Commit graph

20952 commits

Author SHA1 Message Date
MarcoFalke
0626b8cbdf
Merge #16445: test: Skip flaky p2p_invalid_messages test on macOS
c3dfc91032 test: Skip flaky p2p_invalid_messages test on macOS (Fabian Jahr)

Pull request description:

  This mitigates https://github.com/bitcoin/bitcoin/issues/15400

  I had a look into the issue today and this seems to be the best we can do given that the root causes some unexpected custom error code from the macOS kernel that python/asyncio doesn't know how to handle properly yet.

Top commit has no ACKs.

Tree-SHA512: 20a0551d45c405b6eb0ae58190b701c7026c52eff6c434bc678f723a4dabf0074e5b52a8bb3d51ee7132dc29419d1e67a24696761c444c62cd4d429ec768e67d
2019-07-24 07:18:45 -04:00
fanquake
248e22bbc0
depends: disable unused Qt features 2019-07-24 09:50:31 +08:00
fanquake
f509e3b8ce
doc: remove line numbers from qt package links 2019-07-24 09:17:48 +08:00
fanquake
1bb1661a40
doc: fix typo in bitcoin_qt.m4 comment 2019-07-24 09:17:47 +08:00
fanquake
0aeb98ac1f
build: remove jpeg lib check from bitcoin_qt.m4 2019-07-24 09:17:47 +08:00
fanquake
98a64bd296
build: disable libjpeg in qt 2019-07-24 09:17:40 +08:00
MarcoFalke
67923d6b3c
Merge #16366: init: Use InitError for all errors in bitcoind/qt
fa6f402bde Call node->initError instead of InitError from GUI code (Russell Yanofsky)
fad2502240 init: Use InitError for all errors in bitcoind/qt (MarcoFalke)

Pull request description:

  Using the same InitError for startup error in the daemon and the gui makes it possible to run the tests with the gui again:

  ```sh
  BITCOIND=bitcoin-qt ./test/functional/test_runner.py feature_includeconf feature_config_args

ACKs for top commit:
  hebasto:
    ACK fa6f402bde
  ryanofsky:
    utACK fa6f402bde. Only changes since last review are removing more includes and adding Node::initError method to avoid accessing node `InitError` function and global variables from GUI code.

Tree-SHA512: bd19e08dcea4019dfe40356bc5c63cb583cefed54b6c9dcfb82f1b5b00308d8e2b363549afcaea5e93bf83864dbe0917400c3b70f43a8a5bdff45c9cd34cc294
2019-07-23 18:40:46 -04:00
Fabian Jahr
c3dfc91032 test: Skip flaky p2p_invalid_messages test on macOS 2019-07-23 15:59:27 -04:00
Hennadii Stepanov
4057b7acb7
wallet: Recognize -disablewallet option early 2019-07-23 15:38:10 +03:00
fanquake
e6e99d4f75
Merge #16408: depends: Prune X packages
0c55d8b581 depends: qt: Patch to remove dep on libX11 (Carl Dong)
222e6cc520 gitignore: Actually pay attention to depends patches (Carl Dong)
65f8da08df symbol-check: Disallow libX11-*.so.* shared libraries (Carl Dong)
924569914e depends: libXext isn't needed by anyone (Carl Dong)
689d3b4a03 build-aux: Remove check for x11-xcb (Carl Dong)
aa53cb7a2f depends: libX11: Make package headers-only (Carl Dong)
9a01ab04e1 depends: qt: Explicitly stop using Xlib/libX11 (Carl Dong)
1ec30b8fbe depends: xproto is only directly needed by libXau (Carl Dong)

Pull request description:

  Related to: #16150

  We noticed that we could build QT without using XLib/libX11 as a library. XLib/libX11's headers are still used, and a minimal `configure.ac` has been added to eliminate overly-enthusiastic configure-time dependencies that aren't actually required to obtain the headers.

  This also means that we eliminate XLib/libX11 as required shared libraries at runtime, which is desirable.

  See commit messages for more details.

  ---

  Reviewers: I am least sure about the minimal `configure.ac`, as I'm not too familiar with the autoconf syntax. Any improvements w/re robustness would be welcome.

