aboutsummaryrefslogtreecommitdiff
path: root/src/test/fuzz
AgeCommit message (Collapse)Author
2023-11-17Merge bitcoin/bitcoin#28878: Remove version field from GetSerializeSizefanquake
83986f464c59a6517f790a960a72574e167f3f72 Include version.h in fewer places (Anthony Towns) c7b61fd61b199cbefda660c9d394bb4035a49528 Convert some CDataStream to DataStream (Anthony Towns) 1410d300df7e57a895f2697d9849a2201021c973 serialize: Drop useless version param from GetSerializeSize() (Anthony Towns) bf574a75016123309b894da895ab1c7a81731933 serialize: drop GetSerializeSizeMany (Anthony Towns) efa9eb6d7c8012fe4ed85699d81c8fe5dd18da1e serialize: Drop nVersion from [C]SizeComputer (Anthony Towns) Pull request description: Drops the version field from `GetSerializeSize()`, simplifying the code in various places. Also drop `GetSerializeSizeMany()` (as just removing the version parameter could result in silent bugs) and remove unnecessary instances of `#include <version.h>`. ACKs for top commit: maflcko: ACK 83986f464c59a6517f790a960a72574e167f3f72 📒 theuni: ACK 83986f464c59a6517f790a960a72574e167f3f72. Tree-SHA512: 36617b6dfbb1b4b0afbf673e905525fc6d623d3f568d3f86e3b9d4f69820db97d099e83a88007bfff881f731ddca6755ebf1549e8d8a7762437dfadbf434c62e
2023-11-17Merge bitcoin/bitcoin#28873: fuzz: AutoFile with XORfanquake
faa25718b3f11f24aa41f0968bbd4da104814bc5 fuzz: AutoFile with XOR (MarcoFalke) fab5cb9066366d93531f34e649a10addf44cd2ca fuzz: Reduce LIMITED_WHILE limit for file fuzzing (MarcoFalke) fa5388fad3e87d56395bfe2467d2d6448a8f2e40 fuzz: Remove FuzzedAutoFileProvider (MarcoFalke) Pull request description: This should help to get fuzz coverage for https://maflcko.github.io/b-c-cov/fuzz.coverage/src/streams.cpp.gcov.html Also, remove unused code and fix a timeout bug. ACKs for top commit: dergoegge: ACK faa25718b3f11f24aa41f0968bbd4da104814bc5 Tree-SHA512: 56f1e6fd5cb2b66ffd9a7d9c09c9b8e396be3e7485feb03b35b6bd3c48e624fdaed50b472e4ffec21f09efb5e949d7ee32a13851849c9140b6b4cf25917dd7ac
2023-11-16Merge bitcoin/bitcoin#28605: Fix typosfanquake
43de4d3630274e1287179c86896ed4c2d8b9eff4 doc: fix typos (Sjors Provoost) Pull request description: This PR fixes typos found by lint-spelling.py using codespell 2.2.6. Our CI linter job uses codespell 2.2.5 and found fewer typos that I did locally. In any case it's happy now. ACKs for top commit: pablomartin4btc: re ACK 43de4d3630274e1287179c86896ed4c2d8b9eff4 Tree-SHA512: c032fe86cb49c924a468385653b31f309a9db68c478d70335bba3e65a1ff3826abe80284fe00a090ab5a509e1edbf17e476f6922fb15d055e50f1103dad2ccb0
2023-11-16Merge bitcoin/bitcoin#28825: fuzz: Minor improvements to tx_package_eval targetfanquake
6a917918b76eef154c6757fe9ecf7713d526c3dd fuzz: allow fake and duplicate inputs in tx_package_eval target (Greg Sanders) a0626ccdadc0e965dc818d8a7c862e8c81b54fd1 fuzz: allow reaching MempoolAcceptResult::ResultType::DIFFERENT_WITNESS in tx_package_eval target (Greg Sanders) Pull request description: Exercises `DIFFERENT_WITNESS` by using "blank" WSH() and allowing witness to determine wtxid, and attempts to make invalid/duplicate inputs. ACKs for top commit: dergoegge: Coverage looks good to me ACK 6a917918b76eef154c6757fe9ecf7713d526c3dd Tree-SHA512: db894f5f5b81c6b454874baf11f296462832285f41ccb09f23c0db92b9abc98f8ecacd72fc8f60dc92cb7947f543a2e55bed2fd210b0e8ca7c7d5389d90b14af
2023-11-16serialize: Drop useless version param from GetSerializeSize()Anthony Towns
2023-11-14fuzz: AutoFile with XORMarcoFalke
2023-11-14fuzz: Reduce LIMITED_WHILE limit for file fuzzingMarcoFalke
A higher limit is not needed, and only leads to timeouts, see for example the buffered_file one in https://github.com/bitcoin/bitcoin/issues/28812#issue-1981386486
2023-11-14fuzz: Remove FuzzedAutoFileProviderMarcoFalke
The code is clearer without it. This is also needed for a future commit.
