aboutsummaryrefslogtreecommitdiff
path: root/src/consensus
AgeCommit message (Collapse)Author
2019-10-24consensus: Explain why fCheckDuplicateInputs can not be skipped and remove itMarcoFalke
2019-10-24Merge #17004: validation: Remove REJECT code from CValidationStateWladimir J. van der Laan
9075d13153ce06cd59a45644831ecc43126e1e82 [docs] Add release notes for removal of REJECT reasons (John Newbery) 04a2f326ec0f06fb4fce1c4f93500752f05dede8 [validation] Fix REJECT message comments (John Newbery) e9d5a59e34ff2d538d8f5315efd9908bf24d0fdc [validation] Remove REJECT code from CValidationState (John Newbery) 0053e16714323c1694c834fdca74f064a1a33529 [logging] Don't log REJECT code when transaction is rejected (John Newbery) a1a07cfe99fc8cee30ba5976dc36b47b1f6532ab [validation] Fix peer punishment for bad blocks (John Newbery) Pull request description: We no longer send BIP 61 REJECT messages, so there's no need to set a REJECT code in the CValidationState object. Note that there is a minor bug fix in p2p behaviour here. Because the call to `MaybePunishNode()` in `PeerLogicValidation::BlockChecked()` only previously happened if the REJECT code was > 0 and < `REJECT_INTERNAL`, then there are cases were `MaybePunishNode()` can get called where it wasn't previously: - when `AcceptBlockHeader()` fails with `CACHED_INVALID`. - when `AcceptBlockHeader()` fails with `BLOCK_MISSING_PREV`. Note that `BlockChecked()` cannot fail with an 'internal' reject code. The only internal reject code was `REJECT_HIGHFEE`, which was only set in ATMP. This reverts a minor bug introduced in 5d08c9c579ba8cc7b684105c6a08263992b08d52. ACKs for top commit: ariard: ACK 9075d13, changes since last reviewed are splitting them in separate commits to ease understanding and fix nits fjahr: ACK 9075d13153ce06cd59a45644831ecc43126e1e82, confirmed diff to last review was fixing nits in docs/comments. ryanofsky: Code review ACK 9075d13153ce06cd59a45644831ecc43126e1e82. Only changes since last review are splitting the main commit and updating comments Tree-SHA512: 58e8a1a4d4e6f156da5d29fb6ad6a62fc9c594bbfc6432b3252e962d0e9e10149bf3035185dc5320c46c09f3e49662bc2973ec759679c0f3412232087cb8a3a7
2019-10-15Remove unused includespracticalswift
2019-10-10[validation] Remove REJECT code from CValidationStateJohn Newbery
We no longer send BIP 61 REJECT messages, so there's no need to set a REJECT code in the CValidationState object.
2019-09-27Merge #16713: Ignore old versionbit activations to avoid 'unknown softforks' ↵MarcoFalke
warning fdb3e8f8b27e3b0b2f88c32915975c6e4c299b1e Ignore old versionbit activations (Anthony Towns) Pull request description: PR 16060 removed the CSV and Segwit BIP9 softfork definitions and hard-coded ('buried') the activation heights. The versionbits code will warn users if an undefined softfork has been signalled in block header versions, and removing the CSV/Segwit definitions caused those warnings to be triggered. Change the BIP 9 warning code to only check for unknown softforks after the segwit activation height. ACKs for top commit: MarcoFalke: ACK fdb3e8f8b2 ajtowns: ACK fdb3e8f8b27e3b0b2f88c32915975c6e4c299b1e for what it's worth achow101: ACK fdb3e8f8b27e3b0b2f88c32915975c6e4c299b1e Sjors: ACK fdb3e8f8b27e3b0b2f88c32915975c6e4c299b1e. It makes the bit 0 warning go away in mainnet and testnet QT when a new block arrives. I think the code is clear enough. jonatack: ACK fdb3e8f8b27e3b0b2f88c32915975c6e4c299b1e Tree-SHA512: e6fd34e8902f8c7affb28e8951803e47d542710d5f1229000746656a37ee59d754439fc33e36b7eef87544262e5aac374645db91b74cb507e73514003ca7a67f