ACKs for top commit:
  theuni:
    ACK 0c55d8b581
  fanquake:
    ACK 0c55d8b581

Tree-SHA512: 41f653a0f91bc0e0faac49713c0c6dfd8cb605f9c4e34eb75a790dd808ebf3e5c160f1dd40bc8fbc911ee718ea319313b526d63733c98ff62d8dffecb58caa01
2019-07-23 15:07:31 +08:00
fanquake
848f245d04
Merge #16355: refactor: move CCoinsViewErrorCatcher out of init.cpp
4f050b91c7 move-onlyish: move CCoinsViewErrorCatcher out of init.cpp (James O'Beirne)

Pull request description:

  This is part of the [assumeutxo project](https://github.com/bitcoin/bitcoin/projects/11):

  Parent PR: #15606
  Issue: #15605
  Specification: https://github.com/jamesob/assumeutxo-docs/tree/2019-04-proposal/proposal

  ---

  This change moves `CCoinsViewErrorCatcher` out of `init` and into `coins` so that it can later be included in [a `CoinsView` instance](91284964ef (diff-349fbb003d5ae550a2e8fa658e475880R504)) under `CChainState`.

  Instead of hardcoding read failure behavior that has knowledge of qt, it accepts error callbacks via `AddReadErrCallback()`.

ACKs for top commit:
  dongcarl:
    re-ACK 4f050b91c7
  ryanofsky:
    utACK 4f050b91c7. Only change since last review is fixing const.

Tree-SHA512: eaba21606d15d2b8d0e3db7cec57779ce181af953db1ef4af80a0bc1dfb57923d0befde9d61b7be55c32224744f7fb6bd47d4e4c72f3ccfe6eaf0f4ae3765c17
2019-07-23 12:42:24 +08:00
fanquake
ad4391ca38
Merge #16430: doc: Update bips 35, 37 and 111 status
fa56b21c74 doc: Update bips 35, 37 and 111 status (MarcoFalke)

Pull request description:

  Follow-up to

  * #16152: Disable bloom filtering by default

ACKs for top commit:
  laanwj:
    ACK fa56b21c74, thanks for keeping this file up to date
  fanquake:
    ACK fa56b21c74

Tree-SHA512: 50c17067abbba096e8604b8abccbd0474ecc2dca973935751720c79a023a2d517bb025bb6c36d4fb0d29b7338322af7ae1c0d5a9aaf2712000d9d336c898c204
2019-07-23 10:38:26 +08:00
MarcoFalke
67737cf22a
Merge #16438: travis: Print memory and number of cpus
fa4010e112 travis: Print memory and number of cpus (MarcoFalke)

Pull request description:

  For some reason it shows a different value than the one they advertise. This might be related to the flood of sanitizer warnings we see.

  https://docs.travis-ci.com/user/reference/overview/#virtualisation-environment-vs-operating-system

Top commit has no ACKs.

Tree-SHA512: 285bdf6e7fe29990b980acf64ca658f4319d17c770f45cfd4339244e6b7ec11b7a39b9c4a54e71415c32fef08ee5da75ab7171861905494d633631779480c146
2019-07-22 21:25:56 -04:00
MarcoFalke
fa4010e112
travis: Print memory and number of cpus 2019-07-22 20:26:10 -04:00
Amiti Uttarwar
80ba4241a6
extract min & max depth onto coin control 2019-07-22 15:23:21 -04:00
Andrew Chow
35e60e790f Remove ReadVersion and WriteVersion
The "version" record that these functions read and write are not
used anywhere in the code except for one place. There is no reason
to expose these functions publicly. Furthermore, this avoids potential
confusion as developers may mistake these functions for actually
reading and writing the wallet version when they do not.
2019-07-22 13:03:28 -04:00
Andrew Chow
b3d4f6c961 Log the actual wallet file version
The actual wallet file version is the minversion record, not the
version record.
2019-07-22 13:03:24 -04:00
Andrew Chow
c88e87c3b2 Remove nFileVersion from CWalletScanState
nFileVersion is not the actual file version and is not used except
in one place. So it is removed from CWalletScanState and changed so
that it is just read at the place it is needed. Furthermore, the
"version" record now only indicates the version of the highest
versioned client that has opened a wallet file so the variable
name is changed accordingly
2019-07-22 13:02:03 -04:00
Daniel Kraft
29ee4c417d Specify AM_CPPFLAGS for ZMQ.
When building the ZMQ static library, add AM_CPPFLAGS to the library
CPPFLAGS.  Otherwise, we may miss important flags that are specified
elsewhere.  For instance, if --enable-debug is passed and
-DDEBUG_LOCKORDER set, then that would not apply to the ZMQ library
before (causing potential for hard-to-find bugs).
