aboutsummaryrefslogtreecommitdiff
path: root/src/wallet
AgeCommit message (Collapse)Author
2017-10-04rpc: Prevent `dumpwallet` from overwriting filesWladimir J. van der Laan
Prevent arbitrary files from being overwritten. There have been reports that users have overwritten wallet files this way. It may also avoid other security issues. Fixes #9934. Adds mention to release notes and adds a test. Github-Pull: #9937 Rebased-From: 0cd9273fd959c6742574259d026039f7da0309a2
2017-10-04wallet: update stored witness in AddToWalletSuhas Daftuar
Replace witness-stripped wallet transactions with full transactions; this can happen when upgrading from a pre-segwit wallet to a segwit- aware wallet. Github-Pull: #11225 Rebased-From: d01a9682b126a5f83c7311e652e6e62f2c2e1d20
2017-10-03Acquire cs_main lock before cs_wallet during wallet initializationRussell Yanofsky
CWallet::MarkConflicted may acquire the cs_main lock after CWalletDB::LoadWallet acquires the cs_wallet lock during wallet initialization. (CWalletDB::LoadWallet calls ReadKeyValue which calls CWallet::LoadToWallet which calls CWallet::MarkConflicted). This is the opposite order that cs_main and cs_wallet locks are acquired in the rest of the code, and so leads to POTENTIAL DEADLOCK DETECTED errors if bitcoin is built with -DDEBUG_LOCKORDER. This commit changes CWallet::LoadWallet (which calls CWalletDB::LoadWallet) to acquire both locks in the standard order. It also fixes some tests that were acquiring wallet and main locks out of order and failed with the new locking in CWallet::LoadWallet. Error was reported by Luke Dashjr <luke-jr@utopios.org> in https://botbot.me/freenode/bitcoin-core-dev/msg/90244330/ Github-Pull: #11126 Rebased-From: de9a1db2ed14e0c75ffd82dc031f7ad30c56d195
2017-10-03[wallet] Close DB on error.Karl-Johan Alm
Github-Pull: #11017 Rebased-From: 03bc719a85cb4928cb4b43d0bc4142f72cb01b23
2017-08-28Output a bit more information for fee calculation report.Alex Morcos
Github-Pull: #11145 Rebased-From: 6af49dddeaeec7f134e86d6f8cf839c55870b7ab Tree-SHA512: 7245c6f7ed81cf3913e351ff1df7f74f4be7abe0ae8be312e4862c9875e2943b0b11136bc9999191cdf03468fdac5d41e294bb59b657605c22643b102e37c070
2017-08-28Fix rounding errors in calculation of minimum change sizeAlex Morcos
Github-Pull: #11145 Rebased-From: a54c7b94f8825e9b52fec9066fe7c1d5b6f53482 Tree-SHA512: d9abb9794edbf7e52450c63d183a4f28e9a3621a670b7f21af92407be096363b44a356818f2abbea11c168d123c04852bd0b60f1cd9d423aefbf4ae831f8567d
2017-08-21[wallet] Add logging to MarkReserveKeysAsUsedJohn Newbery
Github-Pull: #11044 Rebased-From: 67ceff4039ae038ae16f06128f868a2e8395b59a Tree-SHA512: 850c5b1010c84e164edf24a83ae36e46309b2eb7a67854bad509265ed590ba67d5f743a8416590da6ecca85fe4bda7f20e8c3152e422638eb7898db11a416af7
2017-08-21[wallet] Remove keypool_topup_cleanupsJohn Newbery
Unused function. Mostly reverts c25d90f125d69e33688288eff439eb7be75012e9 c25d90f... was merged as part of PR 11022 but is not required. Github-Pull: #11044 Rebased-From: 1221f60c94971c0f66abe5fdf086087a173bb0ac Tree-SHA512: da229b128bee5f124c009a1a2adfb4fa879366c81789824c426c9ce5209c835888a7e6cfeb1724551320a98cd08406a605372f84487a0d289cd6e02f9ac3ea21
2017-08-14scripted-diff: stop using the gArgs wrappersMarko Bencun
They were temporary additions to ease the transition. -BEGIN VERIFY SCRIPT- find src/ -name "*.cpp" ! -wholename "src/util.h" ! -wholename "src/util.cpp" | xargs perl -i -pe 's/(?<!\.)(ParseParameters|ReadConfigFile|IsArgSet|(Soft|Force)?(Get|Set)(|Bool|)Arg(s)?)\(/gArgs.\1(/g' -END VERIFY SCRIPT-
