Commit Graph

158 Commits

Author SHA1 Message Date
Pieter Wuille
e010af7089 Remove broken PrintWallet functionality 2013-10-26 14:49:47 +02:00
Pieter Wuille
fe52346450 Do not treat fFromMe transaction differently when broadcasting 2013-10-26 14:49:47 +02:00
super3
db0e8ccd90 Bump Year Number to 2013 2013-10-20 15:25:06 -04:00
Gavin Andresen
881a85a22d Replace printf with LogPrintf / LogPrint 2013-09-18 20:39:25 +10:00
Wladimir J. van der Laan
dcd0b0775e qt: Handle address purpose in incremental updates
Correctly use the purpose of addresses that are added after the start
of the client. Addresses with purpose "refund" and "change" should not
be visible in the GUI. This is now handled correctly.
2013-08-29 16:25:51 +02:00
Gregory Maxwell
71ac5052d8 Remove fAllowReuse from GetKeyFromPool.
With the GUI password fix this was always false.
2013-08-23 12:54:50 -07:00
Gavin Andresen
a41d5fe019 Payment Protocol: X509-validated payment requests
Add support for a Payment Protocol to Bitcoin-Qt.

Payment messages are protocol-buffer encoded and communicated over
http(s), so this adds a dependency on the Google protocol buffer
library, and requires Qt with OpenSSL support.
2013-08-22 16:18:25 +10:00
Gavin Andresen
3624356e82 Refactor: Move GetAccountAddresses to CWallet 2013-08-22 11:05:45 +10:00
Gavin Andresen
618855133d Refactor: CAddressBookData for mapAddressBook
Straight refactor, so mapAddressBook stores a CAddressBookData
(which just contains a std::string) instead of a std::string.

Preparation for payment protocol work, which will add the notion
of refund addresses to the address book.
2013-08-22 11:05:45 +10:00
Gavin Andresen
4323bfeafd Merge pull request #2776 from jgarzik/keypoolsize
RPC: keypoolrefill now permits optional size parameter, to bump keypool
2013-08-14 22:01:22 -07:00
Pieter Wuille
c4316fefa5 Make sure new wallet variables are initialized 2013-07-29 02:34:01 +02:00
Luke Dashjr
203d1ae69b Bugfix: Store last/next wallet resend times unique per CWallet object 2013-07-17 03:00:59 +00:00
Jeff Garzik
13dd2d090e CWallet::TopUpKeyPool() takes optional pool size argument
Also, GetKeyPoolSize() now returns an accurate type, unsigned int.
2013-06-25 16:07:29 -04:00
Pieter Wuille
434e4273b9 Add GetKeyBirthTimes to wallet
Compute safe lower bounds on the birth times of all wallet keys. For
pool keys or keys with metadata, the actually stored birth time is
used. For all others, the birth times are inferred from the wallet
transactions.
2013-06-22 17:30:56 +02:00
Pieter Wuille
4addb2c066 Refactor keytime/metadata and wallet encryption bugfix
Refactor keytime:
* Key metadata is kept in a CWallet::mapKeyMetadata (std::map<CKeyId,CKeyMetadata>).
* When generating a new key, time is put in that map, and new key is written.
* AddKeyPubKey and AddCryptedKey do not take a creation time argument, but instead
  pull it from that map, if it exists there.

Bugfix:
* AddKeyPubKey and AddCryptedKey in CWallet didn't override the CKeyStore
  definition anymore. This is fixed, as they no longed need the nCreationTime
  argument now.

Also a few related other changes:
* Metadata can be overwritten.
* Only GenerateNewKey calls GetTime(), as it's the only place where we know for
  sure a key was not constructed earlier.
* When the nTimeFirstKey is known to be inaccurate, it is set to the value 1
  (instead of 0, which would mean unknown).
* Use CPubKey instead of std::vector<unsigned char> where possible.
2013-06-20 01:31:18 +02:00
Matt Corallo
b1f15b218b Remove broken option to skip input checking for wallet txn. 2013-06-13 22:28:03 +02:00
Jeff Garzik
3869fb89b6 Wallet: store key creation time. Calculate whole-wallet birthday.
This also encapsulate wallet-read state information into CWalletScanState.
2013-06-10 09:36:29 -04:00
Eric Lombrozo
05df3fc68d Removed AcceptToMemoryPool method from CTransaction. This method belongs to the mempool instance.
Removed AreInputsStandard from CTransaction, made it a regular function in main.
Moved CTransaction::GetOutputFor to CCoinsViewCache.

