Commit graph

21510 commits

Author SHA1 Message Date
Andrew Chow
1770a972d4 HTML escape the wallet name in more dialogs and notifications 2019-09-08 16:40:05 -04:00
Hennadii Stepanov
4be3b7680e
refactor: Cleanup walletinitinterface.h
Forward declarations of CScheduler and CRPCTable classes are no longer 
needed after ea961c3d72 commit.
Including <string> is no longer needed after 
4d4185a4f0 commit.
2019-09-08 17:29:30 +03:00
MarcoFalke
fabca7756d
doc: Add issue templates for bug and feature request 2019-09-08 15:39:54 +02:00
Aaron Clauson
1619684322
Added libbitcoin_qt and bitcoin-qt to the msbuild configuration. 2019-09-08 14:13:05 +02:00
MarcoFalke
410b745fe0
Merge #16735: gui: Remove unused menu items for Windows and Linux
f091dc8180 GUI: Remove unused menu items for Windows and Linux (GChuf)

Pull request description:

  Removed "Main Window" and "Restore" menu option for Windows and linux
  Keep the options for macOS

ACKs for top commit:
  MarcoFalke:
    unsigned ACK f091dc8180
  fanquake:
    ACK f091dc8180 - tested on macOS, Windows and Linux.
  MarcoFalke:
    ACK f091dc8180
  kristapsk:
    ACK f091dc8180 (tested on Linux with Xfce4)

Tree-SHA512: a84a9a8bd3b09224f111cad4712076150524a24d6f09910147194c4149222443c453372db61eed8aa82c3450339b63fd216288196feb4ab637b6ea21b0109830
2019-09-08 13:53:07 +02:00
fanquake
189c19e012
Merge #15759: p2p: Add 2 outbound block-relay-only connections
0ba08020c9 Disconnect peers violating blocks-only mode (Suhas Daftuar)
937eba91e1 doc: improve comments relating to block-relay-only peers (Suhas Daftuar)
430f489027 Don't relay addr messages to block-relay-only peers (Suhas Daftuar)
3a5e885306 Add 2 outbound block-relay-only connections (Suhas Daftuar)
b83f51a4bb Add comment explaining intended use of m_tx_relay (Suhas Daftuar)
e75c39cd42 Check that tx_relay is initialized before access (Suhas Daftuar)
c4aa2ba822 [refactor] Change tx_relay structure to be unique_ptr (Suhas Daftuar)
4de0dbac9b [refactor] Move tx relay state to separate structure (Suhas Daftuar)
26a93bce29 Remove unused variable (Suhas Daftuar)

Pull request description:

  Transaction relay is optimized for a combination of redundancy/robustness as well as bandwidth minimization -- as a result transaction relay leaks information that adversaries can use to infer the network topology.

  Network topology is better kept private for (at least) two reasons:

  (a) Knowledge of the network graph can make it easier to find the source IP of a given transaction.

  (b) Knowledge of the network graph could be used to split a target node or nodes from the honest network (eg by knowing which peers to attack in order to achieve a network split).

  We can eliminate the risks of (b) by separating block relay from transaction relay; inferring network connectivity from the relay of blocks/block headers is much more expensive for an adversary.

  After this commit, bitcoind will make 2 additional outbound connections that are only used for block relay. (In the future, we might consider rotating our transaction-relay peers to help limit the effects of (a).)

ACKs for top commit:
  sipa:
    ACK 0ba08020c9
  ajtowns:
    ACK 0ba08020c9 -- code review, ran tests. ran it on mainnet for a couple of days with MAX_BLOCKS_ONLY_CONNECTIONS upped from 2 to 16 and didn't observe any unexpected behaviour: it disconnected a couple of peers that tried sending inv's, and it successfully did compact block relay with some block relay peers.
  TheBlueMatt:
    re-utACK 0ba08020c9. Pointed out that stats.fRelayTxes was sometimes uninitialized for blocksonly peers (though its not a big deal and only effects RPC), which has since been fixed here. Otherwise changes are pretty trivial so looks good.
  jnewbery:
    utACK 0ba08020c9
  jamesob:
    ACK 0ba08020c9

