aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/wallet.cpp
AgeCommit message (Collapse)Author
2019-03-11wallet: Add trailing wallet.dat when detecting duplicate wallet if it's a ↵Chun Kuan Lee
directory. Github-Pull: #14552 Rebased-From: 15c93f0
2019-03-11wallet: Refactor to use WalletLocationJoão Barbosa
Github-Pull: #14350 Rebased-From: 65f3672
2019-03-11After encrypting the wallet, reload the database environmentAndrew Chow
Calls ReloadDbEnv after encrypting the wallet so that the database environment is flushed, closed, and reopened to prevent unencrypted keys from being saved on disk. Github-Pull: #12493 Rebased-From: d7637c5
2019-01-16rpc: Make unloadwallet wait for complete wallet unloadJoão Barbosa
Github-Pull: #14941 Rebased-From: c37851d
2018-11-30CreateTransaction: Assume minimum p2sh-p2wpkh spend size for unknown changeGregory Sanders
2018-11-30Remove stale comment in CalculateMaximumSignedInputSizeGregory Sanders
2018-11-28wallet: Avoid potential use of unitialized value bnb_used in ↵practicalswift
CWallet::CreateTransaction(...) Github-Pull: #13546 Rebased-From: a23a7f60aa07de52d23ff1f2034fc43926ec3520
2018-08-13Merge #13666: Always create signatures with Low R valuesWladimir J. van der Laan
e306be742932d4ea5aca0ea4768e54b2fc3dc6a0 Use 72 byte dummy signatures when watching only inputs may be used (Andrew Chow) 48b1473c898129a99212e2db36c61cf93625ea17 Use 71 byte signature for DUMMY_SIGNATURE_CREATOR (Andrew Chow) 18dfea0dd082af18dfb02981b7ee1cd44d514388 Always create 70 byte signatures with low R values (Andrew Chow) Pull request description: When creating signatures for transactions, always make one which has a 32 byte or smaller R and 32 byte or smaller S value. This results in signatures that are always less than 71 bytes (32 byte R + 32 byte S + 6 bytes DER + 1 byte sighash) with low R values. In most cases, the signature will be 71 bytes. Because R is not mutable in the same way that S is, a low R value can only be found by trying different nonces. RFC 6979 for deterministic nonce generation has the option to specify additional entropy, so we simply use that and add a uin32_t counter which we increment in order to try different nonces. Nonces are sill deterministically generated as the nonce used will the be the first one where the counter results in a nonce that results in a low R value. Because different nonces need to be tried, time to produce a signature does increase. On average, it takes twice as long to make a signature as two signatures need to be created, on average, to find one with a low R. Having a fixed size signature makes size calculations easier and also saves half a byte of transaction size, on average. DUMMY_SIGNATURE_CREATOR has been modified to produce 71 byte dummy signatures instead of 72 byte signatures. Tree-SHA512: 3cd791505126ce92da7c631856a97ba0b59e87d9c132feff6e0eef1dc47768e81fbb38bfbe970371bedf9714b7f61a13a5fe9f30f962c81734092a4d19a4ef33
2018-08-09Use 72 byte dummy signatures when watching only inputs may be usedAndrew Chow
With watching only inputs, we do not know how large the signatures for those inputs will be as their signers may not have implemented 71 byte signatures. Thus we estimate their fees using the 72 byte dummy signature to ensure that we pay enough fees. This only effects fundrawtransaction when includeWatching is true.
