aboutsummaryrefslogtreecommitdiff
path: root/src/random.h
AgeCommit message (Collapse)Author
2022-07-13refactor: Make FEELER_SLEEP_WINDOW type safe (std::chrono)MacroFake
2022-05-12Merge bitcoin/bitcoin#24925: refactor: make GetRand a template, remove ↵MacroFake
GetRandInt ab1ea29ba1b8379a21fabd3dc859552c470a6421 refactor: make GetRand a template, remove GetRandInt (pasta) Pull request description: makes GetRand a template for which any integral type can be used, where the default behavior is to return a random integral up to the max of the integral unless a max is provided. This simplifies a lot of code from GetRand(std::numeric_limits<uint64_t>::max() -> GetRand<uint64_t>() ACKs for top commit: laanwj: Code review ACK ab1ea29ba1b8379a21fabd3dc859552c470a6421 Tree-SHA512: db5082a0e21783389f1be898ae73e097b31ab48cab1a2c0e29348a4adeb545d4098193aa72a547c6baa6e8205699aafec38d6a27b3d65522fb3246f91b4daae9
2022-05-08random: Add FastRandomContext::rand_uniform_delayMarcoFalke
2022-04-22refactor: make GetRand a template, remove GetRandIntpasta
2022-03-23refactor: use Span in random.*pasta
2022-01-30doc: Fix typos pointed out by lint-spellingbrunoerg
2022-01-13scripted-diff: replace PoissonNextSend with GetExponentialRandJohn Newbery
This distribution is used for more than just the next inv send, so make the name more generic. Also rename to "exponential" to avoid the confusion that this is a poisson distribution. -BEGIN VERIFY SCRIPT- ren() { sed -i "s/\<$1\>/$2/g" $(git grep -l "$1" ./src) ; } ren PoissonNextSend GetExponentialRand ren "a poisson timer" "an exponential timer" -END VERIFY SCRIPT-
2022-01-13[move] Move PoissonNextSend to src/random and update commentJohn Newbery
PoissonNextSend is used by net and net_processing and is stateless, so place it in the utility random.cpp translation unit.
2020-04-30Add templated GetRandomDuration<>MarcoFalke
2020-04-29Merge #18038: P2P: Mempool tracks locally submitted transactions to improve ↵fanquake
wallet privacy 50fc4df6c4e8a84bdda13ade7bed7a2131796f00 [mempool] Persist unbroadcast set to mempool.dat (Amiti Uttarwar) 297a1785360c4db662a7f3d3ade7b6b503258d39 [test] Integration tests for unbroadcast functionality (Amiti Uttarwar) 6851502472d3625416f0e7796e9f2a0379d14d49 [refactor/test] Extract P2PTxInvStore into test framework (Amiti Uttarwar) dc1da48dc5e5526215561311c184a8cbc345ecdc [wallet] Update the rebroadcast frequency to be ~1/day. (Amiti Uttarwar) e25e42f20a3aa39651fbc1f9fa3df1a49f1f5868 [p2p] Reattempt initial send of unbroadcast transactions (Amiti Uttarwar) 7e93eecce3bc5a1b7bb0284e06f9e2e69454f5ba [util] Add method that returns random time in milliseconds (Amiti Uttarwar) 89eeb4a3335f8e871cc3f5286af4546dff66172a [mempool] Track "unbroadcast" transactions (Amiti Uttarwar) Pull request description: This PR introduces mempool tracking of unbroadcast transactions and periodic reattempts at initial broadcast. This is a part of the rebroadcast project, and a standalone privacy win. The current rebroadcast logic is terrible for privacy because 1. only the source wallet rebroadcasts transactions and 2. it does so quite frequently. In the current system, if a user submits a transaction that does not immediately get broadcast to the network (eg. they are offline), this "rebroadcast" behavior is the safety net that can actually serve as the initial broadcast. So, keeping the attempts frequent is important for initial delivery within a reasonable timespan. This PR aims to improve # 2 by reducing the wallet rebroadcast frequency to ~1/day from ~1/15 min. It achieves this by separating the notion of initial broadcast from rebroadcasts. With these changes, the mempool tracks locally submitted transactions & periodically reattempts initial broadcast. Transactions submitted via the wallet or RPC are added to an "unbroadcast" set & are removed when a peer sends a `getdata` request, or the transaction is removed from the mempool. Every 10-15 minutes, the node reattempts an initial broadcast. This enables reducing the wallet rebroadcast frequency while ensuring the transactions will be propagated to the network. For privacy improvements around # 1, please see #16698. Thank you to gmaxwell for the idea of how to break out this subset of functionality (https://github.com/bitcoin/bitcoin/pull/16698#issuecomment-571399346) ACKs for top commit: fjahr: Code review ACK 50fc4df6c4e8a84bdda13ade7bed7a2131796f00 MarcoFalke: ACK 50fc4df6c4e8a84bdda13ade7bed7a2131796f00, I think this is ready for merge now 👻 amitiuttarwar: The current tip `50fc4df` currently has 6 ACKs on it, so I've opened #18807 to address the last bits. jnewbery: utACK 50fc4df6c4e8a84bdda13ade7bed7a2131796f00. ariard: Code Review ACK 50fc4df (minor points no need to invalid other ACKs) robot-visions: ACK 50fc4df6c4e8a84bdda13ade7bed7a2131796f00 sipa: utACK 50fc4df6c4e8a84bdda13ade7bed7a2131796f00 naumenkogs: utACK 50fc4df Tree-SHA512: 2dd935d645d5e209f8abf87bfaa3ef0e4492705ce7e89ea64279cb27ffd37f4727fa94ad62d41be331177332f8edbebf3c7f4972f8cda10dd951b80a28ab3c0f
