Refactor the process of PSBTInput signing to enforce the invariant that
a PSBTInput always has _either_ a witness_utxo or a non_witness_utxo,
never both.
This simplifies the logic of SignPSBTInput slightly, since it no longer
has to deal with the "both" case. When calling it, we now give it, in
order of preference: (1) whichever of the utxo fields was already
present in the PSBT we received, or (2) if neither, the
non_witness_utxo field, which is just a copy of the input transaction,
which we get from the wallet.
SignPSBTInput no longer has to remove one of the two fields; instead, it
will check if we have a witness signature, and if so, it will replace
the non_witness_utxo with the witness_utxo (which is smaller, as it is
just a copy of the output being spent.)
Add PSBTInput::IsSane checks in two more places, which checks for
both utxo fields being present; we will now give an RPC error early on
if we are supplied such a malformed PSBT to fill in.
Also add a check to FillPSBT, to avoid touching any input that is
already signed. (This is now redundant, since we should no longer
potentially harm an already-signed input, but it's harmless.)
fixes#14473
Github-Pull: #14588
Remove redundant arguments to SignPSBTInput -- since it needs several
bits of the PartiallySignedTransaction, pass in a reference instead of
doing it piecemeal. This saves us having to pass in both a PSBTInput and
its index, as well as having to pass in the CTransaction. Also avoid
redundantly passing the sighash_type, which is contained in the
PSBTInput already.
Github-Pull: #14588
Rebased-From: 0f5bda2bd9
Refactor out a "PSBTInputSigned" function to check if a PSBT is signed,
for use in subsequent commits.
Also improve a related comment.
GitHub-Pull: #14588
Rebased-From: 53e6fffb8f
48fef5ebae gui: Fix race in WalletModel::pollBalanceChanged (Russell Yanofsky)
1964561a3a build: don't embed a build-id when building libdmg-hfsplus (fanquake)
Pull request description:
These are not blockers for the 0.19.1 release, as per [IRC discussion this morning](http://www.erisian.com.au/bitcoin-core-dev/log-2020-02-27.html#l-331), doesn't look like there will be an rc3. This PR can collect further backports for the 0.19 branch.
Currently backports:
* https://github.com/bitcoin/bitcoin/pull/18004 - build: don't embed a build-id when building libdmg-hfsplus
* https://github.com/bitcoin/bitcoin/pull/18123 - gui: Fix race in WalletModel::pollBalanceChanged
ACKs for top commit:
promag:
ACK 48fef5ebae.
laanwj:
ACK 48fef5ebae
luke-jr:
utACK 48fef5ebae
Tree-SHA512: c7e7ddda9ee7b8015f16d39aab000e0595f85fe073f79abc1a57b3e2adb0dedc4e07e5fd918e1df5e88b7f3fbc39b57ab3382233c4354b9c2196f65fa1fa6c04
Poll function was wrongly setting cached height to the current chain height
instead of the chain height at the time of polling.
This bug could cause balances to appear out of date, and was first introduced
a0704a8996 (r378452145)
Before that commit, there wasn't a problem because cs_main was held during the
poll update.
Currently, the problem should be rare. But if
8937d99ce81a27ae5e1012a28323c0e26d89c50b from #17954 were merged, the problem
would get worse, because the wrong cachedNumBlocks value would be set if the
wallet was polled in the interval between a block being connected and it
processing the BlockConnected notification.
MarcoFalke <falke.marco@gmail.com> also points out that a0704a8996 could lead
to GUI hangs as well, because previously the pollBalanceChanged method, which
runs on the GUI thread, would only make a nonblocking TRY_LOCK(cs_main) call,
but after could make blocking LOCK(cs_main) calls, potentially locking up the
GUI.
Thanks to John Newbery <john@johnnewbery.com> for finding this bug this while
reviewing https://github.com/bitcoin/bitcoin/pull/17954.
Github-Pull: #18123
Rebased-From: bf36a3ccc212ad4d7c5cb8f26d7a22e279fe3cec
facbdc0f5e doc: Add missing author to 0.19.1 release notes (MarcoFalke)
Pull request description:
Commit 88729d8 is in 0.19, but the author is not in the release notes.