2023-11-14Use ParamsWrapper for witness serializationAnthony Towns
2023-11-13Merge bitcoin/bitcoin#27935: fuzz: call lookup functions before calling `Ban`fanquake
fca0a8938e34cb4f6c400e1d1d0be02f027d80c5 ci: remove "--exclude banman" for fuzzing in mac (brunoerg) f9b286353f79cdb5e55e2ff4ca47d73e14f9da48 fuzz: call lookup functions before calling `Ban` (brunoerg) Pull request description: Fixes #27924 To not have any discrepancy, it's required to call lookup functions before calling `Ban`. If we don't do it, the assertion `assert(banmap == banmap_read);` may fail because `BanMapFromJson` will call `LookupSubNet` and cause the discrepancy between the banned and the loaded one. It happens especially in MacOS (#27924). Also, calling lookup functions before banning is what RPC `setban` does. ACKs for top commit: maflcko: lgtm ACK fca0a8938e34cb4f6c400e1d1d0be02f027d80c5 dergoegge: ACK fca0a8938e34cb4f6c400e1d1d0be02f027d80c5 Tree-SHA512: a3d635088a556df4507e65542157f10b41d4f87dce42927b58c3b812f262f4544b6b57f3384eef1097ffdd7c32b8dd1556aae201254960cbfbf48d45551200f7
2023-11-09fuzz: allow fake and duplicate inputs in tx_package_eval targetGreg Sanders
2023-11-09fuzz: allow reaching MempoolAcceptResult::ResultType::DIFFERENT_WITNESS in ↵Greg Sanders
tx_package_eval target
2023-11-09fuzz: call lookup functions before calling `Ban`brunoerg
Also, compare banmaps only if there are no invalid entries.
2023-11-08Merge bitcoin/bitcoin#28815: fuzz: Avoid timeout and bloat in fuzz targetsfanquake
fabb5046a7365af3079e6e45606d63576bc6ad12 fuzz: Avoid timeout and bloat in fuzz targets (MarcoFalke) Pull request description: If the fuzz input contains invalid data *in a loop*, abort early. This will teach the fuzz engine to look for useful data and avoids bloating the fuzz input folder with useless (repeated) data. ACKs for top commit: dergoegge: utACK fabb5046a7365af3079e6e45606d63576bc6ad12 brunoerg: crACK fabb5046a7365af3079e6e45606d63576bc6ad12 Tree-SHA512: 26da100d7558ae6fdd5292fb146d8858b2af8f78c546ca2509b9d27b33a33e9462ecb6035de142f9f36dd5de32f8cbad099d6c7a697902d23e1bb621cd27dc88
2023-11-08Merge bitcoin/bitcoin#28155: net: improves addnode / m_added_nodes logicglozow
0420f99f429ce2382057e101859067f40de47be0 Create net_peer_connection unit tests (Jon Atack) 4b834f649921aceb44d3e0b5a2ffd7847903f9f7 Allow unit tests to access additional CConnman members (Jon Atack) 34b9ef443bc2655a85c8802edc5d5d48d792a286 net/rpc: Makes CConnman::GetAddedNodeInfo able to return only non-connected address on request (Sergi Delgado Segura) 94e8882d820969ddc83f24f4cbe1515a886da4ea rpc: Prevents adding the same ip more than once when formatted differently (Sergi Delgado Segura) 2574b7e177ef045e64f1dd48cb000640ff5103d3 net/rpc: Check all resolved addresses in ConnectNode rather than just one (Sergi Delgado Segura) Pull request description: ## Rationale Currently, `addnode` has a couple of corner cases that allow it to either connect to the same peer more than once, hence wasting outbound connection slots, or add redundant information to `m_added_nodes`, hence making Bitcoin iterate through useless data on a regular basis. ### Connecting to the same node more than once In general, connecting to the same node more than once is something we should try to prevent. Currently, this is possible via `addnode` in two different ways: 1. Calling `addnode` more than once in a short time period, using two equivalent but distinct addresses 2. Calling `addnode add` using an IP, and `addnode onetry` after with an address that resolved to the same IP For the former, the issue boils down to `CConnman::ThreadOpenAddedConnections` calling `CConnman::GetAddedNodeInfo` once, and iterating over the result to open connections (`CConman::OpenNetworkConnection`) on the same loop for all addresses.