2018-08-09Use 71 byte signature for DUMMY_SIGNATURE_CREATORAndrew Chow
Changes DUMMY_SIGNATURE_CREATOR to create 71 byte dummy signatures. Update comments to reflect this change
2018-08-10wallet: shuffle coins before grouping, where warrantedKarl-Johan Alm
Issue brought up in https://github.com/bitcoin/bitcoin/pull/12257\#discussion_r204554549
2018-08-09Merge #13911: doc: Revert translated string change, clarify wallet log messagesMarcoFalke
c4a884d555 Trivial: Revert translated string change, clarify wallet log messages (Pierre Rochard) Pull request description: Fixes https://github.com/bitcoin/bitcoin/pull/12992 post-merge nits from @jnewbery Tree-SHA512: 002d8a69b489fd216e15b7d6200d7117c489b32405d5e9f514f120d43113fd97ca2f235452b0093e0760bc03baf714edc4564ae14af8456e1b2a54f83c577bf3
2018-08-09Merge #13876: wallet: Catch filesystem_error and raise InitErrorMarcoFalke
fa8527ffec wallet: Catch filesystem_error and raise InitError (MarcoFalke) Pull request description: Fixes #13754 by restoring the previous behaviour Tree-SHA512: f64052e89f6b332be395df2a5ea6f227c213fa2f38e415e83f30a4fad0938e947e5cddff7902368a43c07be135955a31b90f7eac5a46875c58d54ea95f87f6e6
2018-08-08Trivial: Revert translated string change, clarify wallet log messagesPierre Rochard
2018-08-08Merge #13780: 0.17: Pre-branch maintenanceWladimir J. van der Laan
3fc20632a3ad30809356a58d2cf0ea4a4ad4cec3 qt: Set BLOCK_CHAIN_SIZE = 220 (DrahtBot) 2b6a2f4a28792f2fe9dc1be843b1ff1ecae35e8a Regenerate manpages (DrahtBot) eb7daf4d600eeb631427c018a984a77a34aca66e Update copyright headers to 2018 (DrahtBot) Pull request description: Some trivial maintenance to avoid having to do it again after the 0.17 branch off. (The scripts to do this are in `./contrib/`) Tree-SHA512: 16b2af45e0351b1c691c5311d48025dc6828079e98c2aa2e600dc5910ee8aa01858ca6c356538150dc46fe14c8819ed8ec8e4ec9a0f682b9950dd41bc50518fa
2018-08-07Merge #13843: [trivial] Add doxygen-compatible comments to CAffectedKeysVisitorWladimir J. van der Laan
3339d845354c9c357ec90505192748d9d639e72e [trivial] add doxygen-compatible comments to CAffectedKeysVisitor (Pierre Rochard) Pull request description: Tree-SHA512: 0003fde198a6977d0c8988efc8f76428f9e095009fddf131b07bd9809ef76a778c86bb2b1305e33df16101b6b703cf43eb6193462bb9f3687f98c1d9b109dd96
2018-08-07Merge #13657: wallet: assert to ensure accuracy of ↵Wladimir J. van der Laan
CMerkleTx::GetBlocksToMaturity 93de2891fa9cb8314573ba3a6ab764bc9c52444d wallet: assert to ensure accuracy of CMerkleTx::GetBlocksToMaturity (Ben Woosley) Pull request description: According to my understanding, it should not be possible for coinbase transactions to be conflicting, thus it should not be possible for GetDepthInMainChain to return a negative result. If it did, this would also result in innacurate results for GetBlocksToMaturity due to the math therein. asserting ensures accuracy. Tree-SHA512: 8e71c26f09fe457cfb00c362ca27066f7f018ea2af1f395090fdc7fd9f5964b76f4317c23f7a4923776f00087558511da5c1c368095be39fb1bacc614a93c32f
2018-08-04wallet: Catch filesystem_error and raise InitErrorMarcoFalke
2018-08-03[trivial] add doxygen-compatible comments to CAffectedKeysVisitorPierre Rochard
2018-08-02[wallet] Add wallet name to log messagesPierre Rochard
After multiple wallets became supported, wallet-related log messages became ambiguous as to which wallet they were being emitted by. fixes #11317
2018-08-01Merge #13805: [wallet] Correctly limit output group sizeMarcoFalke
a13647b8bd [qa] Add test for too-large wallet output groups (Suhas Daftuar) 57ec1c97b2 [wallet] correctly limit output group size (Suhas Daftuar) Pull request description: Also add a test to ensure that output groups are being limited, even if a wallet has many outputs corresponding to the same scriptPubKey (the test fails without the first commit). Tree-SHA512: 2aaa82005b0910488f5cbf40690d4c5e2f46949e299ef70b4cb6e440713811443d411dcbc6d71b1701fd82423073125e21747787d70830cd021c841afb732d51
2018-07-30[wallet] correctly limit output group sizeSuhas Daftuar
2018-07-29refactor: Avoid locking tx pool cs thriceMarcoFalke
