| Age | Commit message (Collapse) | Author |
|---|
|
Github-Pull: #27053
Rebased-From: 14b4921a91920df25b19ff420bfe2bff8c56f71e
|
|
When an encrypted wallet is locked (for instance via the
RPC `walletlock`), the docs indicate that the key is
removed from memory. However, the vector (with a secure
allocator) is merely cleared. This allows the key to persist
indefinitely in memory. Instead, manually fill the bytes with
zeroes before clearing.
Github-Pull: #27080
Rebased-From: 3a11adc7004d21b3dfe028b190d83add31691c55
|
|
To be eligible for fee-bumping, a transaction must not have any
of its outputs (eg - change) spent in other unconfirmed transactions
in the wallet. However, this check should not apply to abandoned
transactions.
A new test case is added to cover this case.
Github-Pull: #26675
Rebased-From: f9ce0eadf4eb58d1e2207c27fabe69a5642482e7
|
|
If a wallet has key birthdates that are more recent than the currrent
chain tip, or a bestblock height higher than the current tip, we should
not attempt to rescan as there is nothing to scan for.
Github-Pull: #26679
Rebased-From: 378400953424598fd78ccec5ba8cc38bc253c550
|
|
Currently `migratewallet` migrates the address book (i.e. labels and
purposes) for watchonly and solvable wallets only in RAM, but doesn't
persist them on disk. Fix this by adding another loop for both of the
special wallet types after which writes the corresponding NAME and
PURPOSE entries to the database in a single batch.
Github-Pull: #26761
Rebased-From: d5f4ae7fac0bceb0c9ad939b9a4fbdb85da0bf95
|
|
This exercises the bug inside CoinsResult::Erase that
ends up on (1) a wallet crash or (2) a created and
broadcasted tx that contains a reduced recipient's amount.
This is covered by making the wallet selects the preset
inputs twice during the coin selection process.
Making the wallet think that the selection process result covers
the entire tx target when it does not. It's actually creating
a tx that sends more coins than what inputs are covering for.
Which, combined with the SFFO option, makes the wallet
incorrectly reduce the recipient's amount by the difference
between the original target and the wrongly counted inputs.
Which means, a created and relayed tx sending less coins to
the destination than what the user inputted.
Github-Pull: #26560
Rebased-From: cf793846978a8783c23b66ba6b4f3f30e83ff3eb
|
|
Github-Pull: #26560
Rebased-From: 341ba7ffd8cdb56b4cde1f251768c3d2c2a9b4e9
|
|
The loop break shouldn't have being there.
Github-Pull: #26560
Rebased-From: f930aefff9690a1e830d897d0a8c53f4219ae4a8
|
|
Github-Pull: #26594
Rebased-From: 5e65a216d1fd00c447757736d4f2899d235e731a
|
|
If migratewallet fails, we do a cleanup which removes the watchonly and
solvables wallets if they were created. However, if they were not, their
pointers are nullptr and we don't check for that, which causes a
segfault during the cleanup. So check that they aren't nullptr before
cleaning them up.
Github-Pull: #26594
Rebased-From: 86ef7b3c7be84e4183098f448c77ecc9ea7367ab
|
|
Affects the help of the `fundrawtransaction`, `send` and
`walletcratefundedpsbt` RPCs.
Github-Pull: #26449
Rebased-From: c3b1fe59dbc7abe45973e282cddf3677514e220f
|
|
In addition to the pubkeys in hd_keypaths and tap_bip32_keypaths, also
see if the descriptor can produce a SigningProvider for the output
pubkey.
Also slightly refactors this area to reduce code duplication.
Github-Pull: #26418
Rebased-From: 8781a1b6bbd0af3cfdf1421fd18de5432494619a
|
|
Github-Pull: #26349
Rebased-From: eb679a7896ce00e322972a011b023661766923b9
|
|
Github-Pull: #26344
Rebased-From: b132c85650afb2182f2e58e903f3d6f86fd3fb22
|
|
sendall should be using a bitwise AND for sendall's IsMine check rather
than an equality as IsMine will never return ISMINE_ALL.
