Commit graph

35263 commits

Author SHA1 Message Date
Suhas Daftuar
03712dddfb Expose HeadersSyncState::m_current_height in getpeerinfo() 2022-08-29 08:10:35 -04:00
Suhas Daftuar
150a5486db Test headers sync using minchainwork threshold 2022-08-29 08:10:35 -04:00
Suhas Daftuar
0b6aa826b5 Add unit test for HeadersSyncState 2022-08-29 08:10:35 -04:00
Suhas Daftuar
83c6a0c524 Reduce spurious messages during headers sync
Delay sending SENDHEADERS (BIP 130) message until we know our peer's best
header's chain has more than nMinimumChainWork. This reduces inadvertent
headers messages received during initial headers sync due to block
announcements, which throw off our sync algorithm.
2022-08-29 08:10:35 -04:00
Suhas Daftuar
ed6cddd98e Require callers of AcceptBlockHeader() to perform anti-dos checks
In order to prevent memory DoS, we must ensure that we don't accept a new
header into memory until we've performed anti-DoS checks, such as verifying
that the header is part of a sufficiently high work chain. This commit adds a
new argument to AcceptBlockHeader() so that we can ensure that all call-sites
which might cause a new header to be accepted into memory have to grapple with
the question of whether the header is safe to accept, or needs further
validation.

This patch also fixes two places where low-difficulty-headers could have been
processed without such validation (processing an unrequested block from the
network, and processing a compact block).

Credit to Niklas Gögge for noticing this issue, and thanks to Sjors Provoost
for test code.
2022-08-29 08:10:35 -04:00
Suhas Daftuar
551a8d957c Utilize anti-DoS headers download strategy
Avoid permanently storing headers from a peer, unless the headers are part of a
chain with sufficiently high work. This prevents memory attacks using low-work
headers.

Designed and co-authored with Pieter Wuille.
2022-08-29 08:10:35 -04:00
MacroFake
fa3358b668
Move validation option logging to LoadChainstate() 2022-08-29 11:58:29 +02:00
MacroFake
fae5bd9200
test: Fix wallet_balance intermittent issue
Fix it by removing a duplicate balance check on the same node.
2022-08-27 17:24:31 +02:00
Andrew Chow
e191fac4f3
Merge bitcoin/bitcoin#25922: wallet: trigger MaybeResendWalletTxs() every minute
5ef8c2c9fc test: fix typo for MaybeResendWalletTxs (stickies-v)
fbba4a1316 wallet: trigger MaybeResendWalletTxs() every minute (stickies-v)

Pull request description:

  ResendWalletTransactions() only executes every [12-36h (24h average)](1420547ec3/src/wallet/wallet.cpp (L1947)). Triggering it every second is excessive, once per minute should be plenty.

  The goal of this PR is to reduce the amount of (unnecessary) schedule executions by ~60x without meaningfully altering transaction rebroadcast logic/assumptions which would require more significant review.

ACKs for top commit:
  achow101:
    ACK 5ef8c2c9fc
  1440000bytes:
    ACK 5ef8c2c9fc

Tree-SHA512: 4a077e3579b289c11c347eaa0d3601ef2dbb9fee66ab918d56b4a0c2e08222560a0e6be295297a74831836e001a997ecc143adb0c132faaba96a669dac1cd9e6
2022-08-26 17:11:17 -04:00
Andrew Chow
80da4be57b
Merge bitcoin/bitcoin#25896: wallet: Log when Wallet::SetMinVersion sets a different minversion
835bd27e9a Wallet::SetMinVersion - Log the new minversion (Ali Sherief)

Pull request description:

  This change prints a single additional line in the debug.log when bitcoin-cli loads a wallet using `loadwallet` (*not* `createwallet`).

  When Bitcoin Core creates a wallet, it's `minversion` is set to `FEATURE_BASE`, which is 10500. However, once the wallet is unloaded using `unloadwallet` or through program termination, and subsequently loaded again, `loadwallet` updates the `minversion` in the wallet.dat file to `FEATURE_LATEST`, currently 169900.

  The current logging format prints the very old wallet version during `createwallet`, and then the actual version in calls to `loadwallet`. This has confused at least one person ([reference](https://bitcointalk.org/index.php?topic=5410650.0) - I was the one who asked there if there were plans to change that behavior, and was subsequently redirected here by achow), so it will be very helpful to users to explicitly specify in the logs what the walletdb is doing.

