aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/scriptpubkeyman.cpp
AgeCommit message (Collapse)Author
2020-09-28scripted-diff: Replace UINT256_ONE() with uint256::ONEAnthony Towns
-BEGIN VERIFY SCRIPT- sed -i '/inline.* UINT256_ONE() {/,+1d' src/uint256.h sed -i 's/UINT256_ONE()/uint256::ONE/' $(git grep -l UINT256_ONE) -END VERIFY SCRIPT-
2020-07-11Merge #19046: Replace CWallet::Set* functions that use memonly with Add/Load ↵Samuel Dobson
variants 3a9aba21a49a6d80bd187940d5e26893937b6832 Split SetWalletFlags into Add/LoadWalletFlags (Andrew Chow) d9cd095b5965fc20c09f401370e7ba99446663e3 Split SetActiveScriptPubKeyMan into Add/LoadActiveScriptPubKeyMan (Andrew Chow) 0122fbab4c340b23ae56173de6c5ab866ba25ab8 Split SetHDChain into AddHDChain and LoadHDChain (Andrew Chow) Pull request description: `SetHDChaiin`, `SetActiveScriptPubKeyMan`, and `SetWalletFlags` have a `memonly` argument which is kind of confusing, as noted in https://github.com/bitcoin/bitcoin/pull/17681#discussion_r427633081. This PR replaces those functions with `Add*` and `Load*` variants so that they follow the pattern used elsewhere in the wallet. `AddHDChain`, `AddActiveScriptPubKeyMan`, and `AddWalletFlags` both set their respective variables in `CWallet` and writes them to disk. These functions are used by the actions which modify the wallet such as `sethdseed`, `importdescriptors`, and creating a new wallet. `LoadHDChain`, `LoadActiveScriptPubKeyMan`, and `LoadWalletFlags` just set the `CWallet` variables. These functions are used by `LoadWallet` when loading the wallet from disk. ACKs for top commit: jnewbery: Code review ACK 3a9aba21a49a6d80bd187940d5e26893937b6832 ryanofsky: Code review ACK 3a9aba21a49a6d80bd187940d5e26893937b6832. Only changes since last review tweaks making m_wallet_flags updates more safe meshcollider: utACK 3a9aba21a49a6d80bd187940d5e26893937b6832 Tree-SHA512: 365aeaafc5ba42879c0eb797ec3beb29ab70e27f917dc880763f743420b3be6ddf797240996beed8a9ad70fb212c2590253c6b44c9dc244529c3939d9538983f
2020-07-03Merge #19215: psbt: Include and allow both non_witness_utxo and witness_utxo ↵Samuel Dobson
for segwit inputs 84d295e51341a126a6c3cbeea7a8caa04c7b5bc3 tests: Check that segwit inputs in psbt have both UTXO types (Andrew Chow) 46004790588c24174a0bec49b540d158ce163ffd psbt: always put a non_witness_utxo and don't remove it (Andrew Chow) 5279d8bc07d601fe6a67ad665fbc7591fe73c7de psbt: Allow both non_witness_utxo and witness_utxo (Andrew Chow) 72f6bec1da198764d4648a10a61c485e7ab65e9e rpc: show both UTXOs in decodepsbt (Andrew Chow) Pull request description: Due to recent changes to hardware wallets, the full previous transaction will need to be provided for segwit inputs. Since some software may be checking for the existence of a `witness_utxo` to determine whether to produce a segwit signature, we keep that field to ease the transition. Because all of the sanity checks implemented by the `IsSane` functions were related to having mixed segwit and non-segwit data in a PSBT, those functions are removed as those checks are no longer proper. Some tests are updated/removed to accommodate this and a simple test added to check that both UTXOs are being added to segwit inputs. As discussed in the wallet IRC meeting, our own signer will not require `non_witness_utxo` for segwit inputs. ACKs for top commit: Sjors: utACK 84d295e51341a126a6c3cbeea7a8caa04c7b5bc3 (didn't retest compared to 836d6fc, but fortunately HWI's CI tracks our master branch, with a bunch of hardware wallet simulators) ryanofsky: Code review re-ACK 84d295e51341a126a6c3cbeea7a8caa04c7b5bc3. No changes since last review, but now I understand the context better. I think it would good to improve the comments as suggested https://github.com/bitcoin/bitcoin/pull/19215#discussion_r447889473 and maybe refer to meshcollider: utACK 84d295e51341a126a6c3cbeea7a8caa04c7b5bc3 Tree-SHA512: ccc1fd3c16ac3859f5aca4fa489bd40f68be0b81bbdc4dd51188bbf28827a8642dc8b605a37318e5f16cf40f1c4910052dace2f27eca21bb58435f02a443e940
