aboutsummaryrefslogtreecommitdiff
path: root/src/policy
AgeCommit message (Collapse)Author
2022-02-14Remove outdated comment on CFeeRateMurch
This comment described how the constructor of CFeeRate was previously indirectly used to parse fee rate arguments from RPCs. The command line input was actually in sat/vB but due to the use of AmountFromValue() it got converted to BTC/vB. In the constructor this could be rectified by creating a CFeeRate from that given value (in BTC/vB) and COIN as the transaction size, turning the input effectively to sat/vB. Since this usage pattern was removed from the codebase some months ago, the comment is now obsolete. Also: • Use vsize and vbyte instead of size and byte
2022-01-17[validation] better handle errors in SubmitPackageglozow
Behavior change: don't quit right after LimitMempoolSize() when a package is partially submitted. We should still send TransactionAddedToMempool notifications for transactions that were submitted. Not behavior change: add a new package validation result for mempool logic errors.
2021-12-30scripted-diff: Bump copyright headersHennadii Stepanov
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: * 2020: fa0074e2d82928016a43ca408717154a1c70a4db * 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2021-12-15Merge bitcoin/bitcoin#22674: validation: mempool validation and submission ↵W. J. van der Laan
for packages of 1 child + parents 046e8ff264be6b888c0f9a9d822e32aa74e19b78 [unit test] package submission (glozow) e12fafda2dfbbdf63f125e5af797ecfaa6488f66 [validation] de-duplicate package transactions already in mempool (glozow) 8310d942e046c5a9b6bd90afdcd3af68dd91e081 [packages] add sanity checks for package vs mempool limits (glozow) be3ff151a1f9665720cdf70d072b098a2f9726a9 [validation] full package accept + mempool submission (glozow) 144a29099a865ac1dc3e5291d9529fbcca9c83a4 [policy] require submitted packages to be child-with-unconfirmed-parents (glozow) d59ddc5c3d1c035474d7bc9fa9f8a0eeb1c8498c [packages/doc] define and document package rules (glozow) ba26169f6035c238378a3c9647213328a006fa23 [unit test] context-free package checks (glozow) 9b2fdca7f03911ac40fe0f8a0b5da534bee4554b [packages] add static IsChildWithParents function (glozow) Pull request description: This is 1 chunk of [Package Mempool Accept](https://gist.github.com/glozow/dc4e9d5c5b14ade7cdfac40f43adb18a); it restricts packages to 1 child with its parents, doesn't allow conflicts, and doesn't have CPFP (yet). Future PRs (see #22290) will add RBF and CPFP within packages. ACKs for top commit: laanwj: Code review ACK 046e8ff264be6b888c0f9a9d822e32aa74e19b78 Tree-SHA512: 37dbba37d527712f8efef71ee05c90a8308992615af35f5e0cfeafc60d859cc792737d125aac526e37742fe7683ac8c155ac24af562426213904333c01260c95
2021-12-03Merge bitcoin/bitcoin#23413: Replace MakeSpan helper with Span deduction guideMarcoFalke
11daf6ceb1d9ea1f8d638b123eecfe39d162a7c3 More Span simplifications (Pieter Wuille) 568dd2f83900a11a4dbba1250722791a135bf0a9 Replace MakeSpan helper with Span deduction guide (Pieter Wuille) Pull request description: C++17 supports [user-defined deduction guides](https://en.cppreference.com/w/cpp/language/class_template_argument_deduction), allowing class constructors to be invoked without specifying class template arguments. Instead, the code can contain rules to infer the template arguments from the constructor argument types. This alleviates the need for the `MakeSpan` helper. Convert the existing MakeSpan rules into deduction rules for `Span` itself, and replace all invocations of `MakeSpan` with just `Span` ones. ACKs for top commit: MarcoFalke: re-ACK 11daf6ceb1d9ea1f8d638b123eecfe39d162a7c3 Only change is removing a hunk in the tests 🌕 Tree-SHA512: 10f3e82e4338f39d9b7b407cd11aac7ebe1e9191b58e3d7f4e5e338a4636c0e126b4a1d912127c7446f57ba356c8d6544482e47f97901efea6a54fffbfd7895f