Tree-SHA512: 4c3629434472c7dd4125253417b1be41967a508c3cfec8af5a34cad685464fbebbb6558f0f8f5c0d4463e3ffa4fa3aabd58247692cb9ab8395f4993078b9bcdf
2019-09-07 17:45:03 +08:00
fanquake
b5a8d0cff1
Merge #15450: gui: Create wallet menu option
613de61a04 Add Create Wallet menu action (Andrew Chow)
9b41cbb28f Expose wallet creation to the GUI via WalletController (Andrew Chow)
78863e2900 Add CreateWalletDialog to create wallets from the GUI (Andrew Chow)
60adb21c7a Optionally allow AskPassphraseDialog to output the passphrase (Andrew Chow)
bc6d8a3662 gui: Refactor OpenWalletActivity (João Barbosa)

Pull request description:

  This PR adds a menu option to create a new wallet. When clicked, a `CreateWalletDialog` will be created and prompt the user to name the wallet and choose whether to disable private keys, make a blank wallet, and encrypt the wallet. If the wallet is encrypted, the wallet will be born encrypted with the wallet first created blank, then encrypted, and then a new HD seed generated and set.

  To allow the newly created wallets to be encrypted, some changes to how encrypting a wallet works. Instead of encrypting and locking the wallet, the wallet will be encrypted and then unlocked. This is also an extra belt-and-suspenders check to make sure that encryption worked.

ACKs for top commit:
  fanquake:
    ACK 613de61a04 - re-reviewed on macOS. I'm going to merge this now. It's had a stack of review, and as mentioned multiple times above, lets get this into `master` so it can get more testing pre `v0.19.0`.

Tree-SHA512: 3f22cc20b13703ffc90d366ae9133114832fea77f4f319da7fd85eb454f2f0bd5d7e1e6e20284dea2f370d8574f83b45669dcbbe506b994410d32e8e7a6fa877
2019-09-07 14:45:58 +08:00
fanquake
e4b974830e
Merge #16810: guix: Remove ssp spec file hack
0065ead5eb contrib: guix: Remove ssp spec file hack (Carl Dong)
0093a5869a contrib: guix: More robust search paths, add checks (Carl Dong)

Pull request description:

  See commit messages for more details

ACKs for top commit:
  fanquake:
    ACK 0065ead5eb

Tree-SHA512: fde04005fb31cd4b75b80da4936a7c394f63f0b3bdcc33c20c99e05604a63efd9c850a8d097030ff0bf4b4e83f1a9997fc4621ce291ebcecd8397893447600a7
2019-09-07 13:16:39 +08:00
fanquake
0d20c42a01
Merge #16421: Conservatively accept RBF bumps bumping one tx at the package limits
5ce822efbe Conservatively accept RBF bumps bumping one tx at the package limits (Matt Corallo)

Pull request description:

  Based on #15681, this adds support for some simple cases of RBF inside of large packages. Issue pointed out by sdaftuar in #15681, and this fix (or a broader one) is required ot make #15681 fully useful.

  Accept RBF bumps of single transactions (ie which evict exactly one
  transaction) even when that transaction is a member of a package
  which is currently at the package limit iff the new transaction
  does not add any additional mempool dependencies from the original.

  This could be made a bit looser in the future and still be safe,
  but for now this fixes the case that a transaction which was
  accepted by the carve-out rule will not be directly RBF'able

ACKs for top commit:
  instagibbs:
    re-ACK 5ce822efbe
  ajtowns:
    ACK 5ce822efbe ; GetSizeWithDescendants is only change and makes sense
  sipa:
    Code review ACK 5ce822efbe. I haven't thought hard about the effect on potential DoS issues this policy change may have.

Tree-SHA512: 1cee3bc57393940a30206679eb60c3ec8cb4f4825d27d40d1f062c86bd22542dd5944fa5567601c74c8d9fd425333ed3e686195170925cfc68777e861844bd55
2019-09-07 10:15:43 +08:00
fanquake
46494b08e2
Merge #16798: Refactor rawtransaction_util's SignTransaction to separate prevtx parsing
39034f1ee6 Refactor rawtransaction_util's SignTransaction to have previous tx parsing be separate (Andrew Chow)

Pull request description:

  Currently the `SignTransaction` function has to handle both the actual signing and parsing of previous transaction data. This PR splits it so that `SignTransaction` only handles the signing itself and adds a `ParsePrevouts` function which handles parsing the prevtx information.