2019-09-18Merge #14696: qa: Add explicit references to related CVE's in ↵Wladimir J. van der Laan
p2p_invalid_block test. 0c62e3aa73839e97e65a3155e06a98d84b700a1e New regression testing for CVE-2018-17144, CVE-2012-2459, and CVE-2010-5137. (lucash-dev) 38bfca6bb2ad68719415e9c54a981441052da072 Added comments referencing multiple CVEs in tests and production code. (lucash-dev) Pull request description: This functional test includes two scenarios that test for regressions of vulnerabilities, but they are only briefly described. There are freely available documents explaining in detail the issues, but without explicit mentions, the developer trying to maintain the code needs an additional step of digging in commit history and PR conversations to figure it out. Added comments to explicitly mention CVE-2018-17144 and CVE-2012-2459, for more complete documentation. This improves developer experience by making understanding the tests easier. ACKs for top commit: laanwj: ACK 0c62e3aa73839e97e65a3155e06a98d84b700a1e, checked the CVE numbers, thanks for adding documentation Tree-SHA512: 3ee05351745193b8b959e4a25d50f25a693b2d24b0732ed53cf7d5882df40b5dd0f1877bd5c69cffb921d4a7acf9deb3cc1160b96dc730d9b5984151ad06b7c9
2019-09-05Ignore old versionbit activationsAnthony Towns
Adds a hardcoded height to the consensus chain parameters for ignoring versionbit activations prior to a fixed height.
2019-08-14[Consensus] Bury segwit deploymentJohn Newbery
Hardcode segwit deployment height to 481824 for mainnet.
2019-08-14[Consensus] Bury CSV deployment heightJohn Newbery
Hard code CSV deployment height to 419328 for mainnet.
2019-06-02Added comments referencing multiple CVEs in tests and production code.lucash-dev
This commit adds comments referencing multiple CVEs both in production and test code. CVEs covered in this commit: CVE-2010-5137 CVE-2010-5139 CVE-2010-5141 CVE-2012-1909 CVE-2012-2459 CVE-2012-3789 CVE-2018-17144
2019-06-02Make reasoning about dependencies easier by not including unused dependenciespracticalswift
2019-05-02Separate reason for premature spends (coinbase/locktime)Suhas Daftuar
2019-05-02Assert validation reasons are contextually correctSuhas Daftuar
2019-05-02[refactor] Drop unused state.DoS(), state.GetDoS(), state.CorruptionPossible()Matt Corallo
Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-05-02scripted-diff: Remove DoS calls to CValidationStateMatt Corallo
-BEGIN VERIFY SCRIPT- sed -i 's/\.DoS(\(.*\), REJECT_\(.*\), \(true\|false\)/.DoS(\1, REJECT_\2/' src/validation.cpp src/consensus/tx_verify.cpp src/consensus/tx_check.cpp sed -i 's/state.GetRejectCode(), state.GetRejectReason(), [^,]\+, state.GetDebugMessage())/state.GetRejectCode(), state.GetRejectReason(), state.GetDebugMessage())/' src/validation.cpp sed -i 's/\.DoS([^,]*, /.Invalid\(/' src/validation.cpp src/consensus/tx_verify.cpp src/consensus/tx_check.cpp -END VERIFY SCRIPT- Co-authored-by: Suhas Daftuar <sdaftuar@gmail.com>
2019-05-02[refactor] Prep for scripted-diff by removing some \ns which annoy sed.Matt Corallo
2019-05-02Allow use of state.Invalid() for all reasonsMatt Corallo
Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-05-02[refactor] Drop redundant nDoS, corruptionPossible, SetCorruptionPossibleMatt Corallo
Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-05-02[refactor] Add useful-for-dos "reason" field to CValidationStateMatt Corallo
This is a first step towards cleaning up our DoS interface - make validation return *why* something is invalid, and let net_processing figure out what that implies in terms of banning/disconnection/etc. Behavior change: peers will now be banned for providing blocks with premature coinbase spends. Co-authored-by: Anthony Towns <aj@erisian.com.au> Suhas Daftuar <sdaftuar@gmail.com>