2021-12-02Merge bitcoin/bitcoin#22014: refactor: Make m_cs_fee_estimator non-recursiveMarcoFalke
8c277b19c8f262e550cffe263e6d910b687ac882 refactor: Make m_cs_fee_estimator non-recursive (Hennadii Stepanov) 5ee5b696b588695ff78aaac08d5d85154f1953cf refactor: Add non-thread-safe CBlockPolicyEstimator::_removeTx helper (Hennadii Stepanov) 5c3033d45e5ec15499ce7a0222ffa0210a0f66bc Add thread safety annotations to CBlockPolicyEstimator public functions (Hennadii Stepanov) Pull request description: This PR eliminates the only place that `m_cs_fee_estimator` is recursively locked by refactoring out `_removeTx` member function. Related to #19303. ACKs for top commit: theStack: Code-review ACK 8c277b19c8f262e550cffe263e6d910b687ac882 amadeuszpawlik: ACK 8c277b19c8f262e550cffe263e6d910b687ac882 reviewed, built and ran tests Tree-SHA512: 65b0b59460d3d5fadf7e75e916b2898b0dcfafdf5b278ef8c3975660f67c9f88ae4b937944313bd36d7513a7a53e1e5859aaf4a6deb4a1aea089936b101635a1
2021-11-29Replace MakeSpan helper with Span deduction guidePieter Wuille
2021-11-29[packages] add static IsChildWithParents functionglozow
2021-11-25Merge bitcoin/bitcoin#23512: policy: Treat taproot as always activeMarcoFalke
fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 policy: Treat taproot as always active (MarcoFalke) Pull request description: Now that taproot is active, it can be treated as if it was always active for policy for the next major release. This simplifies the code and changes two things: * Importing `tr` descriptors can be done before the chain is fully synced. This is fine, because the wallet will already generate `tr` descriptors by default (regardless of the taproot status) after commit 47fe7445e7f54aee10ec6dbc53f1db1adbeb43de. * Valid taproot spends won't be rejected from the mempool before taproot is active. This is strictly speaking a bugfix after commit 47fe7445e7f54aee10ec6dbc53f1db1adbeb43de, since the wallet may generate taproot spends before the chain is fully synced. For example, a slow node or a purposefully offline node. Currently, the wallet needs the mempool to account for change. See https://github.com/bitcoin/bitcoin/issues/11887. A similar change was done for segwit v0 in https://github.com/bitcoin/bitcoin/pull/13120 . This effectively reverts commit c5ec0367d718544caa3a1578d6c730fc92ee4e94. ACKs for top commit: mjdietzx: Code Review ACK fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 achow101: ACK fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 sipa: utACK fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 gruve-p: ACK https://github.com/bitcoin/bitcoin/pull/23512/commits/fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 gunar: Code Review + tACK fa3e0da06 rajarshimaitra: code review + tACK https://github.com/bitcoin/bitcoin/pull/23512/commits/fa3e0da06b491b8c0fa2dbae37682a9112c9deb8 Tree-SHA512: c6dc7a4e6c345bdec33f256847dc63906ab1696aa683ab9b32a79e715613950884ac3a1a7a44e95f31bb28e58dd64679a616175f7e152b21f5550f3337c8e622
2021-11-16doc: Fix typos in endif header commentsMarcoFalke
2021-11-16policy: Treat taproot as always activeMarcoFalke
2021-11-05Merge bitcoin/bitcoin#22949: fee: Round up fee calculation to avoid a lower ↵Samuel Dobson