Github-Pull: #26344
Rebased-From: 6bcd7e2a3b52f855db84cd23b5ee70d27be3434f
|
|
Since m_next_resend is now only called from MaybeResendWalletTxs()
we don't have any potential race conditions anymore, so the usage
of std::atomic can be reverted.
Github-Pull: #26205
Rebased-From: b01682a812f0841170657708ef0e896b904fcd77
|
|
We only want to relay our resubmitted transactions once every 12-36h.
By separating the timer update logic out of ResubmitWalletTransactions
and into MaybeResendWalletTxs we avoid non-relay calls (previously in
the separate ReacceptWalletTransactions function) from resetting that
timer.
Github-Pull: #26205
Rebased-From: 9245f456705b285e2d9afcc01a6155e1b3f92fad
|
|
Moves the logic of whether or not transactions should actually be
resent out of the function that's resending them. This reduces
responsibilities of ResubmitWalletTransactions and allows
carving out the updating of m_next_resend in a future commit.
Github-Pull: #26205
Rebased-From: 7fbde8af5c06694eecd4ce601109bd826a54bd6f
|
|
ReacceptWalletTransactions is replaced by ResubmitWalletTransactions
which already handles acquiring the necessary locks internally.
Github-Pull: #26205
Rebased-From: 01f3534632d18c772901fb6ce22f6394eae96799
|
|
|
|
|
|
SignMessage
a60d9eb9e6b6a272a3fca8981d89a55955dced55 Bugfix: Wallet: Lock cs_wallet for SignMessage (Luke Dashjr)
Pull request description:
(Clean merge of #26130 to 24.x branch)
Top commit has no ACKs.
Tree-SHA512: 821e19d222cc1eb9a6b957ec87d48cfb00b2c5b8182682ac57d9c76785b667ad9c71444e6bf0f53177c06d5fb39e72dbfc82d7debe4b1597699eefaf3001d08d
|
|
|
|
cs_desc_main is typically locked within scope of a cs_wallet lock, but:
CWallet::IsLocked locks cs_wallet
...called from DescriptorScriptPubKeyMan::GetKeys
...called from DescriptorScriptPubKeyMan::GetSigningProvider which locks cs_desc_main first, but has no access to cs_wallet
...called from DescriptorScriptPubKeyMan::SignMessage
...called from CWallet::SignMessage which can access and lock cs_wallet
Resolve the out of order locks by grabbing cs_wallet in CWallet::SignMessage first
|
|
in RestoreWallet, and in general via interfaces)
c3e536555aa3a7db773170671da1256a2ace2094 Bugfix: Wallet: Return util::Error rather than non-error nullptr when CreateWallet/LoadWallet/RestoreWallet fail (Luke Dashjr)
335ff98c8a64eda38a2a2334102bd253f108c253 Bugfix: Wallet: Wrap RestoreWallet content in a try block to ensure exceptions become returned errors and incomplete wallet directory is removed (Luke Dashjr)
Pull request description:
Bug 1: `copy_file` can throw exceptions, but `RestoreWallet` is expected to return a nullptr with a populated `errors` parameter. This is fixed by wrapping `copy_file` and `LoadWallet` (for good measure) in a `try` block, and converting any exceptions to the intended return style.
Bug 2: `util::Result` turns what would have been a `false` unique_ptr into a `true` nullptr result, which leads to nullptr dereferences in at least the 3 cases of wallet creation/loading/restoring. This is fixed by keeping the pointer as a plain `std::unique_ptr` until actually returning it (ie, after the nullptr check).
