fa4baf0756 fuzz: Rework ConsumeScript (MarcoFalke)
Pull request description:
This should make it easier for the fuzz engine to explore multisig code
paths. See discussion in https://github.com/bitcoin/bitcoin/issues/23105
The downside is that all fuzz inputs that use ConsumeScript are now
invalidated and need to be re-generated.
Another downside may be that most multisig scripts from ConsumeScript are
using likely not fully valid pubkeys.
ACKs for top commit:
jamesob:
ACK fa4baf0756
Tree-SHA512: 15814afdee76b05ff7a71c0f07bbd1b3cff30d709d5c1e68fd230c5f5d16e673e42709a4fab84d4a896bc27f972f917fe7c1d1b32c2bf4209658b18da97e478b
a032fa30d2 multiprocess: add interfaces::ExternalSigner class (Russell Yanofsky)
Pull request description:
Add `interfaces::ExternalSigner` class to let signer objects be passed between processes and let signer code run in the original process where the object was created.
---
This PR is part of the [process separation project](https://github.com/bitcoin/bitcoin/projects/10).
ACKs for top commit:
laanwj:
Concept and code review ACK a032fa30d2
hebasto:
re-ACK a032fa30d2
Tree-SHA512: 99a729fb3a64d010e142cc778a9f1f358e58345b77faaf2664de7d2277715d59df3352326e8f0f2a6628038670eaa4556310a549079fb28af6d2eeb05aea1460
214d9055ac fuzz: replace every fuzzer-controlled loop with a LIMITED_WHILE loop (Andrew Poelstra)
Pull request description:
Limits the number of iterations to 1000 rather than letting the fuzzer do millions or billions of iterations on a single core.
ACKs for top commit:
MarcoFalke:
cr ACK 214d9055ac
Tree-SHA512: 9741c32ccd126ea656e5c93371b7136eaa2f92dc9a490dd4d39642503b1a41174f3368245153e508c3b608fe37ab89800b67ada97b740e3b5a3728bb506429d3
4fe7cf1677 build: Drop unneeded dependencies for bitcoin-wallet tool (Hennadii Stepanov)
Pull request description:
`bitcoin-wallet` is an offline tool, and its code does not depend on networking stuff (ZMQ, UPnP, NAT-PMP, and LIBBITCOIN_SERVER).
Also `bitcoin-wallet` does not interacts with the chainstate, therefore dependency on LevelDB is not needed.
ACKs for top commit:
laanwj:
Code review ACK 4fe7cf1677
Tree-SHA512: 97342d9cdf8670806efe16dc7885a85ec92f3c1ae0819a4c3cc147938fc8642089e303c4432cb1395fc75b852c1af6a6a13fc58e29e027c23f75219fd3bd8cb4
Current CWalletTx state representation makes it possible to set
inconsistent states that won't be handled correctly by wallet sync code
or serialized & deserialized back into the same form.
For example, it is possible to call setConflicted without setting a
conflicting block hash, or setConfirmed with no transaction index. And
it's possible update individual m_confirm and fInMempool data fields
without setting an overall consistent state that can be serialized and
handled correctly.
Fix this without changing behavior by using std::variant, instead of an
enum and collection of fields, to represent sync state, so state
tracking code is safer and more legible.
This is a first step to fixing state tracking bugs
https://github.com/bitcoin-core/bitcoin-devwiki/wiki/Wallet-Transaction-Conflict-Tracking,
by adding an extra margin of safety that can prevent new bugs from being
introduced as existing bugs are fixed.
410f99faed build_msvc/bitcoin_config.h is generated using build_msvc/msvc-autogen.py (CallMeMisterOwl)
Pull request description:
Added a function that parses version information from `configure.ac` into `build_msvc/bitcoin_config.h`. This is done by default in `msvc-autogen.py`, so manual changing of `build_msvc/bitcoin_config.h` is no longer required.
In addition to that I updated the Release Process doc.
Following values are updated:
-**CLIENT_VERSION_BUILD**
-**CLIENT_VERSION_IS_RELEASE**
-**CLIENT_VERSION_MAJOR**
-**CLIENT_VERSION_MINOR**
-**COPYRIGHT_YEAR**
-**PACKAGE_STRING**
-**PACKAGE_VERSION**
fixes#23073
ACKs for top commit:
laanwj:
Code review and lightly tested ACK 410f99faed
Tree-SHA512: 6b324ec8680b70c405c46a0fcd61836d1b57bb3eaef2cc36bb1e9856890f0423c201a8fdddc95ca0fb5b3dade71ff6d4d14351c606b3351eef2faa0c70bca38a
fadc4c7272 test: Add txindex migration test (MarcoFalke)
Pull request description:
Test for #22626
ACKs for top commit:
theStack:
Tested ACK fadc4c7272🌁
Tree-SHA512: fc7133ef52826bf0d4fa2ac72c3f1bed4a185ff7492396552ff2cbf6531b053238039211a710cbb949379c56875cd7715f1ed49a514dd3b3f1b46554e3d4bef5
a9872e1478 test: remove unnecessary block rehashing prior to solving (Sebastian Falbesoner)
Pull request description:
Solving a block involves continously rehashing it,
c9dd5c8d6e/test/functional/test_framework/messages.py (L759-L764)
i.e. any extra `rehash` calls before are not necessary and can be dropped.
The instances were identified by searching for all block solving calls via `git grep "solve("` in `./test/functional/`. From 95 instances of `CBlock.solve()` calls, 20 contained an unnecessary rehashing instruction before that are removed in this PR.