2018-07-29Merge #13774: Return void instead of bool for functions that cannot failMarcoFalke
d78a8dc3e8 Return void instead of bool for functions that cannot fail (practicalswift) Pull request description: Return `void` instead of `bool` for functions that cannot fail: * `CBlockTreeDB::ReadReindexing(...)` * `CChainState::ResetBlockFailureFlags(...)` * `CTxMemPool::addUnchecked(...)` * `CWallet::CommitTransaction(...)` * `CWallet::LoadDestData(...)` * `CWallet::LoadKeyMetadata(...)` * `CWallet::LoadScriptMetadata(...)` * `CWallet::LoadToWallet(...)` * `CWallet::SetHDChain(...)` * `CWallet::SetHDSeed(...)` * `PendingWalletTx::commit(...)` * `RemoveLocal(...)` * `SetMinVersion(...)` * `StartHTTPServer(...)` * `StartRPC(...)` * `TorControlConnection::Disconnect(...)` Some of the functions can fail by throwing. Found by manually inspecting the following candidate functions: ``` $ git grep -E '(^((static|virtual|inline|friend)[^a-z])*[^a-z]*bool [^=]*\(|return true|return false)' -- "*.cpp" "*.h" ``` Tree-SHA512: c0014e045362dbcd1a0cc8f69844e7b8cbae4f538e7632028daeca3a797ac11d8d3d86ebc480bedcb8626df3e96779d592747d52a12556fc49921b114fa0ccc6
2018-07-27Fix accidental use of the addition assignment operator ("+="). Remove ↵practicalswift
newlines from error message.
2018-07-27Return void instead of bool for functions that cannot failpracticalswift
* CBlockTreeDB::ReadReindexing(...) * CChainState::ResetBlockFailureFlags(...) * CTxMemPool::addUnchecked(...) * CWallet::LoadDestData(...) * CWallet::LoadKeyMetadata(...) * CWallet::LoadScriptMetadata(...) * CWallet::LoadToWallet(...) * CWallet::SetHDChain(...) * CWallet::SetHDSeed(...) * RemoveLocal(...) * SetMinVersion(...) * StartHTTPServer(...) * StartRPC(...) * TorControlConnection::Disconnect(...)
2018-07-27Update copyright headers to 2018DrahtBot
2018-07-24Merge #12257: [wallet] Use destination groups instead of coins in coin selectWladimir J. van der Laan
232f96f5c8a3920c09db92f4dbac2ad7d10ce8cf doc: Add release notes for -avoidpartialspends (Karl-Johan Alm) e00b4699cc6d2ee5697d38dd6607eb2631c9b77a clean-up: Remove no longer used ivars from CInputCoin (Karl-Johan Alm) 43e04d13b1ffc02b1082176e87f420198b40c7b1 wallet: Remove deprecated OutputEligibleForSpending (Karl-Johan Alm) 0128121101fb3ee82f3abd3973a967a4226ffe0e test: Add basic testing for wallet groups (Karl-Johan Alm) 59d6f7b4e2f847ec1f2ff46c84e6157655984f85 wallet: Switch to using output groups instead of coins in coin selection (Karl-Johan Alm) 87ebce25d66952f5ce565bb5130dcf5e24049872 wallet: Add output grouping (Karl-Johan Alm) bb629cb9dc567cc819724d9f4852652926e60cbf Add -avoidpartialspends and m_avoid_partial_spends (Karl-Johan Alm) 65b3eda458221644616d0fdd6ba0fe01bdbce893 wallet: Add input bytes to CInputCoin (Karl-Johan Alm) a443d7a0ca333b0bae63e04b5d476f9ad9c7aeac moveonly: CoinElegibilityFilter into coinselection.h (Karl-Johan Alm) 173e18a289088c6087ba6fac708e322aa63b7a94 utils: Add insert() convenience templates (Karl-Johan Alm) Pull request description: This PR adds an optional (off by default) `-avoidpartialspends` flag, which changes coin select to use output groups rather than outputs, where each output group corresponds to all outputs with the same destination. It is a privacy improvement, as each time you spend some output, any other output that is publicly associated with the destination (address) will also be spent at the same time, at the cost of fee increase for cases where coin select without group restriction would find a more optimal set of coins (see example below). For regular use without address reuse, this PR should have no effect on the user experience whatsoever; it only affects users who, for some reason, have multiple outputs with the same destination (i.e. address reuse). Nodes with this turned off will still try to avoid partial spending, if the fee of the resulting transaction is not greater than the fee of the original transaction. Example: a node has four outputs linked to two addresses `A` and `B`: * 1.0 btc to `A` * 0.5 btc to `A` * 1.0 btc to `B` * 0.5 btc to `B` The node sends 0.2 btc to `C`. Without `-avoidpartialspends`, the following