Merge bitcoindevkit/bdk#653: Fix: Wallet sync may decrement address index
af6bde3997ac2fe4cfdbb691f2af2e802f0ab7c6 Fix: Wallet sync may decrement address index (志宇) Pull request description: ### Description Fixes #649 It is critical to ensure `Wallet::get_address` with `AddressIndex::new` always returns a new and unused address. This bug seems to be Electrum-specific. The fix is to check address index updates to ensure that newly suggested indexes are not smaller than indexes already in database. ### Notes to the reviewers I have written new tests in `/testutils/blockchain_tests.rs` that tests all `Blockchain` implementations. ### Checklists #### All Submissions: * [x] I've signed all my commits * [x] I followed the [contribution guidelines](https://github.com/bitcoindevkit/bdk/blob/master/CONTRIBUTING.md) * [x] I ran `cargo fmt` and `cargo clippy` before committing #### Bugfixes: ~* [ ] This pull request breaks the existing API~ * [x] I've added tests to reproduce the issue which are now passing * [x] I'm linking the issue being fixed by this PR ACKs for top commit: afilini: ACK af6bde3997ac2fe4cfdbb691f2af2e802f0ab7c6 Tree-SHA512: d714bebcf7c2836f8b98129b39b4939b0e36726acf0208e52d501f433be6cdb12f1abebc28bd7da0be8b780ccce6e1e42c8fdc6633dd486bf329bc6f88e1ce67
This commit is contained in:
		
						commit
						556105780b
					
				| @ -16,6 +16,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 | ||||
| - Get block hash given a block height - A `get_block_hash` method is now defined on the `GetBlockHash` trait and implemented on every blockchain backend. This method expects a block height and returns the corresponding block hash.  | ||||
| - Add `remove_partial_sigs` and `try_finalize` to `SignOptions` | ||||
| - Deprecate `AddressValidator` | ||||
| - Fix Electrum wallet sync potentially causing address index decrement - compare proposed index and current index before applying batch operations during sync. | ||||
| 
 | ||||
| ## [v0.19.0] - [v0.18.0] | ||||
| 
 | ||||
|  | ||||
| @ -340,7 +340,7 @@ impl WalletSync for RpcBlockchain { | ||||
|                     ), | ||||
|                     received, | ||||
|                     sent, | ||||
|                     fee: tx_result.fee.map(|f| f.as_sat().abs() as u64), | ||||
|                     fee: tx_result.fee.map(|f| f.as_sat().unsigned_abs()), | ||||
|                 }; | ||||
|                 debug!( | ||||
|                     "saving tx: {} tx_result.fee:{:?} td.fees:{:?}", | ||||
|  | ||||
| @ -314,6 +314,22 @@ impl<'a, D: BatchDatabase> State<'a, D> { | ||||
|         let finished_txs = make_txs_consistent(&self.finished_txs); | ||||
|         let observed_txids: HashSet<Txid> = finished_txs.iter().map(|tx| tx.txid).collect(); | ||||
|         let txids_to_delete = existing_txids.difference(&observed_txids); | ||||
| 
 | ||||
|         // Ensure `last_active_index` does not decrement database's current state.