Moved GetLegacySigOpCount and GetP2SHSigOpCount out of CTransaction into regular functions in main.

Moved GetValueIn and HaveInputs from CTransaction into CCoinsViewCache.

Moved AllowFree, ClientCheckInputs, CheckInputs, UpdateCoins, and CheckTransaction out of CTransaction and into main.

Moved IsStandard and IsFinal out of CTransaction and put them in main as IsStandardTx and IsFinalTx. Moved GetValueOut out of CTransaction into main. Moved CTxIn, CTxOut, and CTransaction into core.

Added minimum fee parameter to CTxOut::IsDust() temporarily until CTransaction is moved to core.h so that CTxOut needn't know about CTransaction.
2013-06-05 23:15:20 -07:00
Eric Lombrozo
336fe971e6 Get rid of db dependencies on main 2013-06-05 20:36:10 -07:00
Pieter Wuille
dfa23b94c2 CSecret/CKey -> CKey/CPubKey split/refactor 2013-05-30 05:20:21 +02:00
Gavin Andresen
33edd0a477 Merge pull request #2577 from gavinandresen/fee_bandaid
Treat dust outputs as non-standard, un-hardcode TX_FEE constants
2013-05-04 10:15:39 -07:00
Gavin Andresen
61a845dcb6 Merge pull request #2566 from sipa/nodef
Allow the default key to be unavailable
2013-05-03 14:33:02 -07:00
Gavin Andresen
1f00f4e9c9 CreateTransaction: return strFailReason on failure 2013-05-03 10:54:31 -04:00
Gavin Andresen
2f15e86a68 Do not write to wallet during LoadWallet
When debugging another issue, I found a hang-during-startup race condition due to
LoadWallet calling SetMinVersion (via LoadCryptedKey).

Writing to the file that you're in the process of reading is a bad idea.
2013-05-02 12:43:07 -04:00
Pieter Wuille
360cfe142c Allow the default key to be unavailable
This solves the issue where no default key can be added after -salvagewallet.
2013-04-25 19:36:10 +02:00
Pieter Wuille
1c06aa98c6 Always print full hashes (tx, block, inv) 2013-04-07 03:43:55 +02:00
Gavin Andresen
b31499ec72 Clean up shutdown process 2013-04-03 19:57:53 -04:00
Gavin Andresen
78504bb04f Merge pull request #1861 from jgarzik/coinlock
Add new RPC "lockunspent", to prevent spending of selected outputs
2012-12-12 09:15:43 -08:00
Gavin Andresen
e45d39f9ee Merge pull request #2009 from sipa/fixmove
Prevent RPC 'move' from deadlocking
2012-11-16 08:09:41 -08:00
Jeff Garzik
fdbb537d26 Add new RPC "lockunspent", to prevent spending of selected outputs
and associated RPC "listlockunspent".

This is a memory-only filter, which is empty when a node restarts.
2012-11-15 21:11:30 -05:00
Pieter Wuille
4291e8feab Prevent RPC 'move' from deadlocking
It seemed to create two CWalletDB objects that both grab the
database lock.
2012-11-14 00:31:56 +01:00
Philip Kaufmann
966a0e8cc9 add CWalletTx::GetImmatureCredit() and use it in CWallet::GetImmatureBalance() 2012-11-13 07:56:48 +01:00
Pieter Wuille
64dd46fd05 Transaction hash caching
Use CBlock's vMerkleTree to cache transaction hashes, and pass them
along as argument in more function calls. During initial block download,
this results in every transaction's hash to be only computed once.
2012-10-20 23:08:57 +02:00
Pieter Wuille
ae8bfd12da Batch block connection during IBD
During the initial block download (or -loadblock), delay connection
of new blocks a bit, and perform them in a single action. This reduces
the load on the database engine, as subsequent blocks often update an
earlier block's transaction already.
2012-10-20 23:08:57 +02:00
Pieter Wuille
450cbb0944 Ultraprune
This switches bitcoin's transaction/block verification logic to use a
"coin database", which contains all unredeemed transaction output scripts,
amounts and heights.