coin selection will occur: * 0.5 btc to `A` or `B` is picked * 0.2 btc is output to `C` * 0.3 - fee is output to (unique change address) With `-avoidpartialspends`, the following will instead happen: * Both of (0.5, 1.0) btc to `A` or `B` is picked (one or the other pair) * 0.2 btc is output to `C` * 1.3 - fee is output to (unique change address) As noted, the pro here is that, assuming nobody sends to the address after you spend from it, you will only ever use one address once. The con is that the transaction becomes slightly larger in this case, because it is overpicking outputs to adhere to the no partial spending rule. This complements #10386, in particular it addresses @luke-jr and @gmaxwell's concerns in https://github.com/bitcoin/bitcoin/pull/10386#issuecomment-300667926 and https://github.com/bitcoin/bitcoin/pull/10386#issuecomment-302361381. Together with `-avoidreuse`, this fully addresses the concerns in #10065 I believe. Tree-SHA512: 24687a4490ba59cf4198ed90052944ff4996653a4257833bb52ed24d058b3e924800c9b3790aeb6be6385b653b49e304453e5d7ff960e64c682fc23bfc447621
2018-07-24wallet: Remove deprecated OutputEligibleForSpendingKarl-Johan Alm
2018-07-24wallet: Switch to using output groups instead of coins in coin selectionKarl-Johan Alm
2018-07-24wallet: Add output groupingKarl-Johan Alm
2018-07-22Merge #13683: wallet: Introduce assertion to document the assumption that ↵MarcoFalke
cache and cache_used are always set in tandem d06330396f wallet: Avoid potential null pointer dereference in CWalletTx::GetAvailableCredit(...) (practicalswift) Pull request description: Avoid potential null pointer dereference in `CWalletTx::GetAvailableCredit(...)`. Introduced in 4279da47855ec776f8d57c6579fe89afc9cbe8c1. Tree-SHA512: 92d1da9682f0bab11f6f96395ca30549331b0a056cbceb7e1a7f98b3d17d10082aaeed0907cafd46f4164b0e0f4b77e01f78bfd7d24e0503a66c6942ae842aa5
2018-07-20Merge #9662: Add createwallet "disableprivatekeys" option: a sane mode for ↵Wladimir J. van der Laan
watchonly-wallets a3fa4d6a6acf19d640a1d5879a00aa1f059e2380 QA: Fix bug in -usecli logic that converts booleans to non-lowercase strings (Jonas Schnelli) 4704e5f074e57782d058404a594a7313cf170cf0 [QA] add createwallet disableprivatekey test (Jonas Schnelli) c7b8f343e99d9d53ea353ddce9a977f1886caf30 [Qt] Disable creating receive addresses when private keys are disabled (Jonas Schnelli) 2f15c2bc20d583b4c1788da78c9c635c36e03ed0 Add disable privatekeys option to createwallet (Jonas Schnelli) cebefba0855cee7fbcb9474b34e6779369e8e9ce Add option to disable private keys during internal wallet creation (Jonas Schnelli) 9995a602a639b64a749545b7c3bafbf67f97324f Add facility to store wallet flags (64 bits) (Jonas Schnelli) Pull request description: This mode ('createwallet {"disableprivatekeys": true}') is intended for a sane pure watch-only mode, ideal for a use-case where one likes to use Bitcoin-Core in conjunction with a hardware-wallet or another solutions for cold-storage. Since we have support for custom change addresses in `fundrawtransaction`, pure watch-only wallets including coin-selection are possible and do make sense for some use cases. This new mode disables all forms of private key generation and ensure that no mix between hot and cold keys are possible. Tree-SHA512: 3ebe7e8d54c4d4e5f790c348d4c292d456f573960a5b04d69ca5ef43a9217c7e7671761c6968cdc56f9a8bc235f3badd358576651af9f10855a0eb731f3fc508
2018-07-18Merge #13500: [wallet] Decouple wallet version from client versionWladimir J. van der Laan
cd3f4aa80810fc077c7f9528a4ef53c1438c86e1 Decouple wallet version from client version (Andrew Chow) Pull request description: Instead of comparing version numbers in the wallet to the client version number, compare them to the latest supported wallet version in the client. This allows for wallet version numbers to be unrelated to the client version number. Tree-SHA512: 69c3e1f45a40bde01d622d504a803fea32fc14e2e27b14b0729725349d8592d56ebca26fd06f117fd6f5164fb4ce980122751b6370f6e25f1a947dbdf4143ddd
2018-07-17wallet: Avoid potential null pointer dereference in ↵practicalswift
CWalletTx::GetAvailableCredit(...)
