.1) on Signet: signs, change detection works
  * Ledger Nano S (firmware 2.1.0, Bitcoin app 2.0.6): signs, change detection works

  Only the most basic `tr(key)` descriptor is supported, script path spending is completely untested (if it works at all).

ACKs for top commit:
  jb55:
    utACK 796b020c37
  achow101:
    ACK 796b020c37

Tree-SHA512: 6dcb7eeb45421a3bbf2bdabeacd29979867db69077d7bf192bb77faa4bfefe446487b8df07bc40f9457009a88e598bdc09f769e6106fed2833ace7ef205a157a
2022-10-26 11:10:23 +08:00
Sjors Provoost
796b020c37
wallet: add taproot support to external signer 2022-06-28 17:15:25 +02:00
amadeuszpawlik
292b1a3e9c GetExternalSigner(): fail if multiple signers are found
If there are multiple external signers, `GetExternalSigner()` will
just pick the first one in the list. If the user has two or more
hardware wallets connected at the same time, he might not notice this.

This PR adds a check and fails with suitable message.
2022-06-09 20:34:46 +02:00
Sjors Provoost
7e02a33297
rpc: bumpfee signer support 2022-04-25 18:13:23 +02:00
Murch
49090ec402
Add sendall RPC née sweep
_Motivation_
Currently, the wallet uses a fSubtractFeeAmount (SFFO) flag on the
recipients objects for all forms of sending calls. According to the
commit discussion, this flag was chiefly introduced to permit sweeping
without manually calculating the fees of transactions. However, the flag
leads to unintuitive behavior and makes it more complicated to test
many wallet RPCs exhaustively. We proposed to introduce a dedicated
`sendall` RPC with the intention to cover this functionality.

Since the proposal, it was discovered in further discussion that our
proposed `sendall` rpc and SFFO have subtly different scopes of
operation.
• sendall:
  Use _specific UTXOs_ to pay a destination the remainder after fees.
• SFFO:
  Use a _specific budget_ to pay an address the remainder after fees.

While `sendall` will simplify cases of spending from specific UTXOs,
emptying a wallet, or burning dust, we realized that there are some
cases in which SFFO is used to pay other parties from a limited budget,
which can often lead to the creation of change outputs. This cannot be
easily replicated using `sendall` as it would require manual computation
of the appropriate change amount.

As such, sendall cannot replace all uses of SFFO, but it still has a
different use case and will aid in simplifying some wallet calls and
numerous wallet tests.

_Sendall call details_
The proposed sendall call builds a transaction from a specific subset of
the wallet's UTXO pool (by default all of them) and assigns the funds to
one or more receivers. Receivers can either be specified with a specific
amount or receive an equal share of the remaining unassigned funds. At
least one recipient must be provided without assigned amount to collect
the remainder. The `sendall` call will never create change. The call has
a `send_max` option that changes the default behavior of spending all
UTXOs ("no UTXO left behind"), to maximizing the output amount of the
transaction by skipping uneconomic UTXOs. The `send_max` option is
incompatible with providing a specific set of inputs.
2022-03-29 16:37:47 -04:00
Kristaps Kaupe
b75f4c89ec
RPC: Return external_signer in getwalletinfo 2022-02-10 03:23:47 +02:00
sstone
5493e92501 Check descriptors returned by external signers
Check that descriptors returned by external signers have been parsed properly when creating a new wallet.
2021-12-09 11:17:04 +01:00
MarcoFalke
fac23c2114
scripted-diff: Bump copyright headers
The previous diff touched most files in ./test/, so bump the headers to
avoid having to touch them again for a bump later.

-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./test/
-END VERIFY SCRIPT-
2021-11-10 11:10:24 +01:00
MarcoFalke
fa974f1f14
scripted-diff: Remove redundant sync_all and sync_blocks
The sync calls are redundant after a call to generate, because generate
already syncs itself.

-BEGIN VERIFY SCRIPT-
perl -0777 -pi -e 's/(generate[^\n]*\)[^\n]*)(\n|\s)+self.sync_(all|blocks)\([^\)]*\)\n/\1\n/g' $(git grep -l generate ./test)
-END VERIFY SCRIPT-
2021-11-10 11:10:15 +01:00
practicalswift
4747da3a5b Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
MarcoFalke
fa0b916971
scripted-diff: Use generate* from TestFramework
-BEGIN VERIFY SCRIPT-
 sed --regexp-extended -i \
     's/((self\.)?(nodes\[[^]]+\]|[a-z_]*(wallet|node)[0-9a-z_]*))\.(generate(|toaddress|block|todescriptor)(\(|, ))/self.\5\1, /g' \
     $(git grep -l generate ./test | grep -v 'test_framework/' | grep -v 'feature_rbf')
-END VERIFY SCRIPT-
2021-09-02 10:34:35 +02:00
Sjors Provoost
b54b2e7b1a
Move external signer out of wallet module
This commit moves the ExternalSigner class and RPC methods out of the wallet module.

The enumeratesigners RPC can be used without a wallet since #21417.
With additional modifications external signers could be used without a wallet in general, e.g. via signrawtransaction.

The signerdisplayaddress RPC is ranamed to walletdisplayaddress because it requires wallet context.
A future displayaddress RPC call without wallet context could take a descriptor argument.

This commit fixes a rpc_help.py failure when configured with --disable-wallet.
2021-04-08 17:56:00 +02:00
Sjors Provoost
d4b0107d68
rpc: send: support external signer 2021-02-23 14:34:32 +01:00
Sjors Provoost
245b4457cf
rpc: signerdisplayaddress 2021-02-23 14:34:31 +01:00
Sjors Provoost
7ebc7c0215
wallet: ExternalSigner: add GetDescriptors method 2021-02-23 14:34:31 +01:00
Sjors Provoost
259f52cc33
test: external_signer wallet flag is immutable 2021-02-23 14:34:31 +01:00
Sjors Provoost
2655197e1c
rpc: add external_signer option to createwallet 2021-02-23 14:34:31 +01:00
Sjors Provoost
2700f09c41
rpc: signer: add enumeratesigners to list external signers 2021-02-23 14:34:31 +01:00
Sjors Provoost
f3e6ce78fb
test: add external signer test
Includes a mock to mimick the HWI interace.
2021-02-23 14:34:30 +01:00