The name ultraprune comes from the fact that instead of a full transaction
index, we only (need to) keep an index with unspent outputs. For now, the
blocks themselves are kept as usual, although they are only necessary for
serving, rescanning and reorganizing.

The basic datastructures are CCoins (representing the coins of a single
transaction), and CCoinsView (representing a state of the coins database).
There are several implementations for CCoinsView. A dummy, one backed by
the coins database (coins.dat), one backed by the memory pool, and one
that adds a cache on top of it. FetchInputs, ConnectInputs, ConnectBlock,
DisconnectBlock, ... now operate on a generic CCoinsView.

The block switching logic now builds a single cached CCoinsView with
changes to be committed to the database before any changes are made.
This means no uncommitted changes are ever read from the database, and
should ease the transition to another database layer which does not
support transactions (but does support atomic writes), like LevelDB.

For the getrawtransaction() RPC call, access to a txid-to-disk index
would be preferable. As this index is not necessary or even useful
for any other part of the implementation, it is not provided. Instead,
getrawtransaction() uses the coin database to find the block height,
and then scans that block to find the requested transaction. This is
slow, but should suffice for debug purposes.
2012-10-20 23:08:57 +02:00
Gavin Andresen
eed1785f70 Handle corrupt wallets gracefully.
Corrupt wallets used to cause a DB_RUNRECOVERY uncaught exception and a
crash. This commit does three things:

1) Runs a BDB verify early in the startup process, and if there is a
low-level problem with the database:
  + Moves the bad wallet.dat to wallet.timestamp.bak
  + Runs a 'salvage' operation to get key/value pairs, and
    writes them to a new wallet.dat
  + Continues with startup.

2) Much more tolerant of serialization errors. All errors in deserialization
are reported by tolerated EXCEPT for errors related to reading keypairs
or master key records-- those are reported and then shut down, so the user
can get help (or recover from a backup).

3) Adds a new -salvagewallet option, which:
 + Moves the wallet.dat to wallet.timestamp.bak
 + extracts ONLY keypairs and master keys into a new wallet.dat
 + soft-sets -rescan, to recreate transaction history