2018-07-16Merge #13652: rpc: Fix that CWallet::AbandonTransaction would leave the ↵Wladimir J. van der Laan
grandchildren, etc. active 89e70f9d7fe384ef9de4fa3828d4c80523290186 Fix that CWallet::AbandonTransaction would only traverse one level (Ben Woosley) Pull request description: Prior to this change, it would mark only the first layer of child transactions abandoned, due to always following the input `hashTx` rather than the current `now` tx. Tree-SHA512: df068b49637d299ad73237c7244005fe5aa966d6beae57aff12e6948f173d9381e1b5d08533f7e3a1416991ed57f9f1f7b834057141d85c07dc60bb1f0872cea
2018-07-13Merge #13072: Update createmultisig RPC to support segwitPieter Wuille
f40b3b82df [tests] functional test for createmultisig RPC (Anthony Towns) b9024fdda3 segwit support for createmultisig RPC (Anthony Towns) d58055d25f Move AddAndGetDestinationForScript from wallet to outputype module (Anthony Towns) 9a44db2e46 Add outputtype module (Anthony Towns) Pull request description: Adds an "address_type" parameter that accepts "legacy", "p2sh-segwit", and "bech32" to choose the type of address created. Defaults to "legacy" rather than the value of the `-address-type` option for backwards compatibility. As part of implementing this, OutputType is moved from wallet into its own module, and `AddAndGetDestinationForScript` is changed to apply to a `CKeyStore` rather than a wallet, and to invoke `keystore.AddCScript(script)` itself rather than expecting the caller to have done that. Fixes #12502 Tree-SHA512: a08c1cfa89976e4fd7d29caa90919ebd34a446354d17abb862e99f2ee60ed9bc19d8a21a18547c51dc3812cb9fbed86af0bef2f1e971f62bf95cade4a7d86237
2018-07-13Merge #13651: [moveonly] Extract CWallet::MarkInputsDirty, and privatize ↵Pieter Wuille
AddToWalletIfInvolvingMe 17e6aa8e33 Privatize CWallet::AddToWalletIfInvolvingMe (Ben Woosley) b7f5650942 Extract CWallet::MarkInputsDirty (Ben Woosley) Pull request description: Thus reducing code and surface area of CWallet. Tree-SHA512: 31a99acc77ef3438ef9b95d60030972b707bd69d6e7b1498a5f776b219d9aabc83464f75bfec7bad5cb635d0b2d686c389914e5cc57a4bb0b93c47bd82ca608c
2018-07-13Merge #13566: Fix get balancePieter Wuille
702ae1e21a [RPC] [wallet] allow getbalance to use min_conf and watch_only without accounts. (John Newbery) cf15761f6d [wallet] GetBalance can take a min_depth argument. (John Newbery) 0f3d6e9ab7 [wallet] factor out GetAvailableWatchOnlyBalance() (John Newbery) 7110c830f8 [wallet] deduplicate GetAvailableCredit logic (John Newbery) ef7bc8893c [wallet] Factor out GetWatchOnlyBalance() (John Newbery) 4279da4785 [wallet] GetBalance can take an isminefilter filter. (John Newbery) Pull request description: #12953 inadvertently removed the functionality to call `getbalance "*" <int> <bool>` to get the wallet's balance with either minconfs or include_watchonly. This restores that functionality (when `-deprecatedrpc=accounts`), and also makes it possible to call ``getbalance minconf=<int> include_watchonly=<bool>` when accounts are not being used. Tree-SHA512: 67e84de9291ed6d34b23c626f4dc5988ba0ae6c99708d02b87dd3aaad3f4b6baa6202a66cc2dadd30dd993a39de8036ee920fcaa8cbb1c5dfe606e6fac183344