Fixes https://github.com/bitcoin-core/gui/issues/661
ACKs for top commit:
achow101:
ACK c3e536555aa3a7db773170671da1256a2ace2094
Tree-SHA512: 4291b3dbbb147acea2e63a704324c9371bc16ecb4237f8753729b0b0a6e55c9758ad61bfe8bd432fd7b0bae95d8b63a9831e61ac8b8d5c0197b550a2e0f4a105
|
|
CreateWallet/LoadWallet/RestoreWallet fail
|
|
exceptions become returned errors and incomplete wallet directory is removed
|
|
fa521c960337a65d4ce12cd1ef009c652ffe57e6 Use steady clock for all millis bench logging (MacroFake)
Pull request description:
Currently `GetTimeMillis` is used for bench logging in milliseconds integral precision. Replace it to use a steady clock that is type-safe and steady.
Microsecond or float precision can be done in a follow-up.
ACKs for top commit:
fanquake:
ACK fa521c960337a65d4ce12cd1ef009c652ffe57e6 - started making the same change.
Tree-SHA512: 86a810e496fc663f815acb8771a6c770331593715cde85370226685bc50c13e8e987e3c5efd0b4e48b36ebd2372255357b709204bac750d41e94a9f7d9897fa6
|
|
tx-size check
cc434cbf583ec8d1b0f3aa504417231fdc81f33a wallet: fix sendall creates tx that fails tx-size check (kouloumos)
Pull request description:
Fixes https://github.com/bitcoin/bitcoin/issues/26011
The `sendall` RPC doesn't use `CreateTransactionInternal` as the rest of
the wallet RPCs. [This has already been discussed in the original PR](https://github.com/bitcoin/bitcoin/pull/24118#issuecomment-1029462114).
By not going through that path, it never checks the transaction's weight
against the maximum tx weight for transactions we're willing to relay.
https://github.com/bitcoin/bitcoin/blob/447f50e4aed9a8b1d80e1891cda85801aeb80b4e/src/wallet/spend.cpp#L1013-L1018
This PR adds a check for tx-size as well as test coverage for that case.
_Note: It seems that the test takes a bit of time on slower machines,
I'm not sure if dropping it might be for the better._
ACKs for top commit:
glozow:
re ACK cc434cb via range-diff. Changes were addressing https://github.com/bitcoin/bitcoin/pull/26024#discussion_r971325299 and https://github.com/bitcoin/bitcoin/pull/26024#discussion_r970651614.
achow101:
ACK cc434cbf583ec8d1b0f3aa504417231fdc81f33a
w0xlt:
reACK https://github.com/bitcoin/bitcoin/pull/26024/commits/cc434cbf583ec8d1b0f3aa504417231fdc81f33a
Tree-SHA512: 64a1d8f2c737b39f3ccee90689eda1dd9c1b65f11b2c7bc0ec8bfe72f0202ce90ab4033bb0ecfc6080af8c947575059588a00938fe48e7fd553f7fb5ee03b3cc
|
|
fa1ce96184a1815f453e64e14d77cb0025800be9 test: Add missing syncwithvalidationinterfacequeue (MacroFake)
faa4916529699f9a057e2bf2459d957bcec1de84 test/doc: Remove unused syncwithvalidationinterfacequeue (MacroFake)
Pull request description:
Fixes #26071
ACKs for top commit:
achow101:
ACK fa1ce96184a1815f453e64e14d77cb0025800be9
glozow:
ACK fa1ce96184a1815f453e64e14d77cb0025800be9
w0xlt:
ACK https://github.com/bitcoin/bitcoin/commit/fa1ce96184a1815f453e64e14d77cb0025800be9
Tree-SHA512: d1e101b55477360ead2b99ade5d42b922aabe293ec84fb26764e29161c5be6c534aef6f22d2cc5ea63a4bd6b6e77b701f1a7a2283b8e7e815d343a604cd77656
|
|
The `sendall` RPC doesn't use `CreateTransactionInternal`as the rest of
the wallet RPCs and it never checks against the tx-size mempool limit.
Add a check for tx-size as well as test coverage for that case.
|
|
|
|
6f8e3818af7585b961039bf0c768be2e4ee44e0f sendall: check if the maxtxfee has been exceeded (ishaanam)
Pull request description:
Previously the `sendall` RPC didn't check whether the fees of the transaction it creates exceed the set `maxtxfee`. This PR adds this check to `sendall` and a test case for it.