2020-07-02Merge #19396: refactor: Remove confusing OutputType::CHANGE_AUTOWladimir J. van der Laan
fa927ff884ae373c676deed63180a8d238872cdc Enable Wswitch for OutputType (MarcoFalke) faddad71f648ed99734f4f8811bd4bc7232ca670 Remove confusing OutputType::CHANGE_AUTO (MarcoFalke) fa2eb383522249a5f4d48726c520cec5de496614 interfaces: Remove unused getDefaultChangeType (MarcoFalke) Pull request description: `OutputType::CHANGE_AUTO` is problematic for several reasons: * An output that is not change must never be described by `CHANGE_AUTO`. Simply allowing that option makes the code confusing and review harder than it needs to be. * To make review even harder, `CHANGE_AUTO` requires `-Wswitch` to be disabled for `OutputType` Fix both issues by removing `CHANGE_AUTO` and then enabling `-Wswitch` for `OutputType` ACKs for top commit: promag: Code review ACK fa927ff884ae373c676deed63180a8d238872cdc. laanwj: Code review ACK fa927ff884ae373c676deed63180a8d238872cdc Tree-SHA512: 24fd809757aa343866c94dafe9a7130b50cda4f77c97666d407f99b813f75b115a7d8e688a6bc2a737e87cba64ddd4e43f2b3c5538fd35fabb5845807bb39134
2020-07-01Enable Wswitch for OutputTypeMarcoFalke
2020-06-28Merge #19114: scripted-diff: TxoutType C++11 scoped enum classMarcoFalke
fa32adf9dc25540ad27f5b82654c7057d7738627 scripted-diff: TxoutType C++11 scoped enum class (MarcoFalke) fa95a694c492b267e4038674fd3f338dd215ab48 doc: Update outdated txnouttype documentation (MarcoFalke) fa58469c770d8c935a86462634e4e8cd806aa6e3 rpc: Properly use underlying type in GetAllOutputTypes (MarcoFalke) fa41c657022b8f99c8e6718a0e33c5838c412a0b rpc: Simplify GetAllOutputTypes with the Join helper (MarcoFalke) Pull request description: Non-scoped enums can accidentally and silently decay into an integral type. Also, the symbol names of the keys are exported to the surrounding (usually global) namespace. Fix both issues by switching to an `enum class TxoutType` in a (mostly) scripted-diff. ACKs for top commit: practicalswift: ACK fa32adf9dc25540ad27f5b82654c7057d7738627 -- patch looks correct hebasto: re-ACK fa32adf9dc25540ad27f5b82654c7057d7738627, since fa5997bd6fc82e16b597ea96e3c5c665f1f174ab (https://github.com/bitcoin/bitcoin/pull/19114#pullrequestreview-421425198) rebased only (verified with `git range-diff`). Tree-SHA512: f42a9db47f9be89fa4bdd8d2fb05a16726286d8b12e3d87327b67d723f91c7d5a57deb4b2ddae9e1d16fee7a5f8c00828b6dc8909c5db680fc5e0a3cf07cd465
2020-06-24psbt: Allow both non_witness_utxo and witness_utxoAndrew Chow
2020-06-21Merge #18027: "PSBT Operations" dialogSamuel Dobson
931dd4760855e036c176a23ec2de367c460e4243 Make lint-spelling.py happy (Glenn Willen) 11a0ffb29d1b4dcc55c8826873f340ab4196af21 [gui] Load PSBT from clipboard (Glenn Willen) a6cb0b0c29d327d01aebb98b0504f317eb19c3dc [gui] PSBT Operations Dialog (sign & broadcast) (Glenn Willen) 5dd0c03ffa3aeaa69d8a3a716f902f450d5eaaec FillPSBT: report number of inputs signed (or would sign) (Glenn Willen) 9e7b23b73387600d175aff8bd5e6624dd51f86e7 Improve TransactionErrorString messages. (Glenn Willen) Pull request description: Add a "PSBT Operations" dialog, reached from