Commit graph

2232 commits

Author SHA1 Message Date
Samuel Dobson
bdda137878
Merge #16766: wallet: Make IsTrusted scan parents recursively
4671fc3d9e Expand on wallet_balance.py comment from https://github.com/bitcoin/bitcoin/pull/16766\#issuecomment-527563982 (Jeremy Rubin)
91f3073f08 Update release notes to mention changes to IsTrusted and impact on wallet (Jeremy Rubin)
8f174ef112 Systematize style of IsTrusted single line if (Jeremy Rubin)
b49dcbedf7 update variable naming conventions for IsTrusted (Jeremy Rubin)
5ffe0d1449 Update comment in test/functional/wallet_balance.py (Jeremy Rubin)
a550c58267 Update wallet_balance.py test to reflect new behavior (Jeremy Rubin)
5dd7da4ccd Reuse trustedParents in looped calls to IsTrusted (Jeremy Rubin)
595f09d6de Cache tx Trust per-call to avoid DoS (Jeremy Rubin)
dce032ce29 Make IsTrusted scan parents recursively (Jeremy Rubin)

Pull request description:

  This slightly modifies the behavior of IsTrusted to recursively check the parents of a transaction. Otherwise, it's possible that a parent is not IsTrusted but a child is. If a parent is not trusted, then a child should not be either.

  This recursive scan can be a little expensive, so ~it might be beneficial to have a way of caching IsTrusted state, but this is a little complex because various conditions can change between calls to IsTrusted (e.g., re-org).~ I added a cache which works per call/across calls, but does not store the results semi-permanently. Which reduces DoS risk of this change. There is no risk of untrusted parents causing a resource exploitation, as we immediately return once that is detected.

  This is a change that came up as a bug-fix esque change while working on OP_SECURETHEBAG. You can see the branch where this change is important here: https://github.com/bitcoin/bitcoin/compare/master...JeremyRubin:stb-with-rpc?expand=1. Essentially, without this change, we can be tricked into accepting an OP_SECURETHEBAG output because we don't properly check the parents. As this was a change which, on its own, was not dependent on OP_SECURETHEBAG, I broke it out as I felt the change stands on its own by fixing a long standing wallet bug.

  The test wallet_balance.py has been corrected to meet the new behavior. The below comment, reproduced, explains what the issue is and the edge cases that can arise before this change.

          # Before `test_balance()`, we have had two nodes with a balance of 50
          # each and then we:
          #
          # 1) Sent 40 from node A to node B with fee 0.01
          # 2) Sent 60 from node B to node A with fee 0.01
          #
          # Then we check the balances:
          #
          # 1) As is
          # 2) With transaction 2 from above with 2x the fee
          #
          # Prior to #16766, in this situation, the node would immediately report
          # a balance of 30 on node B as unconfirmed and trusted.
          #
          # After #16766, we show that balance as unconfirmed.
          #
          # The balance is indeed "trusted" and "confirmed" insofar as removing
          # the mempool transactions would return at least that much money. But
          # the algorithm after #16766 marks it as unconfirmed because the 'taint'
          # tracking of transaction trust for summing balances doesn't consider
          # which inputs belong to a user. In this case, the change output in
          # question could be "destroyed" by replace the 1st transaction above.
          #
          # The post #16766 behavior is correct; we shouldn't be treating those
          # funds as confirmed. If you want to rely on that specific UTXO existing
          # which has given you that balance, you cannot, as a third party
          # spending the other input would destroy that unconfirmed.
          #
          # For example, if the test transactions were:
          #
          # 1) Sent 40 from node A to node B with fee 0.01
          # 2) Sent 10 from node B to node A with fee 0.01
          #
          # Then our node would report a confirmed balance of 40 + 50 - 10 = 80
          # BTC, which is more than would be available if transaction 1 were
          # replaced.

  The release notes have been updated to note the new behavior.

ACKs for top commit:
  ariard:
    Code Review ACK 4671fc3, maybe extend DoS protection in a follow-up PR.
  fjahr:
    Code review ACK 4671fc3d9e
  ryanofsky:
    Code review ACK 4671fc3d9e. Changes since last review: 2 new commits adding suggested release note and python test comment, also a clean rebase with no changes to the earlier commits. The PR description is more comprehensive now, too. Looks good!
  promag:
    Code review ACK 4671fc3d9e.