ACKs for top commit:
achow101:
ACK 6f8e3818af7585b961039bf0c768be2e4ee44e0f
Xekyo:
ACK 6f8e3818af7585b961039bf0c768be2e4ee44e0f
glozow:
Concept ACK 6f8e3818af7585b961039bf0c768be2e4ee44e0f. The high feerate is unlikely but sendall should respect the existing wallet options.
Tree-SHA512: 6ef0961937091293d49be16f17e4451cff3159d901c0c7c6e508883999dfe0c20ed4d7126bf74bfea8150d4c1eef961a45f0c28ef64562e6cb817fede2319f1a
|
|
unless 'inputs' are provided
b00fc44ca5cb938f18d31cde7feb4e1c968dcc2f test: add coverage for 'add_inputs' dynamic default value (furszy)
ddbcfdf3d050061f4e8979a0e2bb63bba5a43c47 RPC: bugfix, 'add_inputs' default value is true unless 'inputs' are provided (furszy)
Pull request description:
This bugfix was meant to be in #25685, but decoupled it to try to make it part of 24.0 release.
It's a truly misleading functionality.
This PR doesn't change behavior in any way. Just fixes two invalid RPC help messages and adds test
coverage for the current behavior.
#### Description
In both RPC commands `send()` and `walletcreatefundedpsbt` the help message says
that `add_inputs` default value is false when it's actually dynamically set by the following statement:
```c++
coin_control.m_allow_other_inputs = rawTx.vin.size() == 0;
```
Which means that, by default, `add_inputs` is true unless there is any pre-set input, in which
case, the default is false.
ACKs for top commit:
achow101:
ACK b00fc44ca5cb938f18d31cde7feb4e1c968dcc2f
S3RK:
ACK b00fc44ca5cb938f18d31cde7feb4e1c968dcc2f
Tree-SHA512: 5c68a40d81c994e0ab6de0817db69c4d3dea3a9a64a60362531bf583b7a4c37d524b740905a3f3a89cdbf221913ff5b504746625adb8622788aea93a35bbcd40
|
|
See https://github.com/bitcoin/bitcoin/pull/25768#discussion_r958562071
Also fix doc typo from https://github.com/bitcoin/bitcoin/pull/25768#discussion_r958571943
|
|
|
|
In both RPC commands `send()` and `walletcreatefundedpsbt` the RPC help was saying
that `add_inputs` default value was false when it's actually dynamically set
by the following statement:
`coin_control.m_allow_other_inputs = rawTx.vin.size() == 0;`
Which means that, by default, `add_inputs` is true unless there
was any pre-set input, in which case, the default is false.
|
|
unknown/corrupt descriptor causes a fatal error
e06676377d935c69f0ee51fc18eb0772d524aba5 wallet: coverage for loading an unknown descriptor (furszy)
d26c3cc44438ecb9e4f618a2427c3c92a292aa16 wallet: bugfix, load wallet with an unknown descriptor cause fatal error (furszy)
Pull request description:
Fixes #26015
If the descriptor entry is unrecognized (due a soft downgrade) or corrupt, the
unserialization fails and `LoadWallet`, instead of stop there and return the error,
continues reading all the db records. As other records tied to the unrecognized
or corrupt descriptor are scanned, a fatal error is being thrown.
This fixes it by catching the descriptor parse failure and return which wallet failed.
Logging its name/path, so the user can remove it from the settings file, to prevent
its load at startup.
Note: added the test in a separate file intentionally.
Will continue adding coverage for the wallet load process in follow-up PRs.
