Commit Graph

575 Commits

Author SHA1 Message Date
Gregory Maxwell
85311c1ef8 Merge pull request #2982 from gmaxwell/20130908_ccoins_corrupt
Longer term workaround for chainstate corruption from negative versions.
2013-09-10 16:07:34 -07:00
Philip Kaufmann
d78900cc1b fix some cosmetic glitches in the codebase
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
  (as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
2013-09-09 12:36:04 +02:00
Gregory Maxwell
f8b7aa8625 Longer term workaround for chainstate corruption from negative versions.
This also makes negative transaction versions non-standard.

This avoids an issue triggered in block 256818 where transactions with
negative version numbers were incorrectly serialized into the UTXO set.

On restart nodes detect the inconsistency and refuse to start so long as
a block with these transactions is inside the self-consistency check
window, logging "coin database inconsistencies found". The software
recommends reindexing, but reindexing does not correct the problem.

This should be fixed by changing the chainstate serialization, but
working around it seems harmless for now because the version is not
used by any network rule currently.

A patch free workaround is to start with -checklevel=2 which skips
the consistency checks, but the IsStandard change is important for
miners in order to protect unpatched nodes.
2013-09-09 02:11:11 -07:00
Matt Corallo
55ed3f1475 Don't warn about forks while fIsInitialDownload 2013-09-03 22:22:13 -04:00
Gregory Maxwell
9d14e689c8 [raw] reject insanely high fees by default in sendrawtransaction
There have been several incidents where mainnet experimentation with
 raw transactions  resulted in insane fees.  This is hard to prevent
 in the raw transaction api because the inputs may not be known.
 Since sending doesn't work if the inputs aren't known, we can catch
 it there.

This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
 defaults and can be overridden with a bool at the rpc.
2013-08-28 15:49:51 -07:00
Gregory Maxwell
bf3a20a6e8 [wallet] Consider generated coins mature at COINBASE_MATURITY+1
We're not seeing large reorgs that would justify waiting a large
 amount past the rule required maturity, and the extra three
 hours is just a nuisance. Take one more block to at least give
 the 100th block time to propagate.
2013-08-28 10:16:50 -07:00
Pieter Wuille
24e5d7d5ae Fix out-of-bounds check 2013-08-24 23:22:27 +02:00
Gregory Maxwell
a7f533a972 Update the bloom state on the real object, not the temporary one.
This resulted in just passing all transactions to filtered wallets
which worked surprisingly well, except where it didn't.
2013-08-20 17:46:07 -07:00
Gregory Maxwell
37c6389c5a Performance optimization for bloom filters.
This reduces a peer's ability to attack network resources by
 using a full bloom filter, but without reducing the usability
 of bloom filters.  It sets a default match everything filter
 for peers and it generalizes a prior optimization to
 cover more cases.
2013-08-20 02:27:26 -07:00
Pieter Wuille
2461aba1ac Mempool consistency check 2013-08-15 23:55:35 +02:00
Pieter Wuille
f0784ac470 Fix non-standard disconnected transactions causing mempool orphans 2013-08-15 23:53:55 +02:00
Gavin Andresen
8fa9b5cc45 Merge pull request #2658 from TheBlueMatt/forkalert
Detect any sufficiently long fork and alert the user just like any other alert
2013-08-12 23:33:40 -07:00
Cozz Lovan
c7fa1a3586 do not call BuildMerkleTree() unnecessarily twice 2013-08-10 15:27:25 +02:00
Gavin Andresen
8dc206a1e2 Reject non-canonically-encoded sizes
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.

So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.

With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.

Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.

And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
2013-08-09 10:01:35 +10:00
Gavin Andresen
ddd0e2f616 Merge pull request #2871 from gavinandresen/simplify_maporphan
Simplify storage of orphan transactions, fix CVE-2013-4627
2013-08-06 17:11:48 -07:00
Gavin Andresen
15047f5af0 Merge pull request #2851 from TheBlueMatt/master
Prepare for mempool testing in pull-tester and fix multi-block transaction resurrection
2013-08-05 01:53:17 -07:00
Gavin Andresen
159bc48193 Simplify storage of orphan transactions
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.