ACKs for top commit:
brunoerg:
tACK a9872e1478
rajarshimaitra:
tACK a9872e1478
Tree-SHA512: 160092be717d0d250778b8ab091ebd77cc6865d2754ef150cf3b4d4ac7304d4bf3d2ebb61ec6b04a55040c8895b9fb4d28653ea4b099d56d90776c9111cf173f
0bc1ce0745 Fix Arch linux dead link (0xree)
Pull request description:
- Fixed dead link referencing an invalid link
ACKs for top commit:
benthecarman:
ACK 0bc1ce0745
Tree-SHA512: 330dd2f327458b10afb1ea920bf8fef459b8b2ad45cde4a0a754995fe0684e7f1e6dc8043b41c78cd83ff3b59745597873bdcd84f4b9255932f7425c0dd6a93a
365f35481d script: Add commits signed with sipas expired key to allow-revsig-commits (nthumann)
Pull request description:
Fixes https://github.com/bitcoin/bitcoin/issues/22737.
While investigating the issue above, I noticed that there are 141 commits that are signed with sipas expired key.
To allow `./contrib/verify-commits/verify-commits.py` to succeed, this PR adds them to `allow-revsig-commits`.
Feel free to confirm that they're indeed signed with an expired key using e.g. `git show --show-signature d8cd7b137fb075616f31d2b43b85fa2e27ea7477` :)
ACKs for top commit:
laanwj:
Code review ACK 365f35481d
Tree-SHA512: 860e372c5314714c6c205cd234ebec89756c9ade43a2ed65ed25575ae0a0d4d8dd7cf43692a5b267abe742f87e5cba0a3f1fb76a5fed7b1615ea2859902dfcdf
faeb748f5b Use c++17 in clang-format (MarcoFalke)
Pull request description:
We currently use `Cpp11`, which "is a deprecated alias for `Latest`" according to https://clang.llvm.org/docs/ClangFormatStyleOptions.html . I doubt this has any effect, but I think for clarity setting to `c++17` make sense.
Also, remove unneeded settings:
* `ObjC*`, as we don't write objc code
* `Penalty`, as there is currently no line limit, so this has no effect
* `TabWidth`, as we don't use tabs
ACKs for top commit:
fanquake:
ACK faeb748f5b - we do have some Objc code, but it never changes.
Tree-SHA512: 50215849b3992e5841b45b281e68d4c58184a365cbaeec0d7adad844ad21672ae1b6247262047e2d7427835ef98fa9d9f83335696448c77303dde9ab0a121639
The `create_block` helper accepts a list of txs that it includes in the
created block, hence we don't have to do that manually. Also, rehashing
before solving the block is not needed and can be removed.
The function `trueDummy` in feature_nulldummy.py is currently more
complicated than it needs to be. Rather than converting the scriptSig to
a CScript and looping through it to build a new scriptSig with the
modified push, simply directly replace the push of null (OP_0) with a
push of one (OP_TRUE/OP_1).
Note that on master, actually an element with the value of 0x51 is
pushed (0x0151...) -- this was very likely not intended, as 0x51 is the
script op-code for OP_TRUE, and also the function's name suggests that
the "true" value shall be pushed.
This fixes a null pointer crash in the bitcoin-gui PSBT dialog. The
bitcoin-gui interfaces::Node object has a null NodeContext pointer, and
can't broadcast transactions directly. It needs to broadcast
transactions through the bitcoin-node process instead.
Blindly chose a cap of 10000 iterations for every loop, except for
the two in script_ops.cpp and scriptnum_ops.cpp which appeared to
(sometimes) be deserializing individual bytes; capped those to one
million to ensure that sometimes we try working with massive scripts.
There was also one fuzzer-controlled loop in timedata.cpp which was
already capped, so I left that alone.
git grep 'while (fuzz' should now run clean except for timedata.cpp
This does the following:
* Adds a rfc6979 argument to test_framework/key.py's sign_ecdsa to
select (deterministic) RFC6979-based nonce generation.
* Add a flag in feature_taproot.py's framework called "deterministic".
* Make the Schnorr signing in feature_taproot.py randomized by default,
reverting to the old deterministic (aux_rnd=0x0000...00) behavior
if the deterministic context flag is set.
* Make the ECDSA signing in feature_taproot.py use RFC6979-based nonces
when the deterministic context flag is set (keeping the old randomized
behavior otherwise).
libsecp256k1's secp256k1_schnorrsig_sign only follows BIP340 exactly
if an aux_rand32 argument is passed. When no randomness is used
(as is the case in the current codebase here), there is no impact
on security between not providing aux_rand32 at all, or providing
an empty one. Yet, for repeatability/testability it is simpler
to always use an all-zero one.
0000edaba3 style: Use 4 spaces for indentation, not 5 (MarcoFalke)
fab9264be5 test: Remove unused CDataStream copy (MarcoFalke)
Pull request description:
Fix two issues:
* Remove unneeded code, which makes test harder to read and write
* Fix wrong indentation, which breaks some editors
ACKs for top commit:
jnewbery:
Code review ACK 0000edaba3
brunoerg:
cr/tACK 0000edaba3
shaavan:
ACK 0000edaba3
Tree-SHA512: babec1dfb840bd11ec89ec3d0e2529f826f5775fc7625e987480fac5251f6a6cdcf9a1051c8364d6ca2f66ce9934dcb8447a8cf7376b3952920faf2afd02be99