| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
This reverts commit 63c7ca07fba2f063c760f786a986fb3e02fb040e, reversing
changes made to 2218e23e84a89e9a1e4c0be5d50f891ab836754f.
|
|
23aae55 Remove payload copy in all outgoing p2p messages (Lee Clagett)
|
|
fe63256 cryptonote_protocol_handler: fix race condition (anon)
ded2f3a cryptonote_protocol_handler: add race condition demo (anon)
|
|
76fe73b Revert 'fix accessing an network address in a deleted context' (selsta)
|
|
|
|
85db173 Remove unused variables in monero codebase (Kevin Barbour)
|
|
f10c9a1 remove obsolete pruning debug code (moneromooo-monero)
|
|
There are quite a few variables in the code that are no longer
(or perhaps never were) in use. These were discovered by enabling
compiler warnings for unused variables and cleaning them up.
In most cases where the unused variables were the result
of a function call the call was left but the variable
assignment removed, unless it was obvious that it was
a simple getter with no side effects.
|
|
|
|
ab5e185 protocol: fix wrong command in logs (moneromooo-monero)
|
|
dd5e689 protocol: add calls to reserve where appropriate (moneromooo-monero)
|
|
This reverts commit 4e74385a1ae9eae4ae9e8d155dfd96978eb10e7a.
|
|
|
|
927141bcc Command max_bytes moved from dynamic map to static switch (Lee Clagett)
|
|
38a6e6e protocol: handle receiving a block hash we've not added yet (moneromooo-monero)
|
|
4e74385a1 fix accessing an network address in a deleted context (moneromooo-monero)
|
|
|
|
Both drop_connection and add_host_fail can drop the connection,
which invalidates the context, and thus the address it contains.
Thanks to wfaressuissia[m] for lots of help and prodding when
debugging this
|
|
|
|
61b6e4cc6 Add aggressive restrictions to pre-handshake p2p buffer limit (Lee Clagett)
|
|
0aa541b36 protocol: more sanity checks in new chain block hashes (moneromooo-monero)
|
|
|
|
this is not a levin packet, this is just its payload
|
|
this prevents losing time of "idle time" for a peer, which could
otherwise be reset by another timed sync command from the peer
|
|
it'd trigger on reorgs
|
|
|
|
efe83982d protocol: drop nodes if they claim new data but only give stale data (moneromooo-monero)
|
|
cf7e1571d protocol: reject claimed block hashes that already are in the chain (moneromooo-monero)
af0a25544 protocol: drop peers we can't download anything from in sync mode (moneromooo-monero)
|
|
Some joker is spending time actually doing this
|
|
|
|
f3c0d4f protocol: remove unused (and cunningly uninitialized) field (moneromooo-monero)
8e62362 p2p: ifx getting seed nodes for uncommon cases (moneromooo-monero)
|
|
true if and pretty much only if new blocks are being added
|
|
|
|
|
|
instead of the (incorrect) check for whether we think we might have
a user for it at some point in the near future. We can reconnect.
|
|
|
|
543733d protocol: include first new block in chain entry response (moneromooo-monero)
|
|
5d1849a protocol: stricter checks on received chain hash list (moneromooo)
|
|
|
|
|
|
We can actually request a chain that's further away from what we
have as we buffer more and more
|
|
cd7e9769d protocol: one more sanity check on usable data from a peer (moneromooo-monero)
|
|
5dee031b2 protocol: add a sanity check to the number of block hashes sent (moneromooo-monero)
|
|
eb77790df protocol: fix asking for pruned blocks for v10 (moneromooo-monero)
|
|
d660f22ed protocol: drop origin IP if a block fails to verify in sync mode (moneromooo-monero)
|
|
0f34cabb9 protocol: more restrictive checks on chain entry response (moneromooo-monero)
|
|
7414e2bac Change epee binary output from std::stringstream to byte_stream (Lee Clagett)
|
|
|
|
It would otherwise be possible for a peer to send bad blocks,
then disconnect and reconnect again, escaping bans
|
|
|
|
|
|
Old format is still alloewd there, this is a two fork update
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
a9cd5d9 cryptonote_core: dandelion - use local height or median height if syncing (xiphon)
|
|
be84f67 Switch to Dandelion++ fluff mode if no out connections for stem mode (Lee Clagett)
|
|
f9527e6 protocol: reject empty incoming block messages (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
4ff2074c7 cryptonote_protocol: don't synced pruned blocks before v11 (cohcho)
|
|
fb31167b1 Wallet, daemon: From 'help_advanced' back to 'help', and new 'apropos' command (rbrunner7)
|
|
35665df20 protocol: don't drop a connection if we can't get a compatible chain (moneromooo-monero)
|
|
There are a few Borromean proofs txes in the v8 era, and these
aren't supported by get_pruned_transaction_weight. Moreover, only
only the most recent variant of bulletproofs is currently supported.