than expected feerate 80dc829be7f8c3914074b85bb4c125baba18cb2c tests: Calculate fees more similarly to CFeeRate::GetFee (Andrew Chow) ce2cc44afd51f3df4ee7f14ea05b8da229183923 tests: Test for assertion when feerate is rounded down (Andrew Chow) 0fbaef9676a1dcb84bcf95afd8d994831ab327b6 fees: Always round up fee calculated from a feerate (Andrew Chow) Pull request description: When calculating the fee for a feerate, it is possible that the final calculation will have fractional satoshis. Currently those are ignored via truncation which results in the absolute fee being rounded down. Rounding down is problematic because it results in a feerate that is slightly lower than the feerate represented by the `CFeeRate` object. A slightly lower feerate particularly causes issues for coin selection as it can trigger an assertion error. To avoid potentially underpaying the feerate (and the assertion), always round up the calculated fee. A test is added for the assertion, along with a comment explaining what happens. It is unlikely that a user can trigger this as it requires a very specific set of rounding errors to occur as well as the transaction not needing any change and being right on the lower bound of the exact match window. However I was able to trigger the assertion while running coin selection simulations, albeit after thousands of transactions and with some weird feerates. ACKs for top commit: ryanofsky: Code review ACK 80dc829be7f8c3914074b85bb4c125baba18cb2c promag: Tested ACK 80dc829be7f8c3914074b85bb4c125baba18cb2c. lsilva01: tACK 80dc829 meshcollider: utACK 80dc829be7f8c3914074b85bb4c125baba18cb2c Tree-SHA512: fe26684c60f236cab48ea6a4600c141ce766dbe59504ec77595dcbd7fd0b34559acc617007f4f499c9155d8fda0a336954413410ba862b19c765c0cfac79d642
2021-10-21[mempool] delete exists(uint256) functionglozow
Allowing callers to pass in a uint256 (which could be txid or wtxid) but then always assuming that it's a txid is a footgunny interface.
2021-10-20Merge bitcoin/bitcoin#23258: doc: Fix outdated comments referring to ↵fanquake
::ChainActive() a0efe529e4fd053b890450413b9ca5e1bcd8f2c2 Fix outdated comments referring to ::ChainActive() (Samuel Dobson) Pull request description: After #21866 there are a few outdated comments referring to `::ChainActive()`, which should instead refer to `ChainstateManager::ActiveChain()`. ACKs for top commit: jamesob: ACK https://github.com/bitcoin/bitcoin/pull/23258/commits/a0efe529e4fd053b890450413b9ca5e1bcd8f2c2 Tree-SHA512: 80da19c105ed29ac247e6df4c8e916c3bf3f37230b63f07302114eef9c115add673e9649f0bbe237295be0c6da7b1030b5b93e14daf6768f17ce5de7cf2c9ff2
2021-10-15Merge bitcoin/bitcoin#22863: policy: document dust threshold for Taproot outputsW. J. van der Laan
d873db7f8ff37c37f9c72482d8ecd52282f4438e policy: document we intentionally don't lower the dust threshold for Taproot (Antoine Poinsot) Pull request description: Following discussions in #22779 . ACKs for top commit: benthecarman: ACK d873db7f8ff37c37f9c72482d8ecd52282f4438e ariard: Code Review ACK d873db7 theStack: ACK d873db7f8ff37c37f9c72482d8ecd52282f4438e Tree-SHA512: 1f5d20dce767f8a74d57ece47a7f6b881741f508896131b8433600cccf9e4262892603b46521d1bb69d5c83b450f24a16731341072a471c1f2c9adad682af895
2021-10-12Fix outdated comments referring to ::ChainActive()Samuel Dobson
2021-10-08fees: Always round up fee calculated from a feerateAndrew Chow
When calculating the fee for a given tx size from a fee rate, we should always round up to the next satoshi. Otherwise, if we round down (via truncation), the calculated fee may result in a fee with a feerate slightly less than targeted. This is particularly important for coin selection as a slightly lower feerate than expected can result in a variety of issues.