the "Load PSBT..." menu item, giving options to sign or broadcast the loaded PSBT as appropriate, as well as copying the result to the clipboard or saving it to a file. This is based on Sjors' #17509, and depends on that PR going in first. (It effectively replaces the small "load PSBT" dialog from that PR with a more feature-rich one.) Some notes: * The way I display status information is maybe unusual (a status bar, rather than messageboxes.) I think it's helpful to have the information in it be persistent rather than transitory. But if people dislike it, I would probably move the "current state of the transaction" info to the top line of the main label, and the "what action just happened, and did it succeed" info into a messagebox. * I don't really know much about the translation/localization stuff. I put tr() in all the places it seemed like it ought to go. I did not attempt to translate the result of TransactionErrorString (which is shared by GUI and non-GUI code); I don't know if that's correct, but it matches the "error messages in logs should be googleable in English" heuristic. I don't know whether there are things I should be doing to reduce translator effort (like minimizing the total number of distinct message strings I use, or something.) * I don't really know how (if?) automated testing is applied to GUI code. I can make a list of PSBTs exercising all the codepaths for manual testing, if that's the right approach. Input appreciated. ACKs for top commit: instagibbs: tested ACK https://github.com/bitcoin/bitcoin/pull/18027/commits/931dd4760855e036c176a23ec2de367c460e4243 Sjors: re-tACK 931dd4760855e036c176a23ec2de367c460e4243 jb55: ACK 931dd4760855e036c176a23ec2de367c460e4243 achow101: ACK 931dd4760855e036c176a23ec2de367c460e4243 Tree-SHA512: ade52471a2242f839a8bd6a1fd231443cc4b43bb9c1de3fb5ace7c5eb59eca99b1f2e9f17dfdb4b08d84d91f5fd65677db1433dd03eef51c7774963ef4e2e74f
2020-06-21scripted-diff: TxoutType C++11 scoped enum classMarcoFalke
-BEGIN VERIFY SCRIPT- # General rename helper: $1 -> $2 rename_global() { sed -i "s/\<$1\>/$2/g" $(git grep -l "$1"); } # Helper to rename TxoutType $1 rename_value() { sed -i "s/ TX_$1,/ $1,/g" src/script/standard.h; # First strip the prefix in the definition (header) rename_global TX_$1 "TxoutType::$1"; # Then replace globally } # Change the type globally to bring it in line with the style-guide # (clsses are UpperCamelCase) rename_global 'enum txnouttype' 'enum class TxoutType' rename_global 'txnouttype' 'TxoutType' # Now rename each enum value rename_value 'NONSTANDARD' rename_value 'PUBKEY' rename_value 'PUBKEYHASH' rename_value 'SCRIPTHASH' rename_value 'MULTISIG' rename_value 'NULL_DATA' rename_value 'WITNESS_V0_KEYHASH' rename_value 'WITNESS_V0_SCRIPTHASH' rename_value 'WITNESS_UNKNOWN' -END VERIFY SCRIPT-
2020-06-19Use explicit conversion from PKHash -> CKeyIDBen Woosley
These types are equivalent, in data etc, so they need only their data cast across. Note a function is used rather than a casting operator as CKeyID is defined at a lower level than script/standard
2020-06-18FillPSBT: report number of inputs signed (or would sign)Glenn Willen
In FillPSBT, optionally report the number of inputs we successfully signed, as an out parameter. If "sign" is false, instead report the number of inputs for which GetSigningProvider does not return nullptr. (This is a potentially overbroad estimate of inputs we could sign.)
2020-05-21Split SetHDChain into AddHDChain and LoadHDChainAndrew Chow
Remove the memonly bool and follow our typical Add and Load pattern.