ACKs for top commit:
  achow101:
    ACK 835bd27e9a

Tree-SHA512: 967c8c617e06a84915ddb147378ec3c8b0343e45f43145ec78df9cbc0201867f49c8e11cd068c403eb5ec06e07d38c3c0d3864dad8edc5efbb134a3fb30be41f
2022-08-26 16:41:41 -04:00
Andrew Chow
eed2bd37ef
Merge bitcoin/bitcoin#25355: I2P: add support for transient addresses for outbound connections
59aa54f731 i2p: log "SAM session" instead of "session" (Vasil Dimov)
d7ec30b648 doc: add release notes about the I2P transient addresses (Vasil Dimov)
47c0d02f12 doc: document I2P transient addresses usage in doc/i2p.md (Vasil Dimov)
3914e472f5 test: add a test that -i2pacceptincoming=0 creates a transient session (Vasil Dimov)
ae1e97ce86 net: use transient I2P session for outbound if -i2pacceptincoming=0 (Vasil Dimov)
a1580a04f5 net: store an optional I2P session in CNode (Vasil Dimov)
2b781ad66e i2p: add support for creating transient sessions (Vasil Dimov)

Pull request description:

  Add support for generating a transient, one-time I2P address for ourselves when making I2P outbound connection and discard it once the connection is closed.

  Background
  ---
  In I2P connections, the host that receives the connection knows the I2P address of the connection initiator. This is unlike the Tor network where the recipient does not know who is connecting to them, not even the initiator's Tor address.

  Persistent vs transient I2P addresses
  ---
  Even if an I2P node is not accepting incoming connections, they are known to other nodes by their outgoing I2P address. This creates an opportunity to white-list given nodes or treat them differently based on their I2P address. However, this also creates an opportunity to fingerprint or analyze a given node because it always uses the same I2P address when it connects to other nodes. If this is undesirable, then a node operator can use the newly introduced `-i2ptransientout` to generate a transient (disposable), one-time I2P address for each new outgoing connection. That address is never going to be reused again, not even if reconnecting to the same peer later.

ACKs for top commit:
  mzumsande:
    ACK 59aa54f731 (verified via range-diff that just a typo / `unique_ptr` initialisation were fixed)
  achow101:
    re-ACK 59aa54f731
  jonatack:
    utACK 59aa54f731 reviewed range diff, rebased to master, debug build + relevant tests + review at each commit

Tree-SHA512: 2be9b9dd7502b2d44a75e095aaece61700766bff9af0a2846c29ca4e152b0a92bdfa30f61e8e32b6edb1225f74f1a78d19b7bf069f00b8f8173e69705414a93e
2022-08-26 16:33:58 -04:00
Andrew Chow
5b62f095e7 wallet: Refactor SetupDescSPKMs to take CExtKey
Refactors SetupDescSPKMs so that the DescSPKM loops are in their own
function. This allows us to call it later during migration with a key
that was already generated.
2022-08-26 13:14:51 -04:00
Andrew Chow
22401f17e0 Implement LegacyScriptPubKeyMan::DeleteRecords 2022-08-26 13:14:51 -04:00
MacroFake
15692e2641
Merge bitcoin/bitcoin#25910: doc: Add my key to SECURITY.md
207abc147c doc: Add my key to SECURITY.md (Andrew Chow)

Pull request description:

  I was recently added to the security list, and I think it would make sense to have more people who are on the list to be publicly listed as security contacts, so adding myself to the doc.

ACKs for top commit:
  glozow:
    ACK 207abc147c, matches the entry in trusted-keys.

Tree-SHA512: 33f91d8ea618d7dfdeb372695aff3092f2f2e3df8503eafff18fc3756b3da566a27d6f83fdaf01a749c3d71c7a17a8ae43af2495721b969442924ff773930290
2022-08-26 15:30:45 +02:00
Andrew Chow
bbbc26dcfc
Merge bitcoin/bitcoin#25924: scripted-diff: rpc: fix rescan RPC name (s/rescanwallet/rescanblockchain/)
e90a445d7e scripted-diff: rpc: fix rescan RPC name (s/rescanwallet/rescanblockchain/) (Sebastian Falbesoner)

Pull request description:

  There is no RPC call named `rescanwallet`, i.e. fix this by renaming to the actual RPC called `rescanblockchain`.