2017-08-14Merge #10483: scripted-diff: Use the C++11 keyword nullptr to denote the ↵Wladimir J. van der Laan
pointer literal instead of the macro NULL 90d4d89 scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal instead of the macro NULL (practicalswift) Pull request description: Since C++11 the macro `NULL` may be: * an integer literal with value zero, or * a prvalue of type `std::nullptr_t` By using the C++11 keyword `nullptr` we are guaranteed a prvalue of type `std::nullptr_t`. For a more thorough discussion, see "A name for the null pointer: nullptr" (Sutter & Stroustrup), http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2007/n2431.pdf With this patch applied there are no `NULL` macro usages left in the repo: ``` $ git grep NULL -- "*.cpp" "*.h" | egrep -v '(/univalue/|/secp256k1/|/leveldb/|_NULL|NULLDUMMY|torcontrol.*NULL|NULL cert)' | wc -l 0 ``` The road towards `nullptr` (C++11) is split into two PRs: * `NULL` → `nullptr` is handled in PR #10483 (scripted, this PR) * `0` → `nullptr` is handled in PR #10645 (manual) Tree-SHA512: 3c395d66f2ad724a8e6fed74b93634de8bfc0c0eafac94e64e5194c939499fefd6e68f047de3083ad0b4eff37df9a8a3a76349aa17d55eabbd8e0412f140a297
2017-08-14Merge #11022: Basic keypool topupWladimir J. van der Laan
d34957e [wallet] [tests] Add keypool topup functional test (Jonas Schnelli) 095142d [wallet] keypool mark-used and topup (John Newbery) c25d90f [wallet] Add HasUnusedKeys() helper (John Newbery) f2123e3 [wallet] Cache keyid -> keypool id mappings (John Newbery) 83f1ec3 [wallet] Don't hold cs_LastBlockFile while calling setBestChain (John Newbery) 2376bfc [wallet] [moveonly] Move LoadKeyPool to cpp (Matt Corallo) cab8557 [wallet] [moveonly] Move CAffectedKeysVisitor (Jonas Schnelli) Pull request description: This PR contains the first part of #10882 : - if a key from the keypool is used, mark all keys up to that key as used, and then try to top up the keypool - top up the keypool on startup Notably, it does not stop the node or prevent the best block from advancing if the keypool drops below a threshold (which means that transactions may be missed and funds lost if restoring from an old HD wallet backup). Tree-SHA512: ac681fefeaf7ec2aab2fa1da93d12273ea80bd05eb48d7b3b551ea6e5d975dd97ba7de52b7fba52993823280ac4079cc36cf78a27dac708107ebf8fb6326142b
2017-08-10[wallet] keypool mark-used and topupJohn Newbery
This commit adds basic keypool mark-used and topup: - try to topup the keypool on initial load - if a key in the keypool is used, mark all keys before that as used and try to top up
2017-08-07[wallet] return correct error code from resendwallettransactionJohn Newbery
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-08-06Fix resendwallettransactions assert failure if -walletbroadcast=0Matt Corallo
2017-08-04[wallet] Add HasUnusedKeys() helperJohn Newbery
2017-08-04[wallet] Cache keyid -> keypool id mappingsJohn Newbery
2017-08-03Merge #10942: Eliminate fee overpaying edge case when subtracting fee from ↵Wladimir J. van der Laan
recipients 49d903e Eliminate fee overpaying edge case when subtracting fee from recipients (Alex Morcos) Pull request description: I'm not sure if this is the cause of the issue in #10034 , but this was a known edge case. I just didn't realize how simple the fix is. Could use a couple more eyes to make sure nothing silly can go wrong here, but if we all agree it's this simple, we can add this as another 0.15 bug fix. Tree-SHA512: db1dd1e83363a3c231267b626d3a388893ee70ba1972056fe2c339c5c9e4fbfd30f7fe837c30cc7be884d454797fd4c619b9d631a8d5eeb55cdb07402a83acb3
