| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Moves the current coin selection algorithm out of SelectCoinsMinConf
and puts it in coinselection.{cpp,h}. The new function, KnapsackSolver,
instead of taking a vector of COutputs, will take a vector of CInputCoins
that is prepared by SelectCoinsMinConf.
|
|
|
|
Changes CInputCoin to coinselection and to use CTransactionRef in
order to avoid a circular dependency. Also moves other coin selection
specific variables out of wallet.h to coinselectoin.h
|
|
Instead of specifying 3 parameters, use a struct for those parameters
in order to reduce the number of arguments to SelectCoinsMinConf.
|
|
|
|
Create a new file for coin selection logic and implement the BnB algorithm in it.
|
|
Have CInputCOin store effective value information. This includes the effective
value itself, the fee, and the long term fee for the input
|
|
|
|
(on all platforms)
06edc23f7 Improve readability by removing redundant casts to same type (on all platforms) (practicalswift)
Pull request description:
Same binaries check under Linux:
```
$ ../bitcoin-maintainer-tools/build-for-compare.py 874f13821f4193bd037cd37d005ee76b5a849398 82274c02ed2d82537dc55f008a29edb1bc09bbc4 --executables "src/bitcoind,src/bitcoin-cli,src/bitcoin-tx"
$ sha256sum /tmp/compare/*.stripped
1fe1a8827474f7f24475ce3dc851e7ac658d4ed0ae38d11e67f5a810671eaa15 /tmp/compare/bitcoin-cli.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
1fe1a8827474f7f24475ce3dc851e7ac658d4ed0ae38d11e67f5a810671eaa15 /tmp/compare/bitcoin-cli.874f13821f4193bd037cd37d005ee76b5a849398.stripped
342c2ed0e60b60990a58cbf5845b256a4f9e3baff9db074baba5e34a620a60ea /tmp/compare/bitcoind.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
342c2ed0e60b60990a58cbf5845b256a4f9e3baff9db074baba5e34a620a60ea /tmp/compare/bitcoind.874f13821f4193bd037cd37d005ee76b5a849398.stripped
e4b2a80b2361d5cefd67a47eeb9298b8b712c26c7779d979348be8b2c7e3ec93 /tmp/compare/bitcoin-tx.82274c02ed2d82537dc55f008a29edb1bc09bbc4.stripped
e4b2a80b2361d5cefd67a47eeb9298b8b712c26c7779d979348be8b2c7e3ec93 /tmp/compare/bitcoin-tx.874f13821f4193bd037cd37d005ee76b5a849398.stripped
$ git diff -W --word-diff /tmp/compare/874f13821f4193bd037cd37d005ee76b5a849398 /tmp/compare/82274c02ed2d82537dc55f008a29edb1bc09bbc4
$
```
Tree-SHA512: 13ca5862fbb03771682b04a7523e581a7fe62e73620fa0e141cf1bc0a3b3f4e2e66bf14b46d1228e2b11b4960153545e7476f3295713a69b5cf5a28a7c2b358d
|
|
46e7f800b Limit the number of IPs we use from each DNS seeder (e0)
Pull request description:
A risk exists where a malicious DNS seeder eclipses a node by returning an enormous number of IP addresses. In this commit we mitigate this risk by limiting the number of IP addresses addrman learns to 256 per DNS seeder.
As discussed with @theuni
Tree-SHA512: 949e870765b1470200f2c650341d9e3308a973a7d1a6e557b944b0a2b8ccda49226fc8c4ff7d2a05e5854c4014ec0b67e37a3f2287556fe7dfa2048ede1f2e6f
|
|
0749808a7 CheckMinimalPush comments are prescriptive (Gregory Sanders)
176db6147 simplify CheckMinimalPush checks, add safety assert (Gregory Sanders)
Pull request description:
the two conditions could simply never be hit as `true`, as those opcodes have a push payload of size 0 in `data`.
