f09bc7ec98
c1dde3a949No longer shutdown after encrypting the wallet (Andrew Chow)d7637c5a3fAfter encrypting the wallet, reload the database environment (Andrew Chow)5d296ac810Add function to close all Db's and reload the databae environment (Andrew Chow)a769461d5eMove BerkeleyEnvironment deletion from internal method to callsite (Andrew Chow) Pull request description: This is the replacement for #11678 which implements @ryanofsky's [suggestion](https://github.com/bitcoin/bitcoin/pull/11678#pullrequestreview-76464511). Shutting down the software was to prevent the BDB environment from writing unencrypted private keys to disk in the database log files, as was noted [here](https://bitcointalk.org/index.php?topic=51474.msg616068#msg616068). This PR replaces the shutdown behavior with a CDBEnv flush, close, and reopen which achieves the same effect: everything is cleanly flushed and closed, the log files are removed, and then the environment reopened to continue normal operation. To ensure that no unencrypted private keys are in the log files after encrypting the wallet, I wrote [this script](https://gist.github.com/achow101/7f7143e6c3d3fdc034d3470e72823e9d) to pull private keys from the original wallet file and searches for these keys in the log files (note that you will have to change your file paths to make it work on your own machine). As for concerns about private keys being written to slack space or being kept in memory, these behaviors no longer exist after the original wallet encryption PR and the shutting down solution from 2011. cc @ryanofsky Tree-SHA512: 34b894283b0677a873d06dee46dff8424dec85a2973009ac9b84bcf3d22d05f227c494168c395219d9aee3178e420cf70d4b3eeacc9785aa86b6015d25758e75
311 lines
14 KiB
Python
Executable file
311 lines
14 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
# Copyright (c) 2016-2018 The Bitcoin Core developers
|
|
# Distributed under the MIT software license, see the accompanying
|
|
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
"""Test the bumpfee RPC.
|
|
|
|
Verifies that the bumpfee RPC creates replacement transactions successfully when
|
|
its preconditions are met, and returns appropriate errors in other cases.
|
|
|
|
This module consists of around a dozen individual test cases implemented in the
|
|
top-level functions named as test_<test_case_description>. The test functions
|
|
can be disabled or reordered if needed for debugging. If new test cases are
|
|
added in the future, they should try to follow the same convention and not
|
|
make assumptions about execution order.
|
|
"""
|
|
|
|
from decimal import Decimal
|
|
|
|
from test_framework.blocktools import add_witness_commitment, create_block, create_coinbase, send_to_witness
|
|
from test_framework.messages import BIP125_SEQUENCE_NUMBER, CTransaction
|
|
from test_framework.test_framework import BitcoinTestFramework
|
|
from test_framework.util import assert_equal, assert_greater_than, assert_raises_rpc_error, bytes_to_hex_str, connect_nodes_bi, hex_str_to_bytes, sync_mempools
|
|
|
|
import io
|
|
|
|
WALLET_PASSPHRASE = "test"
|
|
WALLET_PASSPHRASE_TIMEOUT = 3600
|
|
|
|
|
|
class BumpFeeTest(BitcoinTestFramework):
|
|
def set_test_params(self):
|
|
self.num_nodes = 2
|
|
self.setup_clean_chain = True
|
|
self.extra_args = [[
|
|
"-deprecatedrpc=addwitnessaddress",
|
|
"-walletrbf={}".format(i),
|
|
"-mintxfee=0.00002",
|
|
] for i in range(self.num_nodes)]
|
|
|
|
def skip_test_if_missing_module(self):
|
|
self.skip_if_no_wallet()
|
|
|
|
def run_test(self):
|
|
# Encrypt wallet for test_locked_wallet_fails test
|
|
self.nodes[1].encryptwallet(WALLET_PASSPHRASE)
|
|
self.nodes[1].walletpassphrase(WALLET_PASSPHRASE, WALLET_PASSPHRASE_TIMEOUT)
|
|
|
|
connect_nodes_bi(self.nodes, 0, 1)
|
|
self.sync_all()
|
|
|
|
peer_node, rbf_node = self.nodes
|
|
rbf_node_address = rbf_node.getnewaddress()
|
|
|
|
# fund rbf node with 10 coins of 0.001 btc (100,000 satoshis)
|
|
self.log.info("Mining blocks...")
