Commit graph

147 commits

Author SHA1 Message Date
Wladimir J. van der Laan
fad42e8c4a
Merge #13547: Make signrawtransaction* give an error when amount is needed but missing
685d1d8115 [tests] Check signrawtransaction* errors on missing prevtx info (Anthony Towns)
a3b065b51f Error on missing amount in signrawtransaction* (Anthony Towns)

Pull request description:

  Signatures using segregated witness commit to the amount being spent, so that value must be passed into signrawtransactionwithkey and signrawtransactionwithwallet. This ensures an error is issued if that doesn't happen, rather than just assuming the value is 0 and producing a signature that is almost certainly invalid.

  Based on Ben Woosley's #12458, Fixes: #12429.

Tree-SHA512: 8e2ff89d5bcf79548e569210af0d850028bc98d86c149b92207c9300ab1d63664a7e2b222c1be403a15941aa5cf36ccc3c0d570ee1c1466f3496b4fe06c17e11
2018-07-10 17:04:11 +02:00
Wladimir J. van der Laan
7e74c54fed
Merge #13452: rpc: have verifytxoutproof check the number of txns in proof structure
d280617bf5 [qa] Add a test for merkle proof malleation (Suhas Daftuar)
ed82f17000 have verifytxoutproof check the number of txns in proof structure (Gregory Sanders)

Pull request description:

  Recent publication of a weakness in Bitcoin's merkle tree construction demonstrates many SPV applications vulnerable to an expensive to pull off yet still plausible attack: https://bitslog.wordpress.com/2018/06/09/leaf-node-weakness-in-bitcoin-merkle-tree-design/

  This change would at least allow `verifytxoutproof` to properly validate that the proof matches a known block, with known number of transactions any time after the full block is processed. This should neuter the attack entirely.

  The negative is that a header-only processed block/future syncing mode would cause this to fail until the node has imported the data required.

  related: #13451

  `importprunedfunds` needs this check as well. Can expand it to cover this if people like the idea.

Tree-SHA512: 0682ec2b622a38b29f3f635323e0a8b6fc071e8a6fd134c954579926ee7b516e642966bafa667016744ce49c16e19b24dbc8801f982a36ad0a6a4aff6d93f82b
2018-07-09 20:25:50 +02:00
Wladimir J. van der Laan
028b0d963c
Merge #13425: Moving final scriptSig construction from CombineSignatures to ProduceSignature (PSBT signer logic)
b81560029 Remove CombineSignatures and replace tests (Andrew Chow)
ed94c8b55 Replace CombineSignatures with ProduceSignature (Andrew Chow)
0422beb9b Make SignatureData able to store signatures and scripts (Andrew Chow)
b6edb4f5e Inline Sign1 and SignN (Andrew Chow)

Pull request description:

  Currently CombineSignatures is used to create the final scriptSig or an input. However ProduceSignature is capable of doing this itself. Using both CombineSignatures and ProduceSignature results in code duplication which is unnecessary.

  To move the scriptSig construction to ProduceSignatures, the SignatureData class contains two maps to hold pubkeys mapped to signatures, and script ids mapped to scripts. DataFromTransaction is extended to be able to extract signatures, their public keys, and scripts from existing ScriptSigs.

  The SignaureData are then passed down to SignStep which can use the aforementioned maps to get the signatures, pubkeys, and scripts that it needs, falling back to the actual SigningProvider and SignatureCreator if the data are not available in the SignatureData.

  Additionally, Sign1 and SignN have been removed and their functionality inlined into SignStep since Sign1 is really just a wrapper around CreateSig.

  Since ProduceSignature can produce the final scriptSig or scriptWitness by using SignatureData which has extracted data from the transaction, CombineSignatures is unnecessary as ProduceSignature is able to replicate all of CombineSignatures' functionality.

  This also furthers BIP 174 support and begins moving towards a BIP 174 style backend.

  The tests have also been updated to use the new combining methodology.

Tree-SHA512: 78cd58a4ebe37f79229bd5eee2958a0bb45cd7f36d0e993eee13ff685b3665dd76ef2dfd5f47d34678995bb587f5594100ee5f6c09b1c69ee96d3684d470d01e
2018-07-05 17:18:50 +02:00
Wladimir J. van der Laan
79e677950b
Merge #13235: Break circular dependency: init -> * -> init by extracting shutdown.h
1fabd59e7 Break circular dependency: init -> * -> init by extracting shutdown.h (Ben Woosley)
e62fdfeea Drop unused init.h includes (Ben Woosley)

Pull request description:

  Most includers just wanted to react to pending shutdown.