Added the assert for clarity for future readers(matching the gating in the interpreter) and safety for future use.
This effects policy only.
Tree-SHA512: f49028a1d5e907ef697b9bf5104c81ba8f6a331dbe5d60d8d8515ac17d2d6bfdc9dcc856a7e3dbd54814871b7d0695584d28da6553e2d9d7715430223f0b3690
|
|
be8ab7d08 Create new wallet databases as directories rather than files (Russell Yanofsky)
26c06f24e Allow wallet files not in -walletdir directory (Russell Yanofsky)
d8a99f65e Allow wallet files in multiple directories (Russell Yanofsky)
Pull request description:
This change consists of three commits:
* The first commit is a pure refactoring that removes the restriction that two wallets can only be opened at the same time if they are contained in the same directory.
* The second commit removes the restriction that `-wallet` filenames can only refer to files in the `-walletdir` directory.
* The third commit makes second commit a little safer by changing bitcoin to create wallet databases as directories rather than files, so they can be safely backed up.
All three commits should be straightforward:
* The first commit adds around 20 lines of new code and then updates a bunch of function signatures (generally updating them to take plain fs::path parameters, instead of combinations of strings, fs::paths, and objects like CDBEnv and CWalletDBWrapper).
* The second commit removes two `-wallet` filename checks and adds some test cases to the multiwallet unit test.
* The third commit just changes the mapping from specified wallet paths to bdb environment & data paths.
---
**Note:** For anybody looking at this PR for the first time, I think you can skip the comments before _20 Nov_ and start reading at https://github.com/bitcoin/bitcoin/pull/11687#issuecomment-345625565. Comments before _20 Nov_ were about an earlier version of the PR that didn't include the third commit, and then confusion from not seeing the first commit.
Tree-SHA512: 00bbb120fe0df847cf57014f75f1f7f1f58b0b62fa0b3adab4560163ebdfe06ccdfff33b4231693f03c5dc23601cb41954a07bcea9a4919c8d42f7d62bcf6024
|
|
|
|
3b26b6af7 qt: Remove TransactionTableModel::TxIDRole (João Barbosa)
Pull request description:
The role `TxIDRole` is a duplicate of `TxHashRole`. This change favours `TxHashRole`.
Tree-SHA512: ad35933eae1cb6b242b25b8940d662c2c79c766732d76fdd410c80230ec084969294a8e5a126794707992a566076ef4452b592050f7af6c4fa7742891090803d
|
|
fa3528a85b qa: Fix some tests to work on native windows (MarcoFalke)
Pull request description:
This allows some more tests to be run natively on Windows
Tree-SHA512: 8097a82dc046be9f6bb0da634758c9afef7836960ca7a1f88f9acab9512dbf7bc26525b515faae407edab4620846cce2b427940298f822e250f23f924b4c7591
|
|
b3ea8ccb7 Simplify Base32 and Base64 conversions (Pieter Wuille)
3296a3bb7 Generalize ConvertBits (Pieter Wuille)
Pull request description:
Generalize `ConvertBits` a bit to also be usable for the existing Base32 and Base64 convertions (rather than just for Bech32).
Tree-SHA512: 3858247f9b14ca4766c08ea040a09b1d6d70caaccc75c2436a54102d6d526f499ec07f5bdfcbbe16cbde5aae521cd16e9aa693e688a97e6c5e74b8e58ee55a13
|
|
e690cf4b86 [gitian] Add kallewoof key for signing (Karl-Johan Alm)
92fa6d2232 [gitian] Re-order keys by owner first name alphabetic order (Karl-Johan Alm)
Pull request description:
The docs require 2 sigs before merging, but I'm making the PR now so I don't forget about it.
