+!depends/patches/**/*.patch

+free -m -h

+echo "Number of CPUs (nproc): $(nproc)"

+

+# Bootstrappable Bitcoin Core Builds

+

+This directory contains the files necessary to perform bootstrappable Bitcoin

+Core builds.

+

+[Bootstrappability][b17e] furthers our binary security guarantees by allowing us

+to _audit and reproduce_ our toolchain instead of blindly _trusting_ binary

+downloads.

+

+We achieve bootstrappability by using Guix as a functional package manager.

+

+## Requirements

+

+Conservatively, a x86_64 machine with:

+

+- 2 or more logical cores

+- 4GB of free disk space on the partition that /gnu/store will reside in

+- 24GB of free disk space on the partition that the Bitcoin Core git repository

+ resides in

+

+> Note: these requirements are slightly less onerous than those of Gitian builds

+

+## Setup

+

+### Installing Guix

+

+If you're just testing this out, you can use the

+[Dockerfile][fanquake/guix-docker] for convenience. It automatically speeds up

+your builds by [using substitutes](#speeding-up-builds-with-substitute-servers).

+If you don't want this behaviour, refer to the [next

+section](#choosing-your-security-model).

+

+Otherwise, follow the [Guix installation guide][guix/bin-install].

+

+> Note: For those who like to keep their filesystems clean, Guix is designed to

+> be very standalone and _will not_ conflict with your system's package

+> manager/existing setup. It _only_ touches `/var/guix`, `/gnu`, and

+> `~/.config/guix`.

+

+### Choosing your security model

+

+Guix allows us to achieve better binary security by using our CPU time to build

+everything from scratch. However, it doesn't sacrifice user choice in pursuit of

+this: users can decide whether or not to bootstrap and to use substitutes.

+

+After installation, you may want to consider [adding substitute

+servers](#speeding-up-builds-with-substitute-servers) to speed up your build if

+that fits your security model (say, if you're just testing that this works).

+This is skippable if you're using the [Dockerfile][fanquake/guix-docker].

+

+If you prefer not to use any substitutes, make sure to set

+`ADDITIONAL_GUIX_ENVIRONMENT_FLAGS` like the following snippet. The first build

+will take a while, but the resulting packages will be cached for future builds.

+

+```sh

+export ADDITIONAL_GUIX_ENVIRONMENT_FLAGS='--no-substitutes'

+```

+

+Likewise, to perform a bootstrapped build (takes even longer):

+

+```sh

+export ADDITIONAL_GUIX_ENVIRONMENT_FLAGS='--bootstrap --no-substitutes'

+```

+

+### Using the right Guix

+

+Once Guix is installed, deploy our patched version into your current Guix

+profile. The changes there are slowly being upstreamed.

+

+```sh

+guix pull --url=https://github.com/dongcarl/guix.git \

+ --commit=82c77e52b8b46e0a3aad2cb12307c2e30547deec \

+ --max-jobs=4 # change accordingly

+```

+

+Make sure that you are using your current profile. (You are prompted to do this

+at the end of the `guix pull`)

+

+```bash

+export PATH="${HOME}/.config/guix/current/bin${PATH:+:}$PATH"

+```

+

+> Note: There is ongoing work to eliminate this entire section using Guix

+> [inferiors][guix/inferiors] and [channels][guix/channels].

+

+## Usage

+

+### As a Development Environment

+

+For a Bitcoin Core depends development environment, simply invoke

+

+```sh

+guix environment --manifest=contrib/guix/manifest.scm

+```

+

+And you'll land back in your shell with all the build dependencies required for

+a `depends` build injected into your environment.

+

+### As a Tool for Deterministic Builds

+

+From the top of a clean Bitcoin Core repository:

+

+```sh

+./contrib/guix/guix-build.sh

+```

+

+After the build finishes successfully (check the status code please), compare

+hashes:

+

+```sh

+find output/ -type f -print0 | sort -z | xargs -r0 sha256sum

+```

+

+#### Recognized environment variables

+

+* _**HOSTS**_

+

+ Override the space-separated list of platform triples for which to perform a

+ bootstrappable build. _(defaults to "i686-linux-gnu x86\_64-linux-gnu

+ arm-linux-gnueabihf aarch64-linux-gnu riscv64-linux-gnu")_

+

+ > Windows and OS X platform triplet support are WIP.

+

+* _**SOURCES_PATH**_

+

+ Set the depends tree download cache for sources. This is passed through to the

+ depends tree. Setting this to the same directory across multiple builds of the

+ depends tree can eliminate unnecessary redownloading of package sources.

+

+* _**MAX_JOBS**_

+

+ Override the maximum number of jobs to run simultaneously, you might want to

+ do so on a memory-limited machine. This may be passed to `make` as in `make

+ --jobs="$MAX_JOBS"` or `xargs` as in `xargs -P"$MAX_JOBS"`. _(defaults to the

+ value of `nproc` outside the container)_

+

+* _**SOURCE_DATE_EPOCH**_

+

+ Override the reference UNIX timestamp used for bit-for-bit reproducibility,

+ the variable name conforms to [standard][r12e/source-date-epoch]. _(defaults

+ to the output of `$(git log --format=%at -1)`)_

+

+* _**V**_

+

+ If non-empty, will pass `V=1` to all `make` invocations, making `make` output

+ verbose.

+

+* _**ADDITIONAL_GUIX_ENVIRONMENT_FLAGS**_

+

+ Additional flags to be passed to `guix environment`. For a fully-bootstrapped

+ build, set this to `--bootstrap --no-substitutes` (refer to the [security

+ model section](#choosing-your-security-model) for more details). Note that a

+ fully-bootstrapped build will take quite a long time on the first run.

+

+## Tips and Tricks

+

+### Speeding up builds with substitute servers

+

+_This whole section is automatically done in the convenience

+[Dockerfiles][fanquake/guix-docker]_

+

+For those who are used to life in the fast _(and trustful)_ lane, you can use

+[substitute servers][guix/substitutes] to enable binary downloads of packages.

+

+> For those who only want to use substitutes from the official Guix build farm

+> and have authorized the build farm's signing key during Guix's installation,

+> you don't need to do anything.

+

+#### Authorize the signing keys

+

+For the official Guix build farm at https://ci.guix.gnu.org, run as root:

+

+```

+guix archive --authorize < ~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub

+```

+

+For dongcarl's substitute server at https://guix.carldong.io, run as root:

+

+```sh

+wget -qO- 'https://guix.carldong.io/signing-key.pub' | guix archive --authorize

+```

+

+#### Use the substitute servers

+

+The official Guix build farm at https://ci.guix.gnu.org is automatically used

+unless the `--no-substitutes` flag is supplied.

+

+This can be overridden for all `guix` invocations by passing the

+`--substitute-urls` option to your invocation of `guix-daemon`. This can also be

+overridden on a call-by-call basis by passing the same `--substitute-urls`

+option to client tools such at `guix environment`.

+

+To use dongcarl's substitute server for Bitcoin Core builds after having

+[authorized his signing key](#authorize-the-signing-keys):

+

+```

+export ADDITIONAL_GUIX_ENVIRONMENT_FLAGS='--substitute-urls="https://guix.carldong.io https://ci.guix.gnu.org"'

+```

+

+## FAQ

+

+### How can I trust the binary installation?

+

+As mentioned at the bottom of [this manual page][guix/bin-install]:

+

+> The binary installation tarballs can be (re)produced and verified simply by

+> running the following command in the Guix source tree:

+>

+> make guix-binary.x86_64-linux.tar.xz

+

+### When will Guix be packaged in debian?

+

+Vagrant Cascadian has been making good progress on this

+[here][debian/guix-package]. We have all the pieces needed to put up an APT

+repository and will likely put one up soon.

+

+[b17e]: http://bootstrappable.org/

+[r12e/source-date-epoch]: https://reproducible-builds.org/docs/source-date-epoch/

+

+[guix/install.sh]: https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh

+[guix/bin-install]: https://www.gnu.org/software/guix/manual/en/html_node/Binary-Installation.html

+[guix/env-setup]: https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html

+[guix/substitutes]: https://www.gnu.org/software/guix/manual/en/html_node/Substitutes.html

+[guix/substitute-server-auth]: https://www.gnu.org/software/guix/manual/en/html_node/Substitute-Server-Authorization.html

+[guix/inferiors]: https://www.gnu.org/software/guix/manual/en/html_node/Inferiors.html

+[guix/channels]: https://www.gnu.org/software/guix/manual/en/html_node/Channels.html

+

+[debian/guix-package]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850644

+[fanquake/guix-docker]: https://github.com/fanquake/core-review/tree/master/guix

+#!/usr/bin/env bash

+export LC_ALL=C

+set -e -o pipefail

+

+# Determine the maximum number of jobs to run simultaneously (overridable by

+# environment)

+MAX_JOBS="${MAX_JOBS:-$(nproc)}"

+

+# Download the depends sources now as we won't have internet access in the build

+# container

+make -C "${PWD}/depends" -j"$MAX_JOBS" download ${V:+V=1} ${SOURCES_PATH:+SOURCES_PATH="$SOURCES_PATH"}

+

+# Determine the reference time used for determinism (overridable by environment)

+SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:-$(git log --format=%at -1)}"

+

+# Deterministically build Bitcoin Core for HOSTs (overriable by environment)

+for host in ${HOSTS=i686-linux-gnu x86_64-linux-gnu arm-linux-gnueabihf aarch64-linux-gnu riscv64-linux-gnu}; do

+

+ # Display proper warning when the user interrupts the build

+ trap 'echo "** INT received while building ${host}, you may want to clean up the relevant output and distsrc-* directories before rebuilding"' INT

+

+ # Run the build script 'contrib/guix/libexec/build.sh' in the build

+ # container specified by 'contrib/guix/manifest.scm'

+ # shellcheck disable=SC2086

+ guix environment --manifest="${PWD}/contrib/guix/manifest.scm" \

+ --container \

+ --pure \

+ --no-cwd \

+ --share="$PWD"=/bitcoin \

+ ${SOURCES_PATH:+--share="$SOURCES_PATH"} \

+ ${ADDITIONAL_GUIX_ENVIRONMENT_FLAGS} \

+ -- env HOST="$host" \

+ MAX_JOBS="$MAX_JOBS" \

+ SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:?unable to determine value}" \

+ ${V:+V=1} \

+ ${SOURCES_PATH:+SOURCES_PATH="$SOURCES_PATH"} \

+ bash -c "cd /bitcoin && bash contrib/guix/libexec/build.sh"

+

+done

+#!/usr/bin/env bash

+export LC_ALL=C

+set -e -o pipefail

+

+# Check that environment variables assumed to be set by the environment are set

+echo "Building for platform triple ${HOST:?not set} with reference timestamp ${SOURCE_DATE_EPOCH:?not set}..."

+echo "At most ${MAX_JOBS:?not set} jobs will run at once..."

+

+#####################

+# Environment Setup #

+#####################

+

+# The depends folder also serves as a base-prefix for depends packages for

+# $HOSTs after successfully building.

+BASEPREFIX="${PWD}/depends"

+

+# Setup an output directory for our build

+OUTDIR="${OUTDIR:-${PWD}/output}"

+[ -e "$OUTDIR" ] || mkdir -p "$OUTDIR"

+

+# Setup the directory where our Bitcoin Core build for HOST will occur

+DISTSRC="${DISTSRC:-${PWD}/distsrc-${HOST}}"

+if [ -e "$DISTSRC" ]; then

+ echo "DISTSRC directory '${DISTSRC}' exists, probably because of previous builds... Aborting..."

+ exit 1

+else

+ mkdir -p "$DISTSRC"

+fi

+

+# Given a package name and an output name, return the path of that output in our

+# current guix environment

+store_path() {

+ grep --extended-regexp "/[^-]{32}-${1}-cross-${HOST}-[^-]+${2:+-${2}}" "${GUIX_ENVIRONMENT}/manifest" \

+ | head --lines=1 \

+ | sed --expression='s|^[[:space:]]*"||' \

+ --expression='s|"[[:space:]]*$||'

+}

+

+# Determine output paths to use in CROSS_* environment variables

+CROSS_GLIBC="$(store_path glibc)"

+CROSS_GLIBC_STATIC="$(store_path glibc static)"

+CROSS_KERNEL="$(store_path linux-libre-headers)"

+CROSS_GCC="$(store_path gcc)"

+

+# Set environment variables to point Guix's cross-toolchain to the right

+# includes/libs for $HOST

+export CROSS_C_INCLUDE_PATH="${CROSS_GCC}/include:${CROSS_GLIBC}/include:${CROSS_KERNEL}/include"

+export CROSS_CPLUS_INCLUDE_PATH="${CROSS_GCC}/include/c++:${CROSS_GLIBC}/include:${CROSS_KERNEL}/include"

+export CROSS_LIBRARY_PATH="${CROSS_GLIBC}/lib:${CROSS_GLIBC_STATIC}/lib:${CROSS_GCC}/lib:${CROSS_GCC}/${HOST}/lib:${CROSS_KERNEL}/lib"

+

+# Disable Guix ld auto-rpath behavior

+export GUIX_LD_WRAPPER_DISABLE_RPATH=yes

+

+# Make /usr/bin if it doesn't exist

+[ -e /usr/bin ] || mkdir -p /usr/bin

+

+# Symlink file and env to a conventional path

+[ -e /usr/bin/file ] || ln -s --no-dereference "$(command -v file)" /usr/bin/file

+[ -e /usr/bin/env ] || ln -s --no-dereference "$(command -v env)" /usr/bin/env

+

+# Determine the correct value for -Wl,--dynamic-linker for the current $HOST

+glibc_dynamic_linker=$(

+ case "$HOST" in

+ i686-linux-gnu) echo /lib/ld-linux.so.2 ;;

+ x86_64-linux-gnu) echo /lib64/ld-linux-x86-64.so.2 ;;

+ arm-linux-gnueabihf) echo /lib/ld-linux-armhf.so.3 ;;

+ aarch64-linux-gnu) echo /lib/ld-linux-aarch64.so.1 ;;

+ riscv64-linux-gnu) echo /lib/ld-linux-riscv64-lp64d.so.1 ;;

+ *) exit 1 ;;

+ esac

+)

+

+# Environment variables for determinism

+export QT_RCC_TEST=1

+export QT_RCC_SOURCE_DATE_OVERRIDE=1

+export TAR_OPTIONS="--owner=0 --group=0 --numeric-owner --mtime='@${SOURCE_DATE_EPOCH}' --sort=name"

+export TZ="UTC"