2020-04-23[util] Add method that returns random time in millisecondsAmiti Uttarwar
2020-04-16scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-03-29tests: Add fuzzing harness for functions/classes in random.hpracticalswift
2019-12-30scripted-diff: Bump copyright of files changed in 2019MarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2019-12-05Move events_hasher into RNGState()Pieter Wuille
2019-12-05Merge #17507: random: mark RandAddPeriodic and SeedPeriodic as noexceptWladimir J. van der Laan
55b2cb199c276781b6daa5438af2da57dea3ac52 random: mark RandAddPeriodic and SeedPeriodic as noexcept (fanquake) 461e547877da0c04db69e067c923cc4540aab03a doc: correct random.h docs after #17270 (fanquake) Pull request description: The usage of `MilliSleep()` in SeedPeriodic (previously SeedSleep) was [removed](https://github.com/bitcoin/bitcoin/pull/17270/commits/d61f2bb076d8f17840a8e79f1583d7f6e3e6d09a) in #17270, meaning it, and its users can now be marked `noexcept`. This also corrects the docs in random.h for some of the changes in #17270. ACKs for top commit: practicalswift: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 laanwj: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 sipa: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 Tree-SHA512: 672d369796e7c4f9b4d98dc545e5454999fa1bef373871994a26041d6163c58909e2255e4f820d3ef011679aa3392754eb57477306a89f5fd3d57e2bd7f0811a
2019-11-23Seed RNG with precision timestamps on receipt of net messages.Matt Corallo
2019-11-18random: mark RandAddPeriodic and SeedPeriodic as noexceptfanquake
The usage of MilliSleep() in SeedPeriodic (previously SeedSleep) was removed in #17270, meaning it, and its users can now be marked noexcept.
2019-11-18doc: correct random.h docs after #17270fanquake
2019-11-18random: stop retrieving random bytes from OpenSSLfanquake
On the ::SLOW path we would use OpenSSL as an additional source of random bytes. This commit removes that functionality. Note that this was always only an additional source, and that we never checked the return value RAND_bytes(): https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
2019-11-12Run background seeding periodically instead of unpredictablyPieter Wuille
* Instead of calling RandAddSeedSleep anytime the scheduler goes idle, call its replacement (RandAddSeedPeriodic) just once per minute. This has better guarantees of actually being run, and helps limit how frequently the dynamic env data is gathered. * Since this code runs once per minute regardless now, we no longer need to keep track of the last time strengthening was run; just do it always. * Make strengthening time context dependent (100 ms at startup, 10 ms once per minute afterwards).
2019-11-12doc: minor corrections in random.cppfanquake
This should have been part of #17151.
2019-10-28Add assertion to randrange that input is not 0Jeremy Rubin
2019-06-17net: Use mockable time for tx downloadMarcoFalke
2019-05-18Merge #15224: Add RNG strengthening (10ms once every minute)Wladimir J. van der Laan
3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Document strenghtening (Pieter Wuille) 1d207bc46f995ad3b5ae89bb504affaca09d10b1 Add hash strengthening to the RNG (Pieter Wuille) Pull request description: This patch improves the built-in RNG using hash strengthening. At startup, and once every minute, 32 bytes of entropy are produced from the RNG, repeatedly hashed using SHA512 for 10ms, and then fed back into the RNG, together with high-precision timestamps obtained every 1000 iterations. ACKs for commit 3cb9ce: pstratem: utACK 3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Tree-SHA512: 4fb6f61639b392697beb81c5f0903f79f10dd1087bed7f34de2abb5c22704a671e37b2d828ed141492491863efb1e7d1fa04408a1d32c9de2f2cc8ac406bbe57
2019-05-06Document strenghteningPieter Wuille
2019-05-03Add ChaCha20 encryption option (XOR)Jonas Schnelli
2019-02-03Use RdSeed when available, and reduce RdRand loadPieter Wuille
This introduces support for autodetecting and using the RdSeed instruction. In addition: * In SeedFast, only 64 bits of entropy are generated through RdRand (256 was relatively slow). * In SeedStartup, 256 bits of entropy are generated, using RdSeed (preferably) or RdRand (otherwise).