ACKs for top commit:
practicalswift:
ACK facbdc0f5e - credit where credit is due :)
Tree-SHA512: 5e65bdb6d1e2318143c978f7e69e2c22f09dc257d92c5a88c52da43b12b812ebbe1a9202382545d8dfd3bc1ca1927543cfeb1d2e5d6da98c1e90bc26765cb8b4
f5fb7fca96 psbt: check output index is within bounds before accessing (Andrew Chow)
1cf77a2dc3 Don't calculate tx fees for PSBTs with invalid money values (Andrew Chow)
Pull request description:
Backport of #17156, non-trivial due to crossing the refactor in #17371
ACKs for top commit:
laanwj:
ACK f5fb7fca96
Tree-SHA512: 7aabf9a6b8a8e287a26dfbf73a437a3bc55177bef8fc5149d822ef81b8ef2458e1d718c3a19c73532c5cef0f9bd8144574c7fad90ca89f13a08b44edf3a2656d
5e1728017b Squashed 'src/univalue/' changes from 7890db99d6..98261b1e7b (MarcoFalke)
Pull request description:
Version bump backported from #18099
ACKs for top commit:
laanwj:
ACK fa4d00b569
Tree-SHA512: dc34c98d9b1f450db700633ce7b674a3edf83bd12f3b77b74544a6b24f3e3b1f3c91f40d0ad6c27f82c1b26e88cf7625311b93f00e492a813dbdcca9f461cb5e
If a destination is reused we mark the cache of the other transactions going to that destination dirty so they are not accidentally reported as trusted when the cache is hit.
Github-Pull: #17843
Rebased-From: 6fc554f591d8ea1681b8bb25aa12da8d4f023f66
In decodepsbt if an invalid amount is seen, don't calculate the fee
but still show the invalid value in the decode.
In analyze psbt, if an invalid amount is seen, set the next step to
be the creator as the creator needs to remake the transaction so that
it is valid.
Github-Pull: #17156
Rebased-From: f1ef7f0aa46338f4cd8de79696027a1bf868f359
daf2fff236 test: add missing #include to fix compiler errors (Karl-Johan Alm)
c8ad23c529 bug-fix macos: give free bytes to F_PREALLOCATE (Karl-Johan Alm)
Pull request description:
We're about ready to do a [0.19.1 release](https://github.com/bitcoin/bitcoin/milestone/44); so I've opened this to collect the last remaining backports.
If there's something that's been missed / or isn't tagged ["Needs backport (0.19)"](https://github.com/bitcoin/bitcoin/issues?q=is%3Aopen+label%3A%22Needs+backport+%280.19%29%22) that you think should be, please comment.
Currently backports:
* #17887 - bug-fix macos: give free bytes to F_PREALLOCATE
* #17980 - test: add missing #include to fix compiler errors
ACKs for top commit:
laanwj:
ACK daf2fff236
Tree-SHA512: 8438f992d0c39315a4da4c3f8ab5c92acefada4b0ba5a5cec3775dea2541492d386bf4e7c9e76e1494a6d4cf16a9205287d27ffd23d9c3056f213d733605eeee
This is effectively a no-op except for the dates and version numbers.
Tree-SHA512: a2b298bfac6466e81f4951c382cdd350f43989b08dc466e72ea02588b2fc6d1b9a2839401e6c188361696aa25b0c851c142df88985b106d4c41b067366ced55e
The macos manpage for fcntl (for F_PEOFPOSMODE) states:
> Allocate from the physical end of file. In this case, fst_length indicates the number of newly allocated bytes desired.
Github-Pull: #17887
Rebased-From: 75163f4729c10c40d2843da28a8c79ab89193f6a
There was an accidental direct push to the 0.19 branch, add a merge
commit with signature and treehash to make verify-commits happy again.
Tree-SHA512: 47e9f37ec2b8d8402cf3d05f71713ef7e71843dd8360d68e21f99dcd285fc397171907102aad8e6e8525097f589f3c419f1f0c18ff66c7e45a553af8625a0842
cd67b1dcb8 Use correct C++11 header for std::swap() (Hennadii Stepanov)
b8101fb7ac Fix comparison function signature (Hennadii Stepanov)
eac49073eb Don't allow implementers to think ScriptHash(Witness*()) results in nesting computation (Gregory Sanders)
e2c45d89f7 IsUsedDestination shouldn't use key id as script id for ScriptHash (Gregory Sanders)
a5489c9892 IsUsedDestination should count any known single-key address (Gregory Sanders)
88729d804e Fix issue with conflicted mempool tx in listsinceblock (Adam Jonas)
eafcea7a0a gui: Fix duplicate wallet showing up (João Barbosa)
7e66d04770 Drop signal CClientUIInterface::LoadWallet (Russell Yanofsky)
179d55f052 zmq: Fix due to invalid argument and multiple notifiers (João Barbosa)
Pull request description:
Backports
- #16963
- #17445
- #17258
- #17621
- #17924
- #17634
ACKs for top commit:
laanwj:
ACK cd67b1dcb8, checked that I got more or less the same result (including conflict resolution) backporting these commits
Tree-SHA512: 645786267cfb10a01a56f7cfd91ddead5f1475df5714595ae480237e04d40c5cfb7460b40532279cacd83e4b775a4ace68a258ec2184b8ad0e997a690a9245e5