This was tested by randomly corrupting testnet wallets using a little
python script I wrote (https://gist.github.com/3812689)
2012-10-08 17:46:45 -04:00
Jeff Garzik
ea0796bde3 Trim trailing whitespace for src/*.{h,cpp} 2012-09-18 15:07:58 -04:00
Gavin Andresen
a0971337d0 Merge branch 'refactor_times' of git://github.com/luke-jr/bitcoin 2012-09-18 10:59:31 -04:00
Luke Dashjr
da7b8c1260 Bugfix: Initialize CWallet::nOrderPosNext on an empty wallet, and save it in db 2012-09-08 04:55:36 +00:00
Gavin Andresen
eaf00a3a5d Merge pull request #1774 from luke-jr/refactor_times
Bugfix: Require OrderedTxItems to provide properly scoped accounting entry list
2012-09-02 16:47:58 -07:00
Luke Dashjr
ddb709e9de Bugfix: Require OrderedTxItems to provide properly scoped accounting entry list
OrderedTxItems returns a multimap of pointers, but needs a place to store the actual CAccountingEntries it points to.
It had been using a stack item, which was clobbered as soon as it returned, resulting in undefined behaviour.
This fixes at least bug #1768.
2012-09-02 08:02:46 +00:00
Gregory Maxwell
c68c4bc7a4 Merge pull request #1672 from gmaxwell/filter_listunspent
Listunspent txout address filtering and listaddressgroupings
2012-08-24 00:46:24 -07:00
Gregory Maxwell
b1093efa83 Change CWallet addressgrouping to use CTxDestination instead of strings.
This is cleanup for the listaddressgroupings code. Also add some
real help text.
2012-08-24 03:28:45 -04:00
Gregory Maxwell
bdab0cf58c Avoid leaving return types or function attributes on their own lines. 2012-08-24 02:48:19 -04:00
Luke Dashjr
e07c8e9123 Treat generation (mined) transactions less different from receive transactions
- Show address receiving the generation, and include it in the correct "account"
- Multiple entries in listtransactions output if the coinbase has multiple outputs to us
2012-08-23 23:20:01 +00:00
Gregory Maxwell
92735bca31 Add txout address filtering to listunspent.
This applies on top of the coincontrol listaddressgroupings patch
and makes finding eligible outputs from the groups returned
by listaddressgroupings possible.
2012-08-23 15:55:50 -04:00
coderrr
22dfd73598 Add address groupings RPC from the coincontrol patches.
Signed-off-by: Gregory Maxwell <greg@xiph.org>
2012-08-23 15:55:42 -04:00
Luke Dashjr
c3f95ef13f Choose reasonable "smart" times to display for transactions
Logic:
- If sending a transaction, assign its timestamp to the current time.
- If receiving a transaction outside a block, assign its timestamp to the current time.
- If receiving a block with a future timestamp, assign all its (not already known) transactions' timestamps to the current time.
- If receiving a block with a past timestamp, before the most recent known transaction (that we care about), assign all its (not already known) transactions' timestamps to the same timestamp as that most-recent-known transaction.
- If receiving a block with a past timestamp, but after the most recent known transaction, assign all its (not already known) transactions' timestamps to the block time.
2012-08-23 18:38:22 +00:00
Luke Dashjr
9c7722b7c5 Store a fixed order of transactions (and accounting) in the wallet
For backward compatibility, new accounting data is stored after a \0 in the comment string.
This way, old versions and third-party software should load and store them, but all actual use (listtransactions, for example) ignores it.
2012-08-23 18:18:20 +00:00
Gavin Andresen
a2709fad7f Implement raw transaction RPC calls
Implement listunspent / getrawtransaction / createrawtransaction /
signrawtransaction, to support creation and
signing-on-multiple-device multisignature transactions.
2012-07-05 12:50:09 -04:00
fanquake
e749405297 Fix a few typos 2012-06-29 17:26:45 +08:00
Chris Moore
9b0369c773 Refactor SelectCoinsMinConf() and add unit tests.
AvailableCoins() makes a vector of available outputs which is then passed to SelectCoinsMinConf().  This allows unit tests to test the coin selection algorithm without having the whole blockchain available.
2012-06-04 16:36:34 +00:00
Wladimir J. van der Laan
882ba0e752 Merge pull request #837 from sje397/ShowImmatureBalance
Added 'immature balance' for miners. Only displayed if the balance is > 0
2012-06-02 02:35:48 -07:00
sje397
8fdb7e108f Added 'immature balance' for miners. Only displayed if the balance is greater than zero.
This adds a field labelled 'Immature' in the overview section under the 'unconfirmed' field, which shows mined
income that has not yet matured (which is currently not displayed anywhere, even though the transactions
exist in the transaction list). To do that I added a 'GetImmatureBalance' method to the wallet, and connected
that through to the GUI as per the 'GetBalance' and 'GetUnconfirmedBalance' methods. I did a small 'no-op'
change to make the code in adjacent functions a little more readable (imo); it was a change I had made in my
repo earlier...but I thought it wouldn't hurt so left it in. Immature balance comes from mined income that is
at least two blocks deep in the chain (same logic as displayed transactions).

My reasoning is:
- as a miner, it's a critical stat I want to see
- as a miner, and taking into account the label 'immature', the uncertainty is pretty clearly implied
- those numbers are already displayed in the transaction list
- this makes the overview numbers add up to what's in the transaction list
- it's not displayed if the immature balance is 0, so won't bother non-miners

I also 'cleaned' the overview UI a little, moving code to the XML and removing HTML.
2012-05-25 23:15:27 +10:00
Pieter Wuille
1025440184 Refactor: split CKeyID/CScriptID/CTxDestination from CBitcoinAddress
This introduces internal types:
* CKeyID: reference (hash160) of a key
* CScriptID: reference (hash160) of a script
* CTxDestination: a boost::variant of the former two

CBitcoinAddress is retrofitted to be a Base58 encoding of a
CTxDestination. This allows all internal code to only use the
internal types, and only have RPC and GUI depend on the base58 code.