`CConnman::ConnectNode` only checks a single address, at random, when resolving from a hostname, and uses it to check whether we are already connected to it. An example to test this would be calling: ``` bitcoin-cli addnode "127.0.0.1:port" add bitcoin-cli addnode "localhost:port" add ``` And check how it allows us to perform both connections some times, and some times it fails. The latter boils down to the same issue, but takes advantage of `onetry` bypassing the `CConnman::ThreadOpenAddedConnections` logic and calling `CConnman::OpenNetworkConnection` straightaway. A way to test this would be: ``` bitcoin-cli addnode "127.0.0.1:port" add bitcoin-cli addnode "localhost:port" onetry ``` ### Adding the same peer with two different, yet equivalent, addresses The current implementation of `addnode` is pretty naive when checking what data is added to `m_added_nodes`. Given the collection stores strings, the checks at `CConnman::AddNode()` basically check wether the exact provided string is already in the collection. If so, the data is rejected, otherwise, it is accepted. However, ips can be formatted in several ways that would bypass those checks. Two examples would be `127.0.0.1` being equal to `127.1` and `[::1]` being equal to `[0:0:0:0:0:0:0:1]`. Adding any pair of these will be allowed by the rpc command, and both will be reported as connected by `getaddednodeinfo`, given they map to the same `CService`. This is less severe than the previous issue, since even tough both nodes are reported as connected by `getaddednodeinfo`, there is only a single connection to them (as properly reported by `getpeerinfo`). However, this adds redundant data to `m_added_nodes`, which is undesirable. ### Parametrize `CConnman::GetAddedNodeInfo` Finally, this PR also parametrizes `CConnman::GetAddedNodeInfo` so it returns either all added nodes info, or only info about the nodes we are **not** connected to. This method is used both for `rpc`, in `getaddednodeinfo`, in which we are reporting all data to the user, so the former applies, and to check what nodes we are not connected to, in `CConnman::ThreadOpenAddedConnections`, in which we are currently returning more data than needed and then actively filtering using `CService.fConnected()` ACKs for top commit: jonatack: re-ACK 0420f99f429ce2382057e101859067f40de47be0 kashifs: > > tACK [0420f9](https://github.com/bitcoin/bitcoin/commit/0420f99f429ce2382057e101859067f40de47be0) sr-gi: > > > tACK [0420f9](https://github.com/bitcoin/bitcoin/commit/0420f99f429ce2382057e101859067f40de47be0) mzumsande: Tested ACK 0420f99f429ce2382057e101859067f40de47be0 Tree-SHA512: a3a10e748c12d98d439dfb193c75bc8d9486717cda5f41560f5c0ace1baef523d001d5e7eabac9fa466a9159a30bb925cc1327c2d6c4efb89dcaf54e176d1752
2023-11-08Merge bitcoin/bitcoin#28785: validation: return more helpful results for ↵fanquake
reconsiderable fee failures and skipped transactions 1147e00e59e47f27024ec96629993c66a3ce4ef0 [validation] change package-fee-too-low, return wtxid(s) and effective feerate (glozow) 10dd9f2441f4618321bfa2865449ac2223c572a0 [test] use CheckPackageMempoolAcceptResult in previous tests (glozow) 3979f1afcbef5fdd3fad56312573a6733a7d78a4 [validation] add TxValidationResult::TX_RECONSIDERABLE, TX_UNKNOWN (glozow) 5c786a026aee434363ad54f4346211d0e2c5a38d [refactor] use Wtxid for m_wtxids_fee_calculations (glozow) Pull request description: Split off from #26711 (suggested in https://github.com/bitcoin/bitcoin/pull/26711#issuecomment-1786392253). This is part of #27463. - Add 2 new TxValidationResults - `TX_RECONSIDERABLE` helps us encode transactions who have failed fee checks