|
|
67ade8005 Add randomized delay when forwarding txes from i2p/tor -> ipv4/6 (Lee Clagett)
|
|
|
|
5ef0607da Update copyright year to 2020 (SomaticFanatic)
|
|
567402c protocol: move the 'peer claims higher version' warning to debug (moneromooo-monero)
|
|
Because there's a neverending supply of cunts claiming a wrong
version just to say "look at me" I guess
|
|
Reported by xnbya
|
|
Reported by xnbya
|
|
This can now happen if:
- we have a pruned db
- we have not connected to the monero network for a while
- we connect to a node
- that node asks us for history
- we only have a pruned version of the most recent common block
In that case, it's better to not reply but keep the connection alive,
so we can sync off it.
|
|
|
|
Update copyright year to 2020
|
|
We don't have a function to calculate their weight from a pruned
version (yet).
|
|
387fd66 Daemon: Print estimates for time until fully synced (rbrunner7)
|
|
- New flag in NOTIFY_NEW_TRANSACTION to indicate stem mode
- Stem loops detected in tx_pool.cpp
- Embargo timeout for a blackhole attack during stem phase
|
|
e719760 Fix receive order leakage with tx fluffing (vtnerd)
|
|
ebf3c10 Added logging for dropped local txes with no i2p/tor connections (vtnerd)
|
|
054b4c7 protocol: request txpool contents when synced (moneromooo-monero)
|
|
66472074 Daemon: Guard against reporting "synchronized" too early (rbrunner7)
|
|
A newly synced Alice sends a (typically quite small) list of
txids in the local tpxool to a random peer Bob, who then uses
the existing tx relay system to send Alice any tx in his txpool
which is not in the list Alice sent
|
|
|
|
|
|
4771a7ae p2p: remove obsolete local time in handshake (moneromooo-monero)
2fbbc4a2 p2p: avoid sending the same peer list over and over (moneromooo-monero)
3004835b epee: remove backward compatible endian specific address serialization (moneromooo-monero)
39a343d7 p2p: remove backward compatible peer list (moneromooo-monero)
60631802 p2p: simplify last_seen serialization now we have optional stores (moneromooo-monero)
9467b2e4 cryptonote_protocol: omit top 64 bits of difficulty when 0 (moneromooo-monero)
b595583f serialization: do not write optional fields with default value (moneromooo-monero)
5f98b46d p2p: remove obsolete local time from TIMED_SYNC (moneromooo-monero)
|
|
|
|
|
|
bc6d8aa3 Corrected message typo (palomato)
|
|
72ca7e3b Fix time comparison math (Jason Rhinelander)
|
|
67b4a19e simplewallet: noob-friendly help menu (wowario)
|
|
deb350b7 always print peer IDs in the same format (moneromooo-monero)
|
|
|
|
|
|
The added condition "hshd.current_height >= target" guards against
reporting "synchronized" too early in the special situation that the
very first peer sending us data is synced to a lower height than
ourselves.
|
|
Message was "peer claims higher version that we think"
Requested change "peer claims higher version than we think"
|
|
Dividing `dt` here by 1e6 converts it to seconds, but that is clearly
wrong since `REQUEST_NEXT_SCHEDULED_SPAN_THRESHOLD_STANDBY` is measured
in microseconds. As a result, this if statement was effectively never
used.
|
|
|
|
|
|
|
|
|
|
|
|
b3a9a4d add a quick early out to get_blocks.bin when up to date (moneromooo-monero)
2899379 daemon, wallet: new pay for RPC use system (moneromooo-monero)
ffa4602 simplewallet: add public_nodes command (moneromooo-monero)
|
|
Daemons intended for public use can be set up to require payment
in the form of hashes in exchange for RPC service. This enables
public daemons to receive payment for their work over a large
number of calls. This system behaves similarly to a pool, so
payment takes the form of valid blocks every so often, yielding
a large one off payment, rather than constant micropayments.