ACKs for top commit:
  achow101:
    ACK e90a445d7e
  aureleoules:
    ACK e90a445d7e.
  promag:
    ACK e90a445d7e

Tree-SHA512: abf1d1c18de32d87c29e4ff2b782dfb0e4a46dc2c2cc51ab616d12674a0f4a5d22214e00955663ae897cbb88f4f6ced913850f28ea3f5c1b3a54577a25fbf399
2022-08-25 17:12:08 -04:00
Andrew Chow
35f428fae6 Implement LegacyScriptPubKeyMan::MigrateToDescriptor 2022-08-25 16:25:53 -04:00
Andrew Chow
ea1ab390e4 scriptpubkeyman: Implement GetScriptPubKeys in Legacy 2022-08-25 16:25:53 -04:00
Andrew Chow
e664af2976 Apply label to all scriptPubKeys of imported combo() 2022-08-25 16:25:53 -04:00
Ali Sherief
835bd27e9a Wallet::SetMinVersion - Log the new minversion 2022-08-25 17:58:19 +00:00
Andrew Chow
ba2edcae73
Merge bitcoin/bitcoin#25925: doc: add {import,list}descriptors to list of descriptor RPCs
6242314ba8 doc: add `{import,list}descriptors` to list of descriptor RPCs (Sebastian Falbesoner)

Pull request description:

  This PR adds the missing RPCs `importlistdescriptors` ([since v0.21](1420547ec3/doc/release-notes/release-notes-0.21.0.md (L405))) and `listdescriptors` ([since v22](1420547ec3/doc/release-notes/release-notes-22.0.md (L175))) to the list of RPCs supporting descriptors in descriptors.md. Also changes the description of `importmulti` slightly to point out that it only works for legacy wallets.

ACKs for top commit:
  S3RK:
    ACK 6242314ba8
  achow101:
    ACK 6242314ba8
  aureleoules:
    ACK 6242314ba8.
  brunoerg:
    ACK 6242314ba8

Tree-SHA512: e8905c800b0c9a760e3380efebe2fb015c321a891dd4bf283039486d9d3b382b2c76901fcc8413acf435ed9832f76d9828efd70ba5ce62d4be65e87672bbd0a2
2022-08-25 11:29:34 -04:00
stickies-v
5ef8c2c9fc
test: fix typo for MaybeResendWalletTxs 2022-08-25 14:29:26 +01:00
stickies-v
fbba4a1316
wallet: trigger MaybeResendWalletTxs() every minute
ResendWalletTransactions() only executes every 12-36h (24h average).
Triggering it every second is excessive, once per minute should be
plenty.
2022-08-25 14:29:25 +01:00
MacroFake
6057e7e2b9
Merge bitcoin/bitcoin#25929: ci: Force ccache package version for MSVC build
cda62657e9 ci: Increase `windows_container` resources (Hennadii Stepanov)
905f6142e7 ci: Force `ccache` package version for MSVC build (Hennadii Stepanov)

Pull request description:

  The recent update of the `ccache` [package](https://community.chocolatey.org/packages/ccache) from 4.6.1 to [4.6.2](https://ccache.dev/releasenotes.html#_ccache_4_6_2) broke our MSVC CI build.

  This PR forces the working version 4.6.1.

Top commit has no ACKs.

Tree-SHA512: 8b06f768ad83f2c1eb51d60a20aa2bd3f2f11109523e2bb947baea5739345df39550aa029e16a36727acb4ebc5dc878e70cc998e49b5bd9808fef8b17f3f3c42
2022-08-25 13:07:19 +02:00
Hennadii Stepanov
cda62657e9
ci: Increase windows_container resources
Required to fit timeout when all build caches are invalidated.
2022-08-25 11:03:17 +01:00
MacroFake
d36bec9b3b
Merge bitcoin/bitcoin#25905: refactor: Move ChainstateManager options into m_options struct
7bc33a88f7 refactor: Move ChainstateManager options into m_options struct (Ryan Ofsky)

Pull request description:

  Move `ChainstateManager` options into `m_options` struct to simplify class initialization, organize class members, and to name external option variables differently than internal state variables.