  This allows for `SignTransaction` to just take any `SigningProvider`.

  Split from #16341

ACKs for top commit:
  MarcoFalke:
    ACK 39034f1ee6
  instagibbs:
    utACK 39034f1ee6
  ryanofsky:
    utACK 39034f1ee6. No change since previously reviewed b49bbb939be92a67ff77c3f7bca5bb94dd141906, https://github.com/bitcoin/bitcoin/pull/16341#pullrequestreview-278610269 other than rebase with no conflicts.

Tree-SHA512: 09f7733e90691766bfb5cf0f20e913dbf270bd3b51abdcad966b24d110e562ed85fd3d0d1d7bbea61f903340060052ec73c4817b09aee0dc1f3916d781a9e40c
2019-09-07 08:39:56 +08:00
Jorge Timón
3bf9d8cac0
Testchains: Qt: Simplify network/chain styles 2019-09-06 22:13:49 +02:00
Jorge Timón
052c54ecb0
Testchains: Generic selection with -chain=<str> in addition of -testnet and -regtest 2019-09-06 22:05:33 +02:00
MarcoFalke
ae3e3bd151
Merge #16793: refactor: Avoid locking cs_main in ProcessNewBlockHeaders
3109a1f948 refactor: Avoid locking cs_main in ProcessNewBlockHeaders (João Barbosa)

Pull request description:

  Builds on #16774, this change avoids locking `cs_main` in `ProcessNewBlockHeaders` when the tip has changed - in this case the removed lock was necessary to just log a message.

Top commit has no ACKs.

Tree-SHA512: 31be6d319fa122804f72fa813cec5ed041dd7e4aef3c1921124a1f03016925c43cd4d9a272d80093e77fa7600e3506ef47b7bb821afcbffe01e6be9bceb6dc00
2019-09-06 13:58:32 +02:00
Andrew Chow
613de61a04 Add Create Wallet menu action
Co-authored-by: João Barbosa <joao.paulo.barbosa@gmail.com>
2019-09-05 20:36:57 -04:00
Andrew Chow
9b41cbb28f Expose wallet creation to the GUI via WalletController
Co-authored-by: João Barbosa <joao.paulo.barbosa@gmail.com>
2019-09-05 20:36:57 -04:00
Andrew Chow
78863e2900 Add CreateWalletDialog to create wallets from the GUI
Co-authored-by: João Barbosa <joao.paulo.barbosa@gmail.com>
2019-09-05 20:36:57 -04:00
Andrew Chow
60adb21c7a Optionally allow AskPassphraseDialog to output the passphrase 2019-09-05 20:36:57 -04:00
João Barbosa
3109a1f948 refactor: Avoid locking cs_main in ProcessNewBlockHeaders 2019-09-06 00:38:53 +01:00
João Barbosa
bc6d8a3662 gui: Refactor OpenWalletActivity 2019-09-06 00:05:07 +01:00
Carl Dong
0065ead5eb
contrib: guix: Remove ssp spec file hack
This hack is no longer needed after fixing our cross-compilation search
paths.
2019-09-05 14:50:56 -04:00
Carl Dong
0093a5869a
contrib: guix: More robust search paths, add checks
- store_path() previously only worked for cross compilation packages, we
  remove this assumption here
- Add CROSS_GCC_LIB variable which points to where gcc libs/headers are
  located
- Add gcc libs/headers to our CROSS_*_PATH environment variables
- Check that all directories in CROSS_*_PATH are sane
2019-09-05 14:50:44 -04:00
Carl Dong
f0636d3418
depends: zlib: Move toolchain options to configure
zlib has its own custom configure script, see comment in zlib.mk for
more details
2019-09-05 14:36:22 -04:00
Anthony Towns
fdb3e8f8b2 Ignore old versionbit activations
Adds a hardcoded height to the consensus chain parameters for
ignoring versionbit activations prior to a fixed height.
2019-09-05 13:51:01 -04:00
MeshCollider
5e202382a9
Merge #16624: wallet: encapsulate transactions state
442a87cc0a Add a test wallet_reorgsrestore (Antoine Riard)
40ede992d9 Modify wallet tx status if has been reorged out (Antoine Riard)
7e89994133 Remove SyncTransaction for conflicted txn in CWallet::BlockConnected (Antoine Riard)
a31be09bfd Encapsulate tx status in a Confirmation struct (Antoine Riard)

Pull request description:

  While working on #15931, I've tried to rationalize tx state management to ease integration of block height tracking per-wallet tx. We currently rely on a combination of `hashBlock` and `nIndex` with magic value to determine tx confirmation, conflicted or abandoned state. It's hard to reason and error-prone.  To solve that, we encapsulate these fields in a `TxConfirmation` struct and introduce a `TxState` member that we update accordingly at block connection/disconnection.