that can be bypassed using package validation. This is distinguished from `TX_MEMPOOL_POLICY` so that we re-validate a transaction if and only if it is eligible for package CPFP. In the future, we will have a separate cache for reconsiderable rejects so these transactions don't go in `m_recent_rejects`. - `TX_UNKNOWN` helps us communicate that we aborted package validation and didn't finish looking at this transaction: it's not valid but it's also not invalid (i.e. don't cache it as a rejected tx) - Return effective feerate and the wtxids of transactions used to calculate that effective feerate when the error is `TX_SINGLE_FAILURE`. Previously, we would only provide this information if the transaction passed. Now that we have package validation, it's much more helpful to the caller to know how the failing feerate was calculated. This can also be used to improve our submitpackage RPC result (which is currently a bit unhelpful when things fail). - Use the newly added `CheckPackageMempoolAcceptResult` for existing package validation tests. This increases test coverage and helps test the changes made in this PR. ACKs for top commit: instagibbs: reACK https://github.com/bitcoin/bitcoin/pull/28785/commits/1147e00e59e47f27024ec96629993c66a3ce4ef0 achow101: ACK 1147e00e59e47f27024ec96629993c66a3ce4ef0 murchandamus: reACK 1147e00e59e47f27024ec96629993c66a3ce4ef0 ismaelsadeeq: ACK 1147e00e59e47f27024ec96629993c66a3ce4ef0 Tree-SHA512: ac1cd73c2b487a1b99d329875d39d8107c91345a5b0b241d54a6a4de67faf11be69a2721cc732c503024a9cca381dac33d61e187957279e3c82653bea118ba91
2023-11-08fuzz: Avoid timeout and bloat in fuzz targetsMarcoFalke
Also, fix iwyu
2023-11-07Merge bitcoin/bitcoin#28649: Do the SOCKS5 handshake reliablyAndrew Chow
af0fca530e4d8311bcb24a14c416e5ad7c30ff78 netbase: use reliable send() during SOCKS5 handshake (Vasil Dimov) 1b19d1117ca5373a15313227b547ef4392022dbd sock: change Sock::SendComplete() to take Span (Vasil Dimov) Pull request description: The `Socks5()` function which does the SOCKS5 handshake with the SOCKS5 proxy sends bytes to the socket without retrying partial writes. `send(2)` may write only part of the provided data and return. In this case the caller is responsible for retrying the operation with the remaining data. Change `Socks5()` to do that. There is already a method `Sock::SendComplete()` which does exactly that, so use it in `Socks5()`. A minor complication for this PR is that `Sock::SendComplete()` takes `std::string` argument whereas `Socks5()` has `std::vector<uint8_t>`. Thus the necessity for the first commit. It is possible to do also in other ways - convert the data in `Socks5()` to `std::string` or have just one `Sock::SendComplete()` that takes `void*` and change the callers to pass `str.data(), str.size()` or `vec.data(), vec.size()`. This came up while testing https://github.com/bitcoin/bitcoin/pull/27375. ACKs for top commit: achow101: ACK af0fca530e4d8311bcb24a14c416e5ad7c30ff78 jonatack: ACK af0fca530e4d8311bcb24a14c416e5ad7c30ff78 pinheadmz: ACK af0fca530e4d8311bcb24a14c416e5ad7c30ff78 Tree-SHA512: 1d4a53d0628f7607378038ac56dc3b8624ce9322b034c9547a0c3ce052eafb4b18213f258aa3b57bcb4d990a5e0548a37ec70af2bd55f6e8e6399936f1ce047a
2023-11-07[validation] change package-fee-too-low, return wtxid(s) and effective feerateglozow
With subpackage evaluation and de-duplication, it's not always the entire package that is used in CheckFeerate. To be more helpful to the caller, specify which transactions were included in the evaluation and what the feerate was. Instead of PCKG_POLICY (which is supposed to be for package-wide errors), use PCKG_TX.
2023-11-07doc: fix typosSjors Provoost
As found by lint-spelling.py using codespell 2.2.6.
