* makefile.test.include: Let privatesend_tests.cpp depend on ENABLE_WALLET
* test: Implement unit tests for CTransactionBuilder
* Check that we can decrease the amount and GetAmountLeft() is updated accordingly
* Check if resulting tx has a change output when expected
* Avoid pushing nullptr into vecOutputs
* Add few notes about size calculations
* nit: better readability (imo)
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* test: Implement unit tests for CWallet::CreateTransaction
* test: Reset minRelayTxFee in CreateTransactionTest
At this point its modified from an other test when running all unit
tests which lets this test fail unexpectedly.
* test: Lock cs_main/cs_wallet when required in CreateTransactionTest
* test: Add new test in CreateTransactionTest
Test if the wallet creation fails properly with the correct error
messages.
* test: Fixed expected test results for some CreateTransactionTest cases
* test: Fail if CreateTransaction runs into "Exceed max tries" case
* test: Adjust last return in CreateTransaction
* test: Drop dust tests
* wallet: Remove unused vecTxDSInTmp in CWallet::CreateTransaction
* wallet: Calculate fees earlier and respect them in change determination
* wallet: Cleanup obsolete code in CreateTransaction
This parts were needed before when the fee was calculated after the
change was assigned. But now with the previous commit the fee is
calculated upfront and respected properly from the begining. So there is
no longer a need of increasing or decreasing the change depending on the
fee as it has the correct value directly after its added.
* wallet: Try to pick other inputs if the selected ones are too small
If nChange is negative in this cases it means that the selected inputs
can't cover the amount to send and the required transaction fee. So we
just add the missing amount to nFeeRet. This leads to the algo
trying to pick larger inputs in the next loop (with nFeeRet more duffs
than in the previous loop). This process gets repeated until the selected
amount is enough to cover all the costs or until the requested amount
can't be selected anymore (not enough utxos to cover it).
* wallet: Break the loop if the transaction is ready
* wallet: Respect additional amount from previous cycles
* wallet: Respect available in coin selection, try all coins in last round
* wallet: Avoid potential infinite loop, just in case..
* wallet: Fix signing in CreateTransaction
Prior it was messed because of 60d96a1a28b55f071c6144f248e136679c44337e.
Set coins isn't sorted the same way as txNew.vin is so it sometimes may
pick wrong coins for signing the input.
* wallet: Fix change calculation if "subtract fee from amount" is enabled
* wallet: Return after fee calc if no or not enough amount available
Return the proper fail reason. Prior to this commit it run into
"Exceeded max tried".
Note: Only return if not enough amount is available if we can't subtract
fee from amount.
* wallet: Fix break logic if available amount is not enough
* Revert "wallet: Fix signing in CreateTransaction"
This reverts commit 5fcdc0f00e7b961ebb62c94d17d585537e911309.
* Use a vector of coins instead of a set in CreateTransaction and sort it in a BIP69 compliant way when needed
* wallet: Adjust comment
* Cleaner usage of nChangePosRequest/InOut
* Simplify some fail/try-again conditions (fixed)
* Loop through outputs to update change output position only when outputs are sorted for BIP69
No need to do this for non-bip69 cases (i.e. when a specific change output position was requested and assigned)
* Avoid implicit conversions of int-s into bool-s
* Move `nAmountLeft == nFeeRet` check higher, tweak comments
* wallet: Fix some formatting
* wallet: Improve CTxIn creation in CreateTransaction
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* wallet: Add m_dust_feerate to CCoinControl / Use it in CreateTransaction
* privatesend: Introduce CTransactionBuilder/CTransactionBuilderOutput
Builder classes for transactions from type
Inputs: Defined by CompactTallyItem
Outputs: Simple outputs with lose reserve keys
This takes fully takes care of fee calculations and makes sure calculations are the same like those happening when actually create the transaction with CreateTransaction.