|
|
peer_node.generate(110)
|
|
self.sync_all()
|
|
for i in range(25):
|
|
peer_node.sendtoaddress(rbf_node_address, 0.001)
|
|
self.sync_all()
|
|
peer_node.generate(1)
|
|
self.sync_all()
|
|
assert_equal(rbf_node.getbalance(), Decimal("0.025"))
|
|
|
|
self.log.info("Running tests")
|
|
dest_address = peer_node.getnewaddress()
|
|
test_simple_bumpfee_succeeds(rbf_node, peer_node, dest_address)
|
|
test_segwit_bumpfee_succeeds(rbf_node, dest_address)
|
|
test_nonrbf_bumpfee_fails(peer_node, dest_address)
|
|
test_notmine_bumpfee_fails(rbf_node, peer_node, dest_address)
|
|
test_bumpfee_with_descendant_fails(rbf_node, rbf_node_address, dest_address)
|
|
test_small_output_fails(rbf_node, dest_address)
|
|
test_dust_to_fee(rbf_node, dest_address)
|
|
test_settxfee(rbf_node, dest_address)
|
|
test_rebumping(rbf_node, dest_address)
|
|
test_rebumping_not_replaceable(rbf_node, dest_address)
|
|
test_unconfirmed_not_spendable(rbf_node, rbf_node_address)
|
|
test_bumpfee_metadata(rbf_node, dest_address)
|
|
test_locked_wallet_fails(rbf_node, dest_address)
|
|
self.log.info("Success")
|
|
|
|
|
|
def test_simple_bumpfee_succeeds(rbf_node, peer_node, dest_address):
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
rbftx = rbf_node.gettransaction(rbfid)
|
|
sync_mempools((rbf_node, peer_node))
|
|
assert rbfid in rbf_node.getrawmempool() and rbfid in peer_node.getrawmempool()
|
|
bumped_tx = rbf_node.bumpfee(rbfid)
|
|
assert_equal(bumped_tx["errors"], [])
|
|
assert bumped_tx["fee"] - abs(rbftx["fee"]) > 0
|
|
# check that bumped_tx propagates, original tx was evicted and has a wallet conflict
|
|
sync_mempools((rbf_node, peer_node))
|
|
assert bumped_tx["txid"] in rbf_node.getrawmempool()
|
|
assert bumped_tx["txid"] in peer_node.getrawmempool()
|
|
assert rbfid not in rbf_node.getrawmempool()
|
|
assert rbfid not in peer_node.getrawmempool()
|
|
oldwtx = rbf_node.gettransaction(rbfid)
|
|
assert len(oldwtx["walletconflicts"]) > 0
|
|
# check wallet transaction replaces and replaced_by values
|
|
bumpedwtx = rbf_node.gettransaction(bumped_tx["txid"])
|
|
assert_equal(oldwtx["replaced_by_txid"], bumped_tx["txid"])
|
|
assert_equal(bumpedwtx["replaces_txid"], rbfid)
|
|
|
|
|
|
def test_segwit_bumpfee_succeeds(rbf_node, dest_address):