Tree-SHA512: d8d1199e730cb4b4be83893e0134cd92b22c531a93824d8af5ab72acfcfae404c82e58eb4624e2963cab9e9aac4c9b7874b0224c4a2c02682199de61fc8e00bc
|
|
f08761371 Add tests of listreceivedbyaddress address filtering (Jeremy Rubin)
8ee08120d Add address filtering to listreceivedbyaddress (Jeremy Rubin)
Pull request description:
Supersede https://github.com/bitcoin/bitcoin/pull/9503 created by @JeremyRubin , I will maintain it.
Tree-SHA512: 2accaed493b7e1c2eb5cb5270180f100f8c718b6585b9574f294191c318dc622a79e42ac185300f291f82d3b2a6f1c00850b6b17e4ff2dbab94d71df695acbfe
|
|
|
|
5b8b38775 Fix overly eager BIP30 bypass (Alex Morcos)
Pull request description:
In #6931 we introduced a possible consensus breaking change by misunderstanding how completely BIP 34 obviated the need for BIP 30. Unfixed, this could break consensus after block height about 1.9M. Explained in code comment.
h/t @sdaftuar
Tree-SHA512: 8f798c3f203432fd4ae1c1c08bd6967b4a5ec2064ed5f6a7dcf3bff34ea830952838dd4ff70d70b5080cf4644f601e5526b60456c08f43789e4aae05621d9d6b
|
|
|
|
|
|
b156ff7c3 [tests] bind functional test nodes to 127.0.0.1 (Sjors Provoost)
Pull request description:
Replaces #12200 which broke `rpc_bind.py`.
Prevents OSX firewall allow-this-application-to-accept-inbound-connections permission popups and is generally safer.
To prevent binding to `127.0.0.1`, set `self.bind_to_localhost_only = False`.
cc @jnewbery
Tree-SHA512: 5e700124c91bd0cbdee83ca44910071d71d61d8842334755b685d14fbff6454d75de1ea7de67340370386f58b41361e80e90bb4dca5c4d5992f9d2b27985f999
|
|
08e0855b9 Give hint about gitian not able to download (kallewoof)
Pull request description:
Gitian fails to perform downloads right now on my set up. This can be circumvented by first checking out the tag being built and then doing the depends download step before running `gbuild`.
This should of course be fixed in gitian, but having this note until it's fixed is definitely useful.
Tree-SHA512: ae9d0eb44ecfdae44d35aecc6e5fd6db7d9e95b8e0badc76a1d9aaf8fe70bc00a2914dfcb4f516d030560835af411515ca13736ebf8b49b7040b340457882779
|
|
|
|
|
|
|
|
|
|
|
|
A risk exists where a malicious DNS seeder eclipses a node by returning an enormous number of IP addresses. In this commit we mitigate this risk by limiting the number of IP addresses addrman learns to 256 per DNS seeder.
|
|
92f1f8b31 Split off key_io_tests from base58_tests (Pieter Wuille)
119b0f85e Split key_io (address/key encodings) off from base58 (Pieter Wuille)
ebfe217b1 Stop using CBase58Data for ext keys (Pieter Wuille)
32e69fa0d Replace CBitcoinSecret with {Encode,Decode}Secret (Pieter Wuille)
Pull request description:
This PR contains some of the changes left as TODO in #11167 (and built on top of that PR). They are not intended for backporting.
This removes the `CBase58`, `CBitcoinSecret`, `CBitcoinExtKey`, and `CBitcoinExtPubKey` classes, in favor of simple `Encode`/`Decode` functions. Furthermore, all Bitcoin-specific logic (addresses, WIF, BIP32) is moved to `key_io.{h,cpp}`, leaving `base58.{h,cpp}` as a pure utility that implements the base58 encoding/decoding logic.
Tree-SHA512: a5962c0ed27ad53cbe00f22af432cf11aa530e3efc9798e25c004bc9ed1b5673db5df3956e398ee2c085e3a136ac8da69fe7a7d97a05fb2eb3be0b60d0479655
|
|
5f8cc0df1 Add a test for large tx output scripts with segwit input. (Richard Kiss)
Pull request description:
This test failed in pycoin but passed in bitcoin, so I thought I'd share it.