  Following jnewbery [recommendation](https://github.com/bitcoin/bitcoin/pull/15931#discussion_r312576506), I've taken these changes in its own commit, and open a PR to get them first. It would ease review of aforementioned PR, but above all should ease fixing of long-term issues like :
  * https://github.com/bitcoin/bitcoin/issues/7315 (but maybe we should abandon abandontransaction or relieve it to only free outpoints not track the transaction as abandoned in itself, need its own discussion)
  * https://github.com/bitcoin/bitcoin/issues/8692 where we should cancel conflicted state of transactions chain smoothly
  * `MarkConflicted` in `LoadToWallet` is likely useless if we track conflicts rights at block connection

  Main changes of this PR to get right are tx update in `AddToWallet` and serialization/deserialization logic.

ACKs for top commit:
  meshcollider:
    Light re-Code Review ACK 442a87cc0a
  ryanofsky:
    utACK 442a87cc0a. Changes since last review are switching from `hasChain` to `LockChain` and removing chain lock in `WalletBatch::LoadWallet` that's redundant with the new lock still added in `CWallet::LoadWallet`, and fixing python test race condition.

Tree-SHA512: 029209e006de0240436817204e69e548c5665e2b0721b214510e7aba7eba130a5eab441d3a1ad95bd6426114dd27390492c77bf4560a9610009b32cd0a1f72f7
2019-09-06 01:28:54 +12:00
darosior
66740f460a
doc: add a release note for the new field in 'getpeerinfo' and 'getnetworkinfo' 2019-09-05 15:12:32 +02:00
darosior
6564f58c87
rpc/net: decode the services flags in a new entry 2019-09-05 15:11:48 +02:00
Wladimir J. van der Laan
5667b0d758
Merge #16792: Assert that the HRP is lowercase in Bech32::Encode
2457aea83c Assert that the HRP is lowercase in Bech32::Encode (Samuel Dobson)

Pull request description:

  From BIP-173:
  > The lowercase form is used when determining a character's value for checksum purposes.
  > Encoders MUST always output an all lowercase Bech32 string. If an uppercase version of the encoding result is desired, (e.g.- for presentation purposes, or QR code use), then an uppercasing procedure can be performed external to the encoding process.

  Currently if HRP contains uppercase characters, the checksum will be generated over these uppercase characters resulting in mixed-case output that will always be invalid even if the case is changed manually after encoding. This shouldn't happen because both prefix's `bc` and `tb` are lowercase currently, but we assert this condition anyway.

  This is consistent also with the [C reference implementation](2b0aac650c/ref/c/segwit_addr.c (L59))

ACKs for top commit:
  laanwj:
    ACK 2457aea83c

Tree-SHA512: 24fcbbc2f315c72c550cc3d82b4332443eea6378fc73d571f98b87492604d023378dd102377c9e05467192cae6049606dee98e4c5688c8d5e4caac50c970284b
2019-09-05 13:31:14 +02:00
Wladimir J. van der Laan
cbde2bc806
Merge #16804: test: Remove unused try-block in assert_debug_log
fae91a09c4 test: Remove incorrect and unused try-block in assert_debug_log (MarcoFalke)

Pull request description:

  This try block has accidentally been added by me in fa3e9f7627.
  It was unused all the time, but commit 6011c9d72d added a `return` in the finally block, muting all exceptions.

  This can be tested by adding an `assert False` after any `with ...assert_debug_log...:` line.

ACKs for top commit:
  laanwj:
    ACK fae91a09c4
  ryanofsky:
    utACK fae91a09c4. I didn't know returning inside a `finally` block would cancel pending exceptions or return values, but I guess this makes sense and is a good thing to be aware of.