2018-07-13Merge #13630: Drop unused pindexRet arg to CMerkleTx::GetDepthInMainChainPieter Wuille
d6f39b6c64 Drop unused pindexRet arg to CMerkleTx::GetDepthInMainChain (Ben Woosley) Pull request description: Tree-SHA512: 5f064a47e71113f90f296ab36dae92173ff3fc632ab4e1e85dc71d556cb9239d15939b1e542f4292dab93d336795b7f2e4ae64f6984303c852df8d24f54ccebe
2018-07-13Privatize CWallet::AddToWalletIfInvolvingMeBen Woosley
And document in the header.
2018-07-13Extract CWallet::MarkInputsDirtyBen Woosley
To avoid repeated implementations.
2018-07-13Merge #12944: [wallet] ScanforWalletTransactions should mark input txns as dirtyJonas Schnelli
3c292cc19 ScanforWalletTransactions should mark input txns as dirty (Gregory Sanders) Pull request description: I'm hitting a corner case in my mainnet wallet where I load a restore a wallet, call `rescanblockchain` from RPC, and it's "double counting" an output I've sent to myself since currently it never marks input transactions as dirty. This is fixed by a restart of the wallet. Note that this only happens with keys with birthdate *after* the blocks containing the spent funds which gets scanned on startup, so it's hard to test without a set seed function. Tree-SHA512: ee1fa152bb054b57ab4c734e355df10d241181e0372c81d583be61678fffbabe5ae60b09b05dc1bbbcfb4838df9d8538791d4c1d80a09b84d78ad2f50dcb0a61
2018-07-13wallet: assert to ensure accuracy of CMerkleTx::GetBlocksToMaturityBen Woosley
According to my understanding, it should not be possible for coinbase transactions to be conflicting, thus it should not be possible for GetDepthInMainChain to return a negative result. If it did, this would also result in innacurate results for GetBlocksToMaturity due to the math therein. asserting ensures accuracy.
2018-07-13Fix that CWallet::AbandonTransaction would only traverse one levelBen Woosley
Prior to this change, it would mark only the first layer of child transactions abandoned, due to always following the input hashTx rather than the current now tx.
2018-07-12Add option to disable private keys during internal wallet creationJonas Schnelli
2018-07-12Add facility to store wallet flags (64 bits)Jonas Schnelli
2018-07-11Merge #13114: wallet/keystore: Add Clang thread safety annotations for ↵MarcoFalke
variables guarded by cs_KeyStore 968b76f77c Add missing cs_KeyStore lock (practicalswift) 4bcd5bb87d Add locking annotations for variables guarded by cs_KeyStore (practicalswift) Pull request description: * Add Clang thread safety annotations for variables guarded by `cs_KeyStore` * Add missing `cs_KeyStore` lock Tree-SHA512: 7d93513c2da0cd564b9f1e75aa5156a454a4133eb845020fde8872e685dd5758353e93c33364aeea4a812c08353a810494e503a5ce160cc5be0af5af4bb2e6d7
2018-07-11Drop unused pindexRet arg to CMerkleTx::GetDepthInMainChainBen Woosley
2018-07-09Remove useless mapRequest tracking that just effects Qt display.Matt Corallo
I thought we had removed this a long time ago, TBH, its really confusing feedback to users that we display whether a tx was broadcast to immediate neighbor nodes, given that has little indication of whether the tx propagated very far.