  This change was originally in #25862, but it was suggested to split off in https://github.com/bitcoin/bitcoin/pull/25862#discussion_r951459817 so it could be merged earlier and reduce conflicts with other PRs.

ACKs for top commit:
  naumenkogs:
    ACK 7bc33a88f7

Tree-SHA512: 1c3c77be7db60222732221c087fd01cb802b84ac93333fccb38c8d16645f5f950c3362981021e7a3ae054f19fa7dd9e1cd15daaa101b61ca8853e42a1fd21474
2022-08-25 09:48:12 +02:00
Hennadii Stepanov
905f6142e7
ci: Force ccache package version for MSVC build
The ccache 4.6.2 is broken.
2022-08-25 08:12:10 +01:00
Sebastian Falbesoner
6242314ba8 doc: add {import,list}descriptors to list of descriptor RPCs 2022-08-25 00:04:01 +02:00
Sebastian Falbesoner
e90a445d7e scripted-diff: rpc: fix rescan RPC name (s/rescanwallet/rescanblockchain/)
There is no RPC call named `rescanwallet`, i.e. fix this by renaming to
the actual RPC called `rescanblockchain`.

-BEGIN VERIFY SCRIPT-
sed -i s/rescanwallet/rescanblockchain/ $(git grep -l rescanwallet)
-END VERIFY SCRIPT-
2022-08-24 23:26:33 +02:00
MacroFake
1420547ec3
Merge bitcoin/bitcoin#25911: net: update hardcoded mainnet seeds for 24.x
9b6f5fafa9 net: update hardcoded mainnet seeds for 24.x (Jon Atack)
7fd9028017 contrib: make-seeds updates for 24.x (Jon Atack)
6075a0be3c net: update manual hardcoded mainnet seeds for 24.x (Jon Atack)

Pull request description:

  Update the hardcoded P2P network seeds for 24.x after updating the manual seeds and the generation script as necessary. Previous update was #24417.

  Can be tested by following the steps in `contrib/seeds/README.md`.

  Tool output:
  ```
  $ python3 makeseeds.py -a asmap-filled.dat < seeds_main.txt > nodes_main.txt
  Loading asmap database "asmap-filled.dat"…Done.
  Loading and parsing DNS seeds…Done.
    IPv4   IPv6  Onion Pass
  472019  73788      0 Initial
  472019  73788      0 Skip entries with invalid address
  472019  73788      0 After removing duplicates
    7766   2310      0 Enforce minimal number of blocks
    6534   1835      0 Require service bit 1
    2808    801      0 Require minimum uptime
    2748    781      0 Require a known and recent user agent
    2727    775      0 Filter out hosts with multiple bitcoin ports
     512    267      0 Look up ASNs and limit results per ASN and per net
  ```

ACKs for top commit:
  laanwj:
    LGTM ACK 9b6f5fafa9
  Emzy:
    ACK 9b6f5fa
  brunoerg:
    ACK 9b6f5fafa9

Tree-SHA512: eef994bbd60524cfd9e4b5b836ddbe615cd2a77466394cdbb70a0ebc30c7822d8605473424f6d4a1ba37313c59373cf10717977a5c07e6f839e5ff86464c8c55
2022-08-24 19:08:24 +02:00
fanquake
2d83a20113
Merge bitcoin/bitcoin#25863: test: remove unused norm_prv parameter in descriptor_tests.cpp.
57d1367fec test: remove unused `norm_prv` parameter (w0xlt)

Pull request description:

  This PR removes the unused `norm_prv` parameter in `src/test/descriptor_tests.cpp`.