2019-07-22 14:26:18 +02:00
MarcoFalke
0000ff0aa7
txmempool: Remove unused default value MemPoolRemovalReason::UNKNOWN 2019-07-22 07:40:24 -04:00
James O'Beirne
4f050b91c7 move-onlyish: move CCoinsViewErrorCatcher out of init.cpp
and into coins.cpp. This move is necessary so that we can later include a
CCoinsViewErrorCatcher instance under CChainState.

Co-authored-by: MarcoFalke <falke.marco@gmail.com>
2019-07-21 21:00:31 -04:00
MarcoFalke
fa56b21c74
doc: Update bips 35, 37 and 111 status 2019-07-21 10:21:40 -04:00
MarcoFalke
fabfcb5d8e
build: Treat -Wswitch as error when --enable-werror 2019-07-19 15:40:48 -04:00
Fabian Jahr
e967cae8fa Use switch on status in RpcWallet 2019-07-19 14:34:53 -04:00
Fabian Jahr
ba1f128d6c Return error for ignored passphrase through disable private keys option 2019-07-19 14:34:33 -04:00
Wladimir J. van der Laan
51a6e2c419
Merge #15681: [mempool] Allow one extra single-ancestor transaction per package
50cede3f5a [mempool] Allow one extra single-ancestor transaction per package (Matt Corallo)

Pull request description:

  This implements the proposed policy change from [1], which allows
  certain classes of contract protocols involving revocation
  punishments to use CPFP. Note that some such use-cases may still
  want some form of one-deep package relay, though even this alone
  may greatly simplify some lightning fee negotiation.

  [1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-November/016518.html

ACKs for top commit:
  ajtowns:
    ACK 50cede3f5a -- looked over code again, compared with previous commit, compiles, etc.
  sdaftuar:
    ACK 50cede3f5a
  ryanofsky:
    utACK 50cede3f5a. Changes since last review: adding EXTRA_DESCENDANT_TX_SIZE_LIMIT constant, changing max ancestor size from 1,000,000 to nLimitAncestorSize constant (101,000), fixing test comment and getting rid of unused test node.

Tree-SHA512: b052c2a0f384855572b4579310131897b612201214b5abbb225167224e4f550049e300b471dbf320928652571e92ca2d650050b7cf39ac92b3bc1d2bcd386c1c
2019-07-19 20:00:12 +02:00
Wladimir J. van der Laan
f4b1fe7165
Merge #16412: net: Make poll in InterruptibleRecv only filter for POLLIN events.
a52818cc56 net: Make poll in InterruptibleRecv only filter for POLLIN events. poll should block until there is data to be read or the timeout expires. (tecnovert)

Pull request description:

  poll should block until there is data to be read or the timeout expires.

  Filtering for the POLLOUT event causes poll to return immediately which leads to high CPU usage when trying to connect to non-responding peers through tor.

  When USE_POLL is not defined select is used with the writefds parameter set to nullptr.
  Removing POLLOUT causes the behavior of poll to match that of select.

  Fixes: #16004.

ACKs for top commit:
  laanwj:
    code review ACK a52818cc56
  jonasschnelli:
    utACK a52818cc56

Tree-SHA512: 69934cc14e3327c7ff7f6c5942af8761e865220b2540d74ea1e176adad326307a73860417dddfd32d601b5c0e9e2ada1848bd7e3d27b0b7a9b42f11129af8eb1
2019-07-19 17:20:23 +02:00
MarcoFalke
c7b7cf299a
Merge #16422: test: remove redundant setup in addrman_tests
5c3c24cf9e test: remove redundant setup in addrman_tests (zenosage)

Pull request description:

  #10765 make this default behavior. No reason to keep these line.

Top commit has no ACKs.

Tree-SHA512: 545eea9c2d0741a75708f288f2c8752534ecaa6d54a9d014ef9afa295b0d075007704b64809eec090023703f47753e8ec755d22c9ccecf57b75f6898f6b708dd
2019-07-19 10:18:23 -04:00
fanquake
59ce537a49
Merge #16152: Disable bloom filtering by default.
bead32e31e Add release notes for DEFAULT_BLOOM change (Matt Corallo)
f27309f55c Move DEFAULT_PEERBLOOMFILTERS from validation.h to net_processing.h (Matt Corallo)
5efcb77283 Disable bloom filtering by default. (Matt Corallo)

Pull request description:

  BIP 37 bloom filters have been well-known to be a significant DoS
  target for some time. However, in order to provide continuity for
  SPV clients relying on it, the NODE_BLOOM service flag was added,
  and left as a default, to ensure sufficient nodes exist with such a
  flag.