This system can also be used by third parties as a "paywall"
layer, where users of a service can pay for use by mining Monero
to the service provider's address. An example of this for web
site access is Primo, a Monero mining based website "paywall":
https://github.com/selene-kovri/primo
This has some advantages:
- incentive to run a node providing RPC services, thereby promoting the availability of third party nodes for those who can't run their own
- incentive to run your own node instead of using a third party's, thereby promoting decentralization
- decentralized: payment is done between a client and server, with no third party needed
- private: since the system is "pay as you go", you don't need to identify yourself to claim a long lived balance
- no payment occurs on the blockchain, so there is no extra transactional load
- one may mine with a beefy server, and use those credits from a phone, by reusing the client ID (at the cost of some privacy)
- no barrier to entry: anyone may run a RPC node, and your expected revenue depends on how much work you do
- Sybil resistant: if you run 1000 idle RPC nodes, you don't magically get more revenue
- no large credit balance maintained on servers, so they have no incentive to exit scam
- you can use any/many node(s), since there's little cost in switching servers
- market based prices: competition between servers to lower costs
- incentive for a distributed third party node system: if some public nodes are overused/slow, traffic can move to others
- increases network security
- helps counteract mining pools' share of the network hash rate
- zero incentive for a payer to "double spend" since a reorg does not give any money back to the miner
And some disadvantages:
- low power clients will have difficulty mining (but one can optionally mine in advance and/or with a faster machine)
- payment is "random", so a server might go a long time without a block before getting one
- a public node's overall expected payment may be small
Public nodes are expected to compete to find a suitable level for
cost of service.
The daemon can be set up this way to require payment for RPC services:
monerod --rpc-payment-address 4xxxxxx \
--rpc-payment-credits 250 --rpc-payment-difficulty 1000
These values are an example only.
The --rpc-payment-difficulty switch selects how hard each "share" should
be, similar to a mining pool. The higher the difficulty, the fewer
shares a client will find.
The --rpc-payment-credits switch selects how many credits are awarded
for each share a client finds.
Considering both options, clients will be awarded credits/difficulty
credits for every hash they calculate. For example, in the command line
above, 0.25 credits per hash. A client mining at 100 H/s will therefore
get an average of 25 credits per second.
For reference, in the current implementation, a credit is enough to
sync 20 blocks, so a 100 H/s client that's just starting to use Monero
and uses this daemon will be able to sync 500 blocks per second.
The wallet can be set to automatically mine if connected to a daemon
which requires payment for RPC usage. It will try to keep a balance
of 50000 credits, stopping mining when it's at this level, and starting
again as credits are spent. With the example above, a new client will
mine this much credits in about half an hour, and this target is enough
to sync 500000 blocks (currently about a third of the monero blockchain).
There are three new settings in the wallet:
- credits-target: this is the amount of credits a wallet will try to
reach before stopping mining. The default of 0 means 50000 credits.
- auto-mine-for-rpc-payment-threshold: this controls the minimum
credit rate which the wallet considers worth mining for. If the
daemon credits less than this ratio, the wallet will consider mining
to be not worth it. In the example above, the rate is 0.25
- persistent-rpc-client-id: if set, this allows the wallet to reuse
a client id across runs. This means a public node can tell a wallet
that's connecting is the same as one that connected previously, but
allows a wallet to keep their credit balance from one run to the
other. Since the wallet only mines to keep a small credit balance,
this is not normally worth doing. However, someone may want to mine
on a fast server, and use that credit balance on a low power device
such as a phone. If left unset, a new client ID is generated at
each wallet start, for privacy reasons.
To mine and use a credit balance on two different devices, you can
use the --rpc-client-secret-key switch. A wallet's client secret key
can be found using the new rpc_payments command in the wallet.
Note: anyone knowing your RPC client secret key is able to use your
credit balance.
The wallet has a few new commands too:
- start_mining_for_rpc: start mining to acquire more credits,
regardless of the auto mining settings
- stop_mining_for_rpc: stop mining to acquire more credits
- rpc_payments: display information about current credits with
the currently selected daemon
The node has an extra command:
- rpc_payments: display information about clients and their
balances
The node will forget about any balance for clients which have
been inactive for 6 months. Balances carry over on node restart.
|
|
0da09ed protocol: fix syncing from peers being too choosy about peers (moneromooo-monero)
|
|
88c9d90 protocol: initialize block_weight in block_complete_entry ctor (moneromooo-monero)
fe443bb cryptonote: don't leave block_weight uninitialized (moneromooo-monero)
1ba9baf tx_pool: do not divide by 0 (moneromooo-monero)
|
|
|
|
3455efa ban peers sending bad pow outright (moneromooo-monero)
|
|
CID 204479
|
|
8330e77 monerod can now sync from pruned blocks (moneromooo-monero)
|
|
74a23e9 protocol: only print sync complete message when out of precompiled hashes (moneromooo-monero)
|
|
2a7d915 Fixed i2p/tor tx flooding bug (white noise disabled) (vtnerd)
|
|
If the peer (whether pruned or not itself) supports sending pruned blocks
to syncing nodes, the pruned version will be sent along with the hash
of the pruned data and the block weight. The original tx hashes can be
reconstructed from the pruned txes and theur prunable data hash. Those
hashes and the block weights are hashes and checked against the set of
precompiled hashes, ensuring the data we received is the original data.