2023-11-03fuzz: Avoid utxo_total_supply timeoutMarcoFalke
2023-11-02Use CheckPackageMempoolAcceptResult for package evaluation fuzzingGreg Sanders
2023-10-31fuzz: tx_pool checks ATMP result invariantsGreg Sanders
2023-10-31netbase: use reliable send() during SOCKS5 handshakeVasil Dimov
`send(2)` can be interrupted or for another reason it may not fully complete sending all the bytes. We should be ready to retry the send with the remaining bytes. This is what `Sock::SendComplete()` does, thus use it in `Socks5()`. Since `Sock::SendComplete()` takes a `CThreadInterrupt` argument, change also the recv part of `Socks5()` to use `CThreadInterrupt` instead of a boolean. Easier reviewed with `git show -b` (ignore white-space changes).
2023-10-31Merge bitcoin/bitcoin#28503: refactor: Remove WithParams serialization ↵fanquake
helper, use SER_PARAMS_OPFUNC 99990194ce26af89308fab5ad0b1c8c26e45f80c Remove WithParams serialization helper (MarcoFalke) ffffb4af83a47979a0ecc84247bc1167abc2fbf6 scripted-diff: Use ser params operator (MarcoFalke) fae9054793ff2a15db1a645cce3df749e0de2f39 test: Use SER_PARAMS_OPFUNC in serialize_tests.cpp (MarcoFalke) Pull request description: Every serialization parameter struct already has the `SER_PARAMS_OPFUNC`, except for one in the tests. For consistency, and to remove verbose code, convert the test to `SER_PARAMS_OPFUNC`, and use it everywhere, then remove the `WithParams` helper. ACKs for top commit: ajtowns: reACK 99990194ce26af89308fab5ad0b1c8c26e45f80c TheCharlatan: Re-ACK 99990194ce26af89308fab5ad0b1c8c26e45f80c Tree-SHA512: be9cae4225a502486fe8d552aaf4b2cd2904a9f73cce9d931c6b7c757594ff1982fcc2c30d00d012cd12b0a9531fd609f8bcd7c94b811e965ac087eb8a3589d3
2023-10-30net/rpc: Makes CConnman::GetAddedNodeInfo able to return only non-connected ↵Sergi Delgado Segura
address on request `CConnman::GetAddedNodeInfo` is used both to get a list of addresses to manually connect to in `CConnman::ThreadOpenAddedConnections`, and to report about manually added connections in `getaddednodeinfo`. In both cases, all addresses added to `m_added_nodes` are returned, however the nodes we are already connected to are only relevant to the latter, in the former they are actively discarded. Parametrizes `CConnman::GetAddedNodeInfo` so we can ask for only addresses we are not connected to, to avoid passing useless information around.
2023-10-27refactor: Add LIFETIMEBOUND to all (w)txid gettersMarcoFalke
Then, use the compiler warnings to create copies only where needed. Also, fix iwyu includes while touching the includes.
2023-10-26Merge bitcoin/bitcoin#26078: p2p: return `CSubNet` in `LookupSubNet`Andrew Chow
fb3e812277041f239b97b88689a5076796d75b9b p2p: return `CSubNet` in `LookupSubNet` (brunoerg) Pull request description: Analyzing the usage of `LookupSubNet`, noticed that most cases uses check if the subnet is valid by calling `subnet.IsValid()`, and the boolean returned by `LookupSubNet` hasn't been used so much, see: https://github.com/bitcoin/bitcoin/blob/29d540b7ada890dd588c4825d40c27c5e6f20061/src/httpserver.cpp#L172-L174 https://github.com/bitcoin/bitcoin/blob/29d540b7ada890dd588c4825d40c27c5e6f20061/src/net_permissions.cpp#L114-L116 It makes sense to return `CSubNet` instead of `bool`. ACKs for top commit: achow101: ACK fb3e812277041f239b97b88689a5076796d75b9b vasild: ACK fb3e812277041f239b97b88689a5076796d75b9b theStack: Code-review ACK fb3e812277041f239b97b88689a5076796d75b9b stickies-v: Concept ACK, but Approach ~0 (for now). Reviewed the code (fb3e812277041f239b97b88689a5076796d75b9b) and it all looks good to me. Tree-SHA512: ba50d6bd5d58dfdbe1ce1faebd80dd8cf8c92ac53ef33519860b83399afffab482d5658cb6921b849d7a3df6d5cea911412850e08f3f4e27f7af510fbde4b254