Furthermore, the header dependencies are a lot saner now. base58.h is
at the top (right below rpc and gui) instead of at the bottom. For the
rest: wallet -> script -> keystore -> key. Only keystore still requires
a forward declaration of CScript. Solving that would require splitting
script into two layers.
2012-05-24 20:26:19 +02:00
Pieter Wuille
fd61d6f506 Encapsulate public keys in CPubKey 2012-05-24 19:58:12 +02:00
Pieter Wuille
46784d0826 Merge pull request #1354 from fanquake/master
Update Header Licenses
2012-05-20 12:27:50 -07:00
Wladimir J. van der Laan
0832c0d166 Process address book updates incrementally
- No longer invalidates selection model, thus retains selection on address book changes
- Fixes selection of new address when added
2012-05-20 10:44:50 +02:00
Wladimir J. van der Laan
ab1b288fa7 Convert UI interface to boost::signals2.
- Signals now go directly from the core to WalletModel/ClientModel.
  - WalletModel subscribes to signals on CWallet: Prepares for multi-wallet support, by no longer assuming an implicit global wallet.
- Gets rid of noui.cpp, the few lines that were left are merged into init.cpp
- Rename wxXXX message flags to MF_XXX, to make them UI indifferent.
- ThreadSafeMessageBox no longer returns the value `4` which was never used, converted to void.
2012-05-20 10:44:50 +02:00
Wladimir J. van der Laan
fe4a655042 Fine-grained UI updates
Gets rid of `MainFrameRepaint` in favor of specific update functions that tell the UI exactly what changed.

This improves the efficiency of various handlers. Also fixes problems with mined transactions not showing up until restart.

The following notifications were added:

- `NotifyBlocksChanged`: Block chain changed
- `NotifyKeyStoreStatusChanged`: Wallet status (encrypted, locked) changed.
- `NotifyAddressBookChanged`: Address book entry changed.
- `NotifyTransactionChanged`: Wallet transaction added, removed or updated.
- `NotifyNumConnectionsChanged`: Number of connections changed.
- `NotifyAlertChanged`: New, updated or cancelled alert. As this finally makes it possible for the UI to know when a new alert arrived, it can be shown as OS notification.

These notifications could also be useful for RPC clients. However, currently, they are ignored in bitcoind (in noui.cpp).

Also brings back polling with timer for numBlocks in ClientModel. This value updates so frequently during initial download that the number of signals clogs the UI thread and causes heavy CPU usage. And after initial block download, the value changes so rarely that a delay of half a second until the UI updates is unnoticable.
2012-05-20 10:41:54 +02:00
Fordy
3a25a2b9b0 Update License in File Headers
I originally created a pull to replace the "COPYING" in crypter.cpp and
crypter.h, but it turned out that COPYING was actually the correct
file.
2012-05-18 22:02:28 +08:00
Philip Kaufmann
e23a121afe remove obsolete BackupWallet() entry in wallet.h 2012-05-03 11:30:52 +02:00
Wladimir J. van der Laan
b6c837cbe1 Remove no-longer used UI hints in bitcoin core
The Qt UI has its own associated structures for temporary transaction state / cache.
2012-04-21 18:21:19 +02:00
Wladimir J. van der Laan
cdcc319c2d change type of various bare chars to bool that are only used as bool (and never serialized) 2012-04-21 18:16:11 +02:00
Pieter Wuille
6b6aaa1698 Further reduce header dependencies
This commit removes the dependency of serialize.h on PROTOCOL_VERSION,
and makes this parameter required instead of implicit. This is much saner,
as it makes the places where changing a version number can have an
influence obvious.
2012-04-17 20:03:42 +02:00
Pieter Wuille
ed6d0b5f85 Remove headers.h 2012-04-17 20:00:55 +02:00
Jeff Garzik
c376ac359e Fix loop index var types, fixing many minor sign comparison warnings
foo.size() typically returns an unsigned integral type; make loop variables
match those types' signedness.
2012-04-15 16:52:09 -04:00
Wladimir J. van der Laan
da7bbd9dfd fix warnings: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] 2012-04-15 13:40:14 +02:00
Pieter Wuille
f8dcd5ca6f Use scoped locks instead of CRITICAL_BLOCK 2012-04-09 01:59:46 +02:00
Pieter Wuille
6b8de05d0a Begin doxygen-compatible comments 2012-03-26 16:48:23 +02:00
Pieter Wuille
439e1497e1 Introduce explicit -walletupgrade option
Do not automatically change the wallet format unless the user takes an
explicit action that implies an upgrade (encrypting, for now), or uses
-walletupgrade.