Tree-SHA512: 95dff4e03afea4d93ff5e99aa06004446c3df022c2e8a191cac8981107135a5ac2bd3ba1c3a9c4eda9f8f63f584cc1700b7ef57ee6ec2c66a72c699b51bdb61a
|
|
8dbf740f8 [scripts] lint-whitespace: check last N commits or unstaged changes (Sjors Provoost)
Pull request description:
E.g. before you push three commits to Github and upset Travis, check if you didn't make any whitespace mistakes:
```sh
contrib/devtools/lint-whitespace.sh 3
```
This is slightly more convenient than doing:
```sh
TRAVIS_COMMIT_RANGE=HEAD~3...HEAD contrib/devtools/lint-whitespace.sh
```
Tree-SHA512: 5d9c1ae978ccbe59477e8cf53391e9bd697d2da87f417a2519264af560d4768138e0b2d320dd497a1f1e704e18ab279d724f523b57c17a80ccd753133a5445bf
|
|
Gitian fails to perform downloads right now on my set up. This can be circumvented by first checking out the tag being built and then doing the depends download step before running `gbuild`.
|
|
40b17f5f9 [scripts] lint-whitespace: use perl instead of grep -P (Sjors Provoost)
Pull request description:
MacOS does not support `grep -P` out of the box. This change makes
it easier for developers to check for whitespace problems locally.
Based on [this](https://stackoverflow.com/a/16658690) and [this](https://serverfault.com/a/504387) Stack Exchange answer.
Tested with:
```sh
export TRAVIS_COMMIT_RANGE='fe78c9a...62e0453'
contrib/devtools/lint-whitespace.sh
This diff appears to have added new lines with tab characters instead of spaces.
The following changes were suspected:
diff --git a/src/test/bignum_tests.cpp b/src/test/bignum_tests.cpp
@@ -0,0 +1,110 @@
+ num.setint64(n);
```
Tree-SHA512: 37c342a0ca2580289cf326a278a051a7c21ba918d6b2143fd9987f159fab85f1de3d770fcf532a642cd5d1957afc8595678128196e102dc473924758f133db7f
|
|
Prevents OSX firewall allow-this-application-to-accept-inbound-connections
permission popups and is generally safer.
To prevent binding to 127.0.0.1, set self.bind_to_localhost_only = False.
|
|
f506c0a7f [qt] send: Clear All also resets coin control options (Sjors Provoost)
Pull request description:
This change makes it so that a custom change address and manual input selection are removed if the user clicks Clear All in the send screen.
Tree-SHA512: 78746043a74c9c26ef476eb0df7ce95411683749d9f6b2747222eaac751e241ea7d4d7ce9e4e69ed0b19fa76754d8584e5bef5bba1ad6598f8e39c784b4264d2
|
|
b4db76c55 net: Correct addrman logging (Wladimir J. van der Laan)
Pull request description:
These were introduced in #9037.
Found by @theuni (https://github.com/bitcoin/bitcoin/pull/9037#pullrequestreview-101704656).
Tree-SHA512: 9b5153da8a8e5d4ddf9513a5c453f9609cffd4df2924fd48c7b36c1b1055748c7077d4fc0e70be62ca36af87df7f621a744bb374a234baba271ce4982a240825
|
|
1dfb4e7d7 [Tests] Check output of parent/child tx list from getrawmempool, getmempooldescendants, getmempoolancestors, and REST interface (Conor Scott)
fc44cb108 [RPC] Add list of child transactions to verbose output of getrawmempool (Conor Scott)
Pull request description:
`bitcoin-cli getrawmempool true` only lists a transaction's parents in the `depends` field. This change adds a `spentby` field to the json response, which lists the transaction's children in the mempool.
Currently the only way to find child transactions is to use `getrawmempool` or make another call to `getmempooldescendants` and search the response for transactions that list the parent_txid in the `depends` list, which is inefficient.