2023-10-26Merge bitcoin/bitcoin#28107: util: Type-safe transaction identifiersAndrew Chow
940a49978c70453e1aaf2c4a0bcb382872b844a5 Use type-safe txid types in orphanage (dergoegge) ed70e6501648466b9ca91a39b83775363e9a726d Introduce types for txids & wtxids (dergoegge) cdb14d79e809bf7d1612b21b554a9fcfb2ab1c91 [net processing] Use HasWitness over comparing (w)txids (dergoegge) Pull request description: We currently have two different identifiers for transactions: `txid` (refering to the hash of a transaction without witness data) and `wtxid` (referring to the hash of a transaction including witness data). Both are typed as `uint256` which could lead to type-safety bugs in which one transaction identifier type is passed where the other would be expected. This PR introduces explicit `Txid` and `Wtxid` types that (if used) would cause compilation errors for such type confusion bugs. (Only the orphanage is converted to use these types in this PR) ACKs for top commit: achow101: ACK 940a49978c70453e1aaf2c4a0bcb382872b844a5 stickies-v: ACK 940a49978c70453e1aaf2c4a0bcb382872b844a5 hebasto: ACK 940a49978c70453e1aaf2c4a0bcb382872b844a5, I have reviewed the code and it looks OK. instagibbs: re-ACK 940a49978c70453e1aaf2c4a0bcb382872b844a5 BrandonOdiwuor: re-ACK 940a49978c70453e1aaf2c4a0bcb382872b844a5 glozow: reACK 940a49978c Tree-SHA512: 55298d1c2bb82b7a6995e96e554571c22eaf4a89fb2a4d7a236d70e0f625e8cca62ff2490e1c179c47bd93153fe6527b56870198f026f5ee7753d64d7a424c92
2023-10-20Merge bitcoin/bitcoin#28692: fuzz: Delete i2p fuzz testfanquake
dd4dcbd4cda31f67d014a93340a6d1ba1c245b0f [fuzz] Delete i2p target (dergoegge) Pull request description: closes #28665 The target is buggy and doesn't reach basic coverage. ACKs for top commit: maflcko: lgtm ACK dd4dcbd4cda31f67d014a93340a6d1ba1c245b0f glozow: ACK dd4dcbd4cda31f67d014a93340a6d1ba1c245b0f, agree it's better to delete this test until somebody wants to write a better one Tree-SHA512: b6ca6cad1773b1ceb6e5ac0fd501ea615f66507ef811745799deaaa4460f1700d96ae03cf55b740a96ed8cd2283b3d6738cd580ba97f2af619197d6c4414ca21
2023-10-20[fuzz] Delete i2p targetdergoegge
2023-10-19Merge bitcoin/bitcoin#27071: Handle CJDNS from LookupSubNet()Andrew Chow
0e6f6ebc064c5fb425fc3699efe760ec6cd4b6af net: remove unused CConnman::FindNode(const CSubNet&) (Vasil Dimov) 9482cb780fe04c1f1d9050edd1b8e549e52c86ce netbase: possibly change the result of LookupSubNet() to CJDNS (Vasil Dimov) 53afa68026ffa1313ae4aba3664de7791d23b1c8 net: move MaybeFlipIPv6toCJDNS() from net to netbase (Vasil Dimov) 6e308651c441cbf8763c67cc099c538c333c2872 net: move IsReachable() code to netbase and encapsulate it (Vasil Dimov) c42ded3d9bda8b273780a4a81490bbf1b9e9c261 fuzz: ConsumeNetAddr(): avoid IPv6 addresses that look like CJDNS (Vasil Dimov) 64d6f77907afd461d9b14ee10ab32335f4454734 net: put CJDNS prefix byte in a constant (Vasil Dimov) Pull request description: `LookupSubNet()` would treat addresses that start with `fc` as IPv6 even if `-cjdnsreachable` is set. This creates the following problems where it is called: * `NetWhitelistPermissions::TryParse()`: otherwise `-whitelist=` fails to white list CJDNS addresses: when a CJDNS peer connects to us, it will be matched against IPv6 `fc...