  NODE_BLOOM is, at this point, well-established and, as long as
  there exist 0.18 nodes with default config (which I'd anticipate
  will be true for many years), will be available from some peers. By
  that time, the continued slowdown of BIP 37-based filtering will
  likely have rendered it useless (though this is already largely the
  case). Further, BIP 37 was deliberately never updated to support
  witness-based filtering as newer wallets are expected to migrate to
  some yet-to-be-network-exposed filters.

ACKs for top commit:
  jnewbery:
    ACK bead32e31e
  kallewoof:
    ACK bead32e31e

Tree-SHA512: ecd901898e8efe1a7c82b471af0acc2373c2282ac633eb58d9aae7c35deda1999d0f79fb0485e6cecbda7246aeda00206cd82c7fa36866e2ac64705ba93f9390
2019-07-19 17:33:56 +08:00
fanquake
89d7229c9c
Merge #16420: QA: Fix race condition in wallet_encryption test
024ecd7e01 QA: Fix race condition in wallet_encryption test (Jonas Schnelli)

Pull request description:

  There is some imprecision probably in the internal HTTPRPCTimer class (haven't exactly figured out where).
  But we can't expect that waiting excatly 2 seconds right after calling `walletpassphrase(2)` will result in a locked wallet due to the nature how we internally handle threads/timers.

  The wallet_encryption test fails regularely in CIs.

  Here is a logged session:
  ```shell
   node0 2019-07-18T18:51:22.569739Z [] ThreadRPCServer method=walletpassphrase user=__cookie__ 
   node0 2019-07-18T18:51:22.628656Z [] queue run of timer lockwallet() in 2 seconds (using HTTP) 
   node0 2019-07-18T18:51:22.629002Z [] Received a POST request for / from 127.0.0.1:46898 
   node0 2019-07-18T18:51:22.629081Z [] ThreadRPCServer method=dumpprivkey user=__cookie__ 
   node0 2019-07-18T18:51:24.445620Z [] Flushing wallet.dat 
   node0 2019-07-18T18:51:24.451421Z [] Flushed wallet.dat 6ms 
   node0 2019-07-18T18:51:24.631703Z [] Received a POST request for / from 127.0.0.1:46898 
   node0 2019-07-18T18:51:24.631737Z [] ThreadRPCServer method=dumpprivkey user=__cookie__ 
   test  2019-07-18T18:51:24.632000Z TestFramework (ERROR): Assertion failed 
                                     Traceback (most recent call last):
                                       File "/home/ubuntu/src/test/functional/test_framework/test_framework.py", line 193, in main
                                         self.run_test()
                                       File "/home/ubuntu/src/test/functional/wallet_encryption.py", line 53, in run_test
                                         assert_raises_rpc_error(-13, "Please enter the wallet passphrase with walletpassphrase first", self.nodes[0].dumpprivkey, address)
  ```

ACKs for top commit:
  promag:
    ACK 024ecd7e01, simple fix, one second shouldn't hurt.
  MarcoFalke:
    ACK 024ecd7e01
  fanquake:
    ACK 024ecd7e01

Tree-SHA512: 0cda1b8969b084bb765d2b35e90a8611c565ee458a7be1f2dde675f8ddbd9b9e421514547a7683f836e2c996e0538eb66b8c5b935b5a81e9319fb2be27624374
2019-07-19 09:06:49 +08:00
Andrew Chow
c6a8274247 Have importprivkey use CWallet's ImportPrivKeys, ImportScripts, and ImportScriptPubKeys
Behavior changes:
* If we already have the key, it's wpkh script will still be added, although it should already be there
2019-07-18 20:35:51 -04:00
Andrew Chow
fae7a5befd Log when an import is being skipped because we already have it
Behavior Changes:
* Those pubkeys being imported with add_keypool set and are already in the wallet will no longer be added to the keypool
2019-07-18 20:34:53 -04:00
zenosage
5c3c24cf9e test: remove redundant setup in addrman_tests 2019-07-18 17:31:46 -07:00
Carl Dong
0c55d8b581
depends: qt: Patch to remove dep on libX11
We can actually patch QT to remove its dependency on libX11's headers.
It turns it this wasn't that hard.
2019-07-18 17:43:06 -04:00
Carl Dong
222e6cc520
gitignore: Actually pay attention to depends patches
There was a previous attempt to achieve this, and it was bad. This
works.