* privatesend: Improve amount/fee calculation in CreateDenominated
* privatesend: Improve amount/fee calculation in MakeCollateralAmounts
* qt: Fix decomposeTransaction's MakeCollateralAmounts detection
Align it with the three cases in CPrivateSendClientSession::MakeCollateralAmounts
* Refactor GetFee
The fee rate is always coinControl.m_feerate, also it's not used outside so should be a private method
* Simplify nBytesOutput calculations
* Drop unused GetBytesOutput()
* Make Clear(), GetBytesTotal() and GetAmountUsed() private
* Drop unused GetCoinControl()
* Make ToString() const
* Refactor `CTransactionBuilder::Commit()`
* Reorder cases in decomposeTransaction
* Fix "finished" conditions in CreateDenominated
* Fix typo
* wallet|privatesend: Refactor CCoinControl's m_dust_feerate -> m_discard_feerate
* privatesend: Drop unused member CTransactionBuilder::dustFeeRate
* privatesend: Improve CTransactionBuilder's readability
* privatesend: Make the static CTransactionBuilder::GetAmountLeft private
* wallet: Recover previous code style
* Update src/privatesend/privatesend-util.cpp
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* Tweak CTransactionBuilder to respect potential compact size diffs
* Tweak GetFee param type
* Trivial log/comments tweaks
* privatesend: Fix countPossibleOutputs
- Fix off by one issue
- Respect max outputs threshold
* privatesend: Use GetSizeOfCompactSizeDiff in CTransactionBuilder
* Apply suggestions from code review
Co-authored-by: PastaPastaPasta <6443210+PastaPastaPasta@users.noreply.github.com>
* privatesend: Rename TryAdd to CouldAdd in CTransactionBuilder
* wallet: Reset m_discard_feerate in CCoinControl::SetNull
* Respect `-paytxfee` and `settxfee`
* privatesend: Check for denominated amount only where really required
* qt: Remove obsolete IsCollateralAmount() checks
* privatesend: Don't accept negative amounts in CTransactionBuilder
* privatesend: Remove unused CConnman parameter
* use emplace_back instead of push_back
Signed-off-by: pasta <pasta@dashboost.org>
* fix typos
Signed-off-by: pasta <pasta@dashboost.org>
* make GetAmount const
Signed-off-by: pasta <pasta@dashboost.org>
* privatesend: Explicit capture __func__ in needMoreOutputs lambda
* privatesend: Update CTransactionBuilder::UpdateAmount
* remove const on parameter in declaration
Signed-off-by: pasta <pasta@dashboost.org>
* handle unsigned int -> int conversions a bit better
Signed-off-by: pasta <pasta@dashboost.org>
* explicitly cast to int from unsigned int.
estimateSmartFee handles it if negative
Signed-off-by: pasta <pasta@dashboost.org>
* Make CTransactionBuilderOutput::GetScript const
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* privatesend: Update comments to follow doxygen
* privatesend: Add class descriptions
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
Co-authored-by: PastaPastaPasta <6443210+PastaPastaPasta@users.noreply.github.com>
Co-authored-by: pasta <pasta@dashboost.org>
* [QT] Add last block hash to debug ui
Trivial addition to display last block hash next to last block time
* [QT] Make last block hash selectable
... and linter happy
Switch QMetaObject to get last hash from pIndex instead of clientmodel
* [Trivial] Fix trailing whitespaces
* Harden Spork6
Spork6 was previously activated on testnet, but we then developed an alternative fix for the issue and never activated spork6 on mainnet. At this point, Spork6 will not be activated on mainnet.
As such, it makes sense to harden Spork6 and ensure that spork6 will never be activated on mainnet. So, we just change from checking Spork6 to checking if we are on testnet. If we are on testnet, use spork6 logic, else don't.
Signed-off-by: pasta <pasta@dashboost.org>
* remove now unused SPORK_6_NEW_SIGS
Signed-off-by: pasta <pasta@dashboost.org>
* force fSporkSixActive to be correct, otherwise return
Signed-off-by: pasta <pasta@dashboost.org>
* Harden spork6 even more
* Add TODO in chainparams as a reminder to drop all spork6 related code on next testnet reset
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* Use GetRealOut... instead of Capped
Signed-off-by: pasta <pasta@dashboost.org>
* Add "ps_salt" value to walletdb
This value is used to deterministically pick a random number of rounds to mix, between N and N + GetRandomRounds. A salt is needed in addition to the inputs hash to ensure that an attacker learns nothing from looking at the blockchain.
