Commit graph

283 commits

Author SHA1 Message Date
Wladimir J. van der Laan
487dcbe80c
Merge #13002: Do not treat bare multisig outputs as IsMine unless watched
7d0f80b Use anonymous namespace instead of static functions (Pieter Wuille)
b61fb71 Mention removal of bare multisig IsMine in release notes (Pieter Wuille)
9c2a8b8 Do not treat bare multisig as IsMine (Pieter Wuille)
08f3228 Optimization: only test for witness scripts at top level (Pieter Wuille)
3619735 Track difference between scriptPubKey and P2SH execution in IsMine (Pieter Wuille)
ac6ec62 Switch to a private version of SigVersion inside IsMine (Pieter Wuille)
19fc973 Do not expose SigVersion argument to IsMine (Pieter Wuille)
fb1dfbb Remove unused IsMine overload (Pieter Wuille)
952d821 Make CScript -> CScriptID conversion explicit (Pieter Wuille)

Pull request description:

  Currently our wallet code will treat bare multisig outputs (meaning scriptPubKeys with multiple public keys + `OP_CHECKMULTISIG` operator in it) as ours without the user asking for it, as long as all private keys in it are in our wallet.

  This is a pointless feature. As it only works when all private keys are in one place, it's useless compared to single key outputs (P2PK, P2PKH, P2WPKH, P2SH-P2WPKH), and worse in terms of space, cost, UTXO size, and ability to test (due to lack of address format for them).

  Furthermore, they are problematic in that producing a list of all `scriptPubKeys` we accept is not tractable (it involves all combinations of all public keys that are ours). In further wallet changes I'd like to move to a model where all scriptPubKeys that are treated as ours are explicit, rather than defined by whatever keys we have. The current behavior of the wallet is very hard to model in such a design, so I'd like to get rid of it.

  I think there are two options:
  * Remove it entirely (do not ever accept bare multisig outputs as ours, unless watched)
  * Only accept bare multisig outputs in situations where the P2SH version of that output would also be acceptable

  This PR implements the first option. The second option was explored in #12874.

Tree-SHA512: 917ed45b3cac864cee53e27f9a3e900390c576277fbd6751b1250becea04d692b3b426fa09065a3399931013bd579c4f3dbeeb29d51d19ed0c64da75d430ad9a
2018-04-26 20:10:12 +02:00
Pieter Wuille
b61fb71136 Mention removal of bare multisig IsMine in release notes 2018-04-19 21:05:14 -07:00
mryandao
7de1de7da4 Add new fee structure with all sub-fields denominated in BTC 2018-04-18 13:28:45 +10:00
Matt Corallo
9e50c337c7 Note new weight field in release-notes. 2018-04-13 15:18:26 -04:00
John Newbery
41ba061804 [docs] Add release notes for wallet 'label' API. 2018-04-10 19:27:28 -04:00
Russell Yanofsky
1e46d8ae89 Get rid of ambiguous OutputType::NONE value
Based on suggestion by Pieter Wuille <pieter.wuille@gmail.com> at
https://github.com/bitcoin/bitcoin/pull/12119#issuecomment-357982763

After #12119, the NONE output type was overloaded to refer to either an output
type that couldn't be parsed, or to an automatic change output mode.  This
change drops the NONE enum and uses a simple bool indicate parse failure, and a
new CHANGE_AUTO enum to refer the change output type.

This change is almost a pure refactoring except it makes RPCs reject empty
string ("") address types instead of treating them like they were unset. This
simplifies the parsing code a little bit and could prevent RPC usage mistakes.
It's noted in the release notes.
2018-04-05 12:19:35 -04:00
MarcoFalke
fafcad38c8
doc: Add testmempoolaccept to release-notes 2018-04-02 11:37:09 -04:00
John Newbery
bc6fdf2d15 Change all python files to use Python3 2018-03-26 16:49:33 -04:00
Wladimir J. van der Laan
ec7dbaa37c
Merge #12756: [config] Remove blockmaxsize option
4757c04 [config] Remove blockmaxsize option (John Newbery)

Pull request description:

  The blockmaxsize option was marked as deprecated in V0.15.1, and code
  was added to convert provided blockmaxsize into blockmaxweight. However,
  this code was incorrectly implemented, and blockmaxsize was silently
  ignored.

  No users have complained about blockmaxsize being ignored, so just
  remove it in V0.17.