  This isolates access to `fRequestShutdown` and limits access to the shutdown api functions, including the new `CancelShutdown` for setting it to `false`.

Tree-SHA512: df42f75dfbba163576710e9a67cf1228531fd99d70a2f187bfba0bcc476d6749cf88180a97e66a81bb5b6c3c7f0917de7402d26039ba7b644cb7509b02f7e267
2018-07-04 15:34:03 +02:00
Andrew Chow
ed94c8b556 Replace CombineSignatures with ProduceSignature
Instead of using CombineSignatures to create the final scriptSig or
scriptWitness of an input, use ProduceSignature itself.

To allow for ProduceSignature to place signatures, pubkeys, and scripts
that it does not know about, we pass down the SignatureData to SignStep
which pulls out the information that it needs from the SignatureData.
2018-07-03 17:19:23 -07:00
Andrew Chow
0422beb9bd Make SignatureData able to store signatures and scripts
In addition to having the scriptSig and scriptWitness, have SignatureData
also be able to store just the signatures (pubkeys mapped to sigs) and
scripts (script ids mapped to scripts).

Also have DataFromTransaction be able to extract signatures and scripts
from the scriptSig and scriptWitness of an input to put them in SignatureData.

Adds a new SignatureChecker which takes a SignatureData and puts pubkeys
and signatures into it when it successfully verifies a signature.

Adds a new field in SignatureData which stores whether the SignatureData
was complete. This allows us to also update the scriptSig and
scriptWitness to the final one when updating a SignatureData with another
one.
2018-07-03 17:18:52 -07:00
Anthony Towns
a3b065b51f Error on missing amount in signrawtransaction*
Signatures using segregated witness commit to the amount being spent,
so that value must be passed into signrawtransactionwithkey and
signrawtransactionwithwallet. This ensures an error is issued if that
doesn't happen, rather than just assuming the value is 0 and producing
a signature that is almost certainly invalid.
2018-06-28 02:06:33 +10:00
Ben Woosley
e62fdfeeab
Drop unused init.h includes
These were entirely unused, as based on successful compilation
and a grep for:
  \bStartShutdown\(\)|\bShutdownRequested\(\)|\bInterrupt\(\)|\bShutdown\(\)|\bInitLogging\(\)|\bInitParameterInteraction\(\)|\bAppInitBasicSetup\(\)|\bAppInitParameterInteraction\(\)|\bAppInitSanityChecks\(\)|\bAppInitLockDataDirectory\(\)|\bAppInitMain\(\)|\bSetupServerArgs\(\)|\bLicenseInfo\(\)|g_wallet_init_interface|init.h
2018-06-25 00:08:00 -04:00
Pieter Wuille
bb582a59c7 Add P2WSH destination helper and use it instead of manual hashing 2018-06-17 19:44:50 -07:00
Gregory Sanders
ed82f17000 have verifytxoutproof check the number of txns in proof structure 2018-06-14 09:54:41 -04:00
Wladimir J. van der Laan
f0fd39f376
Merge #13269: refactoring: Drop UpdateTransaction in favor of UpdateInput
6aa33feadb Drop UpdateTransaction in favor of UpdateInput (Ben Woosley)

Pull request description:

  Updating the input explicitly requires the caller to present a mutable
  input, which more clearly communicates the effects and intent of the call
  (and, often, the enclosing loop).

  In most cases, this input is already immediately available and need not be
  looked up.

Tree-SHA512: 8c7914a8b7ae975d8ad0e9d760e3c5da65776a5f79d060b8ffb6b3ff7a32235f71ad705f2185b368d9263742d7796bb562395d22b806d90e8502d8c496011e57
2018-06-05 19:06:16 +02:00
João Barbosa
80b4910f7d wallet: Use shared pointer to retain wallet instance 2018-05-22 16:56:20 +01:00
Ben Woosley
6aa33feadb
Drop UpdateTransaction in favor of UpdateInput
Updating the input explicitly requires the caller to present a mutable
input, which more clearly communicates the effects and intent of the method.