Signed-off-by: pasta <pasta@dashboost.org>
* Implement Random Round Mixing
This implements "Random Round Mixing." Previously, attempted attacks on PrivateSend assumed that all inputs had been mixed for the same number of rounds. Noramlly assuming 2,4,8 or 16.
While none of these attacks have been successful, they still teach what we can do to make our system more robust, and one of those ways is to implement "Random Round Mixing".
Under the previous system, inputs were mixed up until N rounds (configured by user). At this point, the input was considered mixed, and could be private-sent. Under this new system, an input will be mixed to N rounds like prior. However, at this point, Sha256d(input, salt) will be calculated (note: this likely could be a more efficient hash function than double sha256, but that can be done in another PR / version if needed). If (hash % 2 == 0), then the input will be mixed again.
This results in an exponential decay where if you mix a set of inputs, half of those inputs will be mixed for N rounds, 1/4 will be mixed N+1, 1/8 will be mixed N+2, etc. This current implementation caps it at N+2. This results in mixing an average of N+0.875 rounds. If you removed the cap, you would mix on average N+1 rounds.
Signed-off-by: pasta <pasta@dashboost.org>
* Make PS salt a private member of CWallet, tweak the way it's initialized
* Introduce `CWallet::IsFullyMixed` and use it everywhere instead of comparing rounds directly to ensure consistency between coin selection logic, balance calculations and gui
* Tweak `GetRealOutpointPrivateSendRounds` to respect random rounds
* Tweak IsFullyMixed to make decision on a per-outpoint basis instead of a per-tx one
* make a comment doxygen
Signed-off-by: pasta <pasta@dashboost.org>
* Rename GetPrivateSendSalt InitPrivateSendSalt, since it is not a getter
Signed-off-by: pasta <pasta@dashboost.org>
* move the comment below GetRounds call
Signed-off-by: pasta <pasta@dashboost.org>
* don't use GetCappedOutpointPrivateSendRounds when printing to RPC
Signed-off-by: pasta <pasta@dashboost.org>
* Simplify hashing in IsFullyMixed
Uses just 1 sha256 instead of 3 (1 in SerializeHash + 2 in Hash)
* undo comment change
Signed-off-by: pasta <pasta@dashboost.org>
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
* test: Fix importwallet_rescan test
The wallet should be removed after the dumpwallet() call otherwise it
may lead to unepexted behaviour in other wallet tests since the wallet
stays in vpwallets then.
* tests: Change where RemoveWallet call is to be more in line with upstream
Signed-off-by: pasta <pasta@dashboost.org>
Co-authored-by: pasta <pasta@dashboost.org>
* Print exception origin in crash messages
We use `PrintExceptionContinue` in many places and we pass crash origin to it as a param but we never use it. Also, change the param name to better match its meaning.
* Update src/util.cpp
Co-authored-by: dustinface <35775977+xdustinface@users.noreply.github.com>
Co-authored-by: dustinface <35775977+xdustinface@users.noreply.github.com>
It seems like the idea here was to avoid announcing already available sigshares for a signhash to everyone if concentrated recovery is enabled. But by returning there if `IsAllMembersConnectedEnabled` equals to `false` we disable the re-announcements prior to the spork activation, where we want to still have them and re-enable if the spork is enabled where we don't want to have them.
* Mostly trivial clang-tidy changes in masternode
Signed-off-by: pasta <pasta@dashboost.org>
* uint -> size_t
Signed-off-by: pasta <pasta@dashboost.org>
* Make GetSyncStatus const not static and ProcessMessage const
Signed-off-by: pasta <pasta@dashboost.org>
For some reason Travis doesn't seem to like having the same name on different stages and ignores the cache that was built earlier. Making job names stage specific fixes cache issues.
* Adjust CDeterministicMNState, add helper methods
Changes all setting of `nPoSeBanHeight` into a call to `BanIfNotBanned`
Adds a helper method `IsBanned` that just is `return nPoSeBanHeight != -1`
In my opinion this makes the code generally more readable and easy to understand
Adds `Revive` helper method
I don't feel too strongly about this, because from what I have seen, this revive code is only done in one place,
but I generally think it makes sense to be a helper method of it's own
Signed-off-by: pasta <pasta@dashboost.org>
* Add `!` that was accidentally not added
Signed-off-by: pasta <pasta@dashboost.org>
* Make nPoSeBanHeight private
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
Prior to this commit there are (imo) flaws in the behaviour of the PrivateSend tab.