It is currently not possible to use this system when not using the set
of precompiled hashes, since block weights can not otherwise be checked
for validity.
This is off by default for now, and is enabled by --sync-pruned-blocks
|
|
PoW is expensive to verify, so be strict
|
|
Revert a96c1a4 and adc16d2 (moneromooo-monero)
|
|
This avoids most premature triggers
|
|
2cd4fd8 Changed the use of boost:value_initialized for C++ list initializer (JesusRami)
4ad191f Removed unused boost/value_init header (whyamiroot)
928f4be Make null hash constants constexpr (whyamiroot)
|
|
As a side effect, colouring on Windows should now work
regardless of version
|
|
This reverts commit a96c1a46d4b3854252de75cbe09458ad5d1aecb0.
|
|
This reverts commit adc16d2504d3e76b0115791caf10446684d45433.
|
|
69465e3 cryptonote_protocol: fix '--no-sync', ignore new blocks and txes (xiphon)
|
|
|
|
|
|
|
|
2aa1134 daemon: display peer address type in print_cn (moneromooo-monero)
|
|
f17dcde Remove unused txs member in NOTIFY_RESPONSE_GET_OBJECT (Doy-lee)
|
|
|
|
The check added here (in #5732/#5733) is supposed to disconnect behind
peers when the current node is syncing, but actually disconnects behind
peers always.
We are syncing when `target > our_height`, but the check here triggers
when `target > remote_height`, which is basically always true when the
preceding `m_core.have_block(hshd.top_id)` check is true.
|
|
|
|
Any peer that's behind us while syncing is useless to us (though
not to them). This ensures that we don't get our peer slots filled
with peers that we can't use. Once we've synced, we can connect
to them and they can then sync off us if they want.
|
|
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
|
|
Count transactions as well
|
|
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
|
|
|
|
|
|
|
|
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
|
|
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
|
|
|
|
This saves a duplicate serialization step
|
|
Based on Boolberry work by:
jahrsg <jahr@jahr.me>
cr.zoidberg <crypto.zoidberg@gmail.com>
|
|
eef164f7 cryptonote_protocol_handler: search for syncing peers in "cruise mode" (moneromooo-monero)
|
|
a54e81e5 daemon: add '--no-sync' arg to optionally disable blockchain sync (xiphon)
|
|
551104fb daemon: add --public-node mode, RPC port propagation over P2P (xiphon)
|
|
|
|
|
|
|
|
|
|
6a3608d3 cryptonote_protocol_handler: pad tx messages when using tor/i2p (moneromooo-monero)
|
|
When all our outgoing peer slots are filled, we cycle one peer at
a time looking for syncing peers until we have at least two such
peers. This brings two advantages:
- Peers without incoming connections will find more syncing peers
that before, thereby strengthening network decentralization
- Peers will have more resistance to isolation attacks, as they
are more likely to find a "good" peer than they were before
|
|
|
|
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
973403bc Adding initial support for broadcasting transactions over Tor (Lee Clagett)
|
|
- Support for ".onion" in --add-exclusive-node and --add-peer
- Add --anonymizing-proxy for outbound Tor connections
- Add --anonymous-inbounds for inbound Tor connections
- Support for sharing ".onion" addresses over Tor connections
- Support for broadcasting transactions received over RPC exclusively
over Tor (else broadcast over public IP when Tor not enabled).
|
|
|
|
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
|
|
a5ffc2d5 Remove boost::lexical_cast for uuid and unused uuid function (Lee Clagett)
|
|
85665003 epee: better network buffer data structure (moneromooo-monero)
|
|
5464725a protocol: change standby mode to not wait sleeping (moneromooo-monero)
85807dfb add a once_a_time_milliseconds class (moneromooo-monero)
|
|
avoids pointless allocs and memcpy
|
|
|
|
3dba7f25 protocol: option to pad transaction relay to the next kB (moneromooo-monero)
|
|
|
|
506472e0 protocol: fix use after free when dropping a connection (moneromooo-monero)
|
|
c25260f5 protocol: fix incorrect tx hash in