2020-05-22Merge #18787: wallet: descriptor wallet release notes and cleanupsSamuel Dobson
ca2a09640fe976b1e74a33d29d9381895e71b347 Change SetType to SetInternal and remove m_address_type (Andrew Chow) 89b1ce1140535b4c902a7c5999bed335b9ddfe7c Remove unimplemented SetCrypted from DescriptorScriptPubKeyMan (Andrew Chow) b9073c8f13fb0ba94c2ec6365666343e19fd9ddf rpc: createwallet warning that descriptor wallets are experimental (Andrew Chow) 610030d95c60ea526440d801a98ac8bd370eac48 docs: Add release notes for descriptor wallets (Andrew Chow) Pull request description: Some docs and cleanup following #16528. * Added release notes to explain a bit of motivation for descriptor wallets, what was changed, and how users will be effected by it. Also mentions the caveats regarding multsigs and watchonly that we have discussed on IRC. * Adds a warning to `createwallet` that descriptor wallets are experimental. * Removed unused `SetCrypted` as suggestioned: https://github.com/bitcoin/bitcoin/pull/16528#discussion_r415300916 * Removed `m_address_type` as mentioned in https://github.com/bitcoin/bitcoin/pull/18782#issuecomment-620167077 ACKs for top commit: Sjors: tACK ca2a09640fe976b1e74a33d29d9381895e71b347 instagibbs: utACK https://github.com/bitcoin/bitcoin/commit/ca2a09640fe976b1e74a33d29d9381895e71b347 meshcollider: utACK ca2a09640fe976b1e74a33d29d9381895e71b347 Tree-SHA512: 987188a912c191430e5d3f89bcef54ba6773692fc2d95b16a3ec11d9007ded210466ed980a3857e8b7196beef6422f07f9c85cc157f996c02d16f4dbde2e7b2a
2020-05-22Merge #17681: wallet: Keep inactive seeds after sethdseed and derive keys ↵Samuel Dobson
from them as needed 1ed52fbb4d81f7b7634fd4fb6d1d00e1478129dc Remove IBD check in sethdseed (Andrew Chow) b1810a145a601a8064e4094350cfb6ddafbdb4d8 Test that keys from inactive seeds are generated (Andrew Chow) c93082ece40b1c72f05b3e2085c022c09eaa4d65 Generate new keys for inactive seeds after marking used (Andrew Chow) 45f2f6a0e8514a0438a87554400bf73cbb90707f Determine inactive HD seeds from key metadata and track them in LegacyScriptPubKeyMan (Andrew Chow) b59b4504abf96cec860badfed2ac793ae5d40ced have GenerateNewKey and DeriveNewChildKey take a CHDChain as an argument (Andrew Chow) Pull request description: Largely implements the suggestion from https://github.com/bitcoin/bitcoin/pull/17484#issuecomment-560845316. After `sethdseed` is called, the CHDChain for the old seed is kept in the wallet. It is kept on the file as a new `inactivehdseed` record and in memory in a map `m_inactive_hd_seeds`. In `LegacyScriptPubKeyMan::MarkUnusedAddresses` we check each used key's metadata for whether it was derived from an inactive seed. If it is, we then check to see how many keys after that key were derived from the inactive seed. If that number does not match the keypool parameter, we derive more keys from the inactive seed until it does match. This way we won't miss transactions belonging to keys outside of the range of the keypool initially. The indexes and internal-ness of a key is gotten by checking it's key origin data. Because of this change, we no longer need to wait for IBD to finish before `sethdseed` can work so that check is also removed. A test case for this is added as well which fails on master. ACKs for top commit: ryanofsky: Code review ACK 1ed52fbb4d81f7b7634fd4fb6d1d00e1478129dc. Changes since last review: various commit message, code comment, log message, error checking improvements, and fix for topping up inactive seeds if wallet isn't reloaded after calling sethdseed and test for this ariard: Code Review ACK 1ed52fb jonatack: ACK 1ed52fbb4d81f7 thanks for addressing the previous review feedback; would be happy to see the new review questions answered and feedback addressed and re-ack. Tree-SHA512: e658ae0e1dab94be55d2b62cdda506c94815e73a6881533fd30d41cc77477f82fee2095144957a3a1df0c129e256bdd7b7abe3737d515f393610446cae4edf1c