ACKs for top commit:
  achow101:
    ACK 57d1367fec

Tree-SHA512: 5b16b6bea94db0b5f2c3675b6529312b50e120d4ec7633e4184dd4ba6fc04e086efb273b9e61f748c8a15cbdc243450b09fc58ec7343379f3151a3b9e7e37106
2022-08-24 16:24:52 +01:00
MacroFake
c89fabff3d
Merge bitcoin/bitcoin#25879: refactor: Make Join() util work with any container type
fa95315655 Use new Join() helper for ListBlockFilterTypes() (MacroFake)
fa1c716955 Make Join() util work with any container type (MacroFake)
faf8da3c8d Remove Join() helper only used in tests (MacroFake)

Pull request description:

  This allows to drop some code

ACKs for top commit:
  naumenkogs:
    ACK fa95315655
  stickies-v:
    ACK [fa95315](fa95315655)

Tree-SHA512: efd65b65722f46b221bd53140ff22bd8e45adc83617980233f28f695be3108a6ab01affd751d715134ffcb9762228ba8952e9467e590cff022c83e0f5404cb74
2022-08-24 11:30:44 +02:00
MacroFake
3c1e75ef60
Merge bitcoin/bitcoin#25865: test: speedup wallet tests by whitelisting peers (immediate tx relay)
b21e522ce4 test: speedup wallet tests by whitelisting peers (immediate tx relay) (Sebastian Falbesoner)

Pull request description:

  In the course of testing #25297 by running all wallet-related functional tests (see https://github.com/bitcoin/bitcoin/pull/25297#issuecomment-1203365589), I noticed that the run-time of those tests vary a lot between runs, in fact too much for a useful comparison. This PR fixes this by making the tests both more deterministic and also faster, using the good ol' immediate tx relay trick (parameter `-whitelist=noban@127.0.0.1`).

  master branch:
  ```
  wallet_abandonconflict.py --descriptors   | ✓ Passed  | 7 s
  wallet_abandonconflict.py --legacy-wallet | ✓ Passed  | 23 s
  wallet_balance.py --descriptors           | ✓ Passed  | 17 s
  wallet_balance.py --legacy-wallet         | ✓ Passed  | 21 s
  wallet_basic.py --descriptors             | ✓ Passed  | 32 s
  wallet_basic.py --legacy-wallet           | ✓ Passed  | 56 s
  wallet_bumpfee.py --descriptors           | ✓ Passed  | 44 s
  wallet_bumpfee.py --legacy-wallet         | ✓ Passed  | 45 s
  wallet_groups.py --descriptors            | ✓ Passed  | 89 s
  wallet_groups.py --legacy-wallet          | ✓ Passed  | 94 s
  wallet_hd.py --descriptors                | ✓ Passed  | 7 s
  wallet_hd.py --legacy-wallet              | ✓ Passed  | 13 s
  wallet_importdescriptors.py --descriptors | ✓ Passed  | 26 s
  wallet_listreceivedby.py --descriptors    | ✓ Passed  | 28 s
  wallet_listreceivedby.py --legacy-wallet  | ✓ Passed  | 18 s

  ALL                                       | ✓ Passed  | 520 s (accumulated)
  Runtime: 526 s
  ```

  PR branch:
  ```
  wallet_abandonconflict.py --descriptors   | ✓ Passed  | 7 s
  wallet_abandonconflict.py --legacy-wallet | ✓ Passed  | 11 s
  wallet_balance.py --descriptors           | ✓ Passed  | 8 s
  wallet_balance.py --legacy-wallet         | ✓ Passed  | 8 s
  wallet_basic.py --descriptors             | ✓ Passed  | 29 s
  wallet_basic.py --legacy-wallet           | ✓ Passed  | 36 s
  wallet_bumpfee.py --descriptors           | ✓ Passed  | 39 s
  wallet_bumpfee.py --legacy-wallet         | ✓ Passed  | 32 s
  wallet_groups.py --descriptors            | ✓ Passed  | 39 s
  wallet_groups.py --legacy-wallet          | ✓ Passed  | 41 s
  wallet_hd.py --descriptors                | ✓ Passed  | 8 s
  wallet_hd.py --legacy-wallet              | ✓ Passed  | 11 s
  wallet_importdescriptors.py --descriptors | ✓ Passed  | 17 s
  wallet_listreceivedby.py --descriptors    | ✓ Passed  | 7 s
  wallet_listreceivedby.py --legacy-wallet  | ✓ Passed  | 9 s

  ALL                                       | ✓ Passed  | 302 s (accumulated)
  Runtime: 309 s
  ```
  Note that an alternative approach could be to whitelist peers by default for nodes in the functional test framework and only enable the trickle relay for the few tests where it's really needed.