2017-08-02[wallet] [moveonly] Move LoadKeyPool to cppMatt Corallo
2017-08-02[wallet] [moveonly] Move CAffectedKeysVisitorJonas Schnelli
2017-08-01Merge #10788: [RPC] Fix addwitnessaddress by replacing ismine with ↵Wladimir J. van der Laan
producesignature e222dc2 Replace ismine with producesignature check in witnessifier (Andrew Chow) Pull request description: Instead of using ismine to check whether an address can be spent by us, make the witness version of the script or address first and then use ProduceSignature with the DummySignatureCreator to check if we can solve for the script. This is to fix cases where we don't have all of the private keys (for something like a multisig address) but have the redeemscript so we can witnessify it. Tree-SHA512: 371777aee839cceb41f099109a13689120d35cf3880cde39216596cc2aac5cc1096af7d9cf07ad9306c3b05c073897f4518a7e97f0b88642f1e3b80b799f481e
2017-07-28Clarify help message for -discardfeeAlex Morcos
2017-07-28[wallet] Specify wallet name in wallet loading errorsJohn Newbery
2017-07-28Reject invalid wallet filesJoão Barbosa
2017-07-28Reject duplicate wallet filenamesJoão Barbosa
2017-07-27Eliminate fee overpaying edge case when subtracting fee from recipientsAlex Morcos
2017-07-27Replace ismine with producesignature check in witnessifierAndrew Chow
Instead of using ismine to check whether an address can be spent by us, make the witness version of the script or address first and then use ProduceSignature with the DummySignatureCreator to check if we can solve for the script. Also fixes test cases to reflect this change.
2017-07-27Merge #10931: Fix misleading "Method not found" multiwallet errorsWladimir J. van der Laan
df389bc Change wallet method disabled error text (Russell Yanofsky) e526b3d Fix misleading "Method not found" multiwallet errors (Russell Yanofsky) Pull request description: Raise RPC_WALLET_NOT_SPECIFIED instead of RPC_METHOD_NOT_FOUND when a required wallet filename was not specified in an RPC call. Also raise more specific RPC_WALLET_NOT_FOUND error instead of RPC_INVALID_PARAMETER in case an invalid wallet was specified, for consistency. Tree-SHA512: 6a8d885283f69bcfc28f2e08ac03eff02f9f8160a312ce2a90d868aa52533434fc0b4c4ab86547c2f09392338956df915637eaf7136a4fc105e6c8179f2d0ac8
2017-07-26Change wallet method disabled error textRussell Yanofsky
Not strictly backwards compatible because the error is not new in this release.
2017-07-26Merge #10912: [tests] Fix incorrect memory_cleanse(…) call in crypto_tests.cppWladimir J. van der Laan
065039d [tests] Fix incorrect memory_cleanse(…) call in crypto_tests.cpp (practicalswift) Pull request description: `chKey` and `chIV` are pointers, not arrays :-) Probably the result of copy-pasting of old code where the code was operating on arrays instead of pointers. If I'm reading the code correctly the absence/presence of these `memory_cleanse(…)` calls won't alter the outcome of the test in question (`TestPassphraseSingle`) even if fixed. Therefore removing. Tree-SHA512: a053b2817bedf6ef889744e546ce9a0f165dee94aef6850d9d6a6bb05b0018789597371ecf154a4aec8588c0ef5626ef08c23c35e35927f6b0497b5f086146fe
2017-07-26Fix misleading "Method not found" multiwallet errorsRussell Yanofsky
Raise RPC_WALLET_NOT_SPECIFIED instead of RPC_METHOD_NOT_FOUND when a required wallet filename was not specified in an RPC call. Also raise more specific RPC_WALLET_NOT_FOUND error instead of RPC_INVALID_PARAMETER in case an invalid wallet was specified, for consistency.