2020-05-21Merge #16946: wallet: include a checksum of encrypted private keysWladimir J. van der Laan
d67055e00dd90f504384e5c3f229fc95306d5aac Upgrade or rewrite encrypted key checksums (Andrew Chow) c9a9ddb4142af0af5f7b1a5ccd13f8e585007089 Set fDecryptionThoroughlyChecked based on whether crypted key checksums are valid (Andrew Chow) a8334f7ac39532528c5f8bd3b0eea05aa63e8794 Read and write a checksum for encrypted keys (Andrew Chow) Pull request description: Adds a checksum to the encrypted key record in the wallet database so that encrypted keys can be checked for corruption on wallet loading, in the same way that unencrypted keys are. This allows for us to skip the full decryption of keys upon the first unlocking of the wallet in that session as any key corruption will have already been detected. The checksum is just the double SHA256 of the encrypted key and it is appended to the record after the encrypted key itself. This is backwards compatible as old wallets will be able to read the encrypted key and ignore that there is more data in the stream. Additionally, old wallets will be upgraded upon their first unlocking (so that key decryption is checked before we commit to a checksum of the encrypted key) and a wallet flag set indicating that. The presence of the wallet flag lets us skip the full decryption as if `fDecryptionThoroughlyChecked` were true. This does mean that the first time an old wallet is unlocked in a new version will take much longer, but subsequent unlocks will be instantaneous. Furthermore, corruption will be detected upon loading rather than on trying to send so wallet corruption will be detected sooner. Fixes #12423 ACKs for top commit: laanwj: code review ACK d67055e00dd90f504384e5c3f229fc95306d5aac jonatack: Code review ACK d67055e00dd90f504384e5c3f229fc95306d5aac meshcollider: Code review ACK d67055e00dd90f504384e5c3f229fc95306d5aac Tree-SHA512: d5c1c10cfcb5db9e10dcf2326423565a9f499290b81f3155ec72254ed5bd7491e2ff5c50e98590eb07842c20d7797b4efa1c3475bae64971d500aad3b4e711d4
2020-05-15Generate new keys for inactive seeds after marking usedAndrew Chow
When a key from an inactive seed is used, generate replacements to fill a keypool that would have been there.
2020-05-15Determine inactive HD seeds from key metadata and track them in ↵Andrew Chow
LegacyScriptPubKeyMan
2020-05-05Change SetType to SetInternal and remove m_address_typeAndrew Chow
m_address_type was used for two things: 1. Determine the type of descriptor to generate during SetupDescriptorGeneration 2. Sanity check during GetNewDestination. There is no need to have this variable to accomplish those things. 1. Add a argument to SetupDescriptorGeneration indicating the address type to use 2. Use Descriptor::GetOutputType for the sanity check.
2020-05-01have GenerateNewKey and DeriveNewChildKey take a CHDChain as an argumentAndrew Chow
2020-05-01wallet: Avoid translating RPC errors when loading walletsMarcoFalke
Common errors and warnings should be translated when displayed in the GUI, but not translated when displayed elsewhere. The wallet method CreateWalletFromFile does not know its caller, so this commit changes it to return a bilingual_str to the caller.
2020-04-23add importdescriptors RPC and tests for native descriptor walletsHugo Nguyen
Co-authored-by: Andrew Chow <achow101-github@achow101.com>
2020-04-23Implement GetMetadata in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Change GetMetadata to use unique_ptr<CKeyMetadata>Andrew Chow
2020-04-23Implement FillPSBT in DescriptorScriptPubKeyManAndrew Chow
FillPSBT will add our own scripts to the PSBT if those inputs are ours. If an input also lists pubkeys that we happen to know the private keys for, we will sign those inputs too.