  Fixes #12640

  cc @ajtowns

Tree-SHA512: 968d71d37bf175c5a02539ddec289a12586f886e1dfe64c1d9aa5e39db48d06d21665153824fac3b11503a55f0812d2f1115a2d726aafd37b76ed629ec0aa671
2018-03-26 15:30:27 +02:00
Gregory Sanders
6acb02d635 add release note for sendmany output shuffling 2018-03-23 08:56:58 -04:00
John Newbery
4757c04cb9 [config] Remove blockmaxsize option
The blockmaxsize option was marked as deprecated in V0.15.1, and code
was added to convert provided blockmaxsize into blockmaxweight. However,
this code was incorrectly implemented, and blockmaxsize was silently
ignored.

No users have complained about blockmaxsize being ignored, so just
remove it in V0.17.
2018-03-22 10:28:56 -04:00
Russell Yanofsky
045eeb8870 Rename account to label where appropriate
This change only updates strings and adds RPC aliases, but should simplify the
implementation of address labels in
https://github.com/bitcoin/bitcoin/pull/7729, by getting renaming out of the
way and letting it focus on semantics.

The difference between accounts and labels is that labels apply only to
addresses, while accounts apply to both addresses and transactions
(transactions have "from" and "to" accounts). The code associating accounts
with transactions is clumsy and unreliable so we would like get rid of it.
2018-03-19 12:05:35 -04:00
Wladimir J. van der Laan
702e8b70bd
Merge #11872: [rpc] createrawtransaction: Accept sorted outputs
fac70134a rpc: Update createrawtransaction examples (MarcoFalke)
fa06dfce0 [rpc] createrawtransaction: Accept sorted outputs (MarcoFalke)
8acd25d85 rpc: Allow typeAny in RPCTypeCheck (MarcoFalke)

Pull request description:

  The second parameter of the `createrawtransaction` is a dictionary of the outputs. This comes with at least two drawbacks:

  * In case of duplicate keys, either of them might silently disappear, with no user feedback at all. A user needs to make other mistakes, but this could eventually lead to abnormal tx fees.
  * A dictionary does not guarantee that keys are sorted. Again, a user needs to keep this in mind, as it could eventually lead to excessive tx fees.

  Even though my scenario of loss-of-funds is unlikely to happen, I see it as a inconvenience that should be fixed.

Tree-SHA512: cd562f34f7f9f79c7d3433805971325c388c2035611be283980f4049066a622df4f0afdc11d7ac96662260ec0115147cb65e1ab5268f5a1b063242f3fe425f77
2018-03-13 18:00:06 +01:00
practicalswift
a7324bd799 Format timestamps using ISO 8601 formatting (e.g. "2018-02-28T12:34:56Z")
* Z is the zone designator for the zero UTC offset.
* T is the delimiter used to separate date and time.

This makes it clear for the end-user that the date/time logged is
specified in UTC and not in the local time zone.
2018-03-09 15:02:01 +01:00
MarcoFalke
fa06dfce0f
[rpc] createrawtransaction: Accept sorted outputs 2018-03-07 12:58:14 -05:00
Russell Yanofsky
be8ab7d082 Create new wallet databases as directories rather than files
This change should make it easier for users to make complete backups of wallets
because they can now just back up the specified `-wallet=<path>` path directly,
instead of having to back up the specified path as well as the transaction log
directory (for incompletely flushed wallets).

Another advantage of this change is that if two wallets are located in the same
directory, they will now use their own BerkeleyDB environments instead using a
shared environment. Using a shared environment makes it difficult to manage and
back up wallets separately because transaction log files will contain a mix of
data from all wallets in the environment.
2018-03-03 10:26:55 -05:00
Russell Yanofsky
26c06f24e5 Allow wallet files not in -walletdir directory
Remove restriction that -wallet filenames can only refer to files in the
-walletdir directory.
2018-03-03 10:26:55 -05:00
Randolf Richardson
b22c289ae6 [docs] Minor improvements to Compatibility Notes
Progressed from Windows Vista to Windows 7 for OS testing statement.
2018-02-27 01:42:23 +00:00
MarcoFalke
fa5f51830d
rpc: Reject deprecated reserveChangeKey in fundrawtransaction 2018-02-10 22:11:31 -05:00
Wladimir J. van der Laan
4602dc704a
build: Bump version to 0.16.99
Also clean out release notes.