2017-07-26Merge #10854: Avoid using sizes on non-fixed-width types to derive protocol ↵Wladimir J. van der Laan
constants. 095b917 Avoid using sizes on non-fixed-width types to derive protocol constants. (Gregory Maxwell) Pull request description: Thanks to awemany for pointing this out. This replaces #10172 which appears to be abandoned, but uses the constants as requested on that PR. Tree-SHA512: 032c0d75b3aaf807a7d0c7fb8ff5515acc45ad58bd00fe81413f900fe02bad900534a970403b9bb568e132c9eddea6043e958daf625e8acc84375bd41ee2e2ef
2017-07-26Merge #10655: Properly document target_confirmations in listsinceblockWladimir J. van der Laan
9f8a46f Properly document target_confirmations in listsinceblock (Ryan Havar) Pull request description: There seems to be some misunderstandings about this, but it's a heavily used function so I'd like to make sure the docs are clear about how it works. For a later issue: * Change the default of target_confirmations to 6 (1 is a pretty silly default) * Change the name of target_confirmations (it's really a horrible name) Tree-SHA512: a2fba2fab30019cea9db56cd7e31de95ba31090617ab336bdf130f9591bfcf3fc5fbd9e7e1e40b6c7bd2f74b9b4658afb1fdc7fc44e1f79520d1319758982a1c
2017-07-26[tests] Fix incorrect memory_cleanse(…) call in crypto_tests.cpppracticalswift
chKey and chIV are pointers, not arrays :-) Probably the result of copy-pasting of old code which was operating on arrays instead of pointers.
2017-07-25Merge #10799: Prevent user from specifying conflicting parameters to fundrawtxWladimir J. van der Laan
99c7fc3 Prevent user from specifying conflicting parameters to fundrawtx (Matt Corallo) Pull request description: estimate_mode/conf_target both are overridden by feeRate, so should not be specified together with feeRate. Based on #10706 Tree-SHA512: 8ccd08575fd1f2a0d45112538ffbbc73983ee172963230b0cc7ac41d13c6f3c740917f82b212c41ded3a64d873452e7f2c7af49f3b47cab897f8e85117f21333
2017-07-25Properly document target_confirmations in listsinceblockRyan Havar
2017-07-25test: Make sure wallet.backup is created in temp pathWladimir J. van der Laan
This assures that we don't overwrite a random file called `wallet.backup` that happens to be in the current directory. It also assures that the temporary file will be cleaned up. Noticed by Evan Klitzke, came up in discussion here: https://github.com/bitcoin/bitcoin/pull/10880#discussion_r128460722
2017-07-25Merge #10789: Punctuation/grammer fixes in rpcwallet.cppWladimir J. van der Laan
a5ecaf1 Fix misspellings and remove safety verbiage (Steven D. Lander) Pull request description: Standardizing punctuation on CLI output and also including a few fixes for grammer. This PR is for text only changes and includes no code edits. Tree-SHA512: afde551bf1212838822188b6723f2bf1b7222decfa1cd7aa6b04967489108a29f80833af6059252af028c53437755f258275af0614e0d4d0311e09421cd8e131
2017-07-24Merge #9622: [rpc] listsinceblock should include lost transactions when ↵Wladimir J. van der Laan
parameter is a reorg'd block 876e92b Testing: listsinceblock should display all transactions that were affected since the given block, including transactions that were removed due to a reorg. (Karl-Johan Alm) f999c46 listsinceblock: optionally find and list any transactions that were undone due to reorg when requesting a non-main chain block in a new 'removed' array. (Karl-Johan Alm) Pull request description: The following scenario will not notify the caller of the fact `tx0` has been dropped: 1. User 1 receives BTC in tx0 from utxo1 in block aa1. 2. User 2 receives BTC in tx1 from utxo1 (same) in block bb1 3. User 1 sees 2 confirmations at block aa3. 4. Reorg into bb chain. 