In most cases, this input is already immediately available and need not be
looked up.
2018-05-18 11:08:13 -07:00
practicalswift
c3f34d06be Make it clear which functions that are intended to be translation unit local
Do not share functions that are meant to be translation unit local with
other translation units. Use internal linkage for those consistently.
2018-05-03 21:47:40 +02:00
Andrew Chow
2ae705d841 Remove Safe mode 2018-04-26 15:33:11 +02:00
Wladimir J. van der Laan
eac067ad59
Merge #12321: p2wsh and p2sh-p2wsh address in decodescript
41ff967 list the types of scripts we should consider for a witness program (fivepiece)
4f933b3 p2wpkh, p2wsh and p2sh-nested scripts in decodescript (fivepiece)

Pull request description:

  Attempts to address #12244 .  `p2wsh` addresses are returned only for scripts that are neither `p2sh` nor any witness program.

Tree-SHA512: eb47f094c1a4c2ad2bcf27a8032307e43cf787d50bf739281aeb4101d97316a2f307b05118bf138298c937fa34e15f91436443a9b313f809fad2c43e94cd1831
2018-04-26 14:50:48 +02:00
Jim Posen
6d772a3d44 [rpc] Public interfaces to GetTransaction block until synced.
Now that the transaction index is updated asynchronously, in order to
preserve the current behavior of public interfaces, the code blocks
until the transaction index is caught up with the current state of the
blockchain.
2018-04-25 11:25:17 -07:00
Jim Posen
e0a3b80033 [validation] Replace tx index code in validation code with TxIndex. 2018-04-25 11:25:13 -07:00
Matt Corallo
2874709a9f Expose a transaction's weight via RPC 2018-04-13 15:18:26 -04:00
Wladimir J. van der Laan
8480d41e0f
Merge #12803: Make BaseSignatureCreator a pure interface
be67831 Make DummySignatureCreator a singleton (Pieter Wuille)
190b8d2 Make BaseSignatureCreator a pure interface (Pieter Wuille)

Pull request description:

  * Removes the `m_provider` field from `BaseSignatureCreator`. Instead both a `SigningProvider` (which provides keys and scripts) and a `BaseSignatureCreator` (which implements the transaction-specific (or other) signing logic) are passed into and down in `ProduceSignature`, making the two concepts orthogonal.
  * Makes `BaseSignatureCreator` a pure interface without constructor, making it easier to implement new derivations of it (for example for message signing).
  * As `DummySignatureCreator` now becomes a stateless object, turn it into a singleton `DUMMY_SIGNATURE_CREATOR`.

Tree-SHA512: 5f1f4512e4ea7d02a31df7b9ede55008efa716c5b74a2630ca1c2fc6599584d8bf5f5641487266127f4b3788033803539fbd22b03ef1219c83c10da2d3da3dcd
2018-04-12 22:55:56 +02:00
Ben Woosley
459ea5836e
rpc: Drop redundant testing of signrawtransaction prevtxs args
These other types are already tested on line 736.
2018-04-11 03:33:01 -07:00
Pieter Wuille
190b8d2dcf Make BaseSignatureCreator a pure interface 2018-04-10 09:29:17 -07:00
fivepiece
41ff9675a9 list the types of scripts we should consider for a witness program 2018-04-08 00:03:04 +03:00
MarcoFalke
fafcad38c8
doc: Add testmempoolaccept to release-notes 2018-04-02 11:37:09 -04:00
Wladimir J. van der Laan
18815b4bfb
Merge #11742: rpc: Add testmempoolaccept
b55555d rpc: Add testmempoolaccept (MarcoFalke)

Pull request description:

  To check if a single raw transaction makes it into the current transaction pool, one had to call `sendrawtransaction`. However, on success, this adds the transaction to the mempool with no easy way to undo.

  The call `testmempoolaccept` is introduced to provide a way to solely check the result without changing the mempool state.