Tree-SHA512: c4d5b52c089e14438be37381e1b0dab3711cc72aa8d345d1024169fff0055f3d021c8ca9d46fb794110694ebcbf7cbca0a12619f650873c9d381530adea7100e
2018-01-30 14:08:53 +01:00
Russell Yanofsky
ec527c6c88 Don't allow relative -walletdir paths
Also warn if bitcoind is configured to use a relative -datadir path.

Specifying paths relative to the current working directory in a daemon process
can be dangerous, because files can fail to be located even if the
configuration doesn't change, but the daemon is started up differently.

Specifying a relative -datadir now adds a warning to the debug log. It would
not be backwards-compatible to forbid relative -datadir paths entirely, and it
could also be also inconvenient for command line testing.

Specifying a relative -walletdir now results in a startup error. But since the
-walletdir option is new in 0.16.0, there should be no compatibility issues.
Another reason not to use working directory paths for -walletdir specifically
is that the default -walletdir is a "wallets" subdirectory inside the datadir,
so it could be surprising that setting -walletdir manually would choose a
directory rooted in a completely different location.
2018-01-18 15:09:27 -05:00
Wladimir J. van der Laan
e839d6570d
Merge #12166: [docs] Clarify -walletdir usage
97c3cad [docs] Clarify -walletdir usage (John Newbery)

Pull request description:

  After discussion with @ryanofsky around #11687 , I think this documentation is a bit clearer for how the new `-walletdir` argument works.

Tree-SHA512: f279cab82524dbc0d75e6f9891f0e228ec4c8d0df3e16f351057fa243ddd263ff786f05383fd00a09b89edcc07dab211be5b64387f77271edf8af0177bcf667d
2018-01-18 21:09:27 +01:00
Wladimir J. van der Laan
cdf3e03a72 wallet: Deprecate addwitnessaddress
Now that segwit is natively supported by the wallet, deprecate the hack `addwitnessaddress`.
2018-01-18 10:24:18 +01:00
John Newbery
97c3cada92 [docs] Clarify -walletdir usage 2018-01-15 10:26:15 -05:00
Wladimir J. van der Laan
f19ca129ff
Merge #11605: [Wallet] Enable RBF by default in QT
5cbbbd7 [Wallet] Use RBF by default in QT only (Sjors Provoost)

Pull request description:

  ~If there are no objections, this would supersede #11556.~

  Enabling RBF by default avoids the need to explain all possible use cases of RBF.

  This PR does not change the default RPC wallet behavior, as this could break implementations that depend on it and it's not clear what happens when automated services suddenly switch on RBF on a large scale.

  After trying various approaches, we settled on just having QT ignore `-walletrbf`.

  Send screen:
  <img width="388" alt="send" src="https://user-images.githubusercontent.com/10217/34251097-329c8dee-e63f-11e7-9e14-d7f55d2b52cc.png">

  Confirmation screen by default (with RBF):
  <img width="429" alt="rbf yes" src="https://user-images.githubusercontent.com/10217/32442799-f50d54aa-c2fc-11e7-9392-96339d0f1f74.png">

  Confirmation screen without RBF:
  <img width="431" alt="rf no" src="https://user-images.githubusercontent.com/10217/32442793-ef30bc34-c2fc-11e7-8ca2-e86a97175278.png">

Tree-SHA512: 53efb5d277144478143e69dcae8112c1b9c2beb981fdd0fe778592e5f7d5bf838f73d48052ead874586a75b944e8af469b25e5f376c135cf48cc3598e77f5891
2017-12-22 13:15:31 +01:00
Sjors Provoost
5cbbbd7143
[Wallet] Use RBF by default in QT only
GUI wallet uses RBF by default, regardless of -walletrbf.

RPC and debug console in the GUI remain unchanged; they don't
use RBF by default, unless launched with -walletrbf=1.
2017-12-22 09:18:05 +01:00
Wladimir J. van der Laan
711d16ca4a
Merge #11667: Add scripts to dumpwallet RPC
656fde5 Add script birthtime metadata to dump and import wallet (MeshCollider)
1bab9b2 Add script dump note to RPC help text and release notes (MeshCollider)
68c1e00 Add test for importwallet (MeshCollider)
9e1184d Add dumpwallet scripts test (MeshCollider)
ef0c730 Add scripts to importwallet RPC (MeshCollider)
b702ae8 Add CScripts to dumpwallet RPC (MeshCollider)
cdc260a Add GetCScripts to CBasicKeyStore (MeshCollider)

Pull request description:

  As discussed in https://github.com/bitcoin/bitcoin/pull/11289#issuecomment-334600457, adds the CScripts from the wallet to the `dumpwallet` RPC and then allows them to be imported with the `importwallet` RPC. Includes a basic test, and modifies the helptext of the dumpwallet RPC.