+

+####################

+# Depends Building #

+####################

+

+# Build the depends tree, overriding variables that assume multilib gcc

+make -C depends --jobs="$MAX_JOBS" HOST="$HOST" \

+ ${V:+V=1} \

+ ${SOURCES_PATH+SOURCES_PATH="$SOURCES_PATH"} \

+ i686_linux_CC=i686-linux-gnu-gcc \

+ i686_linux_CXX=i686-linux-gnu-g++ \

+ i686_linux_AR=i686-linux-gnu-ar \

+ i686_linux_RANLIB=i686-linux-gnu-ranlib \

+ i686_linux_NM=i686-linux-gnu-nm \

+ i686_linux_STRIP=i686-linux-gnu-strip \

+ x86_64_linux_CC=x86_64-linux-gnu-gcc \

+ x86_64_linux_CXX=x86_64-linux-gnu-g++ \

+ x86_64_linux_AR=x86_64-linux-gnu-ar \

+ x86_64_linux_RANLIB=x86_64-linux-gnu-ranlib \

+ x86_64_linux_NM=x86_64-linux-gnu-nm \

+ x86_64_linux_STRIP=x86_64-linux-gnu-strip \

+ qt_config_opts_i686_linux='-platform linux-g++ -xplatform bitcoin-linux-g++'

+

+

+###########################

+# Source Tarball Building #

+###########################

+

+# Create the source tarball and move it to "${OUTDIR}/src" if not already there

+if [ -z "$(find "${OUTDIR}/src" -name 'bitcoin-*.tar.gz')" ]; then

+ ./autogen.sh

+ env CONFIG_SITE="${BASEPREFIX}/${HOST}/share/config.site" ./configure --prefix=/

+ make dist GZIP_ENV='-9n' ${V:+V=1}

+ mkdir -p "${OUTDIR}/src"

+ mv "$(find "${PWD}" -name 'bitcoin-*.tar.gz')" "${OUTDIR}/src/"

+fi

+

+# Determine the full path to our source tarball

+SOURCEDIST="$(find "${OUTDIR}/src" -name 'bitcoin-*.tar.gz')"

+# Determine our distribution name (e.g. bitcoin-0.18.0)

+DISTNAME="$(basename "$SOURCEDIST" '.tar.gz')"

+

+###########################

+# Binary Tarball Building #

+###########################

+

+# Create a spec file to normalize ssp linking behaviour

+spec_file="$(mktemp)"

+cat << EOF > "$spec_file"

+*link_ssp:

+%{fstack-protector|fstack-protector-all|fstack-protector-strong|fstack-protector-explicit:}

+EOF

+

+# Similar flags to Gitian

+CONFIGFLAGS="--enable-glibc-back-compat --enable-reduce-exports --disable-bench --disable-gui-tests"

+HOST_CFLAGS="-O2 -g -specs=${spec_file} -ffile-prefix-map=${PWD}=."

+HOST_CXXFLAGS="-O2 -g -specs=${spec_file} -ffile-prefix-map=${PWD}=."

+HOST_LDFLAGS="-Wl,--as-needed -Wl,--dynamic-linker=$glibc_dynamic_linker -static-libstdc++"

+

+# Make $HOST-specific native binaries from depends available in $PATH

+export PATH="${BASEPREFIX}/${HOST}/native/bin:${PATH}"

+(

+ cd "$DISTSRC"

+

+ # Extract the source tarball

+ tar --strip-components=1 -xf "${SOURCEDIST}"

+

+ # Configure this DISTSRC for $HOST

+ # shellcheck disable=SC2086

+ env CONFIG_SITE="${BASEPREFIX}/${HOST}/share/config.site" \

+ ./configure --prefix=/ \

+ --disable-ccache \

+ --disable-maintainer-mode \

+ --disable-dependency-tracking \

+ ${CONFIGFLAGS} \

+ CFLAGS="${HOST_CFLAGS}" \

+ CXXFLAGS="${HOST_CXXFLAGS}" \

+ LDFLAGS="${HOST_LDFLAGS}"

+

+ sed -i.old 's/-lstdc++ //g' config.status libtool src/univalue/config.status src/univalue/libtool

+

+ # Build Bitcoin Core

+ make --jobs="$MAX_JOBS" ${V:+V=1}

+

+ # Perform basic ELF security checks on a series of executables.

+ make -C src --jobs=1 check-security ${V:+V=1}

+ # Check that executables only contain allowed gcc, glibc and libstdc++

+ # version symbols for Linux distro back-compatibility.

+ make -C src --jobs=1 check-symbols ${V:+V=1}

+

+ # Setup the directory where our Bitcoin Core build for HOST will be

+ # installed. This directory will also later serve as the input for our

+ # binary tarballs.

+ INSTALLPATH="${PWD}/installed/${DISTNAME}"

+ mkdir -p "${INSTALLPATH}"

+ # Install built Bitcoin Core to $INSTALLPATH

+ make install DESTDIR="${INSTALLPATH}" ${V:+V=1}

+ (

+ cd installed

+

+ # Prune libtool and object archives

+ find . -name "lib*.la" -delete

+ find . -name "lib*.a" -delete

+

+ # Prune pkg-config files

+ rm -r "${DISTNAME}/lib/pkgconfig"

+

+ # Split binaries and libraries from their debug symbols

+ {

+ find "${DISTNAME}/bin" -type f -executable -print0

+ find "${DISTNAME}/lib" -type f -print0

+ } | xargs -0 -n1 -P"$MAX_JOBS" -I{} "${DISTSRC}/contrib/devtools/split-debug.sh" {} {} {}.dbg

+

+ cp "${DISTSRC}/doc/README.md" "${DISTNAME}/"

+

+ # Finally, deterministically produce {non-,}debug binary tarballs ready

+ # for release

+ find "${DISTNAME}" -not -name "*.dbg" -print0 \

+ | sort --zero-terminated \

+ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \

+ | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}.tar.gz" \

+ || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}.tar.gz" && exit 1 )

+ find "${DISTNAME}" -name "*.dbg" -print0 \

+ | sort --zero-terminated \

+ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \

+ | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}-debug.tar.gz" \

+ || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}-debug.tar.gz" && exit 1 )

+ )

+)

+(use-modules (gnu)

+ (gnu packages)

+ (gnu packages autotools)

+ (gnu packages base)

+ (gnu packages bash)

+ (gnu packages check)

+ (gnu packages commencement)

+ (gnu packages compression)

+ (gnu packages cross-base)

+ (gnu packages file)

+ (gnu packages gawk)

+ (gnu packages gcc)

+ (gnu packages linux)

+ (gnu packages perl)

+ (gnu packages pkg-config)

+ (gnu packages python)

+ (gnu packages shells)

+ (guix build-system trivial)

+ (guix gexp)

+ (guix packages)

+ (guix profiles)

+ (guix utils))

+

+(define (make-ssp-fixed-gcc xgcc)

+ "Given a XGCC package, return a modified package that uses the SSP function

+from glibc instead of from libssp.so. Taken from:

+http://www.linuxfromscratch.org/hlfs/view/development/chapter05/gcc-pass1.html"

+ (package

+ (inherit xgcc)

+ (arguments

+ (substitute-keyword-arguments (package-arguments xgcc)

+ ((#:make-flags flags)

+ `(cons "gcc_cv_libc_provides_ssp=yes" ,flags))))))

+

+(define (make-gcc-rpath-link xgcc)

+ "Given a XGCC package, return a modified package that replace each instance of

+-rpath in the default system spec that's inserted by Guix with -rpath-link"

+ (package

+ (inherit xgcc)

+ (arguments

+ (substitute-keyword-arguments (package-arguments xgcc)

+ ((#:phases phases)

+ `(modify-phases ,phases

+ (add-after 'pre-configure 'replace-rpath-with-rpath-link

+ (lambda _

+ (substitute* (cons "gcc/config/rs6000/sysv4.h"

+ (find-files "gcc/config"

+ "^gnu-user.*\\.h$"))

+ (("-rpath=") "-rpath-link="))

+ #t))))))))

+

+(define (make-cross-toolchain target

+ base-gcc-for-libc

+ base-kernel-headers

+ base-libc

+ base-gcc)

+ "Create a cross-compilation toolchain package for TARGET"

+ (let* ((xbinutils (cross-binutils target))

+ ;; 1. Build a cross-compiling gcc without targeting any libc, derived

+ ;; from BASE-GCC-FOR-LIBC

+ (xgcc-sans-libc (cross-gcc target

+ #:xgcc base-gcc-for-libc

+ #:xbinutils xbinutils))

+ ;; 2. Build cross-compiled kernel headers with XGCC-SANS-LIBC, derived

+ ;; from BASE-KERNEL-HEADERS

+ (xkernel (cross-kernel-headers target

+ base-kernel-headers

+ xgcc-sans-libc

+ xbinutils))

+ ;; 3. Build a cross-compiled libc with XGCC-SANS-LIBC and XKERNEL,

+ ;; derived from BASE-LIBC

+ (xlibc (cross-libc target

+ base-libc

+ xgcc-sans-libc

+ xbinutils

+ xkernel))

+ ;; 4. Build a cross-compiling gcc targeting XLIBC, derived from

+ ;; BASE-GCC

+ (xgcc (cross-gcc target

+ #:xgcc base-gcc

+ #:xbinutils xbinutils

+ #:libc xlibc)))

+ ;; Define a meta-package that propagates the resulting XBINUTILS, XLIBC, and

+ ;; XGCC

+ (package

+ (name (string-append target "-toolchain"))

+ (version (package-version xgcc))

+ (source #f)

+ (build-system trivial-build-system)

+ (arguments '(#:builder (begin (mkdir %output) #t)))

+ (propagated-inputs

+ `(("binutils" ,xbinutils)

+ ("libc" ,xlibc)

+ ("libc:static" ,xlibc "static")

+ ("gcc" ,xgcc)))

+ (synopsis (string-append "Complete GCC tool chain for " target))

+ (description (string-append "This package provides a complete GCC tool

+chain for " target " development."))

+ (home-page (package-home-page xgcc))

+ (license (package-license xgcc)))))

+

+(define* (make-bitcoin-cross-toolchain target

+ #:key

+ (base-gcc-for-libc gcc-5)

+ (base-kernel-headers linux-libre-headers-4.19)

+ (base-libc glibc-2.27)

+ (base-gcc (make-gcc-rpath-link

+ (make-ssp-fixed-gcc gcc-9))))

+ "Convienience wrapper around MAKE-CROSS-TOOLCHAIN with default values

+desirable for building Bitcoin Core release binaries."

+ (make-cross-toolchain target

+ base-gcc-for-libc

+ base-kernel-headers

+ base-libc

+ base-gcc))

+

+(packages->manifest

+ (list ;; The Basics

+ bash-minimal

+ which

+ coreutils

+ util-linux

+ ;; File(system) inspection

+ file

+ grep

+ diffutils

+ findutils

+ ;; File transformation

+ patch

+ gawk

+ sed

+ ;; Compression and archiving

+ tar

+ bzip2

+ gzip

+ xz

+ zlib

+ ;; Build tools

+ gnu-make

+ libtool

+ autoconf

+ automake

+ pkg-config

+ ;; Scripting

+ perl

+ python-3.7

+ ;; Native gcc 9 toolchain targeting glibc 2.27

+ (make-gcc-toolchain gcc-9 glibc-2.27)

+ ;; Cross gcc 9 toolchains targeting glibc 2.27

+ (make-bitcoin-cross-toolchain "i686-linux-gnu")

+ (make-bitcoin-cross-toolchain "x86_64-linux-gnu")

+ (make-bitcoin-cross-toolchain "aarch64-linux-gnu")

+ (make-bitcoin-cross-toolchain "arm-linux-gnueabihf")

+ ;; The glibc 2.27 for riscv64 needs gcc 7 to successfully build (see:

+ ;; https://www.gnu.org/software/gcc/gcc-7/changes.html#riscv). The final

+ ;; toolchain is still a gcc 9 toolchain targeting glibc 2.27.

+ (make-bitcoin-cross-toolchain "riscv64-linux-gnu"

+ #:base-gcc-for-libc gcc-7)))

+$(package)_dependencies=xcb_proto libXau

+qt_linux_packages:=qt expat libxcb xcb_proto libXau xproto freetype fontconfig

+$(package)_linux_dependencies=freetype fontconfig libxcb

+$(package)_patches=fix_qt_pkgconfig.patch mac-qmake.conf fix_configure_mac.patch fix_no_printer.patch fix_rcc_determinism.patch fix_riscv64_arch.patch xkb-default.patch no-xlib.patch

+$(package)_config_opts += -no-ico

+$(package)_config_opts += -no-feature-bearermanagement

+$(package)_config_opts += -no-feature-colordialog

+$(package)_config_opts += -no-feature-commandlineparser

+$(package)_config_opts += -no-feature-concurrent

+$(package)_config_opts += -no-feature-filesystemwatcher

+$(package)_config_opts += -no-feature-fontcombobox

+$(package)_config_opts += -no-feature-image_heuristic_mask

+$(package)_config_opts += -no-feature-keysequenceedit

+$(package)_config_opts += -no-feature-printer

+$(package)_config_opts += -no-feature-printpreviewdialog

+$(package)_config_opts += -no-feature-printpreviewwidget

+$(package)_config_opts += -no-feature-regularexpression

+$(package)_config_opts += -no-feature-sessionmanager

+$(package)_config_opts += -no-feature-topleveldomain

+$(package)_config_opts += -no-feature-undocommand

+$(package)_config_opts += -no-feature-undogroup

+$(package)_config_opts += -no-feature-undostack

+$(package)_config_opts += -no-feature-undoview

+$(package)_config_opts += -no-feature-vnc

+$(package)_config_opts_linux += -no-xcb-xlib

+$(package)_config_opts_linux += -no-feature-xlib

+ patch -p1 -i $($(package)_patch_dir)/no-xlib.patch &&\

+ sed -i.old "s|QMAKE_CXXFLAGS = |!host_build: QMAKE_CXXFLAGS = $($(package)_cxxflags) $($(package)_cppflags) |" qtbase/mkspecs/win32-g++/qmake.conf && \

+ sed -i.old "s/LIBRARY_PATH/(CROSS_)?\0/g" qtbase/mkspecs/features/toolchain.prf

+From 9563cef873ae82e06f60708d706d054717e801ce Mon Sep 17 00:00:00 2001

+From: Carl Dong <contact@carldong.me>

+Date: Thu, 18 Jul 2019 17:22:05 -0400

+Subject: [PATCH] Wrap xlib related code blocks in #if's

+

+They are not necessary to compile QT.

