Remove signal DoubleSpendDetected, use function

Also removes the need for forward reference to RelayableRespend.
This commit is contained in:
Tom Harding 2014-07-02 09:27:29 -07:00
parent 88dd3598d2
commit 0da6b3fd18
3 changed files with 50 additions and 59 deletions

View file

@ -1176,7 +1176,7 @@ bool AppInit2(boost::thread_group& threadGroup)
LogPrintf("mapAddressBook.size() = %u\n", pwalletMain ? pwalletMain->mapAddressBook.size() : 0); LogPrintf("mapAddressBook.size() = %u\n", pwalletMain ? pwalletMain->mapAddressBook.size() : 0);
#endif #endif
RegisterInternalSignals(); InitRespendFilter();
StartNode(threadGroup); StartNode(threadGroup);
if (fServer) if (fServer)
StartRPCThreads(); StartRPCThreads();

View file

@ -125,9 +125,14 @@ namespace {
} // anon namespace } // anon namespace
// Forward reference functions defined here: // Bloom filter to limit respend relays to one
static const unsigned int MAX_DOUBLESPEND_BLOOM = 1000; static const unsigned int MAX_DOUBLESPEND_BLOOM = 1000;
static bool RelayableRespend(const COutPoint& outPoint, const CTransaction& doubleSpend, bool fInBlock, CBloomFilter& filter); static CBloomFilter doubleSpendFilter;
void InitRespendFilter() {
seed_insecure_rand();
doubleSpendFilter = CBloomFilter(MAX_DOUBLESPEND_BLOOM, 0.01, insecure_rand(), BLOOM_UPDATE_NONE);
}
////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////
// //
@ -151,24 +156,10 @@ struct CMainSignals {
boost::signals2::signal<void (const uint256 &)> Inventory; boost::signals2::signal<void (const uint256 &)> Inventory;
// Tells listeners to broadcast their data. // Tells listeners to broadcast their data.
boost::signals2::signal<void ()> Broadcast; boost::signals2::signal<void ()> Broadcast;
// Notifies listeners of detection of a double-spent transaction. Arguments are outpoint that is
// double-spent, first transaction seen, double-spend transaction, and whether the second double-spend
// transaction was first seen in a block.
// Note: only notifies if the previous transaction is in the memory pool; if previous transction was in a block,
// then the double-spend simply fails when we try to lookup the inputs in the current UTXO set.
boost::signals2::signal<bool (const COutPoint&, const CTransaction&, bool)> DetectedDoubleSpend;
} g_signals; } g_signals;
} // anon namespace } // anon namespace
void RegisterInternalSignals() {
static CBloomFilter doubleSpendFilter;
seed_insecure_rand();
doubleSpendFilter = CBloomFilter(MAX_DOUBLESPEND_BLOOM, 0.01, insecure_rand(), BLOOM_UPDATE_NONE);
g_signals.DetectedDoubleSpend.connect(boost::bind(RelayableRespend, _1, _2, _3, doubleSpendFilter));
}
void RegisterWallet(CWalletInterface* pwalletIn) { void RegisterWallet(CWalletInterface* pwalletIn) {
g_signals.SyncTransaction.connect(boost::bind(&CWalletInterface::SyncTransaction, pwalletIn, _1, _2)); g_signals.SyncTransaction.connect(boost::bind(&CWalletInterface::SyncTransaction, pwalletIn, _1, _2));
@ -908,6 +899,45 @@ bool RateLimitExceeded(double& dCount, int64_t& nLastTime, int64_t nLimit, unsig
return false; return false;
} }
static bool RelayableRespend(const COutPoint& outPoint, const CTransaction& doubleSpend, bool fInBlock, CBloomFilter& filter)
{
// Relaying double-spend attempts to our peers lets them detect when
// somebody might be trying to cheat them. However, blindly relaying
// every double-spend across the entire network gives attackers
// a denial-of-service attack: just generate a stream of double-spends
// re-spending the same (limited) set of outpoints owned by the attacker.
// So, we use a bloom filter and only relay (at most) the first double
// spend for each outpoint. False-positives ("we have already relayed")
// are OK, because if the peer doesn't hear about the double-spend
// from us they are very likely to hear about it from another peer, since
// each peer uses a different, randomized bloom filter.
if (fInBlock || filter.contains(outPoint)) return false;