Tree-SHA512: 6b183ff425304fef49724290053514cb2770f4a2350dcb83660ef24af5c54f7c4c2c345b0f62bba60eb2d2f70625ee61a7fab76a7f491bb5a84be5c4cc86b92f
2019-11-05 21:59:27 +13:00
stefanwouldgo
02ac445b2f bump libevent to 2.1.11 in depends
this doesn't need patches on Android anymore like 2.1.8 did.
2019-11-04 16:45:34 +01:00
randymcmillan
ac831339cb
doc: Fix some misspellings 2019-11-04 04:22:53 -05:00
Wladimir J. van der Laan
463eab5e14
Merge #17285: doc: Bip70 removal follow-up
3ed8e3d079 doc: Remove explicit network name references (Fabian Jahr)
d6e493f0c2 wallet: Remove left-over BIP70 comment (Fabian Jahr)

Pull request description:

  A small follow-up to #17165 which removed BIP70 support.

  1. Removes one leftover mention of BIP70 in a comment.
  2. Removes BIP70 reference in comments on network/chain name strings. These can be removed as they are not really helpful and also incorrect: BIP70 only defines "main" and "test" but not "regtest". If/When signet gets merged we will add another name to the list that is not defined in BIP70. Mostly there is also an exhaustive list of the options included in the comment anyway.

  If we would like to keep an identifier for this naming scheme, I would suggest switching to something more generic, like 'short chain name'. Happy to implement that if that is preferred. Alternatively, we could add a reference to `CBaseChainParams`. That would also mean we don't have to change these lines again for signet.

ACKs for top commit:
  MarcoFalke:
    ACK 3ed8e3d079

Tree-SHA512: 9a7c0b9cacbb67bd31a089ffdc6f1ebc7f336493e2c8266eb697da34dce2b505a431d5639a3e4fc34f9287361343e861b55dc2662e0a1d2095cc1046db77d6ee
2019-11-02 14:47:41 +01:00
fanquake
162d0038e7
doc: compiling with Visual Studio is now supported on Windows 2019-11-01 15:25:52 -04:00
Fabian Jahr
3ed8e3d079 doc: Remove explicit network name references 2019-11-01 12:06:35 +01:00
Wladimir J. van der Laan
a6abc94e93
Merge #17281: doc: Add developer note on c_str()
1cf9b35c0d doc: Add developer note on c_str() (Wladimir J. van der Laan)

Pull request description:

  Add a note when to use and when not to use `c_str()`.

ACKs for top commit:
  elichai:
    ACK 1cf9b35c0d
  MarcoFalke:
    Looking nice ACK 1cf9b35c0d

Tree-SHA512: 38cb5e54695782c23a82d03db214a8999b5bb52553f4fbe5322281686f42616981a217ba987feb6d87f3e6b95919cadd8484efe69ecc364ba1731aaf173626c9
2019-10-30 17:18:29 +01:00
practicalswift
595cc9bcaf docs: Add undefined to --with-sanitizers=fuzzer,address 2019-10-30 13:34:10 +00:00
Wladimir J. van der Laan
1cf9b35c0d doc: Add developer note on c_str()
Add a note when to use and when not to use `c_str()`.
2019-10-30 10:53:27 +01:00
Sjors Provoost
29a21c9061
[rpc] set default bip32derivs to true for psbt methods 2019-10-26 12:03:38 +02:00
fanquake
1cb9a4e28c
docs: remove protobuf from docs 2019-10-24 16:01:42 -04:00
Marius Kjærstad
6f6852335f
doc: Changed miniupnp links to https
doc: Changed miniupnp links to https
2019-10-24 14:57:36 +02:00
Wladimir J. van der Laan
b688b859db
Merge #17004: validation: Remove REJECT code from CValidationState
9075d13153 [docs] Add release notes for removal of REJECT reasons (John Newbery)
04a2f326ec [validation] Fix REJECT message comments (John Newbery)
e9d5a59e34 [validation] Remove REJECT code from CValidationState (John Newbery)
0053e16714 [logging] Don't log REJECT code when transaction is rejected (John Newbery)
a1a07cfe99 [validation] Fix peer punishment for bad blocks (John Newbery)

Pull request description:

  We no longer send BIP 61 REJECT messages, so there's no need to set
  a REJECT code in the CValidationState object.