2021-10-05refactor: Block unsafe fs::path std::string conversion callsRussell Yanofsky
There is no change in behavior. This just helps prepare for the transition from boost::filesystem to std::filesystem by avoiding calls to methods which will be unsafe after the transaction to std::filesystem to due lack of a boost::filesystem::path::imbue equivalent and inability to set a predictable locale. Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com> Co-authored-by: Kiminuo <kiminuo@protonmail.com> Co-authored-by: MarcoFalke <falke.marco@gmail.com>
2021-09-30[MOVEONLY] consensus: move amount.h into consensusfanquake
Move amount.h to consensus/amount.h. Renames, adds missing and removes uneeded includes.
2021-09-20add missing includes in policy/rbfglozow
2021-09-10[doc] improve RBF documentationglozow
Document a few non-obvious things and delete no-longer-relevant comments (e.g. about taking a lock that we're already holding). No change in behavior.
2021-09-10[policy/refactor] pass in relay fee instead of using globalglozow
2021-09-02whitespace fixups after move and scripted-diffglozow
2021-09-02scripted-diff: rename variables in policy/rbfglozow
"Fee Delta" is already a term used for prioritizing transactions: modified = base fees + delta Here, delta also means the difference between original and modified replacement fees: nDeltaFees = (original_base + original_delta) - (replacement_base + replacement_delta) This is insanely confusing. Also, since mempool is no longer a member of a class (MemPoolAccept.m_pool), the "m" prefix is unnecessary. The rest are clarity/style-focused changes to already-touched lines. -BEGIN VERIFY SCRIPT- ren() { sed -i "s/\<$1\>/$2/g" src/policy/rbf* ; } ren nDeltaFees additional_fees ren m_pool pool ren nSize replacement_vsize ren nModifiedFees replacement_fees ren nConflictingFees original_fees ren oldFeeRate original_feerate ren newFeeRate replacement_feerate ren setAncestors ancestors ren setIterConflicting iters_conflicting ren setConflictsParents parents_of_conflicts ren setConflicts direct_conflicts ren allConflicting all_conflicts sed -i "s/ hash\b/ txid/g" src/policy/rbf* -END VERIFY SCRIPT-
2021-09-02MOVEONLY: fee checks (Rules 3 and 4) to policy/rbfglozow
2021-09-02MOVEONLY: check that fees > direct conflicts to policy/rbfglozow
2021-09-02MOVEONLY: check for disjoint conflicts and ancestors to policy/rbfglozow
This checks that a transaction isn't trying to replace something it supposedly depends on.
2021-09-02MOVEONLY: BIP125 Rule 2 to policy/rbfglozow
2021-09-02Make GetEntriesForConflicts return std::optionalglozow
Avoids reusing err_string.
2021-09-02policy: document we intentionally don't lower the dust threshold for TaprootAntoine Poinsot
A "correction" of what seemed to be an overlook was initially proposed in PR #22779. It was deemed unnecessary to further reduce the dust level, so document the intention. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2021-08-24MOVEONLY: getting mempool conflicts to policy/rbfglozow
2021-08-24MOVEONLY: BIP125 max conflicts limit to policy/rbf.hglozow
A circular dependency is added because policy now depends on txmempool and txmempool depends on validation. It is natural for [mempool] policy to rely on mempool; the problem is caused by txmempool depending on validation. #22677 will resolve this.