|
|
# Create a transaction with segwit output, then create an RBF transaction
|
|
# which spends it, and make sure bumpfee can be called on it.
|
|
|
|
segwit_in = next(u for u in rbf_node.listunspent() if u["amount"] == Decimal("0.001"))
|
|
segwit_out = rbf_node.getaddressinfo(rbf_node.getnewaddress())
|
|
rbf_node.addwitnessaddress(segwit_out["address"])
|
|
segwitid = send_to_witness(
|
|
use_p2wsh=False,
|
|
node=rbf_node,
|
|
utxo=segwit_in,
|
|
pubkey=segwit_out["pubkey"],
|
|
encode_p2sh=False,
|
|
amount=Decimal("0.0009"),
|
|
sign=True)
|
|
|
|
rbfraw = rbf_node.createrawtransaction([{
|
|
'txid': segwitid,
|
|
'vout': 0,
|
|
"sequence": BIP125_SEQUENCE_NUMBER
|
|
}], {dest_address: Decimal("0.0005"),
|
|
rbf_node.getrawchangeaddress(): Decimal("0.0003")})
|
|
rbfsigned = rbf_node.signrawtransactionwithwallet(rbfraw)
|
|
rbfid = rbf_node.sendrawtransaction(rbfsigned["hex"])
|
|
assert rbfid in rbf_node.getrawmempool()
|
|
|
|
bumped_tx = rbf_node.bumpfee(rbfid)
|
|
assert bumped_tx["txid"] in rbf_node.getrawmempool()
|
|
assert rbfid not in rbf_node.getrawmempool()
|
|
|
|
|
|
def test_nonrbf_bumpfee_fails(peer_node, dest_address):
|
|
# cannot replace a non RBF transaction (from node which did not enable RBF)
|
|
not_rbfid = peer_node.sendtoaddress(dest_address, Decimal("0.00090000"))
|
|
assert_raises_rpc_error(-4, "not BIP 125 replaceable", peer_node.bumpfee, not_rbfid)
|
|
|
|
|
|
def test_notmine_bumpfee_fails(rbf_node, peer_node, dest_address):
|
|
# cannot bump fee unless the tx has only inputs that we own.
|
|
# here, the rbftx has a peer_node coin and then adds a rbf_node input
|
|
# Note that this test depends upon the RPC code checking input ownership prior to change outputs
|
|
# (since it can't use fundrawtransaction, it lacks a proper change output)
|
|
utxos = [node.listunspent()[-1] for node in (rbf_node, peer_node)]
|
|
inputs = [{
|
|
"txid": utxo["txid"],
|
|
"vout": utxo["vout"],
|
|
"address": utxo["address"],
|
|
"sequence": BIP125_SEQUENCE_NUMBER
|
|
} for utxo in utxos]
|
|
output_val = sum(utxo["amount"] for utxo in utxos) - Decimal("0.001")
|
|
rawtx = rbf_node.createrawtransaction(inputs, {dest_address: output_val})
|
|
signedtx = rbf_node.signrawtransactionwithwallet(rawtx)
|
|
signedtx = peer_node.signrawtransactionwithwallet(signedtx["hex"])
|
|
rbfid = rbf_node.sendrawtransaction(signedtx["hex"])
|
|
assert_raises_rpc_error(-4, "Transaction contains inputs that don't belong to this wallet",
|
|
rbf_node.bumpfee, rbfid)
|
|
|
|
|
|
def test_bumpfee_with_descendant_fails(rbf_node, rbf_node_address, dest_address):
|
|
# cannot bump fee if the transaction has a descendant
|
|
# parent is send-to-self, so we don't have to check which output is change when creating the child tx
|
|
parent_id = spend_one_input(rbf_node, rbf_node_address)
|
|
tx = rbf_node.createrawtransaction([{"txid": parent_id, "vout": 0}], {dest_address: 0.00020000})
|
|
tx = rbf_node.signrawtransactionwithwallet(tx)
|
|
rbf_node.sendrawtransaction(tx["hex"])
|
|
assert_raises_rpc_error(-8, "Transaction has descendants in the wallet", rbf_node.bumpfee, parent_id)
|
|
|
|
|
|
def test_small_output_fails(rbf_node, dest_address):
|
|
# cannot bump fee with a too-small output
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
rbf_node.bumpfee(rbfid, {"totalFee": 50000})
|
|
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
assert_raises_rpc_error(-4, "Change output is too small", rbf_node.bumpfee, rbfid, {"totalFee": 50001})
|
|
|
|
|
|
def test_dust_to_fee(rbf_node, dest_address):
|
|
# check that if output is reduced to dust, it will be converted to fee
|
|
# the bumped tx sets fee=49,900, but it converts to 50,000
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
fulltx = rbf_node.getrawtransaction(rbfid, 1)