2019-05-02Clean up banning levelsMatt Corallo
Compared with previous bans, the following changes are made: * Txn with empty vin/vout or null prevouts move from 10 DoS points to 100. * Loose transactions with a dependency loop now result in a ban instead of 10 DoS points. * Many pre-segwit soft-fork errors now result in a ban. Note: Transactions that violate soft-fork script flags since P2SH do not generally result in a ban. Also, banning behavior for invalid blocks is dependent on whether the node is validating with multiple script check threads, due to a long- standing bug. That inconsistency is still present after this commit. * Proof of work failure moves from 50 DoS points to a ban. * Blocks with timestamps under MTP now result in a ban, blocks too far in the future continue to *not* result in a ban. * Inclusion of non-final transactions in a block now results in a ban instead of 10 DoS points. Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-05-02[refactor] drop IsInvalid(nDoSOut)Matt Corallo
Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-05-02[refactor] Refactor misbehavior ban decisions to MaybePunishNode()Matt Corallo
Isolate the decision of whether to ban a peer to one place in the code, rather than having it sprinkled throughout net_processing. Co-authored-by: Anthony Towns <aj@erisian.com.au> Suhas Daftuar <sdaftuar@gmail.com> John Newbery <john@johnnewbery.com>
2019-04-09[build] Move CheckTransaction from lib_server to lib_consensusJohn Newbery
CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries.
2018-12-29Update copyright headers to 2018DrahtBot
2018-11-04scripted-diff: Move util files to separate directory.Jim Posen
-BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
2018-09-11Drop unused GetType() from CSizeComputerBen Woosley
2018-07-27Update copyright headers to 2018DrahtBot
2018-07-24scripted-diff: Remove trailing whitespacesJoão Barbosa
-BEGIN VERIFY SCRIPT- sed --in-place'' --regexp-extended 's/[[:space:]]+$//g' $(git grep -I --files-with-matches --extended-regexp '[[:space:]]+$' -- src test ':!*.svg' ':!src/crypto/sha256_sse4*' ':!src/leveldb' ':!src/qt/locale' ':!src/secp256k1' ':!src/univalue') -END VERIFY SCRIPT-
2018-05-29[MOVEONLY] Move unused Merkle branch code to testsPieter Wuille
2018-05-29Use SHA256D64 in Merkle root computationPieter Wuille
2018-04-13Use P2SH consensus rules for all blocksSuhas Daftuar
This commit moves P2SH activation back to the genesis block, with a hardcoded exception for the one historical block in the chain that violated this rule.
2018-03-22Fix missing or inconsistent include guardspracticalswift
2018-03-21Fix typospracticalswift
2018-03-09Calculate and store the number of bytes required to spend an inputAndrew Chow
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-11-11Merge #10749: Use compile-time constants instead of unnamed enumerations ↵MarcoFalke
(remove "enum hack") 1e65f0f33 Use compile-time constants instead of unnamed enumerations (remove "enum hack") (practicalswift) Pull request description: Use compile-time constants instead of unnamed enumerations (remove "enum hack"). Tree-SHA512: 1b6ebb2755398c5ebab6cce125b1dfc39cbd1504d98d55136b32703fe935c4070360ab3b2f52b1da48ba9f3b01082d204f3d87c92ccb5c8c333731f7f972e128
2017-11-06Always-active versionbits supportPieter Wuille
2017-11-06[consensus] Pin P2SH activation to block 173805 on mainnetJohn Newbery
2017-11-06Improve handling of BIP9Deployment limitsAnthony Towns
Small tweaks by Pieter Wuille.