// Apply an independent rate limit to double-spend relays
static double dRespendCount;
static int64_t nLastRespendTime;
static int64_t nRespendLimit = GetArg("-limitrespendrelay", 100);
unsigned int nSize = ::GetSerializeSize(doubleSpend, SER_NETWORK, PROTOCOL_VERSION);
if (RateLimitExceeded(dRespendCount, nLastRespendTime, nRespendLimit, nSize))
{
LogPrint("mempool", "Double-spend relay rejected by rate limiter\n");
return false;
}
LogPrint("mempool", "Rate limit dRespendCount: %g => %g\n", dRespendCount, dRespendCount+nSize);
// Clear the filter on average every MAX_DOUBLE_SPEND_BLOOM
// insertions
if (insecure_rand()%MAX_DOUBLESPEND_BLOOM == 0)
filter.clear();
filter.insert(outPoint);
return true;
}
bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransaction &tx, bool fLimitFree, bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransaction &tx, bool fLimitFree,
bool* pfMissingInputs, bool fRejectInsaneFee) bool* pfMissingInputs, bool fRejectInsaneFee)
{ {
@ -945,7 +975,7 @@ bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransa
// Does tx conflict with a member of the pool, and is it not equivalent to that member? // Does tx conflict with a member of the pool, and is it not equivalent to that member?
if (pool.mapNextTx.count(outpoint) && !tx.IsEquivalentTo(*pool.mapNextTx[outpoint].ptx)) if (pool.mapNextTx.count(outpoint) && !tx.IsEquivalentTo(*pool.mapNextTx[outpoint].ptx))
{ {
relayableRespend = g_signals.DetectedDoubleSpend(outpoint, tx, false); relayableRespend = RelayableRespend(outpoint, tx, false, doubleSpendFilter);
if (!relayableRespend) if (!relayableRespend)
return false; return false;
} }
@ -1057,45 +1087,6 @@ bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransa
return !relayableRespend; return !relayableRespend;
} }
static bool RelayableRespend(const COutPoint& outPoint, const CTransaction& doubleSpend, bool fInBlock, CBloomFilter& filter)
{
// Relaying double-spend attempts to our peers lets them detect when
// somebody might be trying to cheat them. However, blindly relaying
// every double-spend across the entire network gives attackers
// a denial-of-service attack: just generate a stream of double-spends
// re-spending the same (limited) set of outpoints owned by the attacker.
// So, we use a bloom filter and only relay (at most) the first double
// spend for each outpoint. False-positives ("we have already relayed")
// are OK, because if the peer doesn't hear about the double-spend
// from us they are very likely to hear about it from another peer, since
// each peer uses a different, randomized bloom filter.
if (fInBlock || filter.contains(outPoint)) return false;
// Apply an independent rate limit to double-spend relays
static double dRespendCount;
static int64_t nLastRespendTime;
static int64_t nRespendLimit = GetArg("-limitrespendrelay", 100);
unsigned int nSize = ::GetSerializeSize(doubleSpend, SER_NETWORK, PROTOCOL_VERSION);
if (RateLimitExceeded(dRespendCount, nLastRespendTime, nRespendLimit, nSize))
{
LogPrint("mempool", "Double-spend relay rejected by rate limiter\n");
return false;
}
LogPrint("mempool", "Rate limit dRespendCount: %g => %g\n", dRespendCount, dRespendCount+nSize);
// Clear the filter on average every MAX_DOUBLE_SPEND_BLOOM
// insertions
if (insecure_rand()%MAX_DOUBLESPEND_BLOOM == 0)
filter.clear();
filter.insert(outPoint);
return true;
}
int CMerkleTx::GetDepthInMainChainINTERNAL(CBlockIndex* &pindexRet) const int CMerkleTx::GetDepthInMainChainINTERNAL(CBlockIndex* &pindexRet) const
{ {

View file

@ -108,8 +108,8 @@ struct CNodeStateStats;
struct CBlockTemplate; struct CBlockTemplate;
/** Set up internal signal handlers **/ /** Initialize respend bloom filter **/
void RegisterInternalSignals(); void InitRespendFilter();
/** Register a wallet to receive updates from core */ /** Register a wallet to receive updates from core */
void RegisterWallet(CWalletInterface* pwalletIn); void RegisterWallet(CWalletInterface* pwalletIn);