2019-07-18 17:41:50 -04:00
Matt Corallo
bead32e31e Add release notes for DEFAULT_BLOOM change 2019-07-18 17:29:24 -04:00
Jonas Schnelli
024ecd7e01
QA: Fix race condition in wallet_encryption test 2019-07-18 22:31:24 +02:00
Russell Yanofsky
4d94916f0d Get rid of PendingWalletTx class.
No reason for this class to exist if it doesn't have any code to run in the
destructor. e10e1e8db0 from
https://github.com/bitcoin/bitcoin/pull/16208 recently removed code destructor
code that would return an unused key if the transaction wasn't committed.
2019-07-18 12:06:23 -04:00
Wladimir J. van der Laan
e5abb59a9a
Merge #16379: Fix autostart filenames on Linux for testnet/regtest
ae311bc036 Fix autostart filenames on Linux (Hennadii Stepanov)

Pull request description:

  Currently, on master the `bitcoin-test.lnk` and `bitcoin-regtest.lnk` files do not work as autostart application `.desktop` files.

  This PR fixes it.

  Refs:
  - #7045
  - [Autostart Of Applications During Startup](https://standards.freedesktop.org/autostart-spec/autostart-spec-latest.html)

ACKs for top commit:
  promag:
    utACK ae311bc, weird why extension `.lnk` was used in #7045.
  laanwj:
    Code review ACK ae311bc036

Tree-SHA512: 210cc346600d52b0a262c81ed5f258365a3cea2e5522f4b5f4798fd3b54f45ed82aba68eefae59a6b6f1d8e4d00221476c23bdffc038f16f2f45c1acc837f522
2019-07-18 14:27:25 +02:00
Wladimir J. van der Laan
65d12110d4
Merge #16405: fix: tor: Call event_base_loopbreak from the event's callback
a981e749e6 fix: tor: Call event_base_loopbreak from the event's callback (João Barbosa)

Pull request description:

  Calling `event_base_loopbreak` before `event_base_dispatch` has no effect. Fix this by calling `event_base_loopbreak` from the event's callback. From the [documentation](http://www.wangafu.net/~nickm/libevent-2.0/doxygen/html/event_8h.html#a07a7599e478e4031fa8cf52e26d8aa1e):

  > event_base_loop() will abort the loop after the next event is completed; event_base_loopbreak() is typically invoked from this event's callback. This behavior is analogous to the "break;" statement.

  This can be tested by running the following with and without this change:
  ```sh
  bitcoind -- -regtest -proxy=127.0.0.1:9050 -listen=1 -bind=127.0.0.1 -whitebind=127.0.0.1:0
  ```

  Fixes #16376.

ACKs for top commit:
  laanwj:
    code review ACK a981e749e6
  fanquake:
    ACK a981e749e6

Tree-SHA512: 328fe71366404d5be8177d7081d5b4868cee73412df631a1865d24fb1c153427210762738109e06b737f037f4c68966812fba041831bb9e8129861f19ce61a63
2019-07-18 13:58:12 +02:00
tecnovert
a52818cc56
net: Make poll in InterruptibleRecv only filter for POLLIN events.
poll should block until there is data to be read or the timeout expires.

Filtering for the POLLOUT event causes poll to return immediately which leads to high CPU usage when trying to connect to non-responding peers through tor.

Removing POLLOUT matches how select is used when USE_POLL isn't defined.
2019-07-18 13:04:16 +02:00
fanquake
0515406acb
Merge #16374: test: Enable passing wildcard test names to test runner from root
e142ee03e7 doc: describe how to pass wildcard names to test runner (Jon Atack)
6a7a70b8cf test: enable passing wildcards with path to test runner (Jon Atack)

Pull request description:

  Currently, passing wildcard testname args to the test runner from outside the test/functional/ directory does not work, even though developers expect it to. See these recent IRC discussions for more background: http://www.erisian.com.au/bitcoin-core-dev/log-2019-07-10.html#l-262 (lines 262 to 323) and http://www.erisian.com.au/bitcoin-core-dev/log-2019-07-11.html#l-134.

  1. [BUGFIX] Enable passing wildcards with paths. Examples:
      - `test/functional/test_runner.py test/functional/wallet*`
      - `functional/test_runner.py functional/wallet*`
      - `test/functional/test_runner.py ./test/functional/tool* test/functional/mempool*`
      - A current limitation this PR does not change: 9 test files with arguments in their filename are not picked up by wildcard search.

  2. [Docs] Describe how to pass wildcard names (multiple and with paths) to the test runner in test/README.md.