Tree-SHA512: 5afd9311190135cee8fc1f229c7d39bf893f1028f29e28d34f70df820198ff97b4bf86b41cbbd6e6c36a5c30073cefa92d541c74a4939c7a2a6fa283dfd41b63
2018-04-02 16:02:33 +02:00
practicalswift
61f82981b2 rpc: Adjust ifdef to avoid unreachable code 2018-03-26 15:19:44 +02:00
MarcoFalke
b55555da3e
rpc: Add testmempoolaccept 2018-03-24 11:17:08 -04:00
Wladimir J. van der Laan
d42a4fe5aa
Merge #11041: Add LookupBlockIndex
92fabcd44 Add LookupBlockIndex function (João Barbosa)
43a32b739 Add missing cs_lock in CreateWalletFromFile (João Barbosa)
f814a3e8f Fix cs_main lock in LoadExternalBlockFile (João Barbosa)
c651df8b3 Lock cs_main while loading block index in AppInitMain (João Barbosa)
02de6a6bc Assert cs_main is held when accessing mapBlockIndex (João Barbosa)

Pull request description:

  Replace all `mapBlockIndex` lookups with the new `LookupBlockIndex()`. In some cases it avoids a second lookup.

Tree-SHA512: ca31118f028a19721f2191d86f2dd398144d04df345694575a64aeb293be2f85785201480c3c578a0ec99690516205708558c0fd4168b09313378fd4e60a8412
2018-03-13 19:12:35 +01:00
Wladimir J. van der Laan
702e8b70bd
Merge #11872: [rpc] createrawtransaction: Accept sorted outputs
fac70134a rpc: Update createrawtransaction examples (MarcoFalke)
fa06dfce0 [rpc] createrawtransaction: Accept sorted outputs (MarcoFalke)
8acd25d85 rpc: Allow typeAny in RPCTypeCheck (MarcoFalke)

Pull request description:

  The second parameter of the `createrawtransaction` is a dictionary of the outputs. This comes with at least two drawbacks:

  * In case of duplicate keys, either of them might silently disappear, with no user feedback at all. A user needs to make other mistakes, but this could eventually lead to abnormal tx fees.
  * A dictionary does not guarantee that keys are sorted. Again, a user needs to keep this in mind, as it could eventually lead to excessive tx fees.

  Even though my scenario of loss-of-funds is unlikely to happen, I see it as a inconvenience that should be fixed.

Tree-SHA512: cd562f34f7f9f79c7d3433805971325c388c2035611be283980f4049066a622df4f0afdc11d7ac96662260ec0115147cb65e1ab5268f5a1b063242f3fe425f77
2018-03-13 18:00:06 +01:00
MarcoFalke
fac70134a9
rpc: Update createrawtransaction examples 2018-03-11 16:48:19 -04:00
MarcoFalke
fa06dfce0f
[rpc] createrawtransaction: Accept sorted outputs 2018-03-07 12:58:14 -05:00
fivepiece
4f933b3d23 p2wpkh, p2wsh and p2sh-nested scripts in decodescript
plus tests
2018-03-06 23:10:18 +02:00
João Barbosa
92fabcd443 Add LookupBlockIndex function 2018-03-06 19:52:19 +00:00
Pieter Wuille
119b0f85e2 Split key_io (address/key encodings) off from base58 2018-02-19 18:55:21 -08:00
Pieter Wuille
32e69fa0df Replace CBitcoinSecret with {Encode,Decode}Secret 2018-02-19 18:55:20 -08:00
Andrew Chow
1e79c055cd Split signrawtransaction into wallet and non-wallet
Splits signrwatransaction into a wallet version (signrawtransactionwithwallet) and
non-wallet version (signrawtransactionwithkey). signrawtransaction is marked as DEPRECATED
and will call the right signrawtransaction* command as per the parameters in order to
maintain compatibility.

Updated signrawtransactions test to use new RPCs
2018-02-17 11:42:00 -05:00
Wladimir J. van der Laan
3fa556aee2
Merge #12427: Make signrawtransaction accept P2SH-P2WSH redeemscripts
5f605e1 Make signrawtransaction accept P2SH-P2WSH redeemscripts (Pieter Wuille)

Pull request description:

  This is a quick fix for #12418, which is a regression in 0.16.

  It permits specifying just the inner redeemscript to let `signrawtransaction` succeed. This inner redeemscript is already reported by `addmultisigaddress` & co.

  #11708 uses a different approach, where `listunspent` reports both inner & outer redeemscript, but requires both to be provided to `signrawtransaction`. Part of #11708 is still needed even in combination with this PR however, as currently the inner redeemscript isn't reported by `listunspent`.