|
|
# (32-byte p2sh-pwpkh output size + 148 p2pkh spend estimate) * 10k(discard_rate) / 1000 = 1800
|
|
# P2SH outputs are slightly "over-discarding" due to the IsDust calculation assuming it will
|
|
# be spent as a P2PKH.
|
|
bumped_tx = rbf_node.bumpfee(rbfid, {"totalFee": 50000-1800})
|
|
full_bumped_tx = rbf_node.getrawtransaction(bumped_tx["txid"], 1)
|
|
assert_equal(bumped_tx["fee"], Decimal("0.00050000"))
|
|
assert_equal(len(fulltx["vout"]), 2)
|
|
assert_equal(len(full_bumped_tx["vout"]), 1) #change output is eliminated
|
|
|
|
|
|
def test_settxfee(rbf_node, dest_address):
|
|
assert_raises_rpc_error(-8, "txfee cannot be less than min relay tx fee", rbf_node.settxfee, Decimal('0.000005'))
|
|
assert_raises_rpc_error(-8, "txfee cannot be less than wallet min fee", rbf_node.settxfee, Decimal('0.000015'))
|
|
# check that bumpfee reacts correctly to the use of settxfee (paytxfee)
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
requested_feerate = Decimal("0.00025000")
|
|
rbf_node.settxfee(requested_feerate)
|
|
bumped_tx = rbf_node.bumpfee(rbfid)
|
|
actual_feerate = bumped_tx["fee"] * 1000 / rbf_node.getrawtransaction(bumped_tx["txid"], True)["vsize"]
|
|
# Assert that the difference between the requested feerate and the actual
|
|
# feerate of the bumped transaction is small.
|
|
assert_greater_than(Decimal("0.00001000"), abs(requested_feerate - actual_feerate))
|
|
rbf_node.settxfee(Decimal("0.00000000")) # unset paytxfee
|
|
|
|
|
|
def test_rebumping(rbf_node, dest_address):
|
|
# check that re-bumping the original tx fails, but bumping the bumper succeeds
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
bumped = rbf_node.bumpfee(rbfid, {"totalFee": 2000})
|
|
assert_raises_rpc_error(-4, "already bumped", rbf_node.bumpfee, rbfid, {"totalFee": 3000})
|
|
rbf_node.bumpfee(bumped["txid"], {"totalFee": 3000})
|
|
|
|
|
|
def test_rebumping_not_replaceable(rbf_node, dest_address):
|
|
# check that re-bumping a non-replaceable bump tx fails
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
bumped = rbf_node.bumpfee(rbfid, {"totalFee": 10000, "replaceable": False})
|
|
assert_raises_rpc_error(-4, "Transaction is not BIP 125 replaceable", rbf_node.bumpfee, bumped["txid"],
|
|
{"totalFee": 20000})
|
|
|
|
|
|
def test_unconfirmed_not_spendable(rbf_node, rbf_node_address):
|
|
# check that unconfirmed outputs from bumped transactions are not spendable
|
|
rbfid = spend_one_input(rbf_node, rbf_node_address)
|
|
rbftx = rbf_node.gettransaction(rbfid)["hex"]
|
|
assert rbfid in rbf_node.getrawmempool()
|
|
bumpid = rbf_node.bumpfee(rbfid)["txid"]
|
|
assert bumpid in rbf_node.getrawmempool()
|
|
assert rbfid not in rbf_node.getrawmempool()
|
|
|
|
# check that outputs from the bump transaction are not spendable
|
|
# due to the replaces_txid check in CWallet::AvailableCoins
|
|
assert_equal([t for t in rbf_node.listunspent(minconf=0, include_unsafe=False) if t["txid"] == bumpid], [])
