diff --git a/src/policy/packages.h b/src/policy/packages.h index 82d9e86042..47c6717b03 100644 --- a/src/policy/packages.h +++ b/src/policy/packages.h @@ -19,6 +19,15 @@ static constexpr uint32_t MAX_PACKAGE_COUNT{25}; static constexpr uint32_t MAX_PACKAGE_SIZE{101}; static_assert(MAX_PACKAGE_SIZE * 1000 >= MAX_STANDARD_TX_SIZE); +// If a package is submitted, it must be within the mempool's ancestor/descendant limits. Since a +// submitted package must be child-with-unconfirmed-parents (all of the transactions are an ancestor +// of the child), package limits are ultimately bounded by mempool package limits. Ensure that the +// defaults reflect this constraint. +static_assert(DEFAULT_DESCENDANT_LIMIT >= MAX_PACKAGE_COUNT); +static_assert(DEFAULT_ANCESTOR_LIMIT >= MAX_PACKAGE_COUNT); +static_assert(DEFAULT_ANCESTOR_SIZE_LIMIT >= MAX_PACKAGE_SIZE); +static_assert(DEFAULT_DESCENDANT_SIZE_LIMIT >= MAX_PACKAGE_SIZE); + /** A "reason" why a package was invalid. It may be that one or more of the included * transactions is invalid or the package itself violates our rules. * We don't distinguish between consensus and policy violations right now. diff --git a/src/policy/policy.h b/src/policy/policy.h index 89ef3ec391..24bf8c7f11 100644 --- a/src/policy/policy.h +++ b/src/policy/policy.h @@ -20,41 +20,55 @@ class CFeeRate; class CScript; /** Default for -blockmaxsize, which controls the maximum size of block the mining code will create **/ -static const unsigned int DEFAULT_BLOCK_MAX_SIZE = 2000000; +static constexpr unsigned int DEFAULT_BLOCK_MAX_SIZE{2000000}; /** Default for -blockmintxfee, which sets the minimum feerate for a transaction in blocks created by mining code **/ -static const unsigned int DEFAULT_BLOCK_MIN_TX_FEE = 1000; +static constexpr unsigned int DEFAULT_BLOCK_MIN_TX_FEE{1000}; /** The maximum size for transactions we're willing to relay/mine */ -static const unsigned int MAX_STANDARD_TX_SIZE = 100000; +static constexpr unsigned int MAX_STANDARD_TX_SIZE{100000}; /** The minimum size for transactions we're willing to relay/mine (1 empty scriptSig input + 1 P2SH output = 83 bytes) */ -static const unsigned int MIN_STANDARD_TX_SIZE = 83; +static constexpr unsigned int MIN_STANDARD_TX_SIZE{83}; /** Maximum number of signature check operations in an IsStandard() P2SH script */ -static const unsigned int MAX_P2SH_SIGOPS = 15; +static constexpr unsigned int MAX_P2SH_SIGOPS{15}; /** The maximum number of sigops we're willing to relay/mine in a single tx */ -static const unsigned int MAX_STANDARD_TX_SIGOPS = 4000; +static constexpr unsigned int MAX_STANDARD_TX_SIGOPS{4000}; /** Default for -maxmempool, maximum megabytes of mempool memory usage */ -static const unsigned int DEFAULT_MAX_MEMPOOL_SIZE = 300; +static constexpr unsigned int DEFAULT_MAX_MEMPOOL_SIZE{300}; /** Default for -incrementalrelayfee, which sets the minimum feerate increase for mempool limiting or BIP 125 replacement **/ -static const unsigned int DEFAULT_INCREMENTAL_RELAY_FEE = 1000; +static constexpr unsigned int DEFAULT_INCREMENTAL_RELAY_FEE{1000}; /** Default for -bytespersigop */ -static const unsigned int DEFAULT_BYTES_PER_SIGOP = 20; +static constexpr unsigned int DEFAULT_BYTES_PER_SIGOP{20}; /** Default for -permitbaremultisig */ -static const bool DEFAULT_PERMIT_BAREMULTISIG = true; +static constexpr bool DEFAULT_PERMIT_BAREMULTISIG{true}; /** The maximum size of a standard ScriptSig */ -static const unsigned int MAX_STANDARD_SCRIPTSIG_SIZE = 1650; +static constexpr unsigned int MAX_STANDARD_SCRIPTSIG_SIZE{1650}; /** Min feerate for defining dust. Historically this has been based on the * minRelayTxFee, however changing the dust limit changes which transactions are * standard and should be done with care and ideally rarely. It makes sense to * only increase the dust limit after prior releases were already not creating * outputs below the new threshold */ -static const unsigned int DUST_RELAY_TX_FEE = 3000; +static constexpr unsigned int DUST_RELAY_TX_FEE{3000}; /** Default for -minrelaytxfee, minimum relay fee for transactions */ -static const unsigned int DEFAULT_MIN_RELAY_TX_FEE = 1000; +static constexpr unsigned int DEFAULT_MIN_RELAY_TX_FEE{1000}; +/** Default for -limitancestorcount, max number of in-mempool ancestors */ +static constexpr unsigned int DEFAULT_ANCESTOR_LIMIT{25}; +/** Default for -limitancestorsize, maximum kilobytes of tx + all in-mempool ancestors */ +static constexpr unsigned int DEFAULT_ANCESTOR_SIZE_LIMIT{101}; +/** Default for -limitdescendantcount, max number of in-mempool descendants */ +static constexpr unsigned int DEFAULT_DESCENDANT_LIMIT{25}; +/** Default for -limitdescendantsize, maximum kilobytes of in-mempool descendants */ +static constexpr unsigned int DEFAULT_DESCENDANT_SIZE_LIMIT{101}; +/** + * An extra transaction can be added to a package, as long as it only has one + * ancestor and is no larger than this. Not really any reason to make this + * configurable as it doesn't materially change DoS parameters. + */ +static constexpr unsigned int EXTRA_DESCENDANT_TX_SIZE_LIMIT{10000}; /** * Standard script verification flags that standard transactions will comply * with. However scripts violating these flags may still be present in valid * blocks and we must accept those blocks. */ -static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY_FLAGS | +static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS{MANDATORY_SCRIPT_VERIFY_FLAGS | SCRIPT_VERIFY_DERSIG | SCRIPT_VERIFY_STRICTENC | SCRIPT_VERIFY_MINIMALDATA | @@ -65,13 +79,13 @@ static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VE SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY | SCRIPT_VERIFY_CHECKSEQUENCEVERIFY | SCRIPT_VERIFY_LOW_S | - SCRIPT_VERIFY_CONST_SCRIPTCODE; + SCRIPT_VERIFY_CONST_SCRIPTCODE}; /** For convenience, standard but not mandatory verify flags. */ -static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS; +static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS{STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS}; /** Used as the flags parameter to sequence and nLocktime checks in non-consensus code. */ -static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS = LOCKTIME_VERIFY_SEQUENCE; +static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS{LOCKTIME_VERIFY_SEQUENCE}; CAmount GetDustThreshold(const CTxOut& txout, const CFeeRate& dustRelayFee); diff --git a/src/validation.h b/src/validation.h index daa9ec454f..224a44d295 100644 --- a/src/validation.h +++ b/src/validation.h @@ -19,6 +19,7 @@ #include #include #include +#include #include