` subnet and the match will never succeed. * `BanMapFromJson()`: CJDNS bans are stored as just IPv6 addresses in `banlist.json`. Upon reading from disk they have to be converted back to CJDNS, otherwise, after restart, a ban entry like (`fc00::1`, IPv6) would not match a peer (`fc00::1`, CJDNS). * `RPCConsole::unbanSelectedNode()`: in the GUI the ban entries go through `CSubNet::ToString()` and back via `LookupSubNet()`. Then it must match whatever is stored in `BanMan`, otherwise it is impossible to unban via the GUI. These were uncovered by https://github.com/bitcoin/bitcoin/pull/26859. Thus, flip the result of `LookupSubNet()` to CJDNS if the network base address starts with `fc` and `-cjdnsreachable` is set. Since subnetting/masking does not make sense for CJDNS (the address is "random" bytes, like Tor and I2P, there is no hierarchy) treat `fc.../mask` as an invalid `CSubNet`. To achieve that, `MaybeFlipIPv6toCJDNS()` has to be moved from `net` to `netbase` and thus also `IsReachable()`. In the process of moving `IsReachable()`, `SetReachable()` and `vfLimited[]` encapsulate those in a class. ACKs for top commit: jonatack: Code review ACK 0e6f6ebc064c5fb425fc3699efe760ec6cd4b6af achow101: ACK 0e6f6ebc064c5fb425fc3699efe760ec6cd4b6af mzumsande: re-ACK 0e6f6ebc064c5fb425fc3699efe760ec6cd4b6af Tree-SHA512: 4767a60dc882916de4c8b110ce8de208ff3f58daaa0b560e6547d72e604d07c4157e72cf98b237228310fc05c0a3922f446674492e2ba02e990a272d288bd566
2023-10-17Merge bitcoin/bitcoin#28651: Make miniscript GetWitnessSize accurate for ↵Andrew Chow
tapscript b22810887b3840ad0fcb424ea7e16d2d195767d9 miniscript: make GetWitnessSize accurate for tapscript (Pieter Wuille) 8be98514080ab816fcb2498ea4bc6f211a2b05e0 test: add tests for miniscript GetWitnessSize (Pieter Wuille) 7ed2b2d430e4dc0d3ba62a30f814df2c7c0c0651 test: remove mutable global contexts in miniscript fuzzer/test (Pieter Wuille) Pull request description: So far, the same algorithm is used to compute an (upper bound on) the maximum witness size for both P2WSH and P2TR miniscript. That's unfortunate, because it means fee estimations for P2TR miniscript will miss out on the generic savings brought by P2TR witnesses (smaller signatures and public keys, specifically). Fix this by making the algorithm use script context specification calculations, and add tests for it. Also included is a cleanup for the tests to avoid mutable globals, as I found it hard to reason about what exactly was being tested. ACKs for top commit: achow101: ACK b22810887b3840ad0fcb424ea7e16d2d195767d9 darosior: ACK b22810887b3840ad0fcb424ea7e16d2d195767d9 Tree-SHA512: e4bda7376628f3e91cfc74917cefc554ca16eb5f2a0e1adddc33eb8717c4aaa071e56a40f85a2041ae74ec445a7bd0129bba48994c203e0e6e4d25af65954d9e
2023-10-16Merge bitcoin/bitcoin#28539: lib: add taproot support to libconsensusAndrew Chow
ff8e2fc2e2416f6f3b84cdb40db8ac168596b579 fuzz: add coverage for `bitcoinconsensus_verify_script_with_spent_outputs` (brunoerg) c5f2a757d736f14d27ac5256a9df887cd2f174f1 docs: add release notes for #28539 (brunoerg) de54882348502d860cf1e504100aa8fb1e52aa88 docs: add docs for additional libconsensus functions (Jake Rawsthorne) 70106e0689546fee497814c63a6a4747e0937b36 docs: link to rust-bitcoinconsensus (Jake Rawsthorne) fb0db07e414fec3318b3af683167ebef9c82fc84 lib: add Taproot support to libconsensus (Jake Rawsthorne) Pull request description: Grabbed from #21158. Closes #21133. ACKs for top commit: achow101: ACK ff8e2fc2e2416f6f3b84cdb40db8ac168596b579 theStack: ACK ff8e2fc2e2416f6f3b84cdb40db8ac168596b579 darosior: re-ACK ff8e2fc2e2416f6f3b84cdb40db8ac168596b579 Tree-SHA512: bf6f500c7e8c9ff6884137c2cd9b4522c586e52848dd639b774b94d998b0516b877498d24f3a6cc7425aedf81d18b0d30c1ccf19e2d527fdfdfa3955ca49b6e7
2023-10-16Merge bitcoin/bitcoin#28583: refactor: [tidy] modernize-use-emplacefanquake
fa05a726c225dc65dee79367bb67f099ae4f99e6 tidy: modernize-use-emplace (MarcoFalke) Pull request description: Constructing a temporary unnamed object only to copy or move it into a container seems both verbose in code and a strict performance penalty. Fix both issues via the `modernize-use-emplace` tidy check. ACKs for top commit: Sjors: re-utACK fa05a726c2 hebasto: ACK fa05a726c225dc65dee79367bb67f099ae4f99e6. TheCharlatan: ACK fa05a726c225dc65dee79367bb67f099ae4f99e6 Tree-SHA512: 4408a094f406e7bf6c1468c2b0798f68f4d952a1253cf5b20bdc648ad7eea4a2c070051fed46d66fd37bce2ce6f85962484a1d32826b7ab8c9baba431eaa2765