This change allows direct lookup of children.
Example Output
```
"9a9b5733c0d89f207908cfa3fe17809bee71f629aa095c9f8754524e29e98ba4": {
...other geterawmempool data...
"wtxid": "9a9b5733c0d89f207908cfa3fe17809bee71f629aa095c9f8754524e29e98ba4",
"depends": [
"bdd92851d5766a42aeb62af667bb422a116cab4e032bba5e3dd6efe5b4b40aa0"
],
"spentby": [
"dc5d3ec388a9121421208738a041ac30a22163bc2e17758f2275b6c51a15ba7b"
]
},
```
Tree-SHA512: 83da7d421c9799a40ef65af3b7fdb586d6d87385f3f2ede3afd2c311725444b858f9d91cc110422a0fa31905779934fee07211ca6fe6b746792b83692c94b3ce
|
|
c5be37e2c doc: Mention configure without wallet in FreeBSD instructions (Dan Bolser)
Tree-SHA512: 495f9c1b6d73e53ad66883f26fd789423cbbd73110d4aff0aad9c09bd50583277cf8a3757e4ac6c7e0a630e68214eb711227330bfcce6944e1f9fc5d52e68ed0
|
|
The wallet part is described as optional, but apparently isn't
|
|
22b4aae02 [arith_uint256] Avoid unnecessary this-copy using prefix operator (Karl-Johan Alm)
Pull request description:
I noticed while profiling a related project that `operator-()` actually calls the `base_uint` constructor, which is because the postfix operator version of `operator++` (used in `operator-()`) creates a copy of `this` and returns it.
Tree-SHA512: d9a2665caa3d93f064cdeaf1c6fada101b9943bb53d93ccac6d9a0edac20279d2e921349e30239039c71e0a9629e45c29ec9f10d8d7499e936cdba6cb7c3c3eb
|
|
These were introduced in #9037.
Found by @theuni.
|
|
b7cd08b71 Add documentation to PeerLogicValidation interface and related functions (James O'Beirne)
Pull request description:
Adds docs for PeerLogicValidation's public interface and two related functions.
Tree-SHA512: b4c2f47e9baa9396d2b6faf3792e46b371c50cd91b9ac890f263f4d14eb24a71e7b40ceb4cbb41e254f5008eff357f417b842618e7ebece9039802ab2a5dd728
|
|
e68172ed9 Add test-before-evict discipline to addrman (Ethan Heilman)
Pull request description:
This change implement countermeasures 3 (test-before-evict) suggested in our paper: ["Eclipse Attacks on Bitcoin’s Peer-to-Peer Network"](http://cs-people.bu.edu/heilman/eclipse/).
# Design:
A collision occurs when an address, addr1, is being moved to the tried table from the new table, but maps to a position in the tried table which already contains an address (addr2). The current behavior is that addr1 would evict addr2 from the tried table.
This change ensures that during a collision, addr1 is not inserted into tried but instead inserted into a buffer (setTriedCollisions). The to-be-evicted address, addr2, is then tested by [a feeler connection](https://github.com/bitcoin/bitcoin/pull/8282). If addr2 is found to be online, we remove addr1 from the buffer and addr2 is not evicted, on the other hand if addr2 is found be offline it is replaced by addr1.
An additional small advantage of this change is that, as no more than ten addresses can be in the test buffer at once, and addresses are only cleared one at a time from the test buffer (at 2 minute intervals), thus an attacker is forced to wait at least two minutes to insert a new address into tried after filling up the test buffer. This rate limits an attacker attempting to launch an eclipse attack.
# Risk mitigation:
- To prevent this functionality from being used as a DoS vector, we limit the number of addresses which are to be tested to ten. If we have more than ten addresses to test, we drop new addresses being added to tried if they would evict an address. Since the feeler thread only creates one new connection every 2 minutes the additional network overhead is limited.
- An address in tried gains immunity from tests for 4 hours after it has been tested or successfully connected to.
