-Context:
If `AddToWallet` db write fails, the method returns a wtx nullptr without
removing the recently added transaction from the wallet's map.
-Problem:
When a db write error occurs, `AddToWalletIfInvolvingMe` return false even
when the tx is on the wallet's map already --> which makes `SyncTransaction`
skip the `MarkInputsDirty` call --> which leads to a wallet invalid state
where the inputs of this new transaction are not marked dirty, while the
transaction that spends them still exist on the in-memory wallet tx map.
Plus, as we only store arriving transaction inside `AddToWalletIfInvolvingMe`
when we synchronize/scan blocks from the chain and nowhere else, it makes sense
to treat the tx db write error as a runtime error to notify the user about the
problem. Otherwise, the user will lose all the not stored transactions after a
wallet shutdown (without be able to recover them automatically on the next
startup because the chain sync would be above the block where the txs arrived).
2315830491b2cfa6b6e3e277700238e5ac92a8e0 fuzz: Fix assert bug in txorphan target (chinggg)
Pull request description:
Fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48914.
It is possible to construct big tx that got rejected in `AddTx`, so we cannot assume tx will be added successfully. We can only guarantee tx will not be added if orphanage already has it.
ACKs for top commit:
MarcoFalke:
lgtm ACK 2315830491b2cfa6b6e3e277700238e5ac92a8e0
Tree-SHA512: e173bc1a932639746de1192ed238e2e2318899f55371febb598facd0e811d8c54997f074f5e761757e1ffd3ae76d8edf9d673f020b2d97d5762ac656f632be81
3442865360b18b757aee718de585c31e28c457ce build: Use Link Time Optimization for Qt code on Linux (Hennadii Stepanov)
ebce66e532914b433df38a0ee5a2aebcecbd7987 build: pass -fno-lto when building expat (fanquake)
Pull request description:
See: https://www.qt.io/blog/2019/01/02/qt-applications-lto
`bitcon-qt` unstripped size:
| host | master (31c6309cc60ae3fee2d3ecc2aff9576596fb98ac) | this PR, depends built with `LTO=1` |
|---|:-:|:-:|
| x86_64-pc-linux-gnu | 42 MB | 35 MB |
| arm-linux-gnueabihf | 31 MB | 26 MB |
| aarch64-linux-gnu | 41 MB | 32 MB |
| powerpc64-linux-gnu | 51 MB | 41 MB |
| powerpc64le-linux-gnu | 48 MB | 39 MB |
| riscv64-linux-gnu | 35 MB | 29 MB |
Based on the first commit from bitcoin/bitcoin#25391.
Using LTO for macOS and Windows hosts has some issues which could be addressed in follow ups.
x86_64 build:
ACKs for top commit:
fanquake:
ACK 3442865360b18b757aee718de585c31e28c457ce
Tree-SHA512: 03eef2568358df9336e24d6c4e12f28b89d649076fb74e7e5303d61e52865c2360c5345a4fb2b1e4bdfdae194f273fc27a5f67e6cf797ed01a154f3da9117247
757216e31cac7dcd45e11b2a2c6148420b3b99da wallet: don't iter twice when getting the cached debit/credit amount (Antoine Poinsot)
Pull request description:
A small optimization i stumbled upon while looking at something else. Figured it could be worth a PR.
Instead of calling GetCachableAmount twice, which will result in
iterating through all the transaction txins/txouts and calling
GetDebit/GetCredit (which lock cs_wallet), just merge the filters and do
it once.
ACKs for top commit:
achow101:
ACK 757216e31cac7dcd45e11b2a2c6148420b3b99da
aureleoules:
ACK 757216e31cac7dcd45e11b2a2c6148420b3b99da.
Tree-SHA512: 0dbbdd24231380196e929dce572752e6be1d69457252a7215e279e71d6199483b516f64019ae999a91dbce7fdd86f8bf0336b6e151cca93cbcf51bc854e838a2
1f0c83f43092f6bc959bcb1036a7076cb1235309 refactor: remove BOOST_*_TEST_ macros (fanquake)
70d807c35514f999faba49701fd26f6fb8947564 refactor: integrate no_nul into univalue unitester (fanquake)
98a0ae6b245dca088610094ff92c14ce395d4958 doc: remove references to downstream (fanquake)
Pull request description:
Remove references to "downstream" from makefiles, as they are now redundant.
Remove `BOOST_TEST` macros in favour of just using functions.
Add missing call to `univalue_push_throw` tests.