+---

+ qtbase/src/plugins/platforms/xcb/qxcbcursor.cpp | 8 ++++++++

+ 1 file changed, 8 insertions(+)

+

+diff --git a/qtbase/src/plugins/platforms/xcb/qxcbcursor.cpp b/qtbase/src/plugins/platforms/xcb/qxcbcursor.cpp

+index 7c62c2e2b3..c05c6c0a07 100644

+--- a/qtbase/src/plugins/platforms/xcb/qxcbcursor.cpp

++++ b/qtbase/src/plugins/platforms/xcb/qxcbcursor.cpp

+@@ -49,7 +49,9 @@

+ #include <QtGui/QWindow>

+ #include <QtGui/QBitmap>

+ #include <QtGui/private/qguiapplication_p.h>

++#if QT_CONFIG(xcb_xlib) && QT_CONFIG(library)

+ #include <X11/cursorfont.h>

++#endif

+ #include <xcb/xfixes.h>

+ #include <xcb/xcb_image.h>

+

+@@ -384,6 +386,7 @@ void QXcbCursor::changeCursor(QCursor *cursor, QWindow *widget)

+ w->setCursor(c, isBitmapCursor);

+ }

+

++#if QT_CONFIG(xcb_xlib) && QT_CONFIG(library)

+ static int cursorIdForShape(int cshape)

+ {

+ int cursorId = 0;

+@@ -437,6 +440,7 @@ static int cursorIdForShape(int cshape)

+ }

+ return cursorId;

+ }

++#endif

+

+ xcb_cursor_t QXcbCursor::createNonStandardCursor(int cshape)

+ {

+@@ -558,7 +562,9 @@ static xcb_cursor_t loadCursor(void *dpy, int cshape)

+ xcb_cursor_t QXcbCursor::createFontCursor(int cshape)

+ {

+ xcb_connection_t *conn = xcb_connection();

++#if QT_CONFIG(xcb_xlib) && QT_CONFIG(library)

+ int cursorId = cursorIdForShape(cshape);

++#endif

+ xcb_cursor_t cursor = XCB_NONE;

+

+ // Try Xcursor first

+@@ -589,6 +595,7 @@ xcb_cursor_t QXcbCursor::createFontCursor(int cshape)

+ // Non-standard X11 cursors are created from bitmaps

+ cursor = createNonStandardCursor(cshape);

+

++#if QT_CONFIG(xcb_xlib) && QT_CONFIG(library)

+ // Create a glpyh cursor if everything else failed

+ if (!cursor && cursorId) {

+ cursor = xcb_generate_id(conn);

+@@ -596,6 +603,7 @@ xcb_cursor_t QXcbCursor::createFontCursor(int cshape)

+ cursorId, cursorId + 1,

+ 0xFFFF, 0xFFFF, 0xFFFF, 0, 0, 0);

+ }

++#endif

+

+ if (cursor && cshape >= 0 && cshape < Qt::LastCursor && connection()->hasXFixes()) {

+ const char *name = cursorNames[cshape];

+--

+2.22.0

+

+* [`BIP 35`](https://github.com/bitcoin/bips/blob/master/bip-0035.mediawiki): The 'mempool' protocol message (and the protocol version bump to 60002) has been implemented since **v0.7.0** ([PR #1641](https://github.com/bitcoin/bitcoin/pull/1641)). As of **v0.13.0**, this is only available for `NODE_BLOOM` (BIP 111) peers.

+* [`BIP 37`](https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki): The bloom filtering for transaction relaying, partial Merkle trees for blocks, and the protocol version bump to 70001 (enabling low-bandwidth SPV clients) has been implemented since **v0.8.0** ([PR #1795](https://github.com/bitcoin/bitcoin/pull/1795)). Disabled by default since **v0.19.0**, can be enabled by the `-peerbloomfilters` option.

+done by the components (e.g. see the self-contained `FillableSigningProvider` class

+This release includes new features, various bug fixes and performance

+improvements, as well as updated translations.

+the Linux kernel, macOS 10.10+, and Windows 7 and newer. It is not recommended

+as frequently tested on them.

+From 0.17.0 onwards, macOS <10.10 is no longer supported. 0.17.0 is

+10.10. Additionally, Bitcoin Core does not yet change appearance when

+RPC

+---

+

+

+Tests

+-----

+

+- The regression test chain, that can be enabled by the `-regtest` command line

+ flag, now requires transactions to not violate standard policy by default.

+ Making the default the same as for mainnet, makes it easier to test mainnet

+ behavior on regtest. Be reminded that the testnet still allows non-standard

+ txs by default and that the policy can be locally adjusted with the

+ `-acceptnonstdtxn` command line flag for both test chains.

+

+P2P Changes

+-----------

+- The default value for the -peerbloomfilters configuration option (and, thus, NODE_BLOOM support) has been changed to false.

+ This resolves well-known DoS vectors in Bitcoin Core, especially for nodes with spinning disks. It is not anticipated that

+ this will result in a significant lack of availability of NODE_BLOOM-enabled nodes in the coming years, however, clients

+ which rely on the availability of NODE_BLOOM-supporting nodes on the P2P network should consider the process of migrating

+ to a more modern (and less trustful and privacy-violating) alternative over the coming years.

+ script/keyorigin.h \

+ script/signingprovider.h \

+ util/translation.h \

+ crypto/chacha_poly_aead.h \

+ crypto/chacha_poly_aead.cpp \

+ script/signingprovider.cpp \

+libbitcoinconsensus_la_SOURCES = support/cleanse.cpp $(crypto_libbitcoin_crypto_base_a_SOURCES) $(libbitcoin_consensus_a_SOURCES)

+ bench/chacha_poly_aead.cpp \

+#include <util/translation.h>

+ if (m_client_interface) m_client_interface->InitMessage(_("Loading banlist...").translated);

+#include <script/signingprovider.h>

+SetupDummyInputs(FillableSigningProvider& keystoreRet, CCoinsViewCache& coinsRet)

+ FillableSigningProvider keystore;

+// Copyright (c) 2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#include <iostream>

+

+#include <bench/bench.h>

+#include <crypto/chacha_poly_aead.h>

+#include <crypto/poly1305.h> // for the POLY1305_TAGLEN constant

+#include <hash.h>

+

+#include <limits>

+#include <assert.h>

+

+/* Number of bytes to process per iteration */

+static constexpr uint64_t BUFFER_SIZE_TINY = 64;

+static constexpr uint64_t BUFFER_SIZE_SMALL = 256;

+static constexpr uint64_t BUFFER_SIZE_LARGE = 1024 * 1024;

+

+static const unsigned char k1[32] = {0};

+static const unsigned char k2[32] = {0};

+

+static ChaCha20Poly1305AEAD aead(k1, 32, k2, 32);

+

+static void CHACHA20_POLY1305_AEAD(benchmark::State& state, size_t buffersize, bool include_decryption)

+{

+ std::vector<unsigned char> in(buffersize + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);

+ std::vector<unsigned char> out(buffersize + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);

+ uint64_t seqnr_payload = 0;

+ uint64_t seqnr_aad = 0;

+ int aad_pos = 0;

+ uint32_t len = 0;

+ while (state.KeepRunning()) {

+ // encrypt or decrypt the buffer with a static key

+ assert(aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, out.data(), out.size(), in.data(), buffersize, true));

+

+ if (include_decryption) {

+ // if we decrypt, include the GetLength

+ assert(aead.GetLength(&len, seqnr_aad, aad_pos, in.data()));

+ assert(aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, out.data(), out.size(), in.data(), buffersize, true));

+ }

+

+ // increase main sequence number

+ seqnr_payload++;

+ // increase aad position (position in AAD keystream)

+ aad_pos += CHACHA20_POLY1305_AEAD_AAD_LEN;

+ if (aad_pos + CHACHA20_POLY1305_AEAD_AAD_LEN > CHACHA20_ROUND_OUTPUT) {

+ aad_pos = 0;

+ seqnr_aad++;

+ }

+ if (seqnr_payload + 1 == std::numeric_limits<uint64_t>::max()) {

+ // reuse of nonce+key is okay while benchmarking.

+ seqnr_payload = 0;

+ seqnr_aad = 0;

+ aad_pos = 0;

+ }

+ }

+}

+

+static void CHACHA20_POLY1305_AEAD_64BYTES_ONLY_ENCRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_TINY, false);

+}

+

+static void CHACHA20_POLY1305_AEAD_256BYTES_ONLY_ENCRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_SMALL, false);

+}

+

+static void CHACHA20_POLY1305_AEAD_1MB_ONLY_ENCRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_LARGE, false);

+}

+

+static void CHACHA20_POLY1305_AEAD_64BYTES_ENCRYPT_DECRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_TINY, true);

+}

+

+static void CHACHA20_POLY1305_AEAD_256BYTES_ENCRYPT_DECRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_SMALL, true);

+}

+

+static void CHACHA20_POLY1305_AEAD_1MB_ENCRYPT_DECRYPT(benchmark::State& state)

+{

+ CHACHA20_POLY1305_AEAD(state, BUFFER_SIZE_LARGE, true);

+}

+

+// Add Hash() (dbl-sha256) bench for comparison

+

+static void HASH(benchmark::State& state, size_t buffersize)

+{

+ uint8_t hash[CHash256::OUTPUT_SIZE];

+ std::vector<uint8_t> in(buffersize,0);

+ while (state.KeepRunning())

+ CHash256().Write(in.data(), in.size()).Finalize(hash);

+}

+

+static void HASH_64BYTES(benchmark::State& state)

+{

+ HASH(state, BUFFER_SIZE_TINY);

+}

+

+static void HASH_256BYTES(benchmark::State& state)

+{

+ HASH(state, BUFFER_SIZE_SMALL);

+}

+

+static void HASH_1MB(benchmark::State& state)

+{

+ HASH(state, BUFFER_SIZE_LARGE);

+}

+

+BENCHMARK(CHACHA20_POLY1305_AEAD_64BYTES_ONLY_ENCRYPT, 500000);

+BENCHMARK(CHACHA20_POLY1305_AEAD_256BYTES_ONLY_ENCRYPT, 250000);

+BENCHMARK(CHACHA20_POLY1305_AEAD_1MB_ONLY_ENCRYPT, 340);

+BENCHMARK(CHACHA20_POLY1305_AEAD_64BYTES_ENCRYPT_DECRYPT, 500000);

+BENCHMARK(CHACHA20_POLY1305_AEAD_256BYTES_ENCRYPT_DECRYPT, 250000);

+BENCHMARK(CHACHA20_POLY1305_AEAD_1MB_ENCRYPT_DECRYPT, 340);

+BENCHMARK(HASH_64BYTES, 500000);

+BENCHMARK(HASH_256BYTES, 250000);

+BENCHMARK(HASH_1MB, 340);

+#include <util/system.h>

+#include <util/translation.h>

+#include <functional>

+#include <script/signingprovider.h>

+#include <util/rbf.h>

+#include <util/system.h>

+#include <util/translation.h>

+#include <functional>

+ FillableSigningProvider tempKeystore;

+ const FillableSigningProvider& keystore = tempKeystore;

+#include <util/system.h>

+#include <util/translation.h>

+#include <functional>

+#include <interfaces/chain.h>

+#include <ui_interface.h>

+#include <util/strencodings.h>

+#include <util/translation.h>

+#include <functional>

+ return InitError(strprintf("Error parsing command line arguments: %s\n", error));

+ return InitError(strprintf("Specified data directory \"%s\" does not exist.\n", gArgs.GetArg("-datadir", "")));

+ return InitError(strprintf("Error reading configuration file: %s\n", error));

+ return InitError(strprintf("%s\n", e.what()));

+ return InitError(strprintf("Command line contains unexpected token '%s', see bitcoind -h for a list of options.\n", argv[i]));

+ tfm::format(std::cout, PACKAGE_NAME "daemon starting\n");

+ return InitError(strprintf("daemon() failed: %s\n", strerror(errno)));

+ return InitError("-daemon is not supported on this operating system\n");

+ m_is_test_chain = false;

+ m_is_test_chain = true;

+ fRequireStandard = true;

+ m_is_test_chain = true;

+ /** If this is a test chain */

+ bool IsTestChain() const { return m_is_test_chain; }

+ /** Whether it is possible to mine blocks on demand (no retargeting) */

+ bool MineBlocksOnDemand() const { return consensus.fPowNoRetargeting; }

+ bool m_is_test_chain;

+#include <logging.h>

+

+bool CCoinsViewErrorCatcher::GetCoin(const COutPoint &outpoint, Coin &coin) const {

+ try {

+ return CCoinsViewBacked::GetCoin(outpoint, coin);

+ } catch(const std::runtime_error& e) {

+ for (auto f : m_err_callbacks) {

+ f();

+ }

+ LogPrintf("Error reading from database: %s\n", e.what());

+ // Starting the shutdown sequence and returning false to the caller would be

+ // interpreted as 'entry not found' (as opposed to unable to read data), and

+ // could lead to invalid interpretation. Just exit immediately, as we can't

+ // continue anyway, and all writes should be atomic.

+ std::abort();

+ }

+}

+#include <functional>

+/**

+ * This is a minimally invasive approach to shutdown on LevelDB read errors from the

+ * chainstate, while keeping user interface out of the common library, which is shared

+ * between bitcoind, and bitcoin-qt and non-server tools.

+ *

+ * Writes do not need similar protection, as failure to write is handled by the caller.

+*/

+class CCoinsViewErrorCatcher final : public CCoinsViewBacked

+{

+public:

+ explicit CCoinsViewErrorCatcher(CCoinsView* view) : CCoinsViewBacked(view) {}

+

+ void AddReadErrCallback(std::function<void()> f) {

+ m_err_callbacks.emplace_back(std::move(f));

+ }

+

+ bool GetCoin(const COutPoint &outpoint, Coin &coin) const override;

+

+private:

+ /** A list of callbacks to execute upon leveldb read error. */

+ std::vector<std::function<void()>> m_err_callbacks;

+

+};

+

+// Copyright (c) 2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#include <crypto/chacha_poly_aead.h>

+

+#include <crypto/common.h>

+#include <crypto/poly1305.h>

+#include <support/cleanse.h>

+

+#include <assert.h>

+#include <string.h>

+

+#include <cstdio>

+#include <limits>

+

+#ifndef HAVE_TIMINGSAFE_BCMP

+

+int timingsafe_bcmp(const unsigned char* b1, const unsigned char* b2, size_t n)

+{

+ const unsigned char *p1 = b1, *p2 = b2;

+ int ret = 0;

+

+ for (; n > 0; n--)

+ ret |= *p1++ ^ *p2++;

+ return (ret != 0);

+}

+

+#endif // TIMINGSAFE_BCMP

+

+ChaCha20Poly1305AEAD::ChaCha20Poly1305AEAD(const unsigned char* K_1, size_t K_1_len, const unsigned char* K_2, size_t K_2_len)

+{

+ assert(K_1_len == CHACHA20_POLY1305_AEAD_KEY_LEN);

+ assert(K_2_len == CHACHA20_POLY1305_AEAD_KEY_LEN);

+ m_chacha_main.SetKey(K_1, CHACHA20_POLY1305_AEAD_KEY_LEN);

+ m_chacha_header.SetKey(K_2, CHACHA20_POLY1305_AEAD_KEY_LEN);

+

+ // set the cached sequence number to uint64 max which hints for an unset cache.