ACKs for top commit:
  jnewbery:
    tested ACK e142ee03e7
  jachiang:
    Tested ACK e142ee03e7. Thanks a lot for this fix!
  MarcoFalke:
    ACK e142ee03e7, fine with me

Tree-SHA512: cb3d994880cdc9b8918546b573a25faa5b4c7339826ac7cfe20f076aac6e731a34271609c0cf5a7ee5e4a2d5ae205298319d24bf36ef5b5d569a1a0c57883e54
2019-07-18 10:05:08 +08:00
Carl Dong
65f8da08df
symbol-check: Disallow libX11-*.so.* shared libraries
They should no longer be needed as we build QT without libX11/XLib
libraries now.
2019-07-17 17:09:48 -04:00
Carl Dong
924569914e
depends: libXext isn't needed by anyone
libXext was only needed (as a library) by QT when it was using
XLib/libX11 (as a library), now that we're building QT without
XLib/libX11, we can safely remove libXext.
2019-07-17 17:04:42 -04:00
Carl Dong
689d3b4a03
build-aux: Remove check for x11-xcb
We're no longer building QT with libX11/XLib, so it doesn't make sense
to check for the x11-xcb package.
2019-07-17 17:04:41 -04:00
Carl Dong
aa53cb7a2f
depends: libX11: Make package headers-only
We're no longer building QT with libX11/XLib, however, libX11/XLib
headers are still required for parts of QT. In this commit we add a
minimal configure.ac for libX11/XLib that is headers-only.

This change allows us to remove all of libX11/XLib's dependencies.
2019-07-17 17:04:40 -04:00
Carl Dong
9a01ab04e1
depends: qt: Explicitly stop using Xlib/libX11
Previously, in 683b7d7a3f and
0e752637a2, we accidentally broke QT's
ability to pick up Xlib thru the config.gui.tests.xlib configuration
test, which also means that config.gui.libraries.xcb_xlib wasn't run.

This resulted in a QT build that was implicitly -no-xcb-lib and
-no-feature-xlib.

This is actually a desired behaviour, as it means less required shared
objects for our final bitcoin-qt binary. Specifically, it eliminated the
libX11-xcb.so.1 and libX11.so.6 requirements.

In this commit, we explicitly build without Xlib. We should continue to
track upstream ticket https://bugreports.qt.io/browse/QTBUG-61452 which
talks about adding a -no-xlib (non-hidden) flag instead of the
-no-feature-xlib (hidden) flag.
2019-07-17 17:04:39 -04:00
Carl Dong
1ec30b8fbe
depends: xproto is only directly needed by libXau 2019-07-17 17:04:38 -04:00
João Barbosa
a981e749e6 fix: tor: Call event_base_loopbreak from the event's callback 2019-07-17 15:32:38 +01:00
MeshCollider
459baa1756
Merge #16208: wallet: Consume ReserveDestination on successful CreateTransaction
e10e1e8db0 Restrict lifetime of ReserveDestination to CWallet::CreateTransaction (Gregory Sanders)
d9ff862f2d CreateTransaction calls KeepDestination on ReserveDestination before success (Gregory Sanders)

Pull request description:

  The typical usage pattern of `ReserveDestination` is to explicitly `KeepDestination`, or `ReturnDestination` when it's detected it will not be used.

  Implementers such as myself may fail to complete this pattern, and could result in key re-use: https://github.com/bitcoin/bitcoin/pull/15557#discussion_r271956393

  Since ReserveDestination is currently only used directly in the `CreateTransaction`/`CommitTransaction` flow(or fee bumping where it's just used in `CreateTransaction`), I instead make the assumption that if a transaction is returned by `CreateTransaction` it's highly likely that it will be accepted by the caller, and the `ReserveDestination` kept. This simplifies the API as well. There are very few cases where this would not be the case which may result in keys being burned.

  Those failure cases appear to be:
  `CommitTransaction` failing to get the transaction into the mempool
  Belt and suspenders check in `WalletModel::prepareTransaction`

  Alternative to https://github.com/bitcoin/bitcoin/pull/15796

ACKs for top commit:
  achow101:
    ACK e10e1e8db0 Reviewed the diff
  stevenroose:
    utACK e10e1e8db0
  meshcollider:
    utACK e10e1e8db0

Tree-SHA512: 78d047a00f39ab41cfa297052cc1e9c224d5f47d3d2299face650d71827635de077ac33fb4ab9f7dc6fc5a27f4a68415a1bc9ca33a3cb09a78f4f15b2a48411b
2019-07-17 19:45:55 +12:00