ACKs for top commit:
MarcoFalke:
ACK 1f0c83f43092f6bc959bcb1036a7076cb1235309 🍎
Tree-SHA512: e0e1ec159a82ece9b364c656b3b49d98f72a04f2614eeb2a386825c3e37bb5a10416446a8ea22d9048227d96aca3e5c1a3dbf3264a290443add382ded073575c
743a84a5f6f660e113574de349553144e0b490ff fix gettxout help text (Marnix)
Pull request description:
replaces #25578
Add help text to asm & hex (like everywhere else).
I've also changed two `RPCResult::Type::STR` to `RPCResult::Type::STR_HEX`
Top commit has no ACKs.
Tree-SHA512: 4109d6abddf71b24899f3252545248bb0c7cc366eb994d30927eb300d0b939a14b8140bac4a4c2bd45098a406666dbe1feb10da8dec923777bb8ed26784dfd54
2c3ee4c347838ecadb17a011932dffc077e46630 gui: Load Base64 PSBT string from file (Andrew Chow)
Pull request description:
Some .psbt files may have the PSBT as a base64 string instead of in binary. We should be able to load those files.
ACKs for top commit:
jarolrod:
tACK 2c3ee4c347838ecadb17a011932dffc077e46630
shaavan:
ACK 2c3ee4c347838ecadb17a011932dffc077e46630
Tree-SHA512: 352b0611693c8989ea7d1b8d494ea58c69dc15cf81b8d62271541832e74b0a0399cb6ed4e686ab7c741cb4e5374527e054a9ecfe7355bc6f77d8fdd13569ab76
Also:
1. Have CChainState::LoadMempool and ::ThreadImport take in paths and
pass it through untouched to LoadMempool.
2. Make LoadMempool exit early if the load_path is empty.
3. Adjust the call to ::ThreadImport in ::AppInitMain to correctly pass
in an empty path if mempool persistence is disabled.
Not only does this increase coverage, it is also more correct in that
when ::LoadMempool is called with a mempool and chainstate, it calls
AcceptToMemoryPool with just the chainstate.
AcceptToMemoryPool will then act on the chainstate's mempool via
CChainState::GetMempool, which may be different from the mempool
originally passed to ::LoadMempool. (In this fuzz test's case, it
definitely is different)
Also, move DummyChainstate to its own file since it's now used by the
validation_load_mempool fuzz test to replace CChainState's m_mempool.
Watchonly wallets do not have any private keys to encrypt. It does not
make sense to encrypt such wallets, so disable the option to encrypt
them.
This avoids an assertion that can be hit when encrypting watchonly descriptor
wallets.
m_is_loaded/IsLoaded() doesn't actually indicate whether or not the
mempool was successfully, loaded, but rather if a load has been
attempted and did not result in a catastrophic ShutdownRequested.
-BEGIN VERIFY SCRIPT-
find_regex="\bm_is_loaded\b" \
&& git grep -l -E "$find_regex" \
| xargs sed -i -E "s@$find_regex@m_load_tried@g"
find_regex="\bIsLoaded\b" \
&& git grep -l -E "$find_regex" \
| xargs sed -i -E "s@$find_regex@GetLoadTried@g"
find_regex="\bSetIsLoaded\b" \
&& git grep -l -E "$find_regex" \
| xargs sed -i -E "s@$find_regex@SetLoadTried@g"
-END VERIFY SCRIPT-
fa277cd55dd105018e7d1220b4c3d96779e6b0f4 univalue: Throw exception on invalid pushes over silent ignore (MacroFake)
ccccc17b91698aa09ac85f7efea298f3938594ad refactor: Default options in walletcreatefundedpsbt to VOBJ instead of VNULL (MacroFake)
Pull request description:
The return value of the `push*` helpers is never used, but important to determine if the operation was successful. One way to fix this would be to add the "nodiscard" attribute. However, this would make the code (and this diff) overly verbose for no reason.
So fix it by removing the never used return value. Also, fail verbosely in case of a programming mistake.
ACKs for top commit:
furszy:
code ACK fa277cd5
Tree-SHA512: ef212a5bf5ae6bbad20acc4dafa3715521e81544185988d1eab724f440e4864a27e686aff51d5bc51b3017892c2eb8e577bcb8f37e8ddbaa0d8833bb622f2f9c
Also introduce node::{ShouldPersistMempool,MempoolPath} helper functions
in node/mempool_persist_args.{h,cpp} which are used by non-kernel
DumpMempool callers to determine whether or not to automatically dump
the mempool and where to dump it to.