+ // we can't hit uint64 max since the rekey rule (which resets the sequence number) is 1GB

+ m_cached_aad_seqnr = std::numeric_limits<uint64_t>::max();

+}

+

+bool ChaCha20Poly1305AEAD::Crypt(uint64_t seqnr_payload, uint64_t seqnr_aad, int aad_pos, unsigned char* dest, size_t dest_len /* length of the output buffer for sanity checks */, const unsigned char* src, size_t src_len, bool is_encrypt)

+{

+ // check buffer boundaries

+ if (

+ // if we encrypt, make sure the source contains at least the expected AAD and the destination has at least space for the source + MAC

+ (is_encrypt && (src_len < CHACHA20_POLY1305_AEAD_AAD_LEN || dest_len < src_len + POLY1305_TAGLEN)) ||

+ // if we decrypt, make sure the source contains at least the expected AAD+MAC and the destination has at least space for the source - MAC

+ (!is_encrypt && (src_len < CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN || dest_len < src_len - POLY1305_TAGLEN))) {

+ return false;

+ }

+

+ unsigned char expected_tag[POLY1305_TAGLEN], poly_key[POLY1305_KEYLEN];

+ memset(poly_key, 0, sizeof(poly_key));

+ m_chacha_main.SetIV(seqnr_payload);

+

+ // block counter 0 for the poly1305 key

+ // use lower 32bytes for the poly1305 key

+ // (throws away 32 unused bytes (upper 32) from this ChaCha20 round)

+ m_chacha_main.Seek(0);

+ m_chacha_main.Crypt(poly_key, poly_key, sizeof(poly_key));

+

+ // if decrypting, verify the tag prior to decryption

+ if (!is_encrypt) {

+ const unsigned char* tag = src + src_len - POLY1305_TAGLEN;

+ poly1305_auth(expected_tag, src, src_len - POLY1305_TAGLEN, poly_key);

+

+ // constant time compare the calculated MAC with the provided MAC

+ if (timingsafe_bcmp(expected_tag, tag, POLY1305_TAGLEN) != 0) {

+ memory_cleanse(expected_tag, sizeof(expected_tag));

+ memory_cleanse(poly_key, sizeof(poly_key));

+ return false;

+ }

+ memory_cleanse(expected_tag, sizeof(expected_tag));

+ // MAC has been successfully verified, make sure we don't covert it in decryption

+ src_len -= POLY1305_TAGLEN;

+ }

+

+ // calculate and cache the next 64byte keystream block if requested sequence number is not yet the cache

+ if (m_cached_aad_seqnr != seqnr_aad) {

+ m_cached_aad_seqnr = seqnr_aad;

+ m_chacha_header.SetIV(seqnr_aad);

+ m_chacha_header.Seek(0);

+ m_chacha_header.Keystream(m_aad_keystream_buffer, CHACHA20_ROUND_OUTPUT);

+ }

+ // crypt the AAD (3 bytes message length) with given position in AAD cipher instance keystream

+ dest[0] = src[0] ^ m_aad_keystream_buffer[aad_pos];

+ dest[1] = src[1] ^ m_aad_keystream_buffer[aad_pos + 1];

+ dest[2] = src[2] ^ m_aad_keystream_buffer[aad_pos + 2];

+

+ // Set the playload ChaCha instance block counter to 1 and crypt the payload

+ m_chacha_main.Seek(1);

+ m_chacha_main.Crypt(src + CHACHA20_POLY1305_AEAD_AAD_LEN, dest + CHACHA20_POLY1305_AEAD_AAD_LEN, src_len - CHACHA20_POLY1305_AEAD_AAD_LEN);

+

+ // If encrypting, calculate and append tag

+ if (is_encrypt) {

+ // the poly1305 tag expands over the AAD (3 bytes length) & encrypted payload

+ poly1305_auth(dest + src_len, dest, src_len, poly_key);

+ }

+

+ // cleanse no longer required MAC and polykey

+ memory_cleanse(poly_key, sizeof(poly_key));

+ return true;

+}

+

+bool ChaCha20Poly1305AEAD::GetLength(uint32_t* len24_out, uint64_t seqnr_aad, int aad_pos, const uint8_t* ciphertext)

+{

+ // enforce valid aad position to avoid accessing outside of the 64byte keystream cache

+ // (there is space for 21 times 3 bytes)

+ assert(aad_pos >= 0 && aad_pos < CHACHA20_ROUND_OUTPUT - CHACHA20_POLY1305_AEAD_AAD_LEN);

+ if (m_cached_aad_seqnr != seqnr_aad) {

+ // we need to calculate the 64 keystream bytes since we reached a new aad sequence number

+ m_cached_aad_seqnr = seqnr_aad;

+ m_chacha_header.SetIV(seqnr_aad); // use LE for the nonce

+ m_chacha_header.Seek(0); // block counter 0

+ m_chacha_header.Keystream(m_aad_keystream_buffer, CHACHA20_ROUND_OUTPUT); // write keystream to the cache

+ }

+

+ // decrypt the ciphertext length by XORing the right position of the 64byte keystream cache with the ciphertext

+ *len24_out = (ciphertext[0] ^ m_aad_keystream_buffer[aad_pos + 0]) |

+ (ciphertext[1] ^ m_aad_keystream_buffer[aad_pos + 1]) << 8 |

+ (ciphertext[2] ^ m_aad_keystream_buffer[aad_pos + 2]) << 16;

+

+ return true;

+}

+// Copyright (c) 2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#ifndef BITCOIN_CRYPTO_CHACHA_POLY_AEAD_H

+#define BITCOIN_CRYPTO_CHACHA_POLY_AEAD_H

+

+#include <crypto/chacha20.h>

+

+#include <cmath>

+

+static constexpr int CHACHA20_POLY1305_AEAD_KEY_LEN = 32;

+static constexpr int CHACHA20_POLY1305_AEAD_AAD_LEN = 3; /* 3 bytes length */

+static constexpr int CHACHA20_ROUND_OUTPUT = 64; /* 64 bytes per round */

+static constexpr int AAD_PACKAGES_PER_ROUND = 21; /* 64 / 3 round down*/

+

+/* A AEAD class for ChaCha20-Poly1305@bitcoin.

+ *

+ * ChaCha20 is a stream cipher designed by Daniel Bernstein and described in

+ * <ref>[http://cr.yp.to/chacha/chacha-20080128.pdf ChaCha20]</ref>. It operates

+ * by permuting 128 fixed bits, 128 or 256 bits of key, a 64 bit nonce and a 64

+ * bit counter into 64 bytes of output. This output is used as a keystream, with

+ * any unused bytes simply discarded.

+ *

+ * Poly1305 <ref>[http://cr.yp.to/mac/poly1305-20050329.pdf Poly1305]</ref>, also

+ * by Daniel Bernstein, is a one-time Carter-Wegman MAC that computes a 128 bit

+ * integrity tag given a message and a single-use 256 bit secret key.

+ *

+ * The chacha20-poly1305@bitcoin combines these two primitives into an

+ * authenticated encryption mode. The construction used is based on that proposed

+ * for TLS by Adam Langley in

+ * <ref>[http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 "ChaCha20

+ * and Poly1305 based Cipher Suites for TLS", Adam Langley]</ref>, but differs in

+ * the layout of data passed to the MAC and in the addition of encryption of the

+ * packet lengths.

+ *

+ * ==== Detailed Construction ====

+ *

+ * The chacha20-poly1305@bitcoin cipher requires two 256 bits of key material as

+ * output from the key exchange. Each key (K_1 and K_2) are used by two separate

+ * instances of chacha20.

+ *

+ * The instance keyed by K_1 is a stream cipher that is used only to encrypt the 3

+ * byte packet length field and has its own sequence number. The second instance,

+ * keyed by K_2, is used in conjunction with poly1305 to build an AEAD

+ * (Authenticated Encryption with Associated Data) that is used to encrypt and

+ * authenticate the entire packet.

+ *

+ * Two separate cipher instances are used here so as to keep the packet lengths

+ * confidential but not create an oracle for the packet payload cipher by

+ * decrypting and using the packet length prior to checking the MAC. By using an

+ * independently-keyed cipher instance to encrypt the length, an active attacker

+ * seeking to exploit the packet input handling as a decryption oracle can learn

+ * nothing about the payload contents or its MAC (assuming key derivation,

+ * ChaCha20 and Poly1305 are secure).

+ *

+ * The AEAD is constructed as follows: for each packet, generate a Poly1305 key by

+ * taking the first 256 bits of ChaCha20 stream output generated using K_2, an IV

+ * consisting of the packet sequence number encoded as an LE uint64 and a ChaCha20

+ * block counter of zero. The K_2 ChaCha20 block counter is then set to the

+ * little-endian encoding of 1 (i.e. {1, 0, 0, 0, 0, 0, 0, 0}) and this instance

+ * is used for encryption of the packet payload.

+ *

+ * ==== Packet Handling ====

+ *

+ * When receiving a packet, the length must be decrypted first. When 3 bytes of

+ * ciphertext length have been received, they may be decrypted.

+ *

+ * A ChaCha20 round always calculates 64bytes which is sufficient to crypt 21

+ * times a 3 bytes length field (21*3 = 63). The length field sequence number can

+ * thus be used 21 times (keystream caching).

+ *

+ * The length field must be enc-/decrypted with the ChaCha20 keystream keyed with

+ * K_1 defined by block counter 0, the length field sequence number in little

+ * endian and a keystream position from 0 to 60.

+ *

+ * Once the entire packet has been received, the MAC MUST be checked before

+ * decryption. A per-packet Poly1305 key is generated as described above and the

+ * MAC tag calculated using Poly1305 with this key over the ciphertext of the

+ * packet length and the payload together. The calculated MAC is then compared in

+ * constant time with the one appended to the packet and the packet decrypted

+ * using ChaCha20 as described above (with K_2, the packet sequence number as

+ * nonce and a starting block counter of 1).

+ *

+ * Detection of an invalid MAC MUST lead to immediate connection termination.

+ *

+ * To send a packet, first encode the 3 byte length and encrypt it using K_1 as

+ * described above. Encrypt the packet payload (using K_2) and append it to the

+ * encrypted length. Finally, calculate a MAC tag and append it.

+ *

+ * The initiating peer MUST use <code>K_1_A, K_2_A</code> to encrypt messages on

+ * the send channel, <code>K_1_B, K_2_B</code> MUST be used to decrypt messages on

+ * the receive channel.

+ *

+ * The responding peer MUST use <code>K_1_A, K_2_A</code> to decrypt messages on

+ * the receive channel, <code>K_1_B, K_2_B</code> MUST be used to encrypt messages

+ * on the send channel.

+ *

+ * Optimized implementations of ChaCha20-Poly1305@bitcoin are relatively fast in

+ * general, therefore it is very likely that encrypted messages require not more

+ * CPU cycles per bytes then the current unencrypted p2p message format

+ * (ChaCha20/Poly1305 versus double SHA256).

+ *

+ * The initial packet sequence numbers are 0.

+ *

+ * K_2 ChaCha20 cipher instance (payload) must never reuse a {key, nonce} for

+ * encryption nor may it be used to encrypt more than 2^70 bytes under the same

+ * {key, nonce}.

+ *

+ * K_1 ChaCha20 cipher instance (length field/AAD) must never reuse a {key, nonce,

+ * position-in-keystream} for encryption nor may it be used to encrypt more than

+ * 2^70 bytes under the same {key, nonce}.

+ *

+ * We use message sequence numbers for both communication directions.

+ */

+

+class ChaCha20Poly1305AEAD

+{

+private:

+ ChaCha20 m_chacha_main; // payload and poly1305 key-derivation cipher instance

+ ChaCha20 m_chacha_header; // AAD cipher instance (encrypted length)

+ unsigned char m_aad_keystream_buffer[CHACHA20_ROUND_OUTPUT]; // aad keystream cache

+ uint64_t m_cached_aad_seqnr; // aad keystream cache hint

+

+public:

+ ChaCha20Poly1305AEAD(const unsigned char* K_1, size_t K_1_len, const unsigned char* K_2, size_t K_2_len);

+

+ explicit ChaCha20Poly1305AEAD(const ChaCha20Poly1305AEAD&) = delete;

+

+ /** Encrypts/decrypts a packet

+ seqnr_payload, the message sequence number

+ seqnr_aad, the messages AAD sequence number which allows reuse of the AAD keystream

+ aad_pos, position to use in the AAD keystream to encrypt the AAD

+ dest, output buffer, must be of a size equal or larger then CHACHA20_POLY1305_AEAD_AAD_LEN + payload (+ POLY1305_TAG_LEN in encryption) bytes

+ destlen, length of the destination buffer

+ src, the AAD+payload to encrypt or the AAD+payload+MAC to decrypt

+ src_len, the length of the source buffer

+ is_encrypt, set to true if we encrypt (creates and appends the MAC instead of verifying it)

+ */

+ bool Crypt(uint64_t seqnr_payload, uint64_t seqnr_aad, int aad_pos, unsigned char* dest, size_t dest_len, const unsigned char* src, size_t src_len, bool is_encrypt);

+

+ /** decrypts the 3 bytes AAD data and decodes it into a uint32_t field */

+ bool GetLength(uint32_t* len24_out, uint64_t seqnr_aad, int aad_pos, const uint8_t* ciphertext);

+};

+

+#endif // BITCOIN_CRYPTO_CHACHA_POLY_AEAD_H

+#include <crypto/hmac_sha256.h>

+#include <util/strencodings.h>

+#include <util/system.h>

+#include <util/translation.h>

+#include <stdio.h>

+ _("Error: A fatal internal error occurred, see debug.log for details").translated, // Same message as AbortNode

+#include <util/translation.h>

+ uiInterface.ShowProgress(_("Upgrading txindex database").translated, 0, true);

+ uiInterface.ShowProgress(_("Upgrading txindex database").translated, percentage_done, true);