  Notes:
  - Reviewers: use `?w=1` to avoid the indentation-only change in commit `Add scripts to importwallet RPC `
  - currently the scripts are followed with `# addr=` comments just as the other keys are, unsure if this might confuse users into thinking all the scripts are for valid P2SH addresses though, but I don't think that should be an issue.
  - there are no birthtimes for scripts, so script imports don't affect rescans
  - `importwallet` imports the CScripts but I'm not sure how to approach specifying whether scripts are for P2SH addresses, BIP173 addresses, etc. whether that matters or not. Otherwise the RPC helptext might just need modification.

  Fixes #11715

Tree-SHA512: 36c55837b3a58b9d3499d4c0c2ae82153d62aa71919e751574651b63a1d2b8ecc83796db4553cc65dad9b5341c3a42ae2fcf4d62598c30af267f8e1461ba8272
2017-12-21 13:03:26 +01:00
MarcoFalke
604e08c83c
Merge #11726: Cleanups + nit fixes for walletdir PR
aac6b3f067 Update files.md for new wallets/ subdirectory (MeshCollider)
b67342906c Cleanups for walletdir PR (MeshCollider)

Pull request description:

  This addresses the remaining nits from https://github.com/bitcoin/bitcoin/pull/11466

  - Updates `doc/files.md` with respect to the new default wallet directory
  - Fixes @promag and @laanwj's error message nit, and Jonas' release notes nit
  - ~Addresses @laanwj's net-specific wallet subdirectory concern in the case that a walletdir is specified~
  - Changes the #includes from "" to <> style after #11651

Tree-SHA512: b86bf5fdc4de54c1b0f65b60a83af3cf82b35d216ce9c0de724803bfba6934796238b6c412659dcc29ae2e3e856d4eb97ae777c80f36f4089d8acecfddefe9aa
2017-12-20 17:37:57 -05:00
MeshCollider
1bab9b23af Add script dump note to RPC help text and release notes 2017-12-20 18:47:56 +13:00
MeshCollider
b67342906c Cleanups for walletdir PR 2017-12-13 23:36:43 +13:00
Henrik Jonsson
3121d76ba1 doc: Update release notes for share/rpcauth/rpcauth.py rename 2017-12-06 18:53:12 +00:00
Wladimir J. van der Laan
4158734946 doc: Update release notes for -debuglogfile 2017-12-01 11:28:23 +01:00
fanquake
fae98f66fe
[Docs] Bump minimum required version of GCC to 4.8 2017-11-23 08:02:06 +08:00
MeshCollider
d9878890e4 Add release notes for -walletdir and wallets/ dir 2017-11-18 00:50:58 +13:00
MarcoFalke
fa0c7c7f86 doc: Add getreceivedbyaddress release notes
Also, remove release note snippets of previous versions.
2017-11-11 12:55:45 -05:00
Russell Yanofsky
659b2061c4 Make listsinceblock refuse unknown block hash
Change suggested by Cory Fields <cory-nospam-@coryfields.com> who noticed
listsinceblock would ignore invalid block hashes causing it to return a
completely unfiltered list of transactions.
2017-10-26 07:10:59 -04:00
Wladimir J. van der Laan
0cd9273fd9 rpc: Prevent dumpwallet from overwriting files
Prevent arbitrary files from being overwritten. There have been reports
that users have overwritten wallet files this way. It may also avoid
other security issues.

Fixes #9934. Adds mention to release notes and adds a test.
2017-09-26 16:12:47 +02:00
MarcoFalke
fa65dcdda0 doc: Update release notes for 0.16.0 2017-09-12 09:56:13 +02:00
Matt Corallo
6f703e9bf1 Add release notes describing blockmaxweight deprecation 2017-09-11 15:51:26 -04:00
Wladimir J. van der Laan
f6283b4719
build: bump version to 0.15.99
Now that 0.15 branch has been split off, master is 0.15.99 (pre-0.16).

Also clean out release notes.

Tree-SHA512: 160f712fae7bfc51e49e36a27ab01f5c243b79a19a70312df95f9bc5cb8067c70aa88911f741fd1625bee549a70655eaea24d98f6049d98c3c14ee1b3143f4cb
2017-08-14 17:28:30 +02:00
Wladimir J. van der Laan
1227be30ec
doc: Update release notes from wiki
Update release notes from wiki, and fill in authors list from git.