2021-06-02MOVEONLY: context-free package policiesglozow
Co-authored-by: ariard <antoine.riard@gmail.com>
2021-06-02[package] static_assert max package size >= max tx sizeglozow
2021-05-27Merge bitcoin/bitcoin#20833: rpc/validation: enable packages through ↵W. J. van der Laan
testmempoolaccept 13650fe2e527bf0cf5d977bf5f3f1563b853ecdc [policy] detect unsorted packages (glozow) 9ef643e21b44f99f4bce54077788d0ad4d81f7cd [doc] add release note for package testmempoolaccept (glozow) c4259f4b7ee23ef6e0ec82c5d5b9dfa9cadd5bed [test] functional test for packages in RPCs (glozow) 9ede34a6f20378e86c5289ebd20dd394a5915123 [rpc] allow multiple txns in testmempoolaccept (glozow) ae8e6df709ff3d52b8e9918e09cacb64f83ae379 [policy] limit package sizes (glozow) c9e1a26d1f17c8b98632b7796ffa8f8788b5a83c [fuzz] add ProcessNewPackage call in tx_pool fuzzer (glozow) 363e3d916cc036488783bb4bdcfdd3665aecf711 [test] unit tests for ProcessNewPackage (glozow) cd9a11ac96c01e200d0086b2f011f4a614f5a705 [test] make submit optional in CreateValidMempoolTransaction (glozow) 2ef187941db439c5b3e529f08b6ab153ff061fc5 [validation] package validation for test accepts (glozow) 578148ded62828a9820398165c41670f4dbb523d [validation] explicit Success/Failure ctors for MempoolAcceptResult (glozow) b88d77aec5e7bef5305a668d15031351c0548b4d [policy] Define packages (glozow) 249f43f3cc52b0ffdf2c47aad95ba9d195f6a45e [refactor] add option to disable RBF (glozow) 897e348f5987eadd8559981a973c045c471b3ad8 [coins/mempool] extend CCoinsViewMemPool to track temporary coins (glozow) 42cf8b25df07c45562b7210e0e15c3fd5edb2c11 [validation] make CheckSequenceLocks context-free (glozow) Pull request description: This PR enables validation dry-runs of packages through the `testmempoolaccept` RPC. The expectation is that the results returned from `testmempoolaccept` are what you'd get from test-then-submitting each transaction individually, in that order (this means the package is expected to be sorted in topological order, for now at least). The validation is also atomic: in the case of failure, it immediately halts and may return "unfinished" `MempoolAcceptResult`s for transactions that weren't fully validated. The API for 1 transaction stays the same. **Motivation:** - This allows you to test validity for transaction chains (e.g. with multiple spending paths and where you don't want to broadcast yet); closes #18480. - It's also a first step towards package validation in a minimally invasive way. - The RPC commit happens to close #21074 by clarifying the "allowed" key. There are a few added restrictions on the packages, mostly to simplify the logic for areas that aren't critical to main package use cases: - No package can have conflicts, i.e. none of them can spend the same inputs, even if it would be a valid BIP125 replacement. - The package cannot conflict with the mempool, i.e. RBF is disabled. - The total count of the package cannot exceed 25 (the default descendant count limit), and total size cannot exceed 101KvB (the default descendant size limit). If you're looking for review comments and github isn't loading them, I have a gist compiling some topics of discussion [here](https://gist.github.com/glozow/c3acaf161c95bba491fce31585b2aaf7) ACKs for top commit: laanwj: Code review re-ACK 13650fe2e527bf0cf5d977bf5f3f1563b853ecdc jnewbery: Code review ACK 13650fe2e527bf0cf5d977bf5f3f1563b853ecdc ariard: ACK 13650fe Tree-SHA512: 8c5cbfa91a6c714e1c8710bb281d5ff1c5af36741872a7c5df6b24874d6272b4a09f816cb8a4c7de33ef8e1c2a2c252c0df5105b7802f70bc6ff821ed7cc1a2f
2021-05-24Convert uses of double-serialization to {En,De}codeDoublePieter Wuille
2021-05-24[policy] limit package sizesglozow
Maximum number of transactions allowed in a package is 25, equal to the default mempool descendant limit: if a package has more transactions than this, either it would fail default mempool descendant limit or the transactions don't all have a dependency relationship (but then they shouldn't be in a package together). Same rationale for 101KvB virtual size package limit. Note that these policies are only used in test accepts so far.