  Note that there is a minor bug fix in p2p behaviour here. Because the
  call to `MaybePunishNode()` in `PeerLogicValidation::BlockChecked()` only
  previously happened if the REJECT code was > 0 and < `REJECT_INTERNAL`,
  then there are cases were `MaybePunishNode()` can get called where it
  wasn't previously:

  - when `AcceptBlockHeader()` fails with `CACHED_INVALID`.
  - when `AcceptBlockHeader()` fails with `BLOCK_MISSING_PREV`.

  Note that `BlockChecked()` cannot fail with an 'internal' reject code. The
  only internal reject code was `REJECT_HIGHFEE`, which was only set in
  ATMP.

  This reverts a minor bug introduced in 5d08c9c579.

ACKs for top commit:
  ariard:
    ACK 9075d13, changes since last reviewed are splitting them in separate commits to ease understanding and fix nits
  fjahr:
    ACK 9075d13153, confirmed diff to last review was fixing nits in docs/comments.
  ryanofsky:
    Code review ACK 9075d13153. Only changes since last review are splitting the main commit and updating comments

Tree-SHA512: 58e8a1a4d4e6f156da5d29fb6ad6a62fc9c594bbfc6432b3252e962d0e9e10149bf3035185dc5320c46c09f3e49662bc2973ec759679c0f3412232087cb8a3a7
2019-10-24 10:49:45 +02:00
fanquake
feb5075777
build: use osslsigncode 2.0 in gitian
The original osslsigncode project (https://sourceforge.net/projects/osslsigncode/) has been marked as abandonware,
"This is now - and has been for a long while - abandonware. Feel free to create your own forks etc.".

However, a fork at https://github.com/mtrojnar/osslsigncode has emerged that has incorporated
theuni's patches, updated the tool to work with OpenSSL 1.1 and made other improvements.

This commit switches the windows signer descriptor to use this new version of osslsigncode.
2019-10-21 18:32:53 -04:00
Jeremy Rubin
91f3073f08 Update release notes to mention changes to IsTrusted and impact on wallet 2019-10-21 13:22:56 -07:00
Wladimir J. van der Laan
a4a4964db1
Merge #17111: doc: update bips.md with buried BIP9 deployments
fa6ed82794 doc: update bips.md with buried BIP9 deployments (MarcoFalke)

Pull request description:

  Also, remove the activation heights, as they can be retrieved from `./src/chainparams.cpp` (if needed)

ACKs for top commit:
  laanwj:
    ACK fa6ed82794, needs backport to 0.19 I guess.

Tree-SHA512: 9c069cc14589a3e2309d76f042677c024a9e14d16dbfccef54c4a2963ca7853d01f042b0237e346538c557591b7553deed9dd811ba64bbd0ced88883d562c59a
2019-10-15 11:30:56 +02:00
Hennadii Stepanov
c8961c7d9f
doc: Add switch on enum example 2019-10-14 15:46:42 +03:00
MarcoFalke
fa6ed82794
doc: update bips.md with buried BIP9 deployments 2019-10-11 15:42:30 -04:00
MarcoFalke
fa191c058f
doc: Add missing indexes/blockfilter/basic/ to doc/files.md 2019-10-11 08:31:18 -04:00
MarcoFalke
08ed87e887
Merge #16983: doc: Add detailed info about Bitcoin Core files
86b9f92da2 doc: Add detailed info about Bitcoin Core files (Hennadii Stepanov)

Pull request description:

  This PR:
  - provides detailed info about the Bitcoin Core files;
  - does not mention temporary files, e.g., `mempool.dat.new` and `peers.????`

ACKs for top commit:
  ch4ot1c:
    ACK 86b9f92
  laanwj:
    ACK 86b9f92da2
  MarcoFalke:
    ACK 86b9f92da2