5. User 1 asks `listsinceblock aa3` and does not see that tx0 is now invalidated. See `listsinceblock.py` commit for related test. The proposed fix is to iterate from the given block down to the fork point, and to check each transaction in the blocks against the wallet, in addition to including all transactions from the fork point to the active chain tip (the current behavior). Any transactions that were present will now also be listed in the `listsinceblock` output in a new `replaced` array. This operation may be a bit heavy but the circumstances (and perceived frequency of occurrence) warrant it, I believe. Example output: ```Python { 'transactions': [], 'replaced': [ { 'walletconflicts': [], 'vout': 1, 'account': '', 'timereceived': 1485234857, 'time': 1485234857, 'amount': '1.00000000', 'bip125-replaceable': 'unknown', 'trusted': False, 'category': 'receive', 'txid': 'ce673859a30dee1d2ebdb3c05f2eea7b1da54baf68f93bb8bfe37c5f09ed22ff', 'address': 'miqEt4kWp9zSizwGGuUWLAmxEcTW9bFUnQ', 'label': '', 'confirmations': -7 } ], 'lastblock': '7a388f27d09e3699102a4ebf81597d974fc4c72093eeaa02adffbbf7527f6715' } ``` I believe this addresses the comment by @luke-jr in https://github.com/bitcoin/bitcoin/pull/9516#issuecomment-274190081 but I could be wrong.. Tree-SHA512: 607b5dcaeccb9dc0d963d3de138c40490f3e923050b29821e6bd513d26beb587bddc748fbb194503fe618cfe34a6ed65d95e8d9c5764a882b6c5f976520cff35
2017-07-21listsinceblock: optionally find and list any transactions that were undone ↵Karl-Johan Alm
due to reorg when requesting a non-main chain block in a new 'removed' array.
2017-07-20[wallet] [rpc] Add listwallets RPCJohn Newbery
This commit adds a listwallets RPC, which lists the names of the currently loaded wallets. This command intentionally shows no information about the wallet other then the name. Information on individual wallets can be obtained using the getwalletinfo RPC.
2017-07-20[wallet] [rpc] print wallet name in getwalletinfoJohn Newbery
2017-07-20[wallet] fix comment for CWallet::Verify()John Newbery
2017-07-20Merge #10783: [RPC] Various rpc argument fixesWladimir J. van der Laan
4dc1915 check for null values in rpc args and handle appropriately (Gregory Sanders) 999ef20 importmulti options are optional (Gregory Sanders) a70d025 fixup some rpc param counting for rpc help (Gregory Sanders) Pull request description: Audited where named args will fail to use correct default values or may fail when additional optional arguments are added. Previously for these parameters, it was fine to omit them as positional arguments, but it would trigger UniValue runtime errors to set them to null, or to omit them while passing named parameters with greater positions (which would internally set earlier missing arguments to null). Now null values are treated the same as missing values so these errors do not occur. Included a few other small fixes while working on it. I didn't bother fixing account-based rpc calls. Tree-SHA512: 8baf781a35bd48de7878d4726850a580dab80323d3416c1c146b4fa9062f8a233c03f37e8ae3f3159e9d04a8f39c326627ca64c14e1cb7ce72538f934ab2ae1e
2017-07-20Merge #10862: Remove unused variable int64_t nEnd. Fix typo: "conditon" → ↵Wladimir J. van der Laan
"condition". 5a6671c Fix typo: "conditon" → "condition" (practicalswift) 35aff43 Remove unused variable int64_t nEnd (practicalswift) Pull request description: * Remove unused variable `int64_t nEnd`. Last use of `nEnd` removed in commit 1fc8c3d. * Fix typo: "conditon" → "condition". Typo introduced in commit 439c4e8. Tree-SHA512: 61624e6f70828c485fe46dbe00df76f1a07b7a5849d41bf7d279323b687420e60e9b85192f611a37211f17f3dea8eb3f6f6dc65d90c92e5516404fd81d37785a
2017-07-19Fix misspellings and remove safety verbiageSteven D. Lander
2017-07-19Merge #10817: Redefine Dust and add a discard_rateWladimir J. van der Laan