ACKs for top commit:
achow101:
ACK e06676377d935c69f0ee51fc18eb0772d524aba5
Sjors:
re-utACK e06676377d935c69f0ee51fc18eb0772d524aba5
Tree-SHA512: d1f1a5d7e944c89c97a33b25b4411a36a11edae172c22f8524f69c84a035f84c570b284679f901fe60f1300f781b76a6c17b015a8e7ad44ebd25a0c295ef260f
|
|
Previously, this was crashing the wallet.
|
|
If the descriptor entry is unrecognized/corrupt, the unserialization fails and
`LoadWallet` instead of stop there and return the error, continues reading all
the db records. As other records tied to the unrecognized/corrupted descriptor
are scanned, a fatal error is thrown.
|
|
51829409967dcfd039249506ecd2c58fb9a74b2f RPC: fix sendall docs (Anthony Towns)
Pull request description:
Updates the documentation for the "inputs" entry in the "options"
parameter of the sendall RPC to match the documentation for
createrawtransaction.
ACKs for top commit:
achow101:
ACK 51829409967dcfd039249506ecd2c58fb9a74b2f
Xekyo:
ACK 51829409967dcfd039249506ecd2c58fb9a74b2f
Tree-SHA512: fe78e17b2f36190939b645d7f4653d025bbac110e4a7285b49e7f1da27adac8c4d03fd5b770e3a74351066b1ab87fde36fc796f42b03897e4e2ebef4b6b6081c
|
|
Updates the documentation for the "inputs" entry in the "options"
parameter of the sendall RPC to match the documentation for
createrawtransaction.
|
|
transaction chains
3405f3eed5cf841b23a569b64a376c2e5b5026cd test: Test that an unconfirmed not-in-mempool chain is rebroadcast (Andrew Chow)
10d91c5abe9ed7dcc237c9d52c588e7d26e162a4 wallet: Deduplicate Resend and ReacceptWalletTransactions (Andrew Chow)
Pull request description:
Currently `ResendWalletTransactions` (used for normal rebroadcasts) will attempt to rebroadcast all of the transactions in the wallet in the order they are stored in `mapWallet`. This ends up being random as `mapWallet` is a `std::unordered_map`. However `ReacceptWalletTransactions` (used for adding to the mempool on loading) first sorts the txs by wallet insertion order, then submits them. The result is that `ResendWalletTranactions` will fail to rebroadcast child transactions if their txids happen to be lexicographically less than their parent's txid. This PR resolves this issue by combining `ReacceptWalletTransactions` and `ResendWalletTransactions` into a new `ResubmitWalletTransactions` so that the iteration code and basic checks are shared.
A test has also been added that checks that such transaction chains are rebroadcast correctly.
ACKs for top commit:
naumenkogs:
utACK 3405f3eed5cf841b23a569b64a376c2e5b5026cd
1440000bytes:
reACK https://github.com/bitcoin/bitcoin/pull/25768/commits/3405f3eed5cf841b23a569b64a376c2e5b5026cd
furszy:
Late code review ACK 3405f3ee
stickies-v:
ACK 3405f3eed5cf841b23a569b64a376c2e5b5026cd
Tree-SHA512: 1240d9690ecc2ae8d476286b79e2386f537a90c41dd2b8b8a5a9c2a917aa3af85d6aee019fbbb05e772985a2b197e2788305586d9d5dac78ccba1ee5aa31d77a
|
|
wallets
53e7ed075c49f853cc845afc7b2f058cabad0cb0 doc: Release notes and other docs for migration (Andrew Chow)
9c44bfe244f35f08ba576d8b979a90dcd68d2c77 Test migratewallet (Andrew Chow)
0b26e7cdf2659fd8b54d21fd2bd749f9f3e87af8 descriptors: addr() and raw() should return false for ToPrivateString (Andrew Chow)
31764c3f872f4f01b48d50585f86e97c41554954 Add migratewallet RPC (Andrew Chow)
0bf7b38bff422e7413bcd3dc0abe2568dd918ddc Implement MigrateLegacyToDescriptor (Andrew Chow)
e7b16f925ae5b117e8b74ce814b63e19b19b50f4 Implement MigrateToSQLite (Andrew Chow)
5b62f095e790a0d4e2a70ece89465b64fc68358a wallet: Refactor SetupDescSPKMs to take CExtKey (Andrew Chow)
22401f17e026ead4bc3fe96967eec56a719a4f75 Implement LegacyScriptPubKeyMan::DeleteRecords (Andrew Chow)
35f428fae68ad974abdce0fa905148f620a9443c Implement LegacyScriptPubKeyMan::MigrateToDescriptor (Andrew Chow)
ea1ab390e4dac128e3a37d4884528c3f4128ed83 scriptpubkeyman: Implement GetScriptPubKeys in Legacy (Andrew Chow)
e664af29760527e75cd7e290be5f102b6d29ebee Apply label to all scriptPubKeys of imported combo() (Andrew Chow)
Pull request description:
This PR adds a new `migratewallet` RPC which migrates a legacy wallet to a descriptor wallet. Migrated wallets will need a new backup. If a wallet has watchonly stuff in it, a new watchonly descriptor wallet will be created containing those watchonly things. The related transactions, labels, and descriptors for those watchonly things will be removed from the original wallet. Migrated wallets will not have any of the legacy things be available for fetching from `getnewaddress` or `getrawchangeaddress`. Wallets that have private keys enabled will have newly generated descriptors. Wallets with private keys disabled will not have any active `ScriptPubKeyMan`s.
