aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/wallet2.h
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-08-02 21:48:09 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-08-11 14:35:27 +0100
commit11dc091464a6cef41434a0bb9f8604f6151c8dc5 (patch)
tree73d1477b6d788dce5ee60502306f6a56cde53045 /src/wallet/wallet2.h
parentnew unlocked parameter to output_histogram (diff)
downloadmonero-11dc091464a6cef41434a0bb9f8604f6151c8dc5.tar.xz
Fake outs set is now decided by the wallet
This plugs a privacy leak from the wallet to the daemon, as the daemon could previously see what input is included as a transaction input, which the daemon hadn't previously supplied. Now, the wallet requests a particular set of outputs, including the real one. This can result in transactions that can't be accepted if the wallet happens to select too many outputs with non standard unlock times. The daemon could know this and select another output, but the wallet is blind to it. It's currently very unlikely since I don't think anything uses non default unlock times. The wallet requests more outputs than necessary so it can use spares if any of the returns outputs are still locked. If there are not enough spares to reach the desired mixin, the transaction will fail.
Diffstat (limited to '')
-rw-r--r--src/wallet/wallet2.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index 9ff6c4e21..d0c514a6d 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -668,12 +668,12 @@ namespace tools
"daemon returned wrong response for getrandom_outs.bin, wrong amounts count = " +
std::to_string(daemon_resp.outs.size()) + ", expected " + std::to_string(selected_transfers.size()));
- std::vector<COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount> scanty_outs;
+ std::unordered_map<uint64_t, uint64_t> scanty_outs;
BOOST_FOREACH(COMMAND_RPC_GET_RANDOM_OUTPUTS_FOR_AMOUNTS::outs_for_amount& amount_outs, daemon_resp.outs)
{
if (amount_outs.outs.size() < fake_outputs_count)
{
- scanty_outs.push_back(amount_outs);
+ scanty_outs[amount_outs.amount] = amount_outs.outs.size();
}
}
THROW_WALLET_EXCEPTION_IF(!scanty_outs.empty(), error::not_enough_outs_to_mix, scanty_outs, fake_outputs_count);