2019-01-16Document RNG design in random.hPieter Wuille
2019-01-16Sprinkle some sweet noexcepts over the RNG codePieter Wuille
2019-01-16Switch all RNG code to the built-in PRNG.Pieter Wuille
It includes the following policy changes: * All GetRand* functions seed the stack pointer and rdrand result (in addition to the performance counter) * The periodic entropy added by the idle scheduler now seeds stack pointer, rdrand and perfmon data (once every 10 minutes) in addition to just a sleep timing. * The entropy added when calling GetStrongRandBytes no longer includes the once-per-10-minutes perfmon data on windows (it is moved to the idle scheduler instead, where latency matters less). Other changes: * OpenSSL is no longer seeded directly anywhere. Instead, any generated randomness through our own RNG is fed back to OpenSSL (after an additional hashing step to prevent leaking our RNG state). * Seeding that was previously done directly in RandAddSeedSleep is now moved to SeedSleep(), which is indirectly invoked through ProcRand from RandAddSeedSleep. * Seeding that was previously done directly in GetStrongRandBytes() is now moved to SeedSlow(), which is indirectly invoked through ProcRand from GetStrongRandBytes().
2019-01-16Automatically initialize RNG on first use.Pieter Wuille
2018-12-12Do not permit copying FastRandomContextsPieter Wuille
2018-12-12Introduce a Shuffle for FastRandomContext and use it in wallet and coinselectionPieter Wuille
2018-07-27Update copyright headers to 2018DrahtBot
2018-03-22Merge #12742: Make FastRandomContext support standard C++11 RNG interfaceMarcoFalke
1ec1602a45 Make FastRandomContext support standard C++11 RNG interface (Pieter Wuille) Pull request description: This makes it possible to plug it into the various standard C++11 random distribution algorithms and other functions like `std::shuffle`. Tree-SHA512: 935eae9c4fae31e1964c16d9cf9d0fcfa899e04567f010d8b3e1ff824e55e2392aa838ba743d03c1b2a5010c5b8da04343f453983dfeed83747d85828a564713
2018-03-21Fix typosDimitris Apostolou
2018-03-20Make FastRandomContext support standard C++11 RNG interfacePieter Wuille
This makes it possible to plug it into the various standard C++11 random distribution algorithms and other functions like std::shuffle.
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-12-13Merge #11558: Minimal code changes to allow msvc compilationWladimir J. van der Laan
fbf327b Minimal code changes to allow msvc compilation. (Aaron Clauson) Pull request description: These changes are required to allow the Bitcoin source to build with Microsoft's C++ compiler (#11562 is also required). I looked around for a better place for the typedef of ssize_t which is in random.h. The best candidate looks like src/compat.h but I figured including that header in random.h is a bigger change than the typedef. Note that the same typedef is in at least two other places including the OpenSSL and Berkeley DB headers so some of the Bitcoin code already picks it up. Tree-SHA512: aa6cc6283015e08ab074641f9abdc116c4dc58574dc90f75e7a5af4cc82946d3052370e5cbe855fb6180c00f8dc66997d3724ff0412e4b7417e51b6602154825
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-11-10Minimal code changes to allow msvc compilation.Aaron Clauson
2017-06-14Merge #10377: Use rdrand as entropy source on supported platformsWladimir J. van der Laan
cb24c85 Use rdrand as entropy source on supported platforms (Pieter Wuille) Tree-SHA512: c42eaa01a14e6bc097c70b6bf8540d61854c2f76cb32be69c2a3c411a126f7b4bf4a4486e4493c4cc367cc689319abde0d4adb799d29a54fd3e81767ce0766fc
2017-06-13Use rdrand as entropy source on supported platformsPieter Wuille
2017-06-05Add FastRandomContext::rand256() and ::randbytes()Pieter Wuille
FastRandomContext now provides all functionality that the real Rand* functions provide.
2017-05-22Add perf counter data to GetStrongRandBytes state in schedulerMatt Corallo
2017-03-29Add a FastRandomContext::randrange and use itPieter Wuille
2017-03-29Switch FastRandomContext to ChaCha20Pieter Wuille
2017-03-29Introduce FastRandomContext::randbool()Pieter Wuille
2017-02-22sanity: Move OS random to sanity check functionWladimir J. van der Laan
Move the OS random test to a sanity check function that is called every time bitcoind is initialized. Keep `src/test/random_tests.cpp` for the case that later random tests are added, and keep a rudimentary test that just calls the sanity check.