+#include <coins.h>

+#include <httpserver.h>

+#include <interfaces/chain.h>

+#include <netbase.h>

+#include <rpc/register.h>

+#include <rpc/server.h>

+#include <script/sigcache.h>

+#include <script/standard.h>

+#include <torcontrol.h>

+#include <util/system.h>

+#include <util/threadnames.h>

+#include <util/translation.h>

+#include <validation.h>

+

+ return InitError(strprintf(_("Unable to create the PID file '%s': %s").translated, GetPidFile().string(), std::strerror(errno)));

+ gArgs.AddArg("-checkblockindex", strprintf("Do a full consistency check for the block tree, setBlockIndexCandidates, ::ChainActive() and mapBlocksUnlinked occasionally. (default: %u, regtest: %u)", defaultChainParams->DefaultConsistencyChecks(), regtestChainParams->DefaultConsistencyChecks()), true, OptionsCategory::DEBUG_TEST);

+ return CopyrightHolders(strprintf(_("Copyright (C) %i-%i").translated, 2009, COPYRIGHT_YEAR) + " ") + "\n" +

+ "Visit %s for further information about the software.").translated,

+ strprintf(_("The source code is available from %s.").translated,

+ _("This is experimental software.").translated + "\n" +

+ strprintf(_("Distributed under the MIT software license, see the accompanying file %s or %s").translated, "COPYING", "<https://opensource.org/licenses/MIT>") + "\n" +

+ strprintf(_("This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit %s and cryptographic software written by Eric Young and UPnP software written by Thomas Bernard.").translated, "<https://www.openssl.org>") +

+ return strprintf(_("Cannot resolve -%s address: '%s'").translated, optname, strBind);

+ return InitError(strprintf(_("Config setting for %s only applied on %s network when in [%s] section.").translated, arg, network, network));

+ InitWarning(strprintf("%s:%i " + _("Section [%s] is not recognized.").translated, section.m_file, section.m_line, section.m_name));

+ return InitError(strprintf(_("Specified blocks directory \"%s\" does not exist.").translated, gArgs.GetArg("-blocksdir", "").c_str()));

+ return InitError(strprintf(_("Unknown -blockfilterindex value %s.").translated, name));

+ return InitError(_("Prune mode is incompatible with -txindex.").translated);

+ return InitError(_("Prune mode is incompatible with -blockfilterindex.").translated);

+ return InitError(_("Not enough file descriptors available.").translated);

+ InitWarning(strprintf(_("Reducing -maxconnections from %d to %d, because of system limitations.").translated, nUserMaxConnections, nMaxConnections));

+ InitWarning(strprintf(_("Unsupported logging category %s=%s.").translated, "-debug", cat));

+ InitWarning(strprintf(_("Unsupported logging category %s=%s.").translated, "-debugexclude", cat));

+ return InitError(strprintf(_("-maxmempool must be at least %d MB").translated, std::ceil(nMempoolSizeMin / 1000000.0)));

+ return InitError(_("Prune cannot be configured with a negative value.").translated);

+ return InitError(strprintf(_("Prune configured below the minimum of %d MiB. Please use a higher number.").translated, MIN_DISK_SPACE_FOR_BLOCK_FILES / 1024 / 1024));

+ if (!chainparams.IsTestChain() && !fRequireStandard) {

+ }

+ return InitError(strprintf(_("Cannot write to data directory '%s'; check permissions.").translated, datadir.string()));

+ return InitError(strprintf(_("Cannot obtain a lock on data directory %s. %s is probably already running.").translated, datadir.string(), PACKAGE_NAME));

+ return InitError(strprintf(_("Initialization sanity check failed. %s is shutting down.").translated, PACKAGE_NAME));

+ InitWarning(strprintf(_("The specified config file %s does not exist\n").translated, config_file_path.string()));

+ return InitError(_("Unable to start HTTP server. See debug log for details.").translated);

+ return InitError(strprintf(_("User Agent comment (%s) contains unsafe characters.").translated, cmt));

+ return InitError(strprintf(_("Total length of network version string (%i) exceeds maximum length (%i). Reduce the number or size of uacomments.").translated,

+ return InitError(strprintf(_("Unknown network specified in -onlynet: '%s'").translated, snet));

+ return InitError(strprintf(_("Invalid -proxy address or hostname: '%s'").translated, proxyArg));

+ return InitError(strprintf(_("Invalid -proxy address or hostname: '%s'").translated, proxyArg));

+ return InitError(strprintf(_("Invalid -onion address or hostname: '%s'").translated, onionArg));

+ return InitError(strprintf(_("Invalid -onion address or hostname: '%s'").translated, onionArg));

+ uiInterface.InitMessage(_("Loading block index...").translated);

+ strLoadError = _("Error loading block database").translated;

+ if (!::BlockIndex().empty() &&

+ !LookupBlockIndex(chainparams.GetConsensus().hashGenesisBlock)) {

+ return InitError(_("Incorrect or no genesis block found. Wrong datadir for network?").translated);

+ strLoadError = _("You need to rebuild the database using -reindex to go back to unpruned mode. This will redownload the entire blockchain").translated;

+ strLoadError = _("Error initializing block database").translated;

+ // block tree into BlockIndex()!

+ pcoinscatcher->AddReadErrCallback([]() {

+ uiInterface.ThreadSafeMessageBox(

+ _("Error reading from database, shutting down.").translated,

+ "", CClientUIInterface::MSG_ERROR);

+ });

+ strLoadError = _("Error upgrading chainstate database").translated;

+ strLoadError = _("Unable to replay blocks. You will need to rebuild the database using -reindex-chainstate.").translated;

+ strLoadError = _("Error initializing block database").translated;

+ strLoadError = _("Error opening block database").translated;

+ // BlockIndex() based on lack of available witness data.

+ uiInterface.InitMessage(_("Rewinding blocks...").translated);

+ strLoadError = _("Unable to rewind the database to a pre-fork state. You will need to redownload the blockchain").translated;

+ uiInterface.InitMessage(_("Verifying blocks...").translated);

+ "Only rebuild the block database if you are sure that your computer's date and time are correct").translated;

+ strLoadError = _("Corrupted block database detected").translated;

+ strLoadError = _("Error opening block database").translated;

+ strLoadError + ".\n\n" + _("Do you want to rebuild the block database now?").translated,

+ uiInterface.InitMessage(_("Pruning blockstore...").translated);

+ InitError(strprintf(_("Error: Disk space is low for %s").translated, GetDataDir()));

+ InitError(strprintf(_("Error: Disk space is low for %s").translated, GetBlocksDir()));

+ LogPrintf("block tree size = %u\n", ::BlockIndex().size());

+ return InitError(strprintf(_("Need to specify a port with -whitebind: '%s'").translated, strBind));

+ return InitError(strprintf(_("Invalid netmask specified in -whitelist: '%s'").translated, net));

+ uiInterface.InitMessage(_("Done loading").translated);

+ void initError(const std::string& message) override { InitError(message); }

+ //! Send init error.

+ virtual void initError(const std::string& message) = 0;

+

+ explicit PendingWalletTxImpl(CWallet& wallet) : m_wallet(wallet) {}

+ if (!m_wallet.CommitTransaction(m_tx, std::move(value_map), std::move(order_form), state)) {

+ if (!m_wallet->CreateTransaction(*locked_chain, recipients, pending->m_tx, fee, change_pos,

+ return MakeHandler(m_wallet->NotifyStatusChanged.connect([fn](CWallet*) { fn(); }));

+#include <primitives/transaction.h>

+#include <util/translation.h>

+ strError = strprintf(_("Unable to bind to %s on this computer. %s is probably already running.").translated, addrBind.ToString(), PACKAGE_NAME);

+ strError = strprintf(_("Unable to bind to %s on this computer (bind returned error %s)").translated, addrBind.ToString(), NetworkErrorString(nErr));

+ strError = strprintf(_("Error: Listening for incoming connections failed (listen returned error %s)").translated, NetworkErrorString(WSAGetLastError()));

+ _("Failed to listen on any port. Use -listen=0 if you want this.").translated,

+ clientInterface->InitMessage(_("Loading P2P addresses...").translated);

+ uiInterface.InitMessage(_("Starting network threads...").translated);

+ _("Cannot provide specific connections and have addrman find outgoing connections at the same.").translated,

+static const bool DEFAULT_PEERBLOOMFILTERS = false;

+ // From our perspective, onion addresses are not hostnames but rather

+ // direct encodings of CNetAddr much like IPv4 dotted-decimal notation

+ // or IPv6 colon-separated hextet notation. Since we can't use

+ // getaddrinfo to decode them and it wouldn't make sense to resolve

+ // them, we return a network address representing it instead. See

+ // CNetAddr::SetSpecial(const std::string&) for more details.

+ // We want a TCP port, which is a streaming socket type

+ // We don't care which address family (IPv4 or IPv6) is returned

+ // If we allow lookups of hostnames, use the AI_ADDRCONFIG flag to only

+ // return addresses whose family we have an address configured for.

+ //

+ // If we don't allow lookups, then use the AI_NUMERICHOST flag for

+ // getaddrinfo to only decode numerical network addresses and suppress

+ // hostname lookups.

+ // Traverse the linked list starting with aiTrav, add all non-internal

+ // IPv4,v6 addresses to vIP while respecting nMaxSolutions.

+/**

+ * Resolve a host string to its corresponding network addresses.

+ *

+ * @param pszName The string representing a host. Could be a name or a numerical

+ * IP address (IPv6 addresses in their bracketed form are

+ * allowed).

+ * @param[out] vIP The resulting network addresses to which the specified host

+ * string resolved.

+ *

+ * @returns Whether or not the specified host string successfully resolved to

+ * any resulting network addresses.

+ *

+ * @see Lookup(const char *, std::vector<CService>&, int, bool, unsigned int)

+ * for additional parameter descriptions.

+ */

+ /**

+ * Resolve a host string to its first corresponding network address.

+ *

+ * @see LookupHost(const char *, std::vector<CNetAddr>&, unsigned int, bool) for

+ * additional parameter descriptions.

+ */

+/**

+ * Resolve a service string to its corresponding service.

+ *

+ * @param pszName The string representing a service. Could be a name or a

+ * numerical IP address (IPv6 addresses should be in their

+ * disambiguated bracketed form), optionally followed by a port

+ * number. (e.g. example.com:8333 or

+ * [2001:db8:85a3:8d3:1319:8a2e:370:7348]:420)

+ * @param[out] vAddr The resulting services to which the specified service string

+ * resolved.

+ * @param portDefault The default port for resulting services if not specified

+ * by the service string.

+ * @param fAllowLookup Whether or not hostname lookups are permitted. If yes,

+ * external queries may be performed.

+ * @param nMaxSolutions The maximum number of results we want, specifying 0

+ * means "as many solutions as we get."

+ *

+ * @returns Whether or not the service string successfully resolved to any

+ * resulting services.

+ */

+/**

+ * Resolve a service string to its first corresponding service.

+ *

+ * @see Lookup(const char *, std::vector<CService>&, int, bool, unsigned int)

+ * for additional parameter descriptions.

+ */

+/**

+ * Resolve a service string with a numeric IP to its first corresponding

+ * service.

+ *

+ * @returns The resulting CService if the resolution was successful, [::]:0

+ * otherwise.

+ *

+ * @see Lookup(const char *, CService&, int, bool) for additional parameter

+ * descriptions.

+ */

+ * Try to read a specified number of bytes from a socket. Please read the "see

+ * also" section for more detail.

+ * @param data The buffer where the read bytes should be stored.

+ * @param len The number of bytes to read into the specified buffer.

+ * @param timeout The total timeout in milliseconds for this read.

+ * @param hSocket The socket (has to be in non-blocking mode) from which to read

+ * bytes.

+ * @returns An IntrRecvError indicating the resulting status of this read.

+ * IntrRecvError::OK only if all of the specified number of bytes were

+ * read.

+ *

+ * @see This function can be interrupted by calling InterruptSocks5(bool).

+ * Sockets can be made non-blocking with SetSocketNonBlocking(const

+ * SOCKET&, bool).

+ // Maximum time to wait for I/O readiness. It will take up until this time

+ // (in millis) to break off in case of an interruption.

+ // Only wait at most maxWait milliseconds at a time, unless

+ // we're approaching the end of the specified total timeout

+ pollfd.events = POLLIN;

+/**

+ * Connect to a specified destination service through an already connected

+ * SOCKS5 proxy.

+ *

+ * @param strDest The destination fully-qualified domain name.

+ * @param port The destination port.

+ * @param auth The credentials with which to authenticate with the specified

+ * SOCKS5 proxy.

+ * @param hSocket The SOCKS5 proxy socket.

+ *

+ * @returns Whether or not the operation succeeded.

+ *

+ * @note The specified SOCKS5 proxy socket must already be connected to the

+ * SOCKS5 proxy.

+ *

+ * @see <a href="https://www.ietf.org/rfc/rfc1928.txt">RFC1928: SOCKS Protocol

+ * Version 5</a>

+ */

+ // Construct the version identifier/method selection message

+ vSocks5Init.push_back(SOCKSVersion::SOCKS5); // We want the SOCK5 protocol

+ vSocks5Init.push_back(0x02); // 2 method identifiers follow...

+ vSocks5Init.push_back(0x01); // 1 method identifier follows...

+/**

+ * Try to create a socket file descriptor with specific properties in the

+ * communications domain (address family) of the specified service.

+ *

+ * For details on the desired properties, see the inline comments in the source

+ * code.

+ */

+ // Create a sockaddr from the specified service.

+ // Create a TCP socket in the address family of the specified service.

+ // Ensure that waiting for I/O on this socket won't result in undefined

+ // behavior.

+ // Set the no-sigpipe option on the socket for BSD systems, other UNIXes

+ // should use the MSG_NOSIGNAL flag for every send.

+ // Set the no-delay option (disable Nagle's algorithm) on the TCP socket.

+ // Set the non-blocking option on the socket.

+ LogPrintf("CreateSocket: Setting socket to non-blocking failed, error %s\n", NetworkErrorString(WSAGetLastError()));

+/**

+ * Try to connect to the specified service on the specified socket.

+ *

+ * @param addrConnect The service to which to connect.

+ * @param hSocket The socket on which to connect.

+ * @param nTimeout Wait this many milliseconds for the connection to be

+ * established.

+ * @param manual_connection Whether or not the connection was manually requested

+ * (e.g. thru the addnode RPC)

+ *

+ * @returns Whether or not a connection was successfully made.

+ */

+ // Create a sockaddr from the specified service.

+

+ // Connect to the addrConnect service on the hSocket socket.