f4d00e6 Add a discard_rate (Alex Morcos) b138585 Remove factor of 3 from definition of dust. (Alex Morcos) Pull request description: The definition of dust is redefined to remove the factor of 3. Dust is redefined to be the value of an output such that it would cost that value in fees to (create and) spend the output at the dust relay rate. The previous definition was that it would cost 1/3 of the value. The default dust relay rate is correspondingly increased to 3000 sat/kB so the actual default dust output value of 546 satoshis for a non-segwit output remains unchanged. This commit is a refactor only unless a dustrelayfee is passed on the commandline in which case that number now needs to be increased by a factor of 3 to get the same behavior. -dustrelayfee is a hidden command line option. Note: It's not exactly a refactor due to edge case changes in rounding as evidenced by the required change to the unit test. A discard_rate is added which defaults to 10,000 sat/kB Any change output which would be dust at the discard_rate you are willing to discard completely and add to fee (as well as continuing to pay the fee that would have been needed for creating the change) This would be a nice addition for 0.15 and I think will remain useful for 0.16 with the new coin selection algorithms in discussion, but its not crucial. It does add translation strings, but we could (should?) avoid that by hiding the option Tree-SHA512: 5b6f655354d0ab6b8b6cac1e8d1fe3136d10beb15c6d948fb15bfb105155a9d03684c6240624039b3eed6428b7e60e54216cc8b2f90c4600701e39f646284a9b
2017-07-18Merge #10784: Do not allow users to get keys from keypool without reserving themWladimir J. van der Laan
cf82a9e Do not allow users to get keys from keypool without reserving them (Matt Corallo) Pull request description: fundrawtransaction allows users to add a change output and then not have it removed from keypool. While it would be nice to have users follow the normal CreateTransaction/CommitTransaction process we use internally, there isnt much benefit in exposing this option, especially with HD wallets, while there is ample room for users to misunderstand or misuse this option. This partially reverts #9377. Would be nice to get this for 15 since its kinda crazy we have this option to begin with IMO, will need release notes as an RPC option is now ignored. Tree-SHA512: 72b5ee9c4a229b84d799dfb00c56fe80d8bba914ce81a433c3f5ab325bf9bf2b839ee658c261734f0ee183ab19435039481014d09c41dbe155e6323e63beb01d
2017-07-18Do not allow users to get keys from keypool without reserving themMatt Corallo
fundrawtransaction allows users to add a change output and then not have it removed from keypool. While it would be nice to have users follow the normal CreateTransaction/CommitTransaction process we use internally, there isnt much benefit in exposing this option, especially with HD wallets, while there is ample room for users to misunderstand or misuse this option. This could be particularly nasty in some use-cases (especially pre-HD-split) - eg a user might fundrawtransaction, then call getnewaddress, hand out the address for someone to pay them, then sendrawtransaction. This may result in the user thinking they have received payment, even though it was really just their own change! This could obviously result in needless key-reuse.
2017-07-18Merge #10849: Multiwallet: simplest endpoint supportWladimir J. van der Laan
6b9faf7 [QA] add basic multiwallet test (Jonas Schnelli) 979d0b8 [tests] [wallet] Add wallet endpoint support to authproxy (John Newbery) 76603b1 Select wallet based on the given endpoint (Jonas Schnelli) 32c9710 Fix test_bitcoin circular dependency issue (Jonas Schnelli) 31e0720 Add wallet endpoint support to bitcoin-cli (-usewallet) (Jonas Schnelli) dd2185c Register wallet endpoint (Jonas Schnelli) Pull request description: Alternative for #10829 and #10650. It adds the most simplest form of wallet based endpoint support (`/wallet/<filename>`). No v1 and no node/wallet endpoint split. Tree-SHA512: 23de1fd2f9b48d94682928b582fb6909e16ca507c2ee19e1f989d5a4f3aa706194c4b1fe8854d1d79ba531b7092434239776cae1ae715ff536e829424f59f9be