2020-04-23Implement SignMessage for descriptor walletsAndrew Chow
2020-04-23Implement SignTransaction in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement GetSolvingProvider for DescriptorScriptPubKeyManAndrew Chow
Internally, a GetSigningProvider function is introduced which allows for some private keys to be optionally included. This can be called with a script as the argument (i.e. a scriptPubKey from our wallet when we are signing) or with a pubkey. In order to know what index to expand the private keys for that pubkey, we need to also cache all of the pubkeys involved when we expand the descriptor. So SetCache and TopUp are updated to do this too.
2020-04-23Implement GetKeypoolOldestTime and only display it if greater than 0Andrew Chow
2020-04-23Implement ReturnDestination in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement GetReservedDestination in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement Unlock and Encrypt in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement GetNewDestination for DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement TopUp in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement SetupGeneration for DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement writing descriptorkeys, descriptorckeys, and descriptors to wallet ↵Andrew Chow
file
2020-04-23Implement several simple functions in DescriptorScriptPubKeyManAndrew Chow
Implements a bunch of one liners: UpgradeKeyMetadata, IsFirstRun, HavePrivateKeys, KeypoolCountExternalKeys, GetKeypoolSize, GetTimeFirstKey, CanGetAddresses, RewriteDB
2020-04-23Implement loading of keys for DescriptorScriptPubKeyManAndrew Chow
2020-04-23Load the descriptor cache from the wallet fileAndrew Chow
2020-04-23Implement GetID for DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement IsHDEnabled in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement MarkUnusedAddresses in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Implement IsMine for DescriptorScriptPubKeyManAndrew Chow
Adds a set of scriptPubKeys that DescriptorScriptPubKeyMan tracks. If the given script is in that set, it is considered ISMINE_SPENDABLE
2020-04-23Implement SetType in DescriptorScriptPubKeyManAndrew Chow
2020-04-23Introduce DescriptorScriptPubKeyMan as a dummy classAndrew Chow
2020-04-23Introduce SetType function to tell ScriptPubKeyMans the type and ↵Andrew Chow
internal-ness of it
2020-04-18Merge #17219: wallet: allow transaction without change if keypool is emptySamuel Dobson
92bcd70808b9cac56b184903aa6d37baf9641b37 [wallet] allow transaction without change if keypool is empty (Sjors Provoost) 709f8685ac37510aa145ac259753583c82280038 [wallet] CreateTransaction: simplify change address check (Sjors Provoost) 5efc25f9638866941028454cfa9bae27f1519cb4 [wallet] translate "Keypool ran out" message (Sjors Provoost) Pull request description: Extracted from #16944 First this PR simplifies the check when generating a change address, by dropping `CanGetAddresses` and just letting `reservedest.GetReservedDestination` do this check. Second, when the keypool is empty, instead of immediately giving up, we create a dummy change address and pass that to coin selection. If we didn't need the change address (e.g. when spending the entire balance), then it's all good. If we did need a change address, we throw the original error. ACKs for top commit: fjahr: Code review ACK 92bcd70808b9cac56b184903aa6d37baf9641b37 jonasschnelli: utACK 92bcd70808b9cac56b184903aa6d37baf9641b37 achow101: ACK 92bcd70808b9cac56b184903aa6d37baf9641b37 meshcollider: Code review ACK 92bcd70808b9cac56b184903aa6d37baf9641b37 Tree-SHA512: 07b8c8251f57061c58a85ebf0359be63583c23bac7a2c4cefdc14820c0cdebcc90a2bb218e5ede0db11d1e204cda149e056dfd18614642070b3d56efe2735006
2020-04-16scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-03-14Replace std::to_string with locale-independent alternativeBen Woosley
2020-03-09Replace GetSigningProvider with GetSolvingProviderAndrew Chow
Not all ScriptPubKeyMans will be able to provide private keys, but pubkeys and scripts should be. So only provide public-only SigningProviders, i.e. ones that can help with Solving.
2020-03-09Move direct calls to MessageSign into new SignMessage functions in CWallet ↵Andrew Chow
and ScriptPubKeyMan Instead of getting a SigningProvider and then going to MessageSign, have ScriptPubKeyMan handle the message signing internally.