We currently expose a method to get the signing providers, which allows
to infer a descriptor from the scriptPubKey. But in order to identify
"on" what descriptor a coin was received, we need access to the
descriptors that were imported to the wallet.
ffc79b8e492c6dd1352e528fd82e45d8d25eaa04 qa: functional test Miniscript watchonly support (Antoine Poinsot)
bfb036756ad6e187fd6d3abfefe5804bb54a5c71 Miniscript support in output descriptors (Antoine Poinsot)
4a082887bee76a96deada5dbd7f991c23b301c54 qa: better error reporting on descriptor parsing error (Antoine Poinsot)
d25d58bf5f301d3bb8683bd67c8847a4957d8e97 miniscript: add a helper to find the first insane sub with no child (Antoine Poinsot)
c38c7c5817b7e73cf0f788855c4aba59c287b0ad miniscript: don't check for top level validity at parsing time (Antoine Poinsot)
Pull request description:
This adds Miniscript support for Output Descriptors without any signing logic (yet). See the OP of #24147 for a description of Miniscript and a rationale of having it in Bitcoin Core.
On its own, this PR adds "watchonly" support for Miniscript descriptors in the descriptor wallet. A follow-up adds signing support.
A minified corpus of Miniscript Descriptors for the `descriptor_parse` fuzz target is available at https://github.com/bitcoin-core/qa-assets/pull/92.
The Miniscript descriptors used in the unit tests here and in #24149 were cross-tested against the Rust implementation at https://github.com/rust-bitcoin/rust-miniscript.
This PR contains code and insights from Pieter Wuille.
ACKs for top commit:
Sjors:
re-utACK ffc79b8e492c6dd1352e528fd82e45d8d25eaa04
achow101:
ACK ffc79b8e492c6dd1352e528fd82e45d8d25eaa04
w0xlt:
reACK ffc79b8e49
Tree-SHA512: 02d919d38bb626d3c557eca3680ce71117739fa161b7a92cfdb6c9c432ed88870b1ed127ba24248574c40c7428217d7e9bdd986fd8cd7c51fae8c776e1271fb9
ce8b0f971b94e68db1e902dbd20dd99dcf9bcb0a Use designated initializers for ChainstateManager::Options (Carl Dong)
38377002671d038aadb01e1521ea95c97838cedc Move ChainstateManagerOpts into kernel:: namespace (Carl Dong)
Pull request description:
This is part of the `libbitcoinkernel` project: #24303, https://github.com/bitcoin/bitcoin/projects/18
This PR is **_NOT_** dependent on any other PRs.
-----
Places `ChainstateManager::Options` into the `kernel::` namespace and use designated initializers for construction.
ACKs for top commit:
ryanofsky:
Code review ACK ce8b0f971b94e68db1e902dbd20dd99dcf9bcb0a
Tree-SHA512: 16a11b5051a2432ca4b6fa7b253376606fef619ace499dfe64d033c8fbe3e1a1875a7c946d7cd54bd908363886244ddf3a192e2f0c801ffbed40d60aad65e442
Prior to this commit, the peer was connected, and then the services and
connectivity fields in the CNode object were manually set. Instead, send
p2p `version` and `verack` messages, and have net_processing's internal
logic set the state of the node.
This ensures that the node's internal state is consistent with how it
would be set in the live code.
Prior to this commit, `dummyNode1.nServices` was set to `NODE_NONE`
which was not a problem since `CNode::fClient` and
`CNode::m_limited_node` are default initialised to false. Now that we
are doing the actual version handshake, the values of `fClient` and
`m_limited_node` are set during the handshake and cause the test to fail
if we do not set `dummyNode1.nServices` to a reasonable value
(NODE_NETWORK | NODE_WITNESS).
As UniValue provides several constructors for integral types, the
compiler is unable to select one if the passed type does not exactly
match. This is unintuitive for developers and forces them to write
verbose and brittle code.
For example, there are many places where an unsigned int is cast to a
signed int. While the cast is safe in practice, it is still needlessly
verbose and confusing as the value can never be negative. In fact it
might even be unsafe if the unsigned value is large enough to map to a
negative signed one.
Miniscript descriptors are defined under P2WSH context (either `wsh()`
or `sh(wsh())`).
Only sane Miniscripts are accepted, as insane ones (although valid by
type) can have surprising behaviour with regard to malleability
guarantees and resources limitations.
As Miniscript descriptors are longer and more complex than "legacy"
descriptors, care was taken in error reporting to help a user determine
for what reason a provided Miniscript is insane.
Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