 | ||||
|         let index_updates = self | ||||
|             .last_active_index | ||||
|             .iter() | ||||
|             .map(|(keychain, sync_index)| { | ||||
|                 let sync_index = *sync_index as u32; | ||||
|                 let index_res = match self.db.get_last_index(*keychain) { | ||||
|                     Ok(Some(db_index)) => Ok(std::cmp::max(db_index, sync_index)), | ||||
|                     Ok(None) => Ok(sync_index), | ||||
|                     Err(err) => Err(err), | ||||
|                 }; | ||||
|                 index_res.map(|index| (*keychain, index)) | ||||
|             }) | ||||
|             .collect::<Result<Vec<(KeychainKind, u32)>, _>>()?; | ||||
| 
 | ||||
|         let mut batch = self.db.begin_batch(); | ||||
| 
 | ||||
|         // Delete old txs that no longer exist
 | ||||
| @ -377,8 +393,10 @@ impl<'a, D: BatchDatabase> State<'a, D> { | ||||
|             batch.set_tx(finished_tx)?; | ||||
|         } | ||||
| 
 | ||||
|         for (keychain, last_active_index) in self.last_active_index { | ||||
|             batch.set_last_index(keychain, last_active_index as u32)?; | ||||
|         // apply index updates
 | ||||
|         for (keychain, new_index) in index_updates { | ||||
|             debug!("updating index ({}, {})", keychain.as_byte(), new_index); | ||||
|             batch.set_last_index(keychain, new_index)?; | ||||
|         } | ||||
| 
 | ||||
|         info!( | ||||
|  | ||||
| @ -372,6 +372,7 @@ macro_rules! bdk_blockchain_tests { | ||||
|             use $crate::blockchain::Blockchain; | ||||
|             use $crate::database::MemoryDatabase; | ||||
|             use $crate::types::KeychainKind; | ||||
|             use $crate::wallet::AddressIndex; | ||||
|             use $crate::{Wallet, FeeRate, SyncOptions}; | ||||
|             use $crate::testutils; | ||||
| 
 | ||||
| @ -651,6 +652,60 @@ macro_rules! bdk_blockchain_tests { | ||||
|                 assert_eq!(wallet.list_unspent().unwrap().len(), 1, "incorrect number of unspents"); | ||||
|             } | ||||
| 
 | ||||
|             // Syncing wallet should not result in wallet address index to decrement.
 | ||||
|             // This is critical as we should always ensure to not reuse addresses.
 | ||||
|             #[test] | ||||
|             fn test_sync_address_index_should_not_decrement() { | ||||
|                 let (wallet, blockchain, _descriptors, mut test_client) = init_single_sig(); | ||||
| 
 | ||||
|                 const ADDRS_TO_FUND: u32 = 7; | ||||
|                 const ADDRS_TO_IGNORE: u32 = 11; | ||||
| 
 | ||||
|                 let mut first_addr_index: u32 = 0; | ||||
| 
 | ||||
|                 (0..ADDRS_TO_FUND + ADDRS_TO_IGNORE).for_each(|i| { | ||||
|                     let new_addr = wallet.get_address(AddressIndex::New).unwrap(); | ||||
| 
 | ||||
|                     if i == 0 { | ||||
|                         first_addr_index = new_addr.index; | ||||
|                     } | ||||
|                     assert_eq!(new_addr.index, i+first_addr_index, "unexpected new address index (before sync)"); | ||||
| 
 | ||||
|                     if i < ADDRS_TO_FUND { | ||||
|                         test_client.receive(testutils! { | ||||
|                             @tx ((@addr new_addr.address) => 50_000) | ||||
|                         }); | ||||
|                     } | ||||
|                 }); | ||||
| 
 | ||||
|                 wallet.sync(&blockchain, SyncOptions::default()).unwrap(); | ||||
| 
 | ||||
|                 let new_addr = wallet.get_address(AddressIndex::New).unwrap(); | ||||
|                 assert_eq!(new_addr.index, ADDRS_TO_FUND+ADDRS_TO_IGNORE+first_addr_index, "unexpected new address index (after sync)"); | ||||
|             } | ||||
| 
 | ||||
|             // Even if user does not explicitly grab new addresses, the address index should
 | ||||
|             // increment after sync (if wallet has a balance).
 | ||||
|             #[test] | ||||
|             fn test_sync_address_index_should_increment() { | ||||
|                 let (wallet, blockchain, descriptors, mut test_client) = init_single_sig(); | ||||
| 
 | ||||
|                 const START_FUND: u32 = 4; | ||||
|                 const END_FUND: u32 = 20; | ||||
| 
 | ||||
|                 // "secretly" fund wallet via given range
 | ||||
|                 (START_FUND..END_FUND).for_each(|addr_index| { | ||||
|                     test_client.receive(testutils! { | ||||
|                         @tx ((@external descriptors, addr_index) => 50_000) | ||||
|                     }); | ||||
|                 }); | ||||
| 
 | ||||
|                 wallet.sync(&blockchain, SyncOptions::default()).unwrap(); | ||||
| 
 | ||||
|                 let address = wallet.get_address(AddressIndex::New).unwrap(); | ||||
|                 assert_eq!(address.index, END_FUND, "unexpected new address index (after sync)"); | ||||
|             } | ||||
| 
 | ||||
|             /// Send two conflicting transactions to the same address twice in a row.
 | ||||
|             /// The coins should only be received once!
 | ||||
|             #[test] | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user