Tree-SHA512: 47ed0165062060e9af055a3e92f1a529cd41d00476bfad64e3cd141ae084d22f926a343bb1257717e164e15459a59ab66aed198c95d18bf780d8cb0b76aa3298
2019-09-05 13:28:51 +02:00
Samuel Dobson
2457aea83c Assert that the HRP is lowercase in Bech32::Encode 2019-09-05 13:25:11 +12:00
MarcoFalke
45be44cce4
Merge #15257: Scripts and tools: Bump flake8 to 3.7.8
3d0a82cff8 devtools: Accomodate block-style copyright blocks (Ben Woosley)
0ef0e51fe4 lint: Bump flake8 to 3.7.8 (Ben Woosley)
838920704a lint: Disable flake8 W504 warning (Ben Woosley)
b21680baf5 test/contrib: Fix invalid escapes in regex strings (Ben Woosley)

Pull request description:

  This is a second go at #15221, fixing new lints in:
  W504 line break after binary operator
  W605 invalid escape sequence
  F841 local variable 'e' is assigned to but never used

  This time around:
  * One commit per rule, for easier review
  * I went with the PEP-8 style of breaking before binary operators
  * I looked into the raw regex newline issue, and found that raw strings with newlines embedded do work appropriately. E.g. run `re.match(r" \n ", " \n ")` to check this for yourself. `re.MULTILINE` exists to modify `^` and `$` in multiline scenarios, but  all of these searches are per-line.

ACKs for top commit:
  practicalswift:
    ACK 3d0a82cff8 -- diff looks correct

Tree-SHA512: bea0c144cadd72e4adf2e9a4b4ee0535dd91a8e694206924cf8a389dc9253f364a717edfe9abda88108fbb67fda19b9e823f46822d7303c0aaa72e48909a6105
2019-09-05 02:43:13 +02:00
MarcoFalke
761fe07ba9
Merge #16768: test: Make lint-includes.sh work from any directory
490da639cb Make lint-includes.sh work from any directory (Kristaps Kaupe)

Pull request description:

  Before this change it works from root folder of bitcoin git repo, but if you do `cd test/lint; ./test-includes.sh`, you will have a lot of false positive messages like this:
  ```
  Good job! The circular dependency "chainparamsbase -> util/system -> chainparamsbase" is no longer present.
  Please remove it from EXPECTED_CIRCULAR_DEPENDENCIES in ./lint-circular-dependencies.sh
  to make sure this circular dependency is not accidentally reintroduced.

  Good job! The circular dependency "index/txindex -> validation -> index/txindex" is no longer present.
  Please remove it from EXPECTED_CIRCULAR_DEPENDENCIES in ./lint-circular-dependencies.sh
  to make sure this circular dependency is not accidentally reintroduced.

  ```

Top commit has no ACKs.

Tree-SHA512: 07fa69cb2883181dcee922191acac4b242722eeb2916cdffdc7163421302b22f3c9525aaf4c754a9dba1c307032c05285e38191d5c6aabc894321f8a27bbceaa
2019-09-05 02:00:44 +02:00
Andrew Chow
c0b5d97103 Test that joinpsbts randomly shuffles the inputs 2019-09-04 17:44:31 -04:00
Andrew Chow
6f405a1d3b Shuffle inputs and outputs after joining psbts 2019-09-04 17:44:31 -04:00
Matt Corallo
5ce822efbe Conservatively accept RBF bumps bumping one tx at the package limits
Accept RBF bumps of single transactions (ie which conflict with one
transaction) even when that transaction is a member of a package
which is currently at the package limit iff the new transaction
does not add any additional mempool dependencies from the original.

This could be made a bit looser in the future and still be safe,
but for now this fixes the case that a transaction which was
accepted by the carve-out rule will not be directly RBF'able.
2019-09-04 15:53:14 -04:00
Kristaps Kaupe
490da639cb
Make lint-includes.sh work from any directory 2019-09-04 22:36:09 +03:00
Suhas Daftuar
0ba08020c9 Disconnect peers violating blocks-only mode
If we set fRelay=false in our VERSION message, and a peer sends an INV or TX
message anyway, disconnect. Since we use fRelay=false to minimize bandwidth,
we should not tolerate remaining connected to a peer violating the protocol.
2019-09-04 14:58:36 -04:00
Suhas Daftuar
937eba91e1 doc: improve comments relating to block-relay-only peers 2019-09-04 14:58:36 -04:00
Suhas Daftuar
430f489027 Don't relay addr messages to block-relay-only peers
We don't want relay of addr messages to leak information about
these network links.
2019-09-04 14:58:36 -04:00
Suhas Daftuar
3a5e885306 Add 2 outbound block-relay-only connections
Transaction relay is primarily optimized for balancing redundancy/robustness
with bandwidth minimization -- as a result transaction relay leaks information
that adversaries can use to infer the network topology.