|
|
|
|
# submit a block with the rbf tx to clear the bump tx out of the mempool,
|
|
# then invalidate the block so the rbf tx will be put back in the mempool.
|
|
# This makes it possible to check whether the rbf tx outputs are
|
|
# spendable before the rbf tx is confirmed.
|
|
block = submit_block_with_tx(rbf_node, rbftx)
|
|
# Can not abandon conflicted tx
|
|
assert_raises_rpc_error(-5, 'Transaction not eligible for abandonment', lambda: rbf_node.abandontransaction(txid=bumpid))
|
|
rbf_node.invalidateblock(block.hash)
|
|
# Call abandon to make sure the wallet doesn't attempt to resubmit
|
|
# the bump tx and hope the wallet does not rebroadcast before we call.
|
|
rbf_node.abandontransaction(bumpid)
|
|
assert bumpid not in rbf_node.getrawmempool()
|
|
assert rbfid in rbf_node.getrawmempool()
|
|
|
|
# check that outputs from the rbf tx are not spendable before the
|
|
# transaction is confirmed, due to the replaced_by_txid check in
|
|
# CWallet::AvailableCoins
|
|
assert_equal([t for t in rbf_node.listunspent(minconf=0, include_unsafe=False) if t["txid"] == rbfid], [])
|
|
|
|
# check that the main output from the rbf tx is spendable after confirmed
|
|
rbf_node.generate(1)
|
|
assert_equal(
|
|
sum(1 for t in rbf_node.listunspent(minconf=0, include_unsafe=False)
|
|
if t["txid"] == rbfid and t["address"] == rbf_node_address and t["spendable"]), 1)
|
|
|
|
|
|
def test_bumpfee_metadata(rbf_node, dest_address):
|
|
rbfid = rbf_node.sendtoaddress(dest_address, Decimal("0.00100000"), "comment value", "to value")
|
|
bumped_tx = rbf_node.bumpfee(rbfid)
|
|
bumped_wtx = rbf_node.gettransaction(bumped_tx["txid"])
|
|
assert_equal(bumped_wtx["comment"], "comment value")
|
|
assert_equal(bumped_wtx["to"], "to value")
|
|
|
|
|
|
def test_locked_wallet_fails(rbf_node, dest_address):
|
|
rbfid = spend_one_input(rbf_node, dest_address)
|
|
rbf_node.walletlock()
|
|
assert_raises_rpc_error(-13, "Please enter the wallet passphrase with walletpassphrase first.",
|
|
rbf_node.bumpfee, rbfid)
|
|
|
|
|
|
def spend_one_input(node, dest_address):
|
|
tx_input = dict(
|
|
sequence=BIP125_SEQUENCE_NUMBER, **next(u for u in node.listunspent() if u["amount"] == Decimal("0.00100000")))
|
|
rawtx = node.createrawtransaction(
|
|
[tx_input], {dest_address: Decimal("0.00050000"),
|
|
node.getrawchangeaddress(): Decimal("0.00049000")})
|
|
signedtx = node.signrawtransactionwithwallet(rawtx)
|
|
txid = node.sendrawtransaction(signedtx["hex"])
|
|
return txid
|
|
|
|
|
|
def submit_block_with_tx(node, tx):
|
|
ctx = CTransaction()
|
|
ctx.deserialize(io.BytesIO(hex_str_to_bytes(tx)))
|
|
|
|
tip = node.getbestblockhash()
|
|
height = node.getblockcount() + 1
|
|
block_time = node.getblockheader(tip)["mediantime"] + 1
|
|
block = create_block(int(tip, 16), create_coinbase(height), block_time)
|
|
block.vtx.append(ctx)
|
|
block.rehash()
|
|
block.hashMerkleRoot = block.calc_merkle_root()
|
|
add_witness_commitment(block)
|
|
block.solve()
|
|
node.submitblock(bytes_to_hex_str(block.serialize(True)))
|
|
return block
|
|
|
|
|
|
if __name__ == "__main__":
|
|
BumpFeeTest().main()
|