Tree-SHA512: 9352119b08e3f6aaab4ce3797afc6533f90852e461957acb2bc73962fd4881403fabeaa5a371bd1218309f36f9b0f90fb147b80698e2e30a016634a62a160a15
2019-10-10 15:58:28 -04:00
John Newbery
9075d13153 [docs] Add release notes for removal of REJECT reasons 2019-10-10 13:31:57 -04:00
fanquake
ceecefe0b0
Merge #17081: doc: fix Makefile target in benchmarking.md
a54ab2104c [doc] fix Makefile target in benchmarking.md (Sebastian Falbesoner)

Pull request description:

  While the resulting binary is called `bench_bitcoin`, the Makefile target is
  named `bitcoin_bench` (see `src/Makefile.bench.include`)

ACKs for top commit:
  fanquake:
    ACK a54ab2104c - Tested on macOS and Debian 9.9, as this only [seemed to work there](https://github.com/bitcoin/bitcoin/pull/16536#discussion_r310366868) when these docs were added.

Tree-SHA512: bcf8d48ccba488f0533111a3be57ddc6c948b3a38beed129635e1c7e0b4608bc9ddf625e8469606bb31d4cedf3341c443564a197d6b1ab5268a9ed44ed5018a3
2019-10-09 09:51:36 -04:00
Wladimir J. van der Laan
c08bf2b574
Merge #15437: p2p: Remove BIP61 reject messages
fa25f43ac5 p2p: Remove BIP61 reject messages (MarcoFalke)

Pull request description:

  Reject messages (BIP 61) appear in the following settings:

  * Parsing of reject messages (in case `-debug=net` is set, off by default). This has only been used for a single `LogPrint` call for several releases now. Such logging is completely meaningless to us and should thus be removed.

  * The sending of reject messages (in case `-enablebip61` is set, off by default). This can be used to debug a node that is under our control. Instead of hacking this debugging into the p2p protocol, it could be more easily achieved by parsing the debug log. (Use `-printtoconsole` to have it as stream, or read from the `debug.log` file like our python function `assert_debug_log` in the test framework does)

  Having to maintain all of this logic and code to accommodate debugging, which can be achieved by other means a lot easier, is a burden. It makes review on net processing changes a lot harder, since the reject message logic has to be carried around without introducing any errors or DOS vectors.

ACKs for top commit:
  jnewbery:
    utACK fa25f43ac5
  laanwj:
    I'm still not 100% convinced that I like getting rid of BIP61 conceptually, but apparently everyone wants it, code review ACK fa25f43ac5.
  ryanofsky:
    Code review ACK fa25f43ac5

Tree-SHA512: daf55254202925e56be3d6cfb3c1c804e7a82cecb1dd1e5bd7b472bae989fd68ac4f21ec53fc46751353056fd645f7f877bebcb0b40920257991423a3d99e0be
2019-10-09 11:51:58 +02:00
Sebastian Falbesoner
a54ab2104c [doc] fix Makefile target in benchmarking.md
while the resulting binary is called `bench_bitcoin`, the Makefile target is
named `bitcoin_bench` (see `src/Makefile.bench.include`)
2019-10-08 22:14:04 +02:00
Andrew Chow
4bb660be90 Add release note 2019-10-08 13:56:56 -04:00
Andrew Chow
ed96b295d7 Update descriptors.md to include sortedmulti 2019-10-08 13:56:56 -04:00
fanquake
94e6e9f38d
Merge #17026: doc: Update bips.md for default bech32 addresses in 0.20.0
fad1dbda98 doc: Fix amount typo in release notes (MarcoFalke)
fa8d052da5 doc: Update bips.md for default bech32 addresses in 0.20.0 (MarcoFalke)
fab68a0772 doc: move-only release notes fragments for 0.20.0 (MarcoFalke)

Pull request description:

  * Restore release notes skeleton (headers)
  * Move-only all release notes fragments to the main file for 0.20.0
  * Update bips.md for the default bech32 address change

ACKs for top commit:
  fanquake:
    ACK fad1dbda98

Tree-SHA512: c3d5e124fe803e809d5af869d89de2d8312d4481d43745c1492c66f5ffc6ffc9c37581cc9d8773d2fb711a5a4a47a12aa1ea31292ac6c393ef8503c9db053fc9
2019-10-04 06:50:45 -04:00
Wladimir J. van der Laan
c90ce0f709
Merge #17022: doc: move-only: Steps for "before major release branch-off"
faca1c24f9 doc: move-only: Steps for "before major release branch-off" (MarcoFalke)