# Tests:
This change includes additional addrman unittests which test this behavior.
I ran an instance of this change with a much smaller tried table (2 buckets of 64 addresses) so that collisions were much more likely and observed evictions.
```
2016-10-27 07:20:26 Swapping 208.12.64.252:8333 for 68.62.95.247:8333 in tried table
2016-10-27 07:20:26 Moving 208.12.64.252:8333 to tried
```
I documented tests we ran against similar earlier versions of this change in #6355.
# Security Benefit
This is was originally posted in PR #8282 see [this comment for full details](https://github.com/bitcoin/bitcoin/pull/8282#issuecomment-237255215).
To determine the security benefit of these larger numbers of IPs in the tried table I modeled the attack presented in [Eclipse Attacks on Bitcoin’s Peer-to-Peer Network](https://eprint.iacr.org/2015/263).
**Default node:** 595 attacker IPs for ~50% attack success.
**Default node + test-before-evict:** 620 attacker IPs for ~50% attack success.
**Feeler node:** 5540 attacker IPs for ~50% attack success.
**Feeler node + test-before-evict:** 8600 attacker IPs for ~50% attack success.
The node running feeler connections has 10 times as many online IP addresses in its tried table making an attack 10 times harder (i.e. requiring the an attacker require 10 times as many IP addresses in different /16s). Adding test-before-evict increases resistance of the node by an additional 3000 attacker IP addresses.
Below I graph the attack over even greater attacker resources (i.e. more attacker controled IP addresses). Note that test-before-evict maintains some security far longer even against an attacker with 50,000 IPs. If this node had a larger tried table test-before-evict could greatly boost a nodes resistance to eclipse attacks.
Tree-SHA512: fdad4d26aadeaad9bcdc71929b3eb4e1f855b3ee3541fbfbe25dca8d7d0a1667815402db0cb4319db6bd3fcd32d67b5bbc0e12045c4252d62d6239b7d77c4395
|
|
|
|
6fbc0986f gui: Show messages as text not html (Wladimir J. van der Laan)
Pull request description:
Currently, error messages (such as InitError) are displayed as-is, which means Qt does auto detection on the format.
This means that it's possible to inject HTML from the command line though e.g. specifying a wallet name with HTML in it. This isn't a direct security risk because fetching content from internet is
disabled (and as far as I know we never report strings received from the network this way). However, it can be confusing.
So explicitly force the format as text.
Tree-SHA512: 96c9196f20552544b862071bca61817ef03653019cc3548023d435f3a9c48b6cd501fab3246783cb0be68c8c7bb1b865913d92070a7c4e84e82c6577709f0934
|
|
cfaac2a60 Add build support for 'gprof' profiling. (murrayn)
Pull request description:
Support for profiling build: `./configure --enable-profiling`
Tree-SHA512: ea983cfce385f1893bb4ab7f94ac141b7d620951dc430da3bbc92ae1357fb05521eac689216e66dc87040171a8a57e76dd7ad98036e12a2896cfe5ab544347f0
|
|
13a399a46 depends: patch pthread_set_name_np out of zeromq (Cory Fields)
8f7922636 depends: zeromq 4.2.3 (fanquake)
Pull request description:
This is a followup to #9254 and #11981. Zeromq 4.2.3 was released just after #9254 was merged, and contains a years worth of improvements/bug fixes. See the release notes [here](https://github.com/zeromq/libzmq/releases/tag/v4.2.3).
Todo:
- [ ] Add zeromq-4.2.3.tar.gz to /depends-sources on bitcoincore.org
- [ ] Verify gitian builds are still OK
- [ ] Check: https://github.com/zeromq/libzmq/pull/2787
Tree-SHA512: 85e06f47be3e1fdedcee50ce90e3391d69df2ea1c167472ffc3126d8970d418eb75141b970e422eb2fda9a8cad00e6ba5b36afa53565171a9ebaa152a9dc9b60
|