+ // Connection didn't actually fail, but is being established

+ // asynchronously. Thus, use async I/O api (select/poll)

+ // synchronously to check for successful connection with a timeout.

+ // Upon successful completion, both select and poll return the total

+ // number of file descriptors that have been selected. A value of 0

+ // indicates that the call timed out and no file descriptors have

+ // been selected.

+

+ // Even if the select/poll was successful, the connect might not

+ // have been successful. The reason for this failure is hidden away

+ // in the SO_ERROR for the socket in modern systems. We read it into

+ // nRet here.

+/**

+ * Set the name proxy to use for all connections to nodes specified by a

+ * hostname. After setting this proxy, connecting to a node sepcified by a

+ * hostname won't result in a local lookup of said hostname, rather, connect to

+ * the node by asking the name proxy for a proxy connection to the hostname,

+ * effectively delegating the hostname lookup to the specified proxy.

+ *

+ * This delegation increases privacy for those who set the name proxy as they no

+ * longer leak their external hostname queries to their DNS servers.

+ *

+ * @returns Whether or not the operation succeeded.

+ *

+ * @note SOCKS5's support for UDP-over-SOCKS5 has been considered, but no SOCK5

+ * server in common use (most notably Tor) actually implements UDP

+ * support, and a DNS resolver is beyond the scope of this project.

+ */

+/**

+ * Connect to a specified destination service through a SOCKS5 proxy by first

+ * connecting to the SOCKS5 proxy.

+ *

+ * @param proxy The SOCKS5 proxy.

+ * @param strDest The destination service to which to connect.

+ * @param port The destination port.

+ * @param hSocket The socket on which to connect to the SOCKS5 proxy.

+ * @param nTimeout Wait this many milliseconds for the connection to the SOCKS5

+ * proxy to be established.

+ * @param outProxyConnectionFailed[out] Whether or not the connection to the

+ * SOCKS5 proxy failed.

+ *

+ * @returns Whether or not the operation succeeded.

+ */

+/**

+ * Parse and resolve a specified subnet string into the appropriate internal

+ * representation.

+ *

+ * @param pszName A string representation of a subnet of the form `network

+ * address [ "/", ( CIDR-style suffix | netmask ) ]`(e.g.

+ * `2001:db8::/32`, `192.0.2.0/255.255.255.0`, or `8.8.8.8`).

+ * @param ret The resulting internal representation of a subnet.

+ *

+ * @returns Whether the operation succeeded or not.

+ */

+ // TODO: Use LookupHost(const char *, CNetAddr&, bool) instead to just get

+ // one CNetAddr.

+ if (ParseInt32(strNetmask, &n)) {

+ // If valid number, assume CIDR variable-length subnet masking

+#include <script/sign.h>

+#include <script/signingprovider.h>

+CTxDestination AddAndGetDestinationForScript(FillableSigningProvider& keystore, const CScript& script, OutputType type)

+#include <script/signingprovider.h>

+CTxDestination AddAndGetDestinationForScript(FillableSigningProvider& keystore, const CScript& script, OutputType);

+// Copyright (c) 2009-2019 The Bitcoin Core developers

+#include <script/signingprovider.h>

+#include <qt/clientmodel.h>

+#include <util/threadnames.h>

+ node->initError(strprintf("Error parsing command line arguments: %s\n", error));

+ // Create a message box, because the gui has neither been created nor has subscribed to core signals

+ // message can not be translated because translations have not been initialized

+ QString::fromStdString("Error parsing command line arguments: %1.").arg(QString::fromStdString(error)));

+ node->initError(strprintf("Specified data directory \"%s\" does not exist.\n", gArgs.GetArg("-datadir", "")));

+ node->initError(strprintf("Error reading configuration file: %s\n", error));

+ node->initError(strprintf("%s\n", e.what()));

+// Copyright (c) 2011-2019 The Bitcoin Core developers

+#include <key_io.h>

+#include <primitives/transaction.h>

+ return GetAutostartDir() / strprintf("bitcoin-%s.desktop", chain);

+#include <util/translation.h>

+

+#include <util/translation.h>

+ (resume_possible ? _("(press q to shutdown and continue later)").translated

+ : _("press q to shutdown").translated) +

+ * - Make one pass through g_blockman.m_block_index, picking out the orphan blocks, and also storing a set of the orphan block's pprev pointers.

+ for (const std::pair<const uint256, CBlockIndex*>& item : ::BlockIndex())

+ FillableSigningProvider keystore;

+#include <script/signingprovider.h>

+ FillableSigningProvider keystore;

+#include <script/sign.h>

+#include <script/signingprovider.h>

+UniValue SignTransaction(CMutableTransaction& mtx, const UniValue& prevTxsUnival, FillableSigningProvider* keystore, std::map<COutPoint, Coin>& coins, bool is_temp_keystore, const UniValue& hashType)

+class FillableSigningProvider;

+UniValue SignTransaction(CMutableTransaction& mtx, const UniValue& prevTxs, FillableSigningProvider* keystore, std::map<COutPoint, Coin>& coins, bool tempKeystore, const UniValue& hashType);

+#include <script/signingprovider.h>

+// Retrieves a public key for an address from the given FillableSigningProvider

+CPubKey AddrToPubKey(FillableSigningProvider* const keystore, const std::string& addr_in)

+CTxDestination AddAndGetMultisigDestination(const int required, const std::vector<CPubKey>& pubkeys, OutputType type, FillableSigningProvider& keystore, CScript& script_out)

+class FillableSigningProvider;

+CPubKey AddrToPubKey(FillableSigningProvider* const keystore, const std::string& addr_in);

+CTxDestination AddAndGetMultisigDestination(const int required, const std::vector<CPubKey>& pubkeys, OutputType type, FillableSigningProvider& keystore, CScript& script_out);

+#include <script/signingprovider.h>

+// Copyright (c) 2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#ifndef BITCOIN_SCRIPT_KEYORIGIN_H

+#define BITCOIN_SCRIPT_KEYORIGIN_H

+

+#include <serialize.h>

+#include <streams.h>

+#include <vector>

+

+struct KeyOriginInfo

+{

+ unsigned char fingerprint[4]; //!< First 32 bits of the Hash160 of the public key at the root of the path

+ std::vector<uint32_t> path;

+

+ friend bool operator==(const KeyOriginInfo& a, const KeyOriginInfo& b)

+ {

+ return std::equal(std::begin(a.fingerprint), std::end(a.fingerprint), std::begin(b.fingerprint)) && a.path == b.path;

+ }

+

+ ADD_SERIALIZE_METHODS;

+ template <typename Stream, typename Operation>

+ inline void SerializationOp(Stream& s, Operation ser_action)

+ {

+ READWRITE(fingerprint);

+ READWRITE(path);

+ }

+

+ void clear()

+ {

+ memset(fingerprint, 0, 4);

+ path.clear();

+ }

+};

+

+#endif // BITCOIN_SCRIPT_KEYORIGIN_H

+#include <script/signingprovider.h>

+#include <script/keyorigin.h>

+class SigningProvider;

+// Copyright (c) 2009-2019 The Bitcoin Core developers

+#include <script/keyorigin.h>

+#include <script/signingprovider.h>

+#include <script/standard.h>

+const SigningProvider& DUMMY_SIGNING_PROVIDER = SigningProvider();

+

+template<typename M, typename K, typename V>

+bool LookupHelper(const M& map, const K& key, V& value)

+{

+ auto it = map.find(key);

+ if (it != map.end()) {

+ value = it->second;

+ return true;

+ }

+ return false;

+}

+

+bool HidingSigningProvider::GetCScript(const CScriptID& scriptid, CScript& script) const

+{

+ return m_provider->GetCScript(scriptid, script);

+}

+

+bool HidingSigningProvider::GetPubKey(const CKeyID& keyid, CPubKey& pubkey) const

+{

+ return m_provider->GetPubKey(keyid, pubkey);

+}

+

+bool HidingSigningProvider::GetKey(const CKeyID& keyid, CKey& key) const

+{

+ if (m_hide_secret) return false;

+ return m_provider->GetKey(keyid, key);

+}

+

+bool HidingSigningProvider::GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const

+{

+ if (m_hide_origin) return false;

+ return m_provider->GetKeyOrigin(keyid, info);

+}

+

+bool FlatSigningProvider::GetCScript(const CScriptID& scriptid, CScript& script) const { return LookupHelper(scripts, scriptid, script); }

+bool FlatSigningProvider::GetPubKey(const CKeyID& keyid, CPubKey& pubkey) const { return LookupHelper(pubkeys, keyid, pubkey); }

+bool FlatSigningProvider::GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const

+{

+ std::pair<CPubKey, KeyOriginInfo> out;

+ bool ret = LookupHelper(origins, keyid, out);

+ if (ret) info = std::move(out.second);

+ return ret;

+}

+bool FlatSigningProvider::GetKey(const CKeyID& keyid, CKey& key) const { return LookupHelper(keys, keyid, key); }

+

+FlatSigningProvider Merge(const FlatSigningProvider& a, const FlatSigningProvider& b)

+{

+ FlatSigningProvider ret;

+ ret.scripts = a.scripts;

+ ret.scripts.insert(b.scripts.begin(), b.scripts.end());

+ ret.pubkeys = a.pubkeys;

+ ret.pubkeys.insert(b.pubkeys.begin(), b.pubkeys.end());

+ ret.keys = a.keys;

+ ret.keys.insert(b.keys.begin(), b.keys.end());

+ ret.origins = a.origins;

+ ret.origins.insert(b.origins.begin(), b.origins.end());

+ return ret;

+}

+

+void FillableSigningProvider::ImplicitlyLearnRelatedKeyScripts(const CPubKey& pubkey)

+bool FillableSigningProvider::GetPubKey(const CKeyID &address, CPubKey &vchPubKeyOut) const

+bool FillableSigningProvider::AddKeyPubKey(const CKey& key, const CPubKey &pubkey)

+bool FillableSigningProvider::HaveKey(const CKeyID &address) const

+std::set<CKeyID> FillableSigningProvider::GetKeys() const

+bool FillableSigningProvider::GetKey(const CKeyID &address, CKey &keyOut) const

+bool FillableSigningProvider::AddCScript(const CScript& redeemScript)

+ return error("FillableSigningProvider::AddCScript(): redeemScripts > %i bytes are invalid", MAX_SCRIPT_ELEMENT_SIZE);

+bool FillableSigningProvider::HaveCScript(const CScriptID& hash) const

+std::set<CScriptID> FillableSigningProvider::GetCScripts() const

+bool FillableSigningProvider::GetCScript(const CScriptID &hash, CScript& redeemScriptOut) const

+CKeyID GetKeyForDestination(const SigningProvider& store, const CTxDestination& dest)

+// Copyright (c) 2009-2010 Satoshi Nakamoto

+// Copyright (c) 2009-2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#ifndef BITCOIN_SCRIPT_SIGNINGPROVIDER_H

+#define BITCOIN_SCRIPT_SIGNINGPROVIDER_H

+

+#include <key.h>

+#include <pubkey.h>

+#include <script/script.h>

+#include <script/standard.h>

+#include <sync.h>

+

+struct KeyOriginInfo;

+

+/** An interface to be implemented by keystores that support signing. */

+class SigningProvider

+{

+public:

+ virtual ~SigningProvider() {}

+ virtual bool GetCScript(const CScriptID &scriptid, CScript& script) const { return false; }

+ virtual bool HaveCScript(const CScriptID &scriptid) const { return false; }

+ virtual bool GetPubKey(const CKeyID &address, CPubKey& pubkey) const { return false; }

+ virtual bool GetKey(const CKeyID &address, CKey& key) const { return false; }

+ virtual bool HaveKey(const CKeyID &address) const { return false; }

+ virtual bool GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const { return false; }

+};

+

+extern const SigningProvider& DUMMY_SIGNING_PROVIDER;

+

+class HidingSigningProvider : public SigningProvider

+{

+private:

+ const bool m_hide_secret;

+ const bool m_hide_origin;

+ const SigningProvider* m_provider;

+

+public:

+ HidingSigningProvider(const SigningProvider* provider, bool hide_secret, bool hide_origin) : m_hide_secret(hide_secret), m_hide_origin(hide_origin), m_provider(provider) {}

+ bool GetCScript(const CScriptID& scriptid, CScript& script) const override;

+ bool GetPubKey(const CKeyID& keyid, CPubKey& pubkey) const override;

+ bool GetKey(const CKeyID& keyid, CKey& key) const override;

+ bool GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const override;

+};

+

+struct FlatSigningProvider final : public SigningProvider

+{

+ std::map<CScriptID, CScript> scripts;

+ std::map<CKeyID, CPubKey> pubkeys;

+ std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>> origins;

+ std::map<CKeyID, CKey> keys;

+

+ bool GetCScript(const CScriptID& scriptid, CScript& script) const override;

+ bool GetPubKey(const CKeyID& keyid, CPubKey& pubkey) const override;

+ bool GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const override;

+ bool GetKey(const CKeyID& keyid, CKey& key) const override;

+};

+

+FlatSigningProvider Merge(const FlatSigningProvider& a, const FlatSigningProvider& b);

+

+/** Fillable signing provider that keeps keys in an address->secret map */

+class FillableSigningProvider : public SigningProvider

+{

+protected:

+ mutable CCriticalSection cs_KeyStore;

+

+ using KeyMap = std::map<CKeyID, CKey>;

+ using ScriptMap = std::map<CScriptID, CScript>;

+

+ KeyMap mapKeys GUARDED_BY(cs_KeyStore);

+ ScriptMap mapScripts GUARDED_BY(cs_KeyStore);

+

+ void ImplicitlyLearnRelatedKeyScripts(const CPubKey& pubkey) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);

+

+public:

+ virtual bool AddKeyPubKey(const CKey& key, const CPubKey &pubkey);

+ virtual bool AddKey(const CKey &key) { return AddKeyPubKey(key, key.GetPubKey()); }

+ virtual bool GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const override;

+ virtual bool HaveKey(const CKeyID &address) const override;

+ virtual std::set<CKeyID> GetKeys() const;

+ virtual bool GetKey(const CKeyID &address, CKey &keyOut) const override;

+ virtual bool AddCScript(const CScript& redeemScript);

+ virtual bool HaveCScript(const CScriptID &hash) const override;

+ virtual std::set<CScriptID> GetCScripts() const;

+ virtual bool GetCScript(const CScriptID &hash, CScript& redeemScriptOut) const override;

+};

+

+/** Return the CKeyID of the key involved in a script (if there is a unique one). */

+CKeyID GetKeyForDestination(const SigningProvider& store, const CTxDestination& dest);

+

+#endif // BITCOIN_SCRIPT_SIGNINGPROVIDER_H

+#include <crypto/chacha_poly_aead.h>

+static void TestChaCha20Poly1305AEAD(bool must_succeed, unsigned int expected_aad_length, const std::string& hex_m, const std::string& hex_k1, const std::string& hex_k2, const std::string& hex_aad_keystream, const std::string& hex_encrypted_message, const std::string& hex_encrypted_message_seq_999)

+{

+ // we need two sequence numbers, one for the payload cipher instance...