Pull request description:

  The chainparams are updated before branch-off, so that the master branch has the bumped values as well

ACKs for top commit:
  laanwj:
    ACK faca1c24f9

Tree-SHA512: ffc3ea49f0f6dc64dd9bea958e12ebc058496291c1c06d02994b3bf1751602e7c5000fd5eda166fcdbf9ba6d593e19731e93342dd8f2fe410f656a798bef459c
2019-10-03 20:56:13 +02:00
MarcoFalke
fad1dbda98
doc: Fix amount typo in release notes
See https://github.com/bitcoin/bitcoin/pull/16524#issuecomment-538070291
2019-10-03 14:38:54 -04:00
Hennadii Stepanov
86b9f92da2
doc: Add detailed info about Bitcoin Core files 2019-10-02 21:50:58 +03:00
MarcoFalke
fa8d052da5
doc: Update bips.md for default bech32 addresses in 0.20.0 2019-10-02 14:26:21 -04:00
MarcoFalke
fab68a0772
doc: move-only release notes fragments for 0.20.0 2019-10-02 14:25:07 -04:00
MarcoFalke
a689c11907
Merge #16524: Wallet: Disable -fallbackfee by default
ea4cc3a7b3 Truly decouple wallet from chainparams for -fallbackfee (Jorge Timón)

Pull request description:

  Before it was 0 by default for main and 20000 for test and regtest.
  Now it is 0 by default for all chains, thus there's no need to call Params().

  Also now the default for main is properly documented.

  Suggestion for release notes:

  -fallbackfee was 0 (disabled) by default for the main chain, but 20000 by default for the test chains. Now it is 0 by default for all chains. Testnet and regtest users will have to add fallbackfee=20000 to their configuration if they weren't setting it and they want it to keep working like before.

  Should I propose them to the wiki for the release notes or only after merge?

  For more context, see https://github.com/bitcoin/bitcoin/pull/16402#issuecomment-515701042

ACKs for top commit:
  MarcoFalke:
    ACK ea4cc3a7b3

Tree-SHA512: fdfaba5d813da4221e405e0988bef44f3856d10f897a94f9614386d14b7716f4326ab8a6646e26d41ef3f4fa61b936191e216b1b605e9ab0520b0657fc162e6c
2019-10-02 13:42:57 -04:00
Jorge Timón
ea4cc3a7b3
Truly decouple wallet from chainparams for -fallbackfee
Before it was 0 by default for main and 20000 for test and regtest.
Now it is 0 by default for all chains, thus there's no need to call Params().

Also now the default for main is properly documented
2019-10-02 18:10:07 +02:00
Wladimir J. van der Laan
fecc1be231
Merge #16884: wallet: Change default address type to bech32
71d4eddf42 Add release note for bech32 by default in wallet (Gregory Sanders)
b34f0180e3 Revert "gui: Generate bech32 addresses by default (take 2, fixup)" (Gregory Sanders)
f50785ab56 Change default address type to bech32 (Gregory Sanders)

Pull request description:

ACKs for top commit:
  MarcoFalke:
    re-ACK 71d4eddf42 (only change is restore mimick behavior)
  laanwj:
    ACK 71d4eddf42

Tree-SHA512: 3c49a1b51c49f3a762ad08985167ca1b89b0177ae20ab6d5883f1f74dde7a155921c1b855a842199bbf32f563c56b33f8b603bc842637bdcb121001023d454b6
2019-10-02 17:46:01 +02:00
MarcoFalke
fa25f43ac5
p2p: Remove BIP61 reject messages 2019-10-02 10:39:14 -04:00
MarcoFalke
faca1c24f9
doc: move-only: Steps for "before major release branch-off"
Can be reviewed with the git diff option

--color-moved=dimmed-zebra
2019-10-02 09:36:49 -04:00
Jon Atack
434101875c
doc: reset release notes after 0.19 split-off
- empty release-notes.md and propose a few improvements

- delete release notes fragments
2019-10-02 11:17:20 +02:00
fanquake
1f40a91286
Merge #17014: doc: Consolidate release notes before 0.19.0 (move-only)
fa3d98426b doc: Consolidate release notes before 0.19.0 (MarcoFalke)
fa02f2d607 doc: Add missing release notes for 16383 (MarcoFalke)

Pull request description:

ACKs for top commit:
  fanquake:
    ACK fa3d98426b - these can get massaged / nitted to death in the wiki.