This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
2013-08-02 16:10:25 +10:00
Gavin Andresen
8f6f92c72b Revert "Truncate oversize 'tx' messages before relaying/storing."
This reverts commit c40a5aaaf4.
2013-08-02 15:50:04 +10:00
Jeff Garzik
d247a5d130 Move internal miner/block creation to separate miner.cpp module.
Public functions referenced elsewhere are added to miner.h.
2013-07-31 09:43:35 -04:00
Jeff Garzik
18946846d5 Minor miner fixes (hey hey it's fun to say)
* Fix UpdateCoins() definition in main.h
* Remove pwalletMain reference from BitcoinMiner(), as it is passed
  a wallet argument.
2013-07-31 08:45:49 -04:00
Gavin Andresen
050d2e953f Remove #define loop from util.h
Replace the loop macro with while (true). The #define caused
problems for Qt.
2013-07-31 14:06:44 +10:00
Matt Corallo
9bf2a4aba2 Fix multi-block reorg transaction resurrection 2013-07-23 18:02:27 +02:00
Matt Corallo
d9ace8abe8 Don't use checkpoints and accept nonstd txn on -regtest 2013-07-23 18:02:26 +02:00
Matt Corallo
f65e7092a2 Better warning/"alert" messages for large-work forks. 2013-07-22 12:12:45 +02:00
Matt Corallo
f89faa2584 Call the -alertnotify script when we see a long or invalid fork. 2013-07-22 12:11:46 +02:00
Matt Corallo
b8585384da Detect any sufficiently long fork and add a warning.
Such a fork is defined as being at least 7 blocks long and
having a tip which is within 72 blocks of our best block.
2013-07-22 12:10:57 +02:00
Jeff Garzik
d598872726 Merge pull request #2743 from jgarzik/reject-reason
Log reason for non-standard transaction rejection
2013-07-10 08:50:49 -07:00
Pieter Wuille
4ad73c6b08 Merge pull request #2209 from CodeShark/WalletRegistrationLocks
Wallet registration locks in main.cpp + UnregisterAllWallet() function
2013-06-25 16:33:16 -07:00
Jeff Garzik
481d899794 Merge pull request #2792 from sipa/coreimpl
Move core implementations to core.cpp
2013-06-25 11:52:18 -07:00
Peter Todd
c40a5aaaf4 Truncate oversize 'tx' messages before relaying/storing.
Fixes a memory exhaustion attack on low-memory peers.
2013-06-25 10:37:50 -04:00
Pieter Wuille
f121db58e4 Move core implementations to core.cpp 2013-06-25 10:33:29 +02:00
Eric Lombrozo
e5cefb9be1 Added locks on the setpwalletRegistered functions in main.cpp and added an UnregisterAllWallets function. 2013-06-24 09:25:23 -07:00
Eric Lombrozo
2a4d3464fd Pulled AcceptBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
38991ffa8a Pulled CheckBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
1959997afb Pulled AddToBlockIndex out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
f3ae51dcce Pulled ConnectBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
5c363ed622 Pulled DisconnectBlock out of CBlock. 2013-06-23 19:59:34 -07:00
Eric Lombrozo
8031399494 Moved ReadBlockFromDisk implementation to main.cpp 2013-06-23 19:59:34 -07:00
Eric Lombrozo
7db120d531 Moved CBlock::ReadFromDisk out of CBlock to functions ReadBlockFromDisk in main.h 2013-06-23 19:59:34 -07:00
Eric Lombrozo
226f821942 Moved WriteBlockToDisk implementation from main.h to main.cpp 2013-06-23 19:59:32 -07:00
Eric Lombrozo
a6dba0fdb2 Moved CBlock::WriteToDisk out of CBlock to inline function WriteBlockToDisk in main.h 2013-06-23 19:58:23 -07:00
Jeff Garzik
4be2aba302 Merge pull request #2778 from jgarzik/rpc-verifydb
RPC: add 'verifychain' to verify chain database at runtime
2013-06-22 23:08:13 -07:00
Jeff Garzik
980bfe6ef8 Log reason for non-standard transaction rejection 2013-06-23 02:05:25 -04:00
Pieter Wuille
b4a8a326c0 Merge pull request #2660 from TheBlueMatt/gmfrefactor
Refactor fee rules to make them actually readable.
2013-06-22 10:08:57 -07:00
Jeff Garzik
f590653377 RPC: add 'verifychain', to verify chain database at runtime 2013-06-19 11:53:02 -04:00
Jeff Garzik
168ba99392 Pass check level, check depth to VerifyDB() 2013-06-19 11:32:49 -04:00
Mike Hearn
0e4b317555 Introduce a CChainParameters singleton class and regtest mode.
The new class is accessed via the Params() method and holds
most things that vary between main, test and regtest networks.
The regtest mode has two purposes, one is to run the
bitcoind/bitcoinj comparison tool which compares two separate
implementations of the Bitcoin protocol looking for divergence.