For the basic HD wallet case of just generated keys, in addition to the standard descriptor wallet descriptors using the master key derived from the pre-existing hd seed, the migration will also create 3 descriptors for each HD chain in: a ranged combo external, a ranged combo internal, and a single key combo for the seed (the seed is a valid key that we can receive coins at!). The migrated wallet will then have newly generated descriptors as the active `ScriptPubKeyMan`s. This is equivalent to creating a new descriptor wallet and importing the 3 descriptors for each HD chain. For wallets containing non-HD keys, each key will have its own combo descriptor.
There are also tests.
ACKs for top commit:
Sjors:
tACK 53e7ed075c49f853cc845afc7b2f058cabad0cb0
w0xlt:
reACK https://github.com/bitcoin/bitcoin/commit/53e7ed075c49f853cc845afc7b2f058cabad0cb0
Tree-SHA512: c0c003694ca2e17064922d08e8464278d314e970efb7df874b4fe04ec5d124c7206409ca701c65c099d17779ab2136ae63f1da2a9dba39b45f6d62cf93b5c60a
|
|
50996241f2b0eefeaab4fcd11b9730fa2dc107ae rpc: sort listdescriptors result (Sjors Provoost)
Pull request description:
This puts receive and change descriptors directly below each other.
The change would be simpler if `UniValue` arrays were sortable.
ACKs for top commit:
achow101:
ACK 50996241f2b0eefeaab4fcd11b9730fa2dc107ae
S3RK:
reACK 50996241f2b0eefeaab4fcd11b9730fa2dc107ae
furszy:
utACK 50996241
w0xlt:
reACK https://github.com/bitcoin/bitcoin/pull/25931/commits/50996241f2b0eefeaab4fcd11b9730fa2dc107ae
Tree-SHA512: 71246a48ba6f97c3e7c76ee32ff9e958227a14ca5a6eec638215dbfee57264d4e918ea5837f4d030eddc9c797c93df1791ddd55b5a499522ce2a35bcf380670b
|
|
|
|
fa875349e22f2f0f9c2c98ee991372d08ff90318 Fix iwyu (MacroFake)
faad673716cfbad1e715f1bdf8ac00938a055aea Fix issues when calling std::move(const&) (MacroFake)
Pull request description:
Passing a symbol to `std::move` that is marked `const` is a no-op, which can be fixed in two ways:
* Remove the `const`, or
* Remove the `std::move`
ACKs for top commit:
ryanofsky:
Code review ACK fa875349e22f2f0f9c2c98ee991372d08ff90318. Looks good. Good for univalue to support c++11 move optimizations
Tree-SHA512: 3dc5cad55b93cfa311abedfb811f35fc1b7f30a1c68561f15942438916c7de25e179c364be11881e01f844f9c2ccd71a3be55967ad5abd2f35b10bb7a882edea
|
|
|
|
|
|
|