Tree-SHA512: a08f6e5990bf1f2d15939142e14887582899fb2f71962a52a4a2db13e0643c70486193cd1b28a18099dadbe87d045a192d2546793f30551b5151f410b03907fa
2019-10-02 09:12:01 +08:00
fanquake
4b51ed89cf
Merge #17002: chainparams: Bump assumed chain params
fa3a733116 chainparams: Bump assumed chain params (MarcoFalke)

Pull request description:

  As every year, reviewers get extra point when their node is running:
  * `assumevalid=0`
  * `checkpoints=0`
  * on non-x86_64 hardware

  See https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.md#before-every-major-and-minor-release for the process.

ACKs for top commit:
  laanwj:
    ACK fa3a733116
  Sjors:
    ACK fa3a733116 for mainnet on macOS 10.14.6.
  jamesob:
    ACK fa3a733116
  fanquake:
    ACK fa3a733116 - checked the mainnet values. I have notes on reviewing `assumevalid` updates in [core-review](https://github.com/fanquake/core-review/blob/master/update-assumevalid.md).

Tree-SHA512: fc545ba0a7056908040b47076b393d028c1c022967c25a2074752f76f0386ef099a64445da6125117a04418bd7eb0655121bfc94e6f60b7bc2666947491b5228
2019-10-02 08:04:57 +08:00
MarcoFalke
fa3d98426b
doc: Consolidate release notes before 0.19.0
Can be reviewed with the git diff options:

--color-moved=dimmed-zebra --color-moved-ws=ignore-all-space
2019-10-01 14:57:37 -04:00
MarcoFalke
fa02f2d607
doc: Add missing release notes for 16383 2019-10-01 14:57:08 -04:00
MarcoFalke
fa3a733116
chainparams: Bump assumed chain params 2019-10-01 07:33:24 -04:00
Wladimir J. van der Laan
60e855f5c5 doc: Bump version in bips.md, mention bumping in release process 2019-10-01 07:14:29 +02:00
Wladimir J. van der Laan
82c11773dc doc: Add mention of BIP158 indexing since v0.19.0 2019-09-30 20:33:43 +02:00
Wladimir J. van der Laan
226700602b doc: Add mention of BIP125 used by wallet GUI by default since v0.18.1 2019-09-30 20:33:10 +02:00
Wladimir J. van der Laan
b11514d4e5 doc: Add mention of BIP70 disabling by default in bips.md 2019-09-30 16:51:43 +02:00
Wladimir J. van der Laan
981ec9b817
Merge #15459: doc: add how to calculate blockchain and chainstate size variables to release process
eb4c43e49f doc: documents how to calculate m_assumed_blockchain_size and m_assumed_chain_state_size on the release process. (marcoagner)

Pull request description:

  Regarding [this](https://github.com/bitcoin/bitcoin/pull/15183#issuecomment-463133734) on https://github.com/bitcoin/bitcoin/pull/15183.
  Added an "Additional information" section for this which seems reasonable to me but may not be the best place for this. Also, let me know if anything else should be documented here (like more details).

ACKs for top commit:
  laanwj:
    ACK eb4c43e49f

Tree-SHA512: 7e6fc46740daa01dd9be5a8da7846e7a9f7fa866bf31fdc2cb252f90c698cfd6ef954f9588f7abcebda2355ec2b2a380635e14a164e53e77d38abefa3e2cc698
2019-09-30 14:40:53 +02:00
Wladimir J. van der Laan
4320bfc0c0 build: Factor out qt translations from build system
Move qt translations to a separate make include file.
This makes it easier to auto-generate this list from tooling
(see bitcoin-core/bitcoin-maintainer-tools#36).
2019-09-29 14:24:54 +02:00
Gregory Sanders
71d4eddf42 Add release note for bech32 by default in wallet 2019-09-26 16:23:32 -04:00