2023-10-13test: add tests for miniscript GetWitnessSizePieter Wuille
2023-10-13test: remove mutable global contexts in miniscript fuzzer/testPieter Wuille
2023-10-13fuzz: add coverage for `bitcoinconsensus_verify_script_with_spent_outputs`brunoerg
Co-authored-by: Antonie Poinsot <darosior@protonmail.com>
2023-10-13scripted-diff: Use ser params operatorMarcoFalke
-BEGIN VERIFY SCRIPT- sed -i 's|WithParams(\([a-zA-Z:._]\+\), |\1(|g' $( git grep -l WithParams ) -END VERIFY SCRIPT-
2023-10-12Introduce types for txids & wtxidsdergoegge
2023-10-12ci: Drop no longer needed `NOLINTNEXTLINE`Hennadii Stepanov
2023-10-12tidy: modernize-use-emplaceMarcoFalke
2023-10-08fuzz: miniscript: higher sensitivity for max stack size limit under TapscriptAntoine Poinsot
In order to exacerbate a mistake in the stack size tracking logic, sometimes pad the witness to make the script execute at the brink of the stack size limit. This way if the stack size is underestimated for a script it would immediately fail `VerifyScript`.
2023-10-08fuzz: adapt Miniscript targets to TapscriptAntoine Poinsot
We introduce another global that dictates the script context under which to operate when running the target. For miniscript_script, just consume another byte to set the context. This should only affect existing seeds to the extent they contain a CHECKMULTISIG. However it would not invalidate them entirely as they may contain a NUMEQUAL or a CHECKSIGADD, and this still exercises a bit of the parser. For miniscript_string, reduce the string size by one byte and use the last byte to determine the context. This is the change that i think would invalidate the lowest number of existing seeds. For miniscript_stable, we don't want to invalidate any seed. Instead of creating a new miniscript_stable_tapscript, simply run the target once for P2WSH and once for Tapscript (with the same seed). For miniscript_smart, consume one byte before generating a pseudo-random node to set the context. We have less regard for seed stability for this target anyways.
2023-10-08miniscript: account for keys as being 32 bytes under Taproot contextAntoine Poinsot
2023-10-08miniscript: make 'd:' have the 'u' property under Tapscript contextAntoine Poinsot
In Tapscript MINIMALIF is a consensus rule, so we can rely on the fact that the `DUP IF [X] ENDIF` will always put an exact 1 on the stack upon satisfaction.
2023-10-08miniscript: introduce a multi_a fragmentAntoine Poinsot
It is the equivalent of multi() but for Tapscript, using CHECKSIGADD instead of CHECKMULTISIG. It shares the same properties as multi() but for 'n', since a threshold multi_a() may have an empty vector as the top element of its satisfaction. It could also have the 'o' property when it only has a single key, but in this case a 'pk()' is always preferable anyways.
2023-10-08miniscript: store the script context within the Node structureAntoine Poinsot
Some checks will be different depending on the script context (for instance the maximum script size).
2023-10-08miniscript: introduce a MsContext() helper to contextsAntoine Poinsot
We are going to introduce Tapscript support in Miniscript, for which some of Miniscript rules and properties change (new or modified fragments, different typing rules, different resources consumption, ..).
2023-10-06chain: Rename HaveTxsDownloaded to HaveNumChainTxsFabian Jahr
Co-authored-by: MarcoFalke <falke.marco@gmail.com>