-walletupgrade optionally takes an integer argument: the client version
up to which upgrading is allowed. Without an argument, it is upgraded
to latest supported version. If an argument to -walletupgrade is
provided at the time the wallet is created, the new wallet will initially
not use features beyond that version.

Third, the current wallet version number is reported in getinfo.
2012-03-22 23:47:29 +01:00
Pieter Wuille
9976cf070f Move GenerateNewKey back to CWallet 2012-02-18 15:42:38 +01:00
Pieter Wuille
0b807a417f Add SetMinVersion to CWallet 2012-02-18 15:42:29 +01:00
Gavin Andresen
882164196e Update all copyrights to 2012 2012-02-07 11:28:30 -05:00
Gavin Andresen
922e8e2929 Replace OP_EVAL (BIP 12) with Pay-to-script-hash (BIP 16). 2012-01-13 10:22:23 -05:00
Pieter Wuille
a4902c9e7c Remove unused definition 2012-01-09 23:39:26 +01:00
Wladimir J. van der Laan
bde280b9a4 Revert "Use standard C99 (and Qt) types for 64-bit integers"
This reverts commit 21d9f36781.
2011-12-21 22:33:19 +01:00
Luke Dashjr
21d9f36781 Use standard C99 (and Qt) types for 64-bit integers 2011-12-20 16:52:59 -05:00
Gavin Andresen
2a45a494b0 Use block times for 'hard' OP_EVAL switchover, and refactored EvalScript
so it takes a flag for how to interpret OP_EVAL.
Also increased IsStandard size of scriptSigs to 500 bytes, so
a 3-of-3 multisig transaction IsStandard.
2011-12-19 13:24:48 -05:00
Gavin Andresen
e679ec969c OP_EVAL implementation
OP_EVAL is a new opcode that evaluates an item on the stack as a script.
It enables a new type of bitcoin address that needs an arbitrarily
complex script to redeem.
2011-12-19 12:40:19 -05:00
Pieter Wuille
95d888a6d1 Key import and export
Introduces two new RPC calls:
* dumpprivkey: retrieve the private key corresponding to an address
* importprivkey: add a private key to your wallet

The private key format is analoguous to the address format. It is
a 51-character base58-encoded string, that includes a version number
and a checksum.

Includes patch by mhanne:
* add optional account parameter for importprivkey, if omitted use default
2011-12-17 21:49:48 +01:00
Pieter Wuille
30ab2c9c46 Preparations for key import/export 2011-12-17 21:49:48 +01:00
Pieter Wuille
4c6e22953e Make CWalletTx::pwallet private 2011-12-17 21:49:47 +01:00
Dylan Noblesmith
94f778bdeb Implement an mlock()'d string class for storing passphrases
SecureString is identical to std::string except with secure_allocator
substituting for std::allocator. This makes casting between them
impossible, so converting between the two at API boundaries requires
calling ::c_str() for now.
2011-11-26 06:02:04 +00:00
Gavin Andresen
37971fcc76 Create new keypool for newly encrypted wallets. 2011-11-17 14:01:25 -05:00
Pieter Wuille
d825e6a31b Some extra comments 2011-11-07 00:11:34 +01:00
Wladimir J. van der Laan
7a15d4ff67 Merge branch 'master' of https://github.com/bitcoin/bitcoin
Conflicts:
	src/main.cpp
2011-09-02 17:35:30 +02:00
Gavin Andresen
7db3b75b3e Logic running with -keypool=0 was wrong (empty keys were being returned). Fixes #445
Renames GetOrReuseKeyFromKeyPool to GetKeyFromPool, with fAllowReuse arg and bool result.
2011-09-01 10:12:59 -04:00
Gavin Andresen
6cc4a62c0e Fix rpc-hanging deadlocks
Collapsed multiple wallet mutexes to a single cs_wallet, to avoid deadlocks with wallet methods that acquired locks in different order.
Also change master RPC call handler to acquire cs_main and cs_wallet locks before executing RPC calls; requiring each RPC call to acquire the right set of locks in the right order was too error-prone.
2011-08-31 12:55:16 -04:00
Wladimir J. van der Laan
b90c9ecb13 Merge branch 'master' of https://github.com/bitcoin/bitcoin 2011-08-16 10:28:24 +02:00
Matt Corallo
b2120e223a Unify copyright notices.
To a variation on:
// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2011 The Bitcoin developers
2011-08-09 13:32:52 +02:00
Wladimir J. van der Laan
491ad6db50 Merge remote branch 'upstream/master'
Conflicts:
	src/bitcoinrpc.cpp
2011-07-26 16:47:23 +02:00
Pieter Wuille
2ffba736e9 Use CBitcoinAddress instead of string/uint160
Instead of conversion functions between pubkey/uint160/address in
base58.h, have a fully fledged class CBitcoinAddress (CAddress was
already taken) to represent addresses.
2011-07-17 12:09:14 +02:00
Pieter Wuille
03fbd79049 get rid of mapPubKeys
Make CKeyStore's interface work on uint160's instead of pubkeys, so
no separate global mapPubKeys is necessary anymore.
2011-07-17 12:07:59 +02:00
Wladimir J. van der Laan
d421117620 Merge branch 'master' of https://github.com/bitcoin/bitcoin 2011-07-15 16:42:44 +02:00
Jeff Garzik
116df55e21 Update CWallet::LoadWallet for proper return type. 2011-07-13 01:07:49 -04:00
Matt Corallo
96f34cd5c4 Use DB Transactions when encrypting wallet.
This speeds up the encryption process significantly.
2011-07-13 02:11:25 +02:00
Matt Corallo
4e87d341f7 Add wallet privkey encryption.
This commit adds support for ckeys, or enCrypted private keys, to the wallet.
All keys are stored in memory in their encrypted form and thus the passphrase
is required from the user to spend coins, or to create new addresses.