The other is that when run, you get a local node which can mine
a single block instantly, which is highly convenient for testing
apps during development as there's no need to wait 10 minutes for
a block on the testnet.
2013-06-19 16:28:52 +02:00
Mike Hearn
70e7fba06d Move implementation of some CBlockLocator methods
Move out of main.h to improve compile times and add documentation
for what the methods do.
2013-06-19 15:39:45 +02:00
Matt Corallo
87cce04c17 Refactor fee rules to make them actually readable.
This (nearly) doesn't change fee rules at all:
 * To make it into the fee transaction area, the dPriority comparison
   changed from < to <=
 * We now just ignore transactions > MAX_BLOCK_SIZE/4 instead of
   doing some calculations to require increasingly large fees as
   size increases.
2013-06-14 13:37:43 +02:00
Matt Corallo
b1f15b218b Remove broken option to skip input checking for wallet txn. 2013-06-13 22:28:03 +02:00
Eric Lombrozo
501da2503a Using boost::signals2 to message main from net.cpp. 2013-06-05 23:15:20 -07:00
Eric Lombrozo
aabdf9e899 Moved UpdateTime out of CBlockHeader and moved CBlockHeader into core. 2013-06-05 23:15:20 -07:00
Eric Lombrozo
05df3fc68d Removed AcceptToMemoryPool method from CTransaction. This method belongs to the mempool instance.
Removed AreInputsStandard from CTransaction, made it a regular function in main.
Moved CTransaction::GetOutputFor to CCoinsViewCache.

Moved GetLegacySigOpCount and GetP2SHSigOpCount out of CTransaction into regular functions in main.

Moved GetValueIn and HaveInputs from CTransaction into CCoinsViewCache.

Moved AllowFree, ClientCheckInputs, CheckInputs, UpdateCoins, and CheckTransaction out of CTransaction and into main.

Moved IsStandard and IsFinal out of CTransaction and put them in main as IsStandardTx and IsFinalTx. Moved GetValueOut out of CTransaction into main. Moved CTxIn, CTxOut, and CTransaction into core.

Added minimum fee parameter to CTxOut::IsDust() temporarily until CTransaction is moved to core.h so that CTxOut needn't know about CTransaction.
2013-06-05 23:15:20 -07:00
Eric Lombrozo
788536f175 Moved CInPoint to core. Removed GetMinFee from CTransaction and made it a regular function in main. 2013-06-05 23:15:19 -07:00
Eric Lombrozo
8926263dde Moved PushGetBlocks to main.cpp to eliminate dependence of net.cpp on CBlockLocator. 2013-06-05 20:36:10 -07:00
Cory Fields
13c84b3bd5 build: add global var for whether or not the gui is enabled 2013-06-04 03:54:14 -04:00
Philip Kaufmann
3260b4c090 remove GetBoolArg() fDefault parameter defaulting to false
- explicitly set the default of all GetBoolArg() calls
- rework getarg_test.cpp and util_tests.cpp to cover this change
- some indentation fixes
- move macdockiconhandler.h include in bitcoin.cpp to the "our headers"
  section
2013-06-01 12:53:57 +02:00
Jeff Garzik
d397715661 Merge pull request #2644 from sipa/constfindblock
Make FindBlockByHeight constant-time
2013-05-30 08:06:44 -07:00
Jeff Garzik
af93273799 Merge pull request #2657 from gmaxwell/its_after_may15_forever
It's after 2013-05-15 forever now, so remove the code for the May 15 fork
2013-05-30 07:35:44 -07:00
Pieter Wuille
95c7db3dbf More bestblock records in wallets
Write bestblock records in wallets:
* Every 20160 blocks synced, no matter what (before: none during IBD)
* Every 144 blocks after IBD (before: for every block, slow)
* When creating a new wallet
* At shutdown

This should result in far fewer spurious rescans.
2013-05-22 20:59:36 +02:00
Pieter Wuille
2ec349bc42 CreateNewBlock performance improvements 2013-05-21 03:53:32 +02:00
Gregory Maxwell
a824121eb8 It's after 2013-05-15 forever now, so remove the code for the May 15 fork. 2013-05-16 13:34:01 -07:00
Pieter Wuille
0fe8010a10 Make FindBlockByHeight constant-time.
Remove the pnext pointer in CBlockIndex, and replace it with a
vBlockIndexByHeight vector (no effect on memory usage). pnext can
now be replaced by vBlockIndexByHeight[nHeight+1], but
FindBlockByHeight becomes constant-time.