ACKs for top commit:
  naumenkogs:
    utACK b21e522ce4

Tree-SHA512: ac3c8f8f5a401d1b6af60ece9c77e72449f18920c2cb4a1bd65fb4d62cf428779ebf4e1d29009a882977b2252922df4e7183541e0da8de932f8cd479149e8a86
2022-08-24 10:37:25 +02:00
MacroFake
fa95315655
Use new Join() helper for ListBlockFilterTypes() 2022-08-24 10:15:32 +02:00
MacroFake
fa1c716955
Make Join() util work with any container type
Also, remove helper that is only used in tests.
2022-08-24 10:15:11 +02:00
MacroFake
713ea7a418
Merge bitcoin/bitcoin#25906: test: add coverage for invalid parameters for rescanblockchain
d1a0004621 test: add coverage for invalid parameters for `rescanblockchain` (brunoerg)

Pull request description:

  This PR adds test coverage for the following errors:
  2bd9aa5a44/src/wallet/rpc/transactions.cpp (L880-L894)

ACKs for top commit:
  w0xlt:
    reACK d1a0004621

Tree-SHA512: c357fbda3d261e4d06a29d2a5350482db5f97a815adf59abdac1971eb19b69cfd4d54e4d21836851e2e3b116aa2a820ea1437c7aededf86b06df435cca16ac90
2022-08-24 08:51:40 +02:00
Jon Atack
9b6f5fafa9 net: update hardcoded mainnet seeds for 24.x
following the steps in contrib/seeds/README.md
2022-08-24 00:04:00 +02:00
Jon Atack
7fd9028017 contrib: make-seeds updates for 24.x 2022-08-24 00:00:53 +02:00
Jon Atack
6075a0be3c net: update manual hardcoded mainnet seeds for 24.x
torv3/i2p/cjdns seeds selected for reachability, uptime and service bit 1
2022-08-24 00:00:52 +02:00
Andrew Chow
207abc147c doc: Add my key to SECURITY.md 2022-08-23 16:57:46 -04:00
brunoerg
d1a0004621 test: add coverage for invalid parameters for rescanblockchain 2022-08-23 17:13:52 -03:00
Pieter Wuille
ed470940cd Add functions to construct locators without CChain
This introduces an insignificant performance penalty, as it means locator
construction needs to use the skiplist-based CBlockIndex::GetAncestor()
function instead of the lookup-based CChain, but avoids the need for
callers to have access to a relevant CChain object.
2022-08-23 16:05:00 -04:00
Pieter Wuille
84852bb6bb Add bitdeque, an std::deque<bool> analogue that does bit packing. 2022-08-23 11:34:10 -04:00
Suhas Daftuar
1d4cfa4272 Add function to validate difficulty changes
The rule against difficulty adjustments changing by more than a factor of 4 can
be helpful for anti-DoS measures in contexts where we lack a full headers
chain, so expose this functionality separately and in the narrow case where we
only know the height, new value, and old value.

Includes fuzz test by Martin Zumsande.
2022-08-23 11:34:10 -04:00
Ryan Ofsky
7bc33a88f7 refactor: Move ChainstateManager options into m_options struct
Move ChainstateManager options into m_options struct to simplify class
initialization, organize class members, and to name external option variables
differently than internal state variables.

This change was originally in #25862, but it was suggested to split off in
https://github.com/bitcoin/bitcoin/pull/25862#discussion_r951459817 so it could
be merged earlier and reduce conflicts with other PRs.
2022-08-22 13:19:15 -04:00
Andrew Chow
2bd9aa5a44
Merge bitcoin/bitcoin#25647: wallet: return change from SelectionResult
4fef534428 wallet: use GetChange() when computing waste (S3RK)
87e0ef9031 wallet: use GetChange() in tx building (S3RK)
15e97a6886 wallet: add SelectionResult::GetChange (S3RK)
72cad28da0 wallet: calculate and store min_viable_change (S3RK)
e3210a7225 wallet: account for preselected inputs in target (S3RK)
f8e796348b wallet: add SelectionResult::Merge (S3RK)
06f558e4e2 wallet: accurate SelectionResult::m_target (S3RK)
c8cf08ea74 wallet: ensure m_min_change_target always covers change fee (S3RK)

Pull request description:

  Benefits:
  1. more accurate waste calculation for knapsack. Waste calculation is now consistent with tx building code. Before we always assumed change for knapsack even when the solution is changeless4.
  2. simpler tx building code. Only create change output when it's needed
  3. makes it easier to correctly account for fees for CPFP inputs (should be done in a follow up)

  In the first three commits we fix the code to accurately track selection target in `SelectionResult::m_target`
  Then we introduce new variable `min_change` that represents the minimum viable change amount
  Then we introduce `SelectionResult::GetChange()` which incapsulates dropping change for fee logic and uses correct values of `SelectionResult::m_target`
  Then we use `SelectionResult::GetChange()` in both tx building and waste calculation code

  This PR is a refactoring and shouldn't change the behaviour.
  There is only one known small change (arguably a bug fix). Before we dropped change output if it's smaller than `cost_of_change` after paying change fees. This is incorrect as `cost_of_change` already includes `change_fee`.

ACKs for top commit:
  achow101:
    ACK 4fef534428
  Xekyo:
    crACK 4fef534428
  furszy:
    Code review ACK 4fef5344
  w0xlt:
    ACK 4fef534428

Tree-SHA512: 31a7455d4129bc39a444da0f16ad478d690d4d9627b2b8fdb5605facc6488171926bf02f5d7d9a545b2b59efafcf5bb3d404005e4da15c7b44b3f7d441afb941
2022-08-22 12:42:36 -04:00
MacroFake
92bb7001d8
Merge bitcoin/bitcoin#25902: fixups for BIP125 doc cleanup
375ebadbf8 fixups for BIP125 doc cleanup (glozow)

Pull request description:

  Followups from #25775:

  - https://github.com/bitcoin/bitcoin/pull/25775#discussion_r951250404
  - https://github.com/bitcoin/bitcoin/pull/25775#discussion_r951250909
  - https://github.com/bitcoin/bitcoin/pull/25775#discussion_r951251041
  - https://github.com/bitcoin/bitcoin/pull/25775#discussion_r950868039

ACKs for top commit:
  t-bast:
    ACK 375ebadbf8
  ariard:
    ACK 375ebad

Tree-SHA512: 66f240a020a2f6994a3b3bcce446bc07655b5714eab18aac4a3223d35226e57902c475fc60a57e3511b2f176741d6c93d7ebfe90574793813f90ceca33d44669
2022-08-22 17:25:48 +02:00
glozow
375ebadbf8
fixups for BIP125 doc cleanup
Grammar and readability fixups.
Clarifies "bip125-replaceable" helpstrings.
2022-08-22 14:59:58 +01:00
fanquake
c5f0cbefa3
Merge bitcoin/bitcoin#25775: docs: remove non-signaling mentions of BIP125
1dc03dda05 [doc] remove non-signaling mentions of BIP125 (glozow)
32024d40f0 scripted-diff: remove mention of BIP125 from non-signaling var names (glozow)

Pull request description:

  We have pretty thorough documentation of our RBF policy in doc/policy/mempool-replacements.md. It enumerates each rule with several sentences of rationale. Also, each rule pretty much has its own function (3 and 4 share one), with extensive comments. The doc states explicitly that our rules are similar but differ from BIP125, and contains a record of historical changes to RBF policy.

  We should not use "BIP125" as synonymous with our RBF policy because:
  - Our RBF policy is different from what is specified in BIP125, for example:
      - the BIP does not mention our rule about the replacement feerate being higher (our Rule 6)
      - the BIP uses minimum relay feerate for Rule 4, while we have used incremental relay feerate since #9380
      - the "inherited signaling" question (CVE-2021-31876). Call it discrepancy, ambiguous wording, doc misinterpretation, or implementation details, I would recommend users refer to doc/policy/mempool-replacements.md
      - the signaling policy is configurable, see #25353
  - Our RBF policy may change further
  - We have already marked BIP125 as only "partially implemented" in docs/bips.md since 1fd49eb498
  - See comments from people who are not me recently:
      - https://github.com/bitcoin/bitcoin/pull/25038#discussion_r909507429
      - https://github.com/bitcoin/bitcoin/pull/25575#issuecomment-1179519204

  This PR removes all non-signaling mentions of BIP125 (if people feel strongly, we can remove all mentions of BIP125 period). It may be useful to refer to the concept of "tx opts in to RBF if it has at least one nSequence less than (0xffffffff - 1)" as "BIP125 signaling" because:
  - It is succint.
  - It has already been widely marketed as BIP125 opt-in signaling.
  - Our API uses it when referring to signaling (e.g. getmempoolentry["bip125-replaceable"] and wallet error message "not BIP 125 replaceable"). Changing those is more invasive.
  - If/when we have other ways to signal in the future, we can disambiguate them this way. See #25038 which proposes another way of signaling, and where I pulled these commits from.