- If you enter an address, label, add a recipient, do whatever in the normal Send tab its also reflected in
the PrivateSend tab
- If you select fully mixed coins in the Send tab's CoinControl they are also selected
in the PrivateSend tab if you switch over.
- If you select non-fully mixed coins in the Send tab's CoinControl you
get a warning when switching over to PrivateSend tab due to non-fully
mixed coins selected in CoinControl.
With giving the private send tab separate instances of `SendCoinsDialog` and `CCoinControl` they are independent
from each other which just makes more sense imo and by doing this the points above are solved.
I would say this just better reflects the actual behaviour of a tab.
* Introduce FAST_MODE Gitlab variable
Default: "false". When "true", only run linter on arm and unit/functional tests on linux64, skip everything else.
* fix ordering I accidentially somehow changed
Signed-off-by: pasta <pasta@dashboost.org>
* remove x86_64-unknown-linux-gnu
Signed-off-by: pasta <pasta@dashboost.org>
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
Currently Travis displays env vars which make it hard to identify individual jobs by simply looking at the list because all env vars start with the same strings.
21be609b49 In lint-format-strings, open files sequentially (Glenn Willen)
Pull request description:
In lint-format-strings, we use python argparse to read our file arguments. In
this mode, argparse opens all the files simultaneously. On OS X, where the
default filehandle limit is 128, this causes the lint to fail. Instead, ask
argparse for our filename arguments as strings, and open them one at a time
using 'with open'.
Tree-SHA512: 4c7dabf98818a7c5d83ab10c61b89a26957fe399e39e933e30c561cb45c5e8ba6f6aedcde8343da0c32ee340289a8897db6a33708e35ee381334ee27e3f4d356
341f7c7b0e macOS fix: Check for correct version of flake8 to avoid spurious warnings. The brew installed flake8 version is Python 2 based and does not work. (practicalswift)
908a559f33 macOS fix: Add excludes for checks added in the newer shellcheck version installed by brew (practicalswift)
ec4d57bbb3 macOS fix: Work around empty (sub)expression error when using BSD grep (practicalswift)
b57d7d92fe macOS fix: Avoid mapfile due to ancient version of bash shipped with macOS (practicalswift)
Pull request description:
The linters are thoroughly tested under Ubuntu which is what we use in Travis. When reading #14041 I understood that some developers were experiencing problems when running the linters on their local machines.
Assuming these local machines were running macOS I installed a fresh macOS VM, followed the instructions in `build-osx.md` and ran the linters.
This PR contains the changes needed to make `lint-all.sh` run as expected.
Ideally the linters would continuously run also under a Travis macOS environment to make sure we catch these kind of issues before merge.
Tree-SHA512: b39c9a970d14d27db1fb592539923c0bc676b5217f415d02fda3f17bf54d46faa172376e8a3ecab07ca68a3acba9aebe00b2b1b2161b2a36b85fbb672e7efb5c
fa3c910bfeab00703c947c5200a64c21225b50ef test: Move linters to test/lint, add readme (MarcoFalke)
Pull request description:
This moves the checks and linters from `devtools` to a subfolder in `test`. (Motivated by my opinion that the dev tools are mostly for generating code and updating the repo whereas the linters are read-only checks.)
Also, adds a readme to clarify that checks and linters are only meant to prevent bugs and user facing issues, not merely stylistic preference or inconsistencies. (This is motivated by the diversity in developers and work flows as well as existing code styles. It would be too disruptive to change all existing code to a single style or too burdensome to force all developers to adhere to a single style. Also note that our style guide is changing, so locking in at the wrong style "too early" would only waste resources.)
Tree-SHA512: 9b10e89f2aeaf0c8a9ae248aa891d74e0abf0569f8e5dfd266446efa8bfaf19f0ea0980abf0b0b22f0d8416ee90d7435d21a9f9285b66df43f370b7979173406