This also means the entire mapBlockIndex structure and the block
index entries in it become purely blocktree-related data, and
independent from the currently active chain, potentially allowing
them to be protected by separate mutexes in the future.
2013-05-12 19:52:16 +02:00
Gavin Andresen
33edd0a477 Merge pull request #2577 from gavinandresen/fee_bandaid
Treat dust outputs as non-standard, un-hardcode TX_FEE constants
2013-05-04 10:15:39 -07:00
Gavin Andresen
000dc55181 Un-hardcode TX_FEE constants
Allow setting of MIN_TX_FEE / MIN_RELAY_TX_FEE with
-mintxfee / -mintxrelayfee

Default values are the same (0.0001 BTC).
2013-05-03 10:54:31 -04:00
Gavin Andresen
8de9bb53af Define dust transaction outputs, and make them non-standard 2013-05-03 10:52:09 -04:00
Pieter Wuille
360cfe142c Allow the default key to be unavailable
This solves the issue where no default key can be added after -salvagewallet.
2013-04-25 19:36:10 +02:00
Pieter Wuille
97e7901a3a Do not invoke DoS for non-canonical sigs 2013-04-18 22:49:23 +02:00
Pieter Wuille
20d0810f30 Require strictly-standard encodings in mempool 2013-04-14 00:17:49 +02:00
Pieter Wuille
1657c4bc49 Use a uint256 for bnChainWork
Every block index entry currently requires a separately-allocated
CBigNum. By replacing them with uint256, it's just 32 bytes extra
in CBlockIndex itself.

This should save us a few megabytes in RAM, and less allocation
overhead.
2013-04-12 12:17:28 +02:00
Gavin Andresen
f158e363a4 Merge pull request #2478 from sipa/fullhash
Always print full hashes (tx, block, inv)
2013-04-09 10:57:16 -07:00
Pieter Wuille
6ed71b5e4f Make sure we always have a node to do IBD from
This introduces the concept of the 'sync node', which is the one we
asked for missing blocks. In case the sync node goes away, a new one
will be selected.

For now, the heuristic is very simple, but it can easily be extended
later to add better policies.
2013-04-07 19:19:13 +02:00
Pieter Wuille
1c06aa98c6 Always print full hashes (tx, block, inv) 2013-04-07 03:43:55 +02:00
Philip Kaufmann
b001c87126 small indentation, space, formatting fixes (no code changes) 2013-04-06 02:29:33 +02:00
Gavin Andresen
aaf47eac3a Merge pull request #2423 from TheBlueMatt/limitedmapalreadyaskedfor
Limited mapAlreadyAskedFor
2013-04-03 18:31:35 -07:00
Gavin Andresen
a0a437c86a Merge pull request #2357 from gavinandresen/shutdowncleanup
Thread / shutdown cleanup
2013-04-03 18:25:00 -07:00
Gavin Andresen
1c4f02139c Merge pull request #2453 from sipa/txstats
Update transaction statistics
2013-04-03 18:23:50 -07:00
Pieter Wuille
92a129980f Update transaction statistics
As these were not updated when 'backporting' the 225430 checkpoint
into head.

Additionally, also report verification progress in debug.log, and
tweak the sigcheck-verification-speed-factor a bit.
2013-04-04 02:39:44 +02:00
Gavin Andresen
b31499ec72 Clean up shutdown process 2013-04-03 19:57:53 -04:00
Gavin Andresen
21eb5adadb Port Thread* methods to boost::thread_group 2013-04-03 19:57:13 -04:00
Gavin Andresen
1b43bf0d3a Rename util.h Sleep --> MilliSleep
Two reasons for this change:
1. Need to always use boost::thread's sleep, even on Windows, so the
sleeps can be interrupted (prior code used Windows' built-in Sleep).

2. I always forgot what units the old Sleep took.
2013-04-03 14:04:21 -04:00
Gavin Andresen
c8c2fbe07f Shutdown cleanup prep-work
Create a boost::thread_group object at the qt/bitcoind main-loop level
that will hold pointers to all the main-loop threads.

This will replace the vnThreadsRunning[] array.

For testing, ported the BitcoinMiner threads to use its
own boost::thread_group.
2013-04-03 14:04:21 -04:00
Gavin Andresen
d8aae1ce1d Merge pull request #2420 from sipa/globclean
Global cleanups
2013-04-02 10:00:31 -07:00
Matt Corallo
eb59c4ca8e Revert "Actually use mapAlreadyAskedFor."
This reverts commit 643160f6e7.

Turns out this commit was useless after a more careful reading of
CNode::AskFor
2013-04-01 11:56:22 -04:00
Pieter Wuille
c7f039b674 Process getdata invs separately until send buffer overflows
There exists a per-message-processed send buffer overflow protection,
where processing is halted when the send buffer is larger than the
allowed maximum.