+ uint32_t seqnr_payload = 0;

+ // ... and one for the AAD (length) cipher instance

+ uint32_t seqnr_aad = 0;

+ // we need to keep track of the position in the AAD cipher instance

+ // keystream since we use the same 64byte output 21 times

+ // (21 times 3 bytes length < 64)

+ int aad_pos = 0;

+

+ std::vector<unsigned char> aead_K_1 = ParseHex(hex_k1);

+ std::vector<unsigned char> aead_K_2 = ParseHex(hex_k2);

+ std::vector<unsigned char> plaintext_buf = ParseHex(hex_m);

+ std::vector<unsigned char> expected_aad_keystream = ParseHex(hex_aad_keystream);

+ std::vector<unsigned char> expected_ciphertext_and_mac = ParseHex(hex_encrypted_message);

+ std::vector<unsigned char> expected_ciphertext_and_mac_sequence999 = ParseHex(hex_encrypted_message_seq_999);

+

+ std::vector<unsigned char> ciphertext_buf(plaintext_buf.size() + POLY1305_TAGLEN, 0);

+ std::vector<unsigned char> plaintext_buf_new(plaintext_buf.size(), 0);

+ std::vector<unsigned char> cmp_ctx_buffer(64);

+ uint32_t out_len = 0;

+

+ // create the AEAD instance

+ ChaCha20Poly1305AEAD aead(aead_K_1.data(), aead_K_1.size(), aead_K_2.data(), aead_K_2.size());

+

+ // create a chacha20 instance to compare against

+ ChaCha20 cmp_ctx(aead_K_2.data(), 32);

+

+ // encipher

+ bool res = aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, ciphertext_buf.data(), ciphertext_buf.size(), plaintext_buf.data(), plaintext_buf.size(), true);

+ // make sure the operation succeeded if expected to succeed

+ BOOST_CHECK_EQUAL(res, must_succeed);

+ if (!res) return;

+

+ // verify ciphertext & mac against the test vector

+ BOOST_CHECK_EQUAL(expected_ciphertext_and_mac.size(), ciphertext_buf.size());

+ BOOST_CHECK(memcmp(ciphertext_buf.data(), expected_ciphertext_and_mac.data(), ciphertext_buf.size()) == 0);

+

+ // manually construct the AAD keystream

+ cmp_ctx.SetIV(seqnr_aad);

+ cmp_ctx.Seek(0);

+ cmp_ctx.Keystream(cmp_ctx_buffer.data(), 64);

+ BOOST_CHECK(memcmp(expected_aad_keystream.data(), cmp_ctx_buffer.data(), expected_aad_keystream.size()) == 0);

+ // crypt the 3 length bytes and compare the length

+ uint32_t len_cmp = 0;

+ len_cmp = (ciphertext_buf[0] ^ cmp_ctx_buffer[aad_pos + 0]) |

+ (ciphertext_buf[1] ^ cmp_ctx_buffer[aad_pos + 1]) << 8 |

+ (ciphertext_buf[2] ^ cmp_ctx_buffer[aad_pos + 2]) << 16;

+ BOOST_CHECK_EQUAL(len_cmp, expected_aad_length);

+

+ // encrypt / decrypt 1000 packets

+ for (size_t i = 0; i < 1000; ++i) {

+ res = aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, ciphertext_buf.data(), ciphertext_buf.size(), plaintext_buf.data(), plaintext_buf.size(), true);

+ BOOST_CHECK(res);

+ BOOST_CHECK(aead.GetLength(&out_len, seqnr_aad, aad_pos, ciphertext_buf.data()));

+ BOOST_CHECK_EQUAL(out_len, expected_aad_length);

+ res = aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, plaintext_buf_new.data(), plaintext_buf_new.size(), ciphertext_buf.data(), ciphertext_buf.size(), false);

+ BOOST_CHECK(res);

+

+ // make sure we repetitive get the same plaintext

+ BOOST_CHECK(memcmp(plaintext_buf.data(), plaintext_buf_new.data(), plaintext_buf.size()) == 0);

+

+ // compare sequence number 999 against the test vector

+ if (seqnr_payload == 999) {

+ BOOST_CHECK(memcmp(ciphertext_buf.data(), expected_ciphertext_and_mac_sequence999.data(), expected_ciphertext_and_mac_sequence999.size()) == 0);

+ }

+ // set nonce and block counter, output the keystream

+ cmp_ctx.SetIV(seqnr_aad);

+ cmp_ctx.Seek(0);

+ cmp_ctx.Keystream(cmp_ctx_buffer.data(), 64);

+

+ // crypt the 3 length bytes and compare the length

+ len_cmp = 0;

+ len_cmp = (ciphertext_buf[0] ^ cmp_ctx_buffer[aad_pos + 0]) |

+ (ciphertext_buf[1] ^ cmp_ctx_buffer[aad_pos + 1]) << 8 |

+ (ciphertext_buf[2] ^ cmp_ctx_buffer[aad_pos + 2]) << 16;

+ BOOST_CHECK_EQUAL(len_cmp, expected_aad_length);

+

+ // increment the sequence number(s)

+ // always increment the payload sequence number

+ // increment the AAD keystream position by its size (3)

+ // increment the AAD sequence number if we would hit the 64 byte limit

+ seqnr_payload++;

+ aad_pos += CHACHA20_POLY1305_AEAD_AAD_LEN;

+ if (aad_pos + CHACHA20_POLY1305_AEAD_AAD_LEN > CHACHA20_ROUND_OUTPUT) {

+ aad_pos = 0;

+ seqnr_aad++;

+ }

+ }

+}

+

+BOOST_AUTO_TEST_CASE(chacha20_poly1305_aead_testvector)

+{

+ /* test chacha20poly1305@bitcoin AEAD */

+

+ // must fail with no message

+ TestChaCha20Poly1305AEAD(false, 0,

+ "",

+ "0000000000000000000000000000000000000000000000000000000000000000",

+ "0000000000000000000000000000000000000000000000000000000000000000", "", "", "");

+

+ TestChaCha20Poly1305AEAD(true, 0,

+ /* m */ "0000000000000000000000000000000000000000000000000000000000000000",

+ /* k1 (payload) */ "0000000000000000000000000000000000000000000000000000000000000000",

+ /* k2 (AAD) */ "0000000000000000000000000000000000000000000000000000000000000000",

+ /* AAD keystream */ "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586",

+ /* encrypted message & MAC */ "76b8e09f07e7be5551387a98ba977c732d080dcb0f29a048e3656912c6533e32d2fc11829c1b6c1df1f551cd6131ff08",

+ /* encrypted message & MAC at sequence 999 */ "b0a03d5bd2855d60699e7d3a3133fa47be740fe4e4c1f967555e2d9271f31c3aaa7aa16ec62c5e24f040c08bb20c3598");

+ TestChaCha20Poly1305AEAD(true, 1,

+ "0100000000000000000000000000000000000000000000000000000000000000",

+ "0000000000000000000000000000000000000000000000000000000000000000",

+ "0000000000000000000000000000000000000000000000000000000000000000",

+ "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586",

+ "77b8e09f07e7be5551387a98ba977c732d080dcb0f29a048e3656912c6533e32baf0c85b6dff8602b06cf52a6aefc62e",

+ "b1a03d5bd2855d60699e7d3a3133fa47be740fe4e4c1f967555e2d9271f31c3a8bd94d54b5ecabbc41ffbb0c90924080");

+ TestChaCha20Poly1305AEAD(true, 255,

+ "ff0000f195e66982105ffb640bb7757f579da31602fc93ec01ac56f85ac3c134a4547b733b46413042c9440049176905d3be59ea1c53f15916155c2be8241a38008b9a26bc35941e2444177c8ade6689de95264986d95889fb60e84629c9bd9a5acb1cc118be563eb9b3a4a472f82e09a7e778492b562ef7130e88dfe031c79db9d4f7c7a899151b9a475032b63fc385245fe054e3dd5a97a5f576fe064025d3ce042c566ab2c507b138db853e3d6959660996546cc9c4a6eafdc777c040d70eaf46f76dad3979e5c5360c3317166a1c894c94a371876a94df7628fe4eaaf2ccb27d5aaae0ad7ad0f9d4b6ad3b54098746d4524d38407a6deb3ab78fab78c9",

+ "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",

+ "ff0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",

+ "c640c1711e3ee904ac35c57ab9791c8a1c408603a90b77a83b54f6c844cb4b06d94e7fc6c800e165acd66147e80ec45a567f6ce66d05ec0cae679dceeb890017",

+ "3940c1e92da4582ff6f92a776aeb14d014d384eeb30f660dacf70a14a23fd31e91212701334e2ce1acf5199dc84f4d61ddbe6571bca5af874b4c9226c26e650995d157644e1848b96ed6c2102d5489a050e71d29a5a66ece11de5fb5c9558d54da28fe45b0bc4db4e5b88030bfc4a352b4b7068eccf656bae7ad6a35615315fc7c49d4200388d5eca67c2e822e069336c69b40db67e0f3c81209c50f3216a4b89fb3ae1b984b7851a2ec6f68ab12b101ab120e1ea7313bb93b5a0f71185c7fea017ddb92769861c29dba4fbc432280d5dff21b36d1c4c790128b22699950bb18bf74c448cdfe547d8ed4f657d8005fdc0cd7a050c2d46050a44c4376355858981fbe8b184288276e7a93eabc899c4a",

+ "f039c6689eaeef0456685200feaab9d54bbd9acde4410a3b6f4321296f4a8ca2604b49727d8892c57e005d799b2a38e85e809f20146e08eec75169691c8d4f54a0d51a1e1c7b381e0474eb02f994be9415ef3ffcbd2343f0601e1f3b172a1d494f838824e4df570f8e3b0c04e27966e36c82abd352d07054ef7bd36b84c63f9369afe7ed79b94f953873006b920c3fa251a771de1b63da927058ade119aa898b8c97e42a606b2f6df1e2d957c22f7593c1e2002f4252f4c9ae4bf773499e5cfcfe14dfc1ede26508953f88553bf4a76a802f6a0068d59295b01503fd9a600067624203e880fdf53933b96e1f4d9eb3f4e363dd8165a278ff667a41ee42b9892b077cefff92b93441f7be74cf10e6cd");

+}

+

+#include <script/signingprovider.h>

+#include <script/standard.h>

+ FillableSigningProvider keystore;

+#include <script/signingprovider.h>

+ FillableSigningProvider keystore;

+#include <script/signingprovider.h>

+ FillableSigningProvider keystore;

+ FillableSigningProvider keystore;

+ FillableSigningProvider keystore;

+#include <script/signingprovider.h>

+#include <script/signingprovider.h>

+ FillableSigningProvider keystore;

+#include <util/translation.h>

+#include <functional>

+

+#include <script/signingprovider.h>

+SetupDummyInputs(FillableSigningProvider& keystoreRet, CCoinsViewCache& coinsRet)

+ FillableSigningProvider keystore;

+static void CreateCreditAndSpend(const FillableSigningProvider& keystore, const CScript& outscript, CTransactionRef& output, CMutableTransaction& input, bool success = true)

+ FillableSigningProvider keystore;

+ FillableSigningProvider keystore, keystore2;

+ FillableSigningProvider keystore;

+#include <script/signingprovider.h>

+ FillableSigningProvider keystore;

+#include <util/translation.h>

+ std::string strMessage = strprintf(_("Please check that your computer's date and time are correct! If your clock is wrong, %s will not work properly.").translated, PACKAGE_NAME);

+ event_base_once(gBase, -1, EV_TIMEOUT, [](evutil_socket_t, short, void*) {

+ event_base_loopbreak(gBase);

+ }, nullptr, nullptr);

+#include <random.h>

+#include <ui_interface.h>

+#include <util/translation.h>

+ // Load m_block_index

+ uiInterface.ShowProgress(_("Upgrading UTXO database").translated, 0, true);

+ uiInterface.ShowProgress(_("Upgrading UTXO database").translated, percentageDone, true);

+#include <tinyformat.h>

+#include <util/translation.h>

+ return strprintf(_("%s is set very high!").translated, optname);

+ return strprintf(_("Invalid amount for -%s=<amount>: '%s'").translated, optname, strValue);

+#include <util/translation.h>

+ const auto copyright_devs = strprintf(_(COPYRIGHT_HOLDERS).translated, COPYRIGHT_HOLDERS_SUBSTITUTION);

+// Copyright (c) 2019 The Bitcoin Core developers

+// Distributed under the MIT software license, see the accompanying

+// file COPYING or http://www.opensource.org/licenses/mit-license.php.

+

+#ifndef BITCOIN_UTIL_TRANSLATION_H

+#define BITCOIN_UTIL_TRANSLATION_H

+

+#include <tinyformat.h>

+

+#include <utility>

+

+/**

+ * Bilingual messages:

+ * - in GUI: user's native language + untranslated (i.e. English)

+ * - in log and stderr: untranslated only

+ */

+struct bilingual_str {

+ std::string original;

+ std::string translated;

+};

+

+namespace tinyformat {

+template <typename... Args>

+bilingual_str format(const bilingual_str& fmt, const Args&... args)

+{

+ return bilingual_str{format(fmt.original, args...), format(fmt.translated, args...)};

+}

+} // namespace tinyformat

+

+/** Translate a message to the native language of the user. */

+const extern std::function<std::string(const char*)> G_TRANSLATION_FUN;

+

+/**

+ * Translation function.

+ * If no translation function is set, simply return the input.

+ */

+inline bilingual_str _(const char* psz)

+{

+ return bilingual_str{psz, G_TRANSLATION_FUN ? (G_TRANSLATION_FUN)(psz) : psz};

+}

+

+#endif // BITCOIN_UTIL_TRANSLATION_H

+#include <util/translation.h>

+namespace {

+BlockManager g_blockman;

+} // anon namespace

+

+static CChainState g_chainstate(g_blockman);

+ CBlockIndex* pindexBestInvalid = nullptr;

+CBlockIndex* LookupBlockIndex(const uint256& hash)

+{

+ AssertLockHeld(cs_main);

+ BlockMap::const_iterator it = g_blockman.m_block_index.find(hash);

+ return it == g_blockman.m_block_index.end() ? nullptr : it->second;

+}

+

+ setAncestors.clear();

+ // If the new transaction is relatively small (up to 40k weight)

+ // and has at most one ancestor (ie ancestor limit of 2, including

+ // the new transaction), allow it if its parent has exactly the

+ // descendant limit descendants.