2021-05-24Merge bitcoin/bitcoin#21848: refactor: Make CFeeRate constructor ↵MarcoFalke
architecture-independent fafd121026c4f1e25d498983e4f88c119516552b refactor: Make CFeeRate constructor architecture-independent (MarcoFalke) Pull request description: Currently the constructor is architecture dependent. This is confusing for several reasons: * It is impossible to create a transaction larger than the max value of `uint32_t`, so a 64-bit `size_t` is not needed * Policy (and consensus) code should be arch-independent * The current code will print spurious compile errors when compiled on 32-bit systems: ``` policy/feerate.cpp:23:22: warning: result of comparison of constant 9223372036854775807 with expression of type 'size_t' (aka 'unsigned int') is always true [-Wtautological-constant-out-of-range-compare] assert(nBytes_ <= uint64_t(std::numeric_limits<int64_t>::max())); ``` Fix all issues by making it arch-independent. Also, fix `{}` style according to dev notes. ACKs for top commit: theStack: re-ACK fafd121026c4f1e25d498983e4f88c119516552b promag: Code review ACK fafd121026c4f1e25d498983e4f88c119516552b. Tree-SHA512: e16f75bad9ee8088b87e873906d9b5633449417a6996a226a2f37d33a2b7d4f2fd91df68998a77e52163de20b40c57fadabe7fe3502e599cbb98494178591833
2021-05-24scripted-diff: Replace `GetDataDir()` calls with `gArgs.GetDataDirNet()` callsKiminuo
-BEGIN VERIFY SCRIPT- git ls-files -- 'src' ':(exclude)src/util/system.h' ':(exclude)src/util/system.cpp' | xargs sed -i 's/GetDataDir()/gArgs.GetDataDirNet()/g'; -END VERIFY SCRIPT-
2021-05-21refactor: Make m_cs_fee_estimator non-recursiveHennadii Stepanov
2021-05-21refactor: Add non-thread-safe CBlockPolicyEstimator::_removeTx helperHennadii Stepanov
This changes removes recursion in the m_cs_fee_estimator locks.
2021-05-21Add thread safety annotations to CBlockPolicyEstimator public functionsHennadii Stepanov
2021-05-20[policy] Define packagesglozow
Define the Package type as an alias for a vector of transactions for now. Add PackageValidationResult, similar to TxValidationResult and BlockValidationResult for package-wide errors that cannot be reported within a single transaction result, such as having too many transactions in the package. We can update the concept of what a package is and have different logic for packages vs lists of transactions in the future, e.g. for package relay.
2021-05-18refactor: Make CFeeRate constructor architecture-independentMarcoFalke
2021-05-01scripted-diff: Clarify that feerates are per virtual sizeMarcoFalke
-BEGIN VERIFY SCRIPT- sed -i 's|/kB|/kvB|g' $( git grep -l '/kB' ./src ) -END VERIFY SCRIPT-
2021-04-06doc: fixup -Wdocumentation issuesfanquake
2021-01-03refactor: Use C++17 std::array deduction for ALL_FEE_ESTIMATE_HORIZONSMarcoFalke
2020-12-31scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-12-26refactor: Enable -Wswitch for FeeEstimateHorizonMarcoFalke
2020-12-15Merge #20611: Move TX_MAX_STANDARD_VERSION to policyWladimir J. van der Laan
fade6195b1c230edd561443637a7bde81c2594a4 Move TX_MAX_STANDARD_VERSION to policy (MarcoFalke) Pull request description: `primitives` should only be used for the raw datastructures (parsing and format). It is not the right place to document relay policy. ACKs for top commit: laanwj: Code review ACK fade6195b1c230edd561443637a7bde81c2594a4 lontivero: Concept ACK https://github.com/bitcoin/bitcoin/pull/20611/commits/fade6195b1c230edd561443637a7bde81c2594a4 Tree-SHA512: f809c4aecd14d7e9feaa7b50b9c0697232991eef36190cd960bcfb0ad6e20c71a4f6aab48c7747cf8a681eb14feda60c55b09a37f128673d519567224f29cd97