  Alternatives:
  - Changing our policy to match BIP125. This doesn't make sense as, for example, we would have to remove the requirement that a replacement tx has a higher feerate (Rule 6).
  - Changing BIP125 to match what we have. This doesn't make sense as it would be a significant change to a BIP years after it was finalized and already used as a spec to implement RBF in other places.
  - Document our policy as a new BIP and give it a number. This might make sense if we don't expect things to change a lot, and can be done as a next step.

ACKs for top commit:
  darosior:
    ACK 1dc03dda05
  ariard:
    ACK 1dc03dda
  t-bast:
    ACK 1dc03dda05

Tree-SHA512: a3adc2039ec5785892d230ec442e50f47f7062717392728152bbbe27ce1c564141f85253143f53cb44e1331cf47476d74f5d2f4b3cd873fc3433d7a0aa783e02
2022-08-22 10:35:26 +01:00
fanquake
607d5a46aa
Merge bitcoin/bitcoin#23202: wallet: allow psbtbumpfee to work with txs with external inputs
c3b099ace0 wallet, tests: Test bumpfee's max input weight calculation (Andrew Chow)
116a620ce7 Make DUMMY_CHECKER availble outside of script/sign.cpp (Andrew Chow)
ff638323d1 test, bumpfee: Check that psbtbumpfee can bump txs with external inputs (Andrew Chow)
1bc8106d4c bumpfee: be able to bump fee of a tx with external inputs (Andrew Chow)
31dd3dc9e5 bumpfee: Clear scriptSigs and scriptWitnesses before calculated max size (Andrew Chow)
a0c3afb898 bumpfee: extract weights of external inputs when bumping fee (Andrew Chow)
612f1e44fe bumpfee: Calculate fee by looking up UTXOs (Andrew Chow)

Pull request description:

  This PR allows `psbtbumpfee` to return a PSBT for transactions that contain external inputs. This does not work for bumping in the GUI nor `bumpfee` because these need private keys available to sign and send the transaction. But `psbtbumpfee` returns a psbt, so it is fine to not be able to sign.

  In order to correctly estimate the size of the inputs for coin selection, the fee bumper will use the size of the inputs of the transaction being bumped. Because the sizes of signatures are not guaranteed, for external inputs, the fee bumper will verify the scripts with a special SignatureChecker which will compute the weight of all of the signatures in that input, and compute their weights if those signatures were maximally sized. This allows the fee bumper to obtain a max size estimate for each external input.

  Builds on #23201 as it relies on the ability to pass weights in to coin selection.

  Closes #23189

ACKs for top commit:
  ishaanam:
    reACK c3b099ace0
  t-bast:
    Re-ran my tests agains c3b099ace0, ACK

Tree-SHA512: 40016ec52d351430977579cfa2694c7e6764f42c9ce09d3a6f1753b767f86053f296d9de988248df033be6d725d67badbf2a5ef82c8ace23c61487729b7691e5
2022-08-22 10:12:19 +01:00
MacroFake
e5a83141fa
Merge bitcoin/bitcoin#25883: doc: Security config warning
3a71da0b72 Security config warning (Robert Spigler)

Pull request description:

  https://github.com/bitcoin/bitcoin/issues/23412

  Warning about modifying unknown config changes

ACKs for top commit:
  jarolrod:
    ACK 3a71da0b72
  1440000bytes:
    ACK 3a71da0b72

Tree-SHA512: 01963f7de76b9aa623dfeb1e3d4f0a223dfc5a948f54688b60f895a3e1ab14398090fbd2116ff9fd4d90bf637e956e9cc484672053e195622253fd9895decae2
2022-08-22 11:07:48 +02:00