+ //

+ // This allows protocols which rely on distrusting counterparties

+ // being able to broadcast descendants of an unconfirmed transaction

+ // to be secure by simply only having two immediately-spendable

+ // outputs - one for each counterparty. For more info on the uses for

+ // this, see https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-November/016518.html

+ if (nSize > EXTRA_DESCENDANT_TX_SIZE_LIMIT ||

+ !pool.CalculateMemPoolAncestors(entry, setAncestors, 2, nLimitAncestorSize, nLimitDescendants + 1, nLimitDescendantSize + EXTRA_DESCENDANT_TX_SIZE_LIMIT, errString)) {

+ return state.Invalid(ValidationInvalidReason::TX_MEMPOOL_POLICY, false, REJECT_NONSTANDARD, "too-long-mempool-chain", errString);

+ }

+BlockMap& BlockIndex()

+{

+ return g_blockman.m_block_index;

+}

+

+ m_blockman.m_failed_blocks.insert(pindex);

+ uiInterface.ThreadSafeMessageBox(_("Error: A fatal internal error occurred, see debug.log for details").translated, "", CClientUIInterface::MSG_ERROR | CClientUIInterface::MSG_NOPREFIX);

+ BlockMap::const_iterator it = m_blockman.m_block_index.find(hashAssumeValid);

+ if (it != m_blockman.m_block_index.end()) {

+ return AbortNode(state, "Disk space is too low!", _("Error: Disk space is too low!").translated, CClientUIInterface::MSG_NOPREFIX);

+ return AbortNode(state, "Disk space is too low!", _("Error: Disk space is too low!").translated, CClientUIInterface::MSG_NOPREFIX);

+ const std::string strWarning = strprintf(_("Warning: unknown new rules activated (versionbit %i)").translated, bit);

+ AppendWarning(warningMessages, strprintf(_("%d of last 100 blocks have unexpected version").translated, nUpgraded));

+ return error("DisconnectTip(): Failed to read block");

+ // If we're missing data, then add back to m_blocks_unlinked,

+ m_blockman.m_blocks_unlinked.insert(

+ std::make_pair(pindexFailed->pprev, pindexFailed));

+

+ // If we're unable to disconnect a block during normal operation,

+ // then that is a failure of our local system -- we should abort

+ // rather than stay on a less work chain.

+ AbortNode(state, "Failed to disconnect block; see debug.log for details");

+ m_blockman.m_failed_blocks.insert(to_mark_failed);

+ BlockMap::iterator it = m_blockman.m_block_index.begin();

+ while (it != m_blockman.m_block_index.end()) {

+ BlockMap::iterator it = m_blockman.m_block_index.begin();

+ while (it != m_blockman.m_block_index.end()) {

+ m_blockman.m_failed_blocks.erase(it->second);

+ m_blockman.m_failed_blocks.erase(pindex);

+CBlockIndex* BlockManager::AddToBlockIndex(const CBlockHeader& block)

+ BlockMap::iterator it = m_block_index.find(hash);

+ if (it != m_block_index.end())

+ BlockMap::iterator mi = m_block_index.insert(std::make_pair(hash, pindexNew)).first;

+ BlockMap::iterator miPrev = m_block_index.find(block.hashPrevBlock);

+ if (miPrev != m_block_index.end())

+ std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = m_blockman.m_blocks_unlinked.equal_range(pindex);

+ m_blockman.m_blocks_unlinked.erase(it);

+ m_blockman.m_blocks_unlinked.insert(std::make_pair(pindexNew->pprev, pindexNew));

+ return AbortNode("Disk space is too low!", _("Error: Disk space is too low!").translated, CClientUIInterface::MSG_NOPREFIX);

+ return AbortNode(state, "Disk space is too low!", _("Error: Disk space is too low!").translated, CClientUIInterface::MSG_NOPREFIX);

+ // g_blockman.m_block_index.

+bool BlockManager::AcceptBlockHeader(const CBlockHeader& block, CValidationState& state, const CChainParams& chainparams, CBlockIndex** ppindex)

+ BlockMap::iterator miSelf = m_block_index.find(hash);

+ if (miSelf != m_block_index.end()) {

+ BlockMap::iterator mi = m_block_index.find(block.hashPrevBlock);

+ if (mi == m_block_index.end())

+ bool accepted = g_blockman.AcceptBlockHeader(header, state, chainparams, &pindex);

+ ::ChainstateActive().CheckBlockIndex(chainparams.GetConsensus());

+

+ if (!accepted) {

+ bool accepted_header = m_blockman.AcceptBlockHeader(block, state, chainparams, &pindex);

+ CheckBlockIndex(chainparams.GetConsensus());

+

+ if (!accepted_header)

+ for (const auto& entry : g_blockman.m_block_index) {

+ // Prune from m_blocks_unlinked -- any block we prune would have

+ // m_blocks_unlinked or setBlockIndexCandidates.

+ auto range = g_blockman.m_blocks_unlinked.equal_range(pindex->pprev);

+ g_blockman.m_blocks_unlinked.erase(_it);

+CBlockIndex * BlockManager::InsertBlockIndex(const uint256& hash)

+ BlockMap::iterator mi = m_block_index.find(hash);

+ if (mi != m_block_index.end())

+ mi = m_block_index.insert(std::make_pair(hash, pindexNew)).first;

+bool BlockManager::LoadBlockIndex(

+ const Consensus::Params& consensus_params,

+ CBlockTreeDB& blocktree,

+ std::set<CBlockIndex*, CBlockIndexWorkComparator>& block_index_candidates)

+ vSortedByHeight.reserve(m_block_index.size());

+ for (const std::pair<const uint256, CBlockIndex*>& item : m_block_index)

+ m_blocks_unlinked.insert(std::make_pair(pindex->pprev, pindex));

+ if (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) && (pindex->HaveTxsDownloaded() || pindex->pprev == nullptr)) {

+ block_index_candidates.insert(pindex);

+ }

+void BlockManager::Unload() {

+ m_failed_blocks.clear();

+ m_blocks_unlinked.clear();

+

+ for (const BlockMap::value_type& entry : m_block_index) {

+ delete entry.second;

+ }

+

+ m_block_index.clear();

+}

+

+ if (!g_blockman.LoadBlockIndex(

+ chainparams.GetConsensus(), *pblocktree, ::ChainstateActive().setBlockIndexCandidates))

+ for (const std::pair<const uint256, CBlockIndex*>& item : g_blockman.m_block_index)

+ uiInterface.ShowProgress(_("Verifying blocks...").translated, 0, false);

+ uiInterface.ShowProgress(_("Verifying blocks...").translated, percentageDone, false);

+ uiInterface.ShowProgress(_("Verifying blocks...").translated, percentageDone, false);

+ uiInterface.ShowProgress(_("Replaying blocks...").translated, 0, false);

+ if (m_blockman.m_block_index.count(hashHeads[0]) == 0) {

+ pindexNew = m_blockman.m_block_index[hashHeads[0]];

+ if (m_blockman.m_block_index.count(hashHeads[1]) == 0) {

+ pindexOld = m_blockman.m_block_index[hashHeads[1]];

+ uiInterface.ShowProgress(_("Replaying blocks...").translated, (int) ((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)) , false);

+ auto ret = m_blockman.m_blocks_unlinked.equal_range(index->pprev);

+ m_blockman.m_blocks_unlinked.erase(ret.first++);

+ for (const auto& entry : m_blockman.m_block_index) {

+ g_blockman.Unload();

+ needs_init = g_blockman.m_block_index.empty();

+ // m_blockman.m_block_index. Note that we can't use m_chain here, since it is

+ if (m_blockman.m_block_index.count(chainparams.GenesisBlock().GetHash()))

+ CBlockIndex *pindex = m_blockman.AddToBlockIndex(block);

+ // so we have the genesis block in m_blockman.m_block_index but no active chain. (A few of the

+ // tests when iterating the block tree require that m_chain has been initialized.)

+ assert(m_blockman.m_block_index.size() <= 1);

+ for (const std::pair<const uint256, CBlockIndex*>& entry : m_blockman.m_block_index) {

+ assert(forward.size() == m_blockman.m_block_index.size());

+ assert(pindexFirstNotTreeValid == nullptr); // All m_blockman.m_block_index entries must at least be TREE valid

+ // In this case it must be in m_blocks_unlinked -- see test below.

+ // Check whether this block is in m_blocks_unlinked.

+ std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangeUnlinked = m_blockman.m_blocks_unlinked.equal_range(pindex->pprev);

+ // If this block has block data available, some parent was never received, and has no invalid parents, it must be in m_blocks_unlinked.

+ if (!(pindex->nStatus & BLOCK_HAVE_DATA)) assert(!foundInUnlinked); // Can't be in m_blocks_unlinked if we don't HAVE_DATA

+ if (pindexFirstMissing == nullptr) assert(!foundInUnlinked); // We aren't missing data for any parent -- cannot be in m_blocks_unlinked.

+ // This block may have entered m_blocks_unlinked if:

+ // setBlockIndexCandidates, then it must be in m_blocks_unlinked.

+ BlockMap::iterator it1 = g_blockman.m_block_index.begin();

+ for (; it1 != g_blockman.m_block_index.end(); it1++)

+ g_blockman.m_block_index.clear();

+/**

+ * An extra transaction can be added to a package, as long as it only has one

+ * ancestor and is no larger than this. Not really any reason to make this

+ * configurable as it doesn't materially change DoS parameters.

+ */

+static const unsigned int EXTRA_DESCENDANT_TX_SIZE_LIMIT = 10000;

+CBlockIndex* LookupBlockIndex(const uint256& hash) EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+ * Maintains a tree of blocks (stored in `m_block_index`) which is consulted

+ * to determine where the most-work tip is.

+ * This data is used mostly in `CChainState` - information about, e.g.,

+ * candidate tips is not maintained here.

+ */

+class BlockManager {

+public:

+ BlockMap m_block_index GUARDED_BY(cs_main);

+

+ /** In order to efficiently track invalidity of headers, we keep the set of

+ * blocks which we tried to connect and found to be invalid here (ie which

+ * were set to BLOCK_FAILED_VALID since the last restart). We can then

+ * walk this set and check if a new header is a descendant of something in

+ * this set, preventing us from having to walk m_block_index when we try

+ * to connect a bad block and fail.

+ *

+ * While this is more complicated than marking everything which descends

+ * from an invalid block as invalid at the time we discover it to be

+ * invalid, doing so would require walking all of m_block_index to find all

+ * descendants. Since this case should be very rare, keeping track of all

+ * BLOCK_FAILED_VALID blocks in a set should be just fine and work just as

+ * well.

+ *

+ * Because we already walk m_block_index in height-order at startup, we go

+ * ahead and mark descendants of invalid blocks as FAILED_CHILD at that time,

+ * instead of putting things in this set.

+ */

+ std::set<CBlockIndex*> m_failed_blocks;

+

+ /**

+ * All pairs A->B, where A (or one of its ancestors) misses transactions, but B has transactions.

+ * Pruned nodes may have entries where B is missing data.

+ */

+ std::multimap<CBlockIndex*, CBlockIndex*> m_blocks_unlinked;

+

+ /**

+ * Load the blocktree off disk and into memory. Populate certain metadata

+ * per index entry (nStatus, nChainWork, nTimeMax, etc.) as well as peripheral

+ * collections like setDirtyBlockIndex.

+ *

+ * @param[out] block_index_candidates Fill this set with any valid blocks for

+ * which we've downloaded all transactions.

+ */

+ bool LoadBlockIndex(

+ const Consensus::Params& consensus_params,

+ CBlockTreeDB& blocktree,

+ std::set<CBlockIndex*, CBlockIndexWorkComparator>& block_index_candidates)

+ EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+

+ /** Clear all data members. */

+ void Unload() EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+

+ CBlockIndex* AddToBlockIndex(const CBlockHeader& block) EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+ /** Create a new block index entry for a given block hash */

+ CBlockIndex* InsertBlockIndex(const uint256& hash) EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+

+ /**

+ * If a block header hasn't already been seen, call CheckBlockHeader on it, ensure

+ * that it doesn't descend from an invalid block, and then add it to m_block_index.

+ */

+ bool AcceptBlockHeader(

+ const CBlockHeader& block,

+ CValidationState& state,

+ const CChainParams& chainparams,

+ CBlockIndex** ppindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main);

+};

+

+/**

+ * CChainState stores and provides an API to update our local knowledge of the

+ * current best chain.

+ *

+ * Anything that is contingent on the current tip of the chain is stored here,

+ * whereas block information and metadata independent of the current tip is

+ * kept in `BlockMetadataManager`.

+ //! Reference to a BlockManager instance which itself is shared across all

+ //! CChainState instances. Keeping a local reference allows us to test more

+ //! easily as opposed to referencing a global.

+ BlockManager& m_blockman;

+

+ CChainState(BlockManager& blockman) : m_blockman(blockman) { }

+

+ /**

+ * The set of all CBlockIndex entries with BLOCK_VALID_TRANSACTIONS (for itself and all ancestors) and

+ * as good as our current tip or better. Entries may be failed, though, and pruning nodes may be

+ * missing the data for the block.

+ */

+ std::set<CBlockIndex*, CBlockIndexWorkComparator> setBlockIndexCandidates;

+private:

+ bool ActivateBestChainStep(CValidationState& state, const CChainParams& chainparams, CBlockIndex* pindexMostWork, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, ConnectTrace& connectTrace) EXCLUSIVE_LOCKS_REQUIRED(cs_main, ::mempool.cs);

+ bool ConnectTip(CValidationState& state, const CChainParams& chainparams, CBlockIndex* pindexNew, const std::shared_ptr<const CBlock>& pblock, ConnectTrace& connectTrace, DisconnectedBlockTransactions& disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, ::mempool.cs);

+

+/** @returns the global block index map. */

+BlockMap& BlockIndex();

+

+bool EncryptSecret(const CKeyingMaterial& vMasterKey, const CKeyingMaterial &vchPlaintext, const uint256& nIV, std::vector<unsigned char> &vchCiphertext)

+bool DecryptSecret(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCiphertext, const uint256& nIV, CKeyingMaterial& vchPlaintext)

+bool DecryptKey(const CKeyingMaterial& vMasterKey, const std::vector<unsigned char>& vchCryptedSecret, const CPubKey& vchPubKey, CKey& key)