Additional credits:

- Awemany (for #10854)
- Gregory Maxwell (release notes writing)
- John Newbery (release notes writing)
- Kibbled Jive Elk Zoo (for https://github.com/bitcoin/bitcoin/pull/10177#issuecomment-309244097)
- Luke Dashjr (release notes writing)
- Marco Falke (release notes writing)
- Pieter Wuille (release notes writing)
- Rusty Russell (release notes writing)
- tintinweb (for early-announcing miniupnp CVE-2017-8798, forgot this for 0.14.2)

Tree-SHA512: 8024eb761fcac4bb7f16ba3a9db376508f1f1bcf8a89cfb5e2928ad384675d3e912cada6ffef7d5aac181a965ebb8b823f6a63d9e976c1be753ec8eb9a8b9ef5
2017-08-14 16:50:29 +02:00
Pieter Wuille
8b22af3ee5 Replace bytes_serialized with bogosize 2017-06-05 12:43:45 -07:00
Pieter Wuille
d342424301 Remove/ignore tx version in utxo and undo
This makes the following changes:
* In undo data and the chainstate database, the transaction nVersion
  field is removed from the data structures, always written as 0, and
  ignored when reading.
* The definition of hash_serialized in gettxoutsetinfo is changed to no
  longer incude the nVersion field. It is renamed to hash_serialized_2
  to avoid confusion. The new definition also includes transaction
  height and coinbase information, as this information was missing
  before.

This depends on having a CHashVerifier-based undo data checksum
verifier.

Apart from changing the definition of serialized_hash, downgrading
after using this patch is supported, as no release ever used the value
of nVersion field in UTXO entries.
2017-05-26 13:27:50 -07:00
John Newbery
adaa281da1 Update release notes to include RPC error code changes. 2017-03-08 14:23:16 -05:00
Wladimir J. van der Laan
f87e8f5392
build: bump version to 0.14.99
Now that 0.14 branch has been split off, master is 0.14.99 (pre-0.15).

Also clean out release notes.
2017-02-17 17:27:18 +01:00
Jonas Schnelli
c9f3062d55
Add fundrawtransactions new reserveChangeKey option to the release notes 2017-01-19 20:45:34 +01:00
Pieter Wuille
812714fd80
Merge #9484: Introduce assumevalid setting to skip validation presumed valid scripts.
7b5e3fe Add assumevalid testcase (John Newbery)
e440ac7 Introduce assumevalid setting to skip presumed valid scripts. (Gregory Maxwell)
2017-01-16 14:07:30 -08:00
MarcoFalke
4105cb6fd9
Merge #9550: Trim down the XP notice and say more about what we support.
7094bf7 Trim down the XP notice and say more about what we support. (Gregory Maxwell)
2017-01-15 05:59:09 +01:00
Gregory Maxwell
7094bf7970 Trim down the XP notice and say more about what we support.
The big notice at the top of the release note is not interesting
 to most users now and apparently comes across poorly to some.

Better to provide more information about what we do support.
2017-01-15 04:55:46 +00:00
Gregory Maxwell
e440ac7ef3 Introduce assumevalid setting to skip presumed valid scripts.
This disentangles the script validation skipping from checkpoints.

A new option is introduced "assumevalid" which specifies a block whos
 ancestors we assume all have valid scriptsigs and so we do not check
 them when they are also burried under the best header by two weeks
 worth of work.

Unlike checkpoints this has no influence on consensus unless you set
 it to a block with an invalid history.  Because of this it can be
 easily be updated without risk of influencing the network consensus.

This results in a massive IBD speedup.

This approach was independently recommended by Peter Todd and Luke-Jr
 since POW based signature skipping (see PR#9180) does not have the
 verifiable properties of a specific hash and may create bad incentives.

The downside is that, like checkpoints, the defaults bitrot and older
 releases will sync slower.  On the plus side users can provide their
 own value here, and if they set it to something crazy all that will
 happen is more time will be spend validating signatures.

Checkblocks and checklevel are also moved to the hidden debug options:
 Especially now that checkblocks has a low default there is little need
 to change these settings, and users frequently misunderstand them as
 influencing security or IBD speed.  By hiding them we offset the
 space added by this new option.
2017-01-13 15:42:24 +00:00