This protection does not apply to individual items, however, and
getdata has the potential for causing large amounts of data to be
sent. In case several hundreds of blocks are requested in one getdata,
the send buffer can easily grow 50 megabytes above the send buffer
limit.

This commit breaks up the processing of getdata requests, remembering
them inside a CNode when too many are requested at once.
2013-03-30 18:14:54 +01:00
Pieter Wuille
41b052ad87 Use per-message send buffer, rather than per connection 2013-03-29 23:56:26 +01:00
Pieter Wuille
967f24590b Some fixes to CNetMessage processing
* Change CNode::vRecvMsg to be a deque instead of a vector (less copying)
* Make sure to acquire cs_vRecvMsg in CNode::CloseSocketDisconnect (as it
  may be called without that lock).
2013-03-29 23:56:26 +01:00
Jeff Garzik
607dbfdeaf P2P: parse network datastream into header/data components in socket thread
Replaces CNode::vRecv buffer with a vector of CNetMessage's.  This simplifies
ProcessMessages() and eliminates several redundant data copies.

Overview:

* socket thread now parses incoming message datastream into
  header/data components, as encapsulated by CNetMessage
* socket thread adds each CNetMessage to a vector inside CNode
* message thread (ProcessMessages) iterates through CNode's CNetMessage vector

Message parsing is made more strict:

* Socket is disconnected, if message larger than MAX_SIZE
  or if CMessageHeader deserialization fails (latter is impossible?).
  Previously, code would simply eat garbage data all day long.
* Socket is disconnected, if we fail to find pchMessageStart.
  We do not search through garbage, to find pchMessageStart.  Each
  message must begin precisely after the last message ends.

ProcessMessages() always processes a complete message, and is more efficient:

* buffer is always precisely sized, using CDataStream::resize(),
  rather than progressively sized in 64k chunks.  More efficient
  for large messages like "block".
* whole-buffer memory copy eliminated (vRecv -> vMsg)
* other buffer-shifting memory copies eliminated (vRecv.insert, vRecv.erase)
2013-03-29 23:56:25 +01:00
Pieter Wuille
3427517d50 Clean up global datastructures at shutdown.
This should make detecting leaks much easier.
2013-03-29 02:24:18 +01:00
Gavin Andresen
402f19b645 Before 15 May, limit created block size to 500K 2013-03-17 21:53:01 -04:00
Gavin Andresen
8c222dca4f CheckBlock rule until 15-May for 10,000 BDB lock compatibility 2013-03-17 21:52:47 -04:00
Wladimir J. van der Laan
0bd573d666 Merge pull request #2186 from Diapolo/misc_stuff
small changes in init, main, checkpoints.h and bitcoin-qt.pro
2013-02-23 23:52:27 -08:00
Gavin Andresen
cc67f1e2b4 Merge pull request #2221 from sipa/perfo
Various performance tweaks to CCoinsView
2013-02-22 09:01:30 -08:00
Gavin Andresen
b8f4e42e1b Merge pull request #2229 from sipa/prealloc
Native versions for AllocateFileRange()
2013-02-22 09:00:13 -08:00
Philip Kaufmann
69e0774714 small changes in init, main, checkpoints.h and bitcoin-qt.pro
- remove an unneeded MODAL flag, as MSG_ERROR sets MODAL
- re-order an if-clause in main to have bool checks before a function call
- fix some log messages that used wrong function names
- make a log message use a correct ellipsis
- remove some unneded spaces, brackets and line-breaks
- fix style for adding files in the Qt project
2013-02-20 08:46:38 +01:00
Pieter Wuille
f7f3a96b74 Improve block database load error reporting 2013-02-17 23:25:42 +01:00
Gavin Andresen
8f66aedfaa Merge pull request #2279 from sipa/cvrbip30
Bugfix CValidationResult for BIP30 + add DoS
2013-02-06 12:58:52 -08:00
Pieter Wuille
7cdc37c0a4 Bugfix CValidationResult for BIP30 + add DoS 2013-02-06 16:33:51 +01:00
Rubén Darío Ponticelli
e90b831e83 Do not call ResendWalletTransactions when reindexing, importing or on IBD
Calling ResendWalletTransactions when reindexing, importing or on IBD spams
other nodes with our old transactions, because they become unconfirmed.
2013-02-05 18:29:41 -03:00
Gavin Andresen
79892883d7 Merge branch 'reindexgen' of git://github.com/sipa/bitcoin 2013-02-05 10:15:06 -05:00