2017-10-11Merge #8498: Near-Bugfix: Optimization: Minimize the number of times it is ↵Wladimir J. van der Laan
checked that no money... 4e955c5 Near-Bugfix: Reestablish consensus check removed in 8d7849b (Jorge Timón) 3e8c916 Introduce CheckInputsAndUpdateCoins static wrapper in txmempool.cpp (Jorge Timón) 832e074 Optimization: Minimize the number of times it is checked that no money is created (Jorge Timón) 3f0ee3e Proper indentation for CheckTxInputs and other minor fixes (Jorge Timón) Pull request description: ...is created by individual transactions to 2 places (but call only once in each): - ConnectBlock ( before calculated fees per txs twice ) - AcceptToMemoryPoolWorker ( before called CheckTxInputs 4 times and calculated fees per tx one extra time ) Also call tx.GetValueOut() only once per call of CheckTxInputs (instead of 2) For more motivation: ~~https://github.com/bitcoin/bitcoin/blob/master/src/main.cpp#L1493~~ https://github.com/jtimon/bitcoin/compare/0.13-consensus-inputs...jtimon:0.13-consensus-inputs-comments EDIT: partially replaces #6445 Near-Bugfix as pointed out in https://github.com/bitcoin/bitcoin/pull/8498#discussion_r124346132 Tree-SHA512: c71188e7c7c2425c9170ed7b803896755a92fd22f43b136eedaa6e554106696f0b10271d0ef0d0127c1eaafbc31d12eb19143df4f1b6882feecedf6ef05ea346
2017-09-20Optimization: Minimize the number of times it is checked that no money is ↵Jorge Timón
created by individual transactions to 2 places (but call only once in each): - ConnectBlock ( before calculated fees per txs twice ) - AcceptToMemoryPoolWorker ( before called CheckTxInputs 4 times and calculated fees per tx one extra time ) Also call tx.GetValueOut() only once per call of CheckTxInputs (instead of 2)
2017-09-15Trivial: Fix validation commentsDan Raviv
- Move comment about transaction/block weight calculation so it applies not only to the GetBlockWeight function but also to GetTransactionWeight - Fix comment in validation.cpp referencing future deployment of BIP113. It has already been deployed. - The doc comment for BLOCK_DOWNLOAD_WINDOW wasn't updated since pruning was introduced, so it still refers to pruning as something that might happen in the future. A larger BLOCK_DOWNLOAD_WINDOW window would now, indeed, make pruning harder.
2017-09-07Proper indentation for CheckTxInputs and other minor fixesJorge Timón
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-07-26Use compile-time constants instead of unnamed enumerations (remove "enum hack")practicalswift
2017-07-15Fix typospracticalswift
2017-07-14Remove confusing MAX_BLOCK_BASE_SIZE.Gregory Maxwell
Some people keep thinking that MAX_BLOCK_BASE_SIZE is a separate size limit from the weight limit when it fact it is superfluous, and used in early tests before the witness data has been validated or just to compute worst case sizes. The size checks that use it would not behave any differently consensus wise if they were eliminated completely. Its correct value is not independently settable but is a function of the weight limit and weight formula. This patch just eliminates it and uses the scale factor as required to compute the worse case constants. It also moves the weight factor out of primitives into consensus, which is a more logical place for it.
2017-06-24Merge #10608: Add a comment explaining the use of MAX_BLOCK_BASE_SIZE.Wladimir J. van der Laan
1887337 Add a comment explaining the use of MAX_BLOCK_BASE_SIZE. (Gregory Maxwell) Tree-SHA512: 4c643a3696241fbf4eac8d58bb26586f319338b28ee86d20394a8ea362911b467853eb40c43487ede753209a3c7bee2e576d2ca80627e9fc924fabefbcaea34b
2017-06-20Merge #10537: Few Minor per-utxo assert-semantics re-adds and tweakPieter Wuille
9417d7a33 Be much more agressive in AccessCoin docs. (Matt Corallo) f58349ca8 Restore some assert semantics in sigop cost calculations (Matt Corallo) 3533fb4d3 Return a bool in SpendCoin to restore pre-per-utxo assert semantics (Matt Corallo) ec1271f2b Remove useless mapNextTx lookup in CTxMemPool::TrimToSize. (Matt Corallo) Tree-SHA512: 158a4bce063eac93e1d50709500a10a7cb1fb3271f10ed445d701852fce713e2bf0da3456088e530ab005f194ef4a2adf0c7cb23226b160cecb37a79561f29ca