Keys are encrypted with AES-256-CBC using OpenSSL's EVP library. The key is
calculated via EVP_BytesToKey using SHA512 with (by default) 25000 rounds and
a random salt.

By default, the user's wallet remains unencrypted until they call the RPC
command encryptwallet <passphrase> or, from the GUI menu, Options->
Encrypt Wallet.

When the user is attempting to call RPC functions which require the password
to unlock the wallet, an error will be returned unless they call
walletpassphrase <passphrase> <time to keep key in memory> first.

A keypoolrefill command has been added which tops up the users keypool
(requiring the passphrase via walletpassphrase first).
keypoolsize has been added to the output of getinfo to show the user the
number of keys left before they need to specify their passphrase (and call
keypoolrefill).

Note that walletpassphrase will automatically fill keypool in a separate
thread which it spawns when the passphrase is set. This could cause some
delays in other threads waiting for locks on the wallet passphrase, including
one which could cause the passphrase to be stored longer than expected,
however it will not allow the passphrase to be used longer than expected as
ThreadCleanWalletPassphrase will attempt to get a lock on the key as soon
as the specified lock time has arrived.

When the keypool runs out (and wallet is locked) GetOrReuseKeyFromPool
returns vchDefaultKey, meaning miners may start to generate many blocks to
vchDefaultKey instead of a new key each time.

A walletpassphrasechange <oldpassphrase> <newpassphrase> has been added to
allow the user to change their password via RPC.

Whenever keying material (unencrypted private keys, the user's passphrase,
the wallet's AES key) is stored unencrypted in memory, any reasonable attempt
is made to mlock/VirtualLock that memory before storing the keying material.
This is not true in several (commented) cases where mlock/VirtualLocking the
memory is not possible.

Although encryption of private keys in memory can be very useful on desktop
systems (as some small amount of protection against stupid viruses), on an
RPC server, the password is entered fairly insecurely. Thus, the only main
advantage encryption has for RPC servers is for RPC servers that do not spend
coins, except in rare cases, eg. a webserver of a merchant which only receives
payment except for cases of manual intervention.

Thanks to jgarzik for the original patch and sipa, gmaxwell and many others
for all their input.

Conflicts:

	src/wallet.cpp
2011-07-13 02:11:25 +02:00
Wladimir J. van der Laan
df5ccbd2b2 Show unconfirmed balance on overview page 2011-07-11 20:42:10 +02:00
Pieter Wuille
acd6501610 Prepare codebase for Encrypted Keys. 2011-07-08 15:46:47 +02:00