Tree-SHA512: a6fa2b2661ce04db25cf029dd31da39c0b4811d43692f816dfe0f77b4159b5e2952051664356a579f690ccd58a626e0975708afcd7ad5919366c490944e3a9a5
2018-02-15 22:33:38 +01:00
Wladimir J. van der Laan
fd65937ec6
Merge #12356: Fix 'mempool min fee not met' debug output
bb00c95 Consistently use FormatStateMessage in RPC error output (Ben Woosley)
8b8a1c4 Add test for 'mempool min fee not met' rpc error (Ben Woosley)
c04e0f6 Fix 'mempool min fee not met' debug output (Ben Woosley)

Pull request description:

  Output the value that is tested, rather than the unmodified fee value.

  Prompted by looking into: #11955

Tree-SHA512: fc0bad47d4af375d208f657a6ccbad6ef7f4e2989ae2ce1171226c22fa92847494a2c55cca687bd5a1548663ed3313569bcc31c00d53c0c193a1b865dd8a7657
2018-02-15 16:35:42 +01:00
Pieter Wuille
5f605e172b Make signrawtransaction accept P2SH-P2WSH redeemscripts 2018-02-13 17:37:47 -08:00
MarcoFalke
5dc00f68c4
Merge #12193: RPC: Consistently use UniValue.pushKV instead of push_back(Pair()) (karel-3d)
91986ed206 scripted-diff: Use UniValue.pushKV instead of push_back(Pair()) (Karel Bilek)
a570098021 Squashed 'src/univalue/' changes from 07947ff2da..51d3ab34ba (MarcoFalke)

Pull request description:

  Rebased version of  #11386 by karel-3d.

  Closes:  #11386

Tree-SHA512: f3a81447e573c17e75813f4d41ceb34b9980eac81efdd98ddb149d7c51f792be7e2b32239b6ea7e6da68af23897afa6b4ce3f4e8070f9c4adf5105bf6075f2a0
2018-02-12 09:13:38 -05:00
practicalswift
11376b5583 Fix a-vs-an typos 2018-02-11 10:48:15 +01:00
Karel Bilek
91986ed206 scripted-diff: Use UniValue.pushKV instead of push_back(Pair())
-BEGIN VERIFY SCRIPT-
git grep -l "push_back(Pair" | xargs sed -i "s/push_back(Pair(\(.*\)));/pushKV(\1);/g"
-END VERIFY SCRIPT-
2018-02-10 10:05:07 -05:00
Ben Woosley
bb00c95c16
Consistently use FormatStateMessage in RPC error output
This will include the error code and debug output as well as the reason string.

See #11955 for the motivation.
2018-02-08 11:02:41 -05:00
MeshCollider
ee11121229 Add special error for genesis coinbase to gettransaction 2018-01-30 11:36:25 +13:00
Akira Takizawa
595a7bab23 Increment MIT Licence copyright header year on files modified in 2017 2018-01-03 02:26:56 +09:00
Wladimir J. van der Laan
fee0370fd6
Merge #11178: Add iswitness parameter to decode- and fundrawtransaction RPCs
6f39ac0 Add test for decoderawtransaction bool (MeshCollider)
bbdbe80 Add iswitness parameter to decode- and fundrawtransaction RPCs (MeshCollider)

Pull request description:

  Suggested in https://github.com/bitcoin/bitcoin/pull/10481#issuecomment-325244946, this adds the option to explicitly choose whether a serialized transaction should be decoded as a witness or non-witness transaction rather than relying on the heuristic checks in #10481. The parameter defaults to relying on #10481 if not included, but it overrides that if included.

Tree-SHA512: d4846a5bb7d64dc19c516445488b00af329fc1f4181d9dfdf9f2382a086568edc98250a4ac7594e24a1bc231dfdee53c699b12c8380c355b920a67cc6770b7a9
2017-12-19 09:55:11 +01:00
João Barbosa
320669a363 rpc: Validate replaceable type in createrawtransaction 2017-12-12 14:57:03 +00:00
MarcoFalke
fa4c16d2e7 qa: Add getrawtransaction in_active_chain=False test 2017-12-06 11:00:08 -05:00
Karl-Johan Alm
b167951677
[rpc] Allow getrawtransaction to take optional blockhash to fetch transaction from a block directly. 2017-12-05 11:03:24 +09:00
Karl-Johan Alm
a5f5a2ce53
[rpc] Fix fVerbose parsing (remove excess if cases). 2017-11-29 17:52:13 +09:00