Network topology is better kept private for (at least) two reasons:

(a) Knowledge of the network graph can make it easier to find the source IP of
a given transaction.

(b) Knowledge of the network graph could be used to split a target node or
nodes from the honest network (eg by knowing which peers to attack in order to
achieve a network split).

We can eliminate the risks of (b) by separating block relay from transaction
relay; inferring network connectivity from the relay of blocks/block headers is
much more expensive for an adversary.

After this commit, bitcoind will make 2 additional outbound connections that
are only used for block relay. (In the future, we might consider rotating our
transaction-relay peers to help limit the effects of (a).)
2019-09-04 14:58:36 -04:00
Suhas Daftuar
b83f51a4bb Add comment explaining intended use of m_tx_relay 2019-09-04 14:58:36 -04:00
Suhas Daftuar
e75c39cd42 Check that tx_relay is initialized before access 2019-09-04 14:58:34 -04:00
MarcoFalke
fae91a09c4
test: Remove incorrect and unused try-block in assert_debug_log 2019-09-04 13:10:37 -04:00
MarcoFalke
8e00a68552
Merge #16774: Avoid unnecessary "Synchronizing blockheaders" log messages
dcc448e3d2 Avoid unnecessary "Synchronizing blockheaders" log messages (Jonas Schnelli)

Pull request description:

  Fixes #16773

  I'm not entirely sure why 16773 happend, but probably due to headers fallback in a compact block.

  However, this PR should fix it and should have been included in #15615.

ACKs for top commit:
  ajtowns:
    ACK dcc448e3d2 ; code review only, haven't compiled or tested.
  promag:
    ACK dcc448e3d2.
  TheBlueMatt:
    utACK dcc448e3d2. Went and read how pindexBestHeader is handled and this code looks correct (worst case it breaks a LogPrint, so whatever). I also ran into this on #16762.
  fanquake:
    ACK dcc448e3d2

Tree-SHA512: f8cac3b6eb9d4e8fab53a535b55f9ea9b058e3ab6ade64801ebc56439ede4f54b5fee36d5d2b316966ab987b65b13ab9dc18849f345d08b81ecdf2722a3f5f5a
2019-09-03 16:39:11 -04:00
Andrew Chow
39034f1ee6 Refactor rawtransaction_util's SignTransaction to have previous tx parsing be separate 2019-09-03 15:49:19 -04:00
Ben Woosley
3d0a82cff8
devtools: Accomodate block-style copyright blocks
Without this, `copyright_header.py report . verbose` reports:
-------------------------------------------------------------------------------
1 with unexpected copyright holder names
	./build_msvc/libsecp256k1_config.h
-------------------------------------------------------------------------------
2019-09-03 14:41:43 -04:00
Ben Woosley
0ef0e51fe4
lint: Bump flake8 to 3.7.8 2019-09-03 14:41:43 -04:00
Ben Woosley
838920704a
lint: Disable flake8 W504 warning
In the words of MarcoFalke:
"W504 should be disabled. This is not a critical error that should be blocking a merge"
https://github.com/bitcoin/bitcoin/pull/15257#discussion_r302017280
2019-09-03 14:40:56 -04:00
Ben Woosley
b21680baf5
test/contrib: Fix invalid escapes in regex strings
Flagged by flake8 v3.6.0, as W605, plus a few others identified
incidentally, e.g. 59ffecf66cf4d08c4b431e457b083878d66a3fd6.

Note that r"\n" matches to "\n" under re.match/search.
2019-09-03 14:38:38 -04:00
MarcoFalke
fa734603b7
wallet: Fix segmentation fault in CreateWalletFromFile 2019-09-03 14:11:11 -04:00
MarcoFalke
fab3c34412
test: Print both messages on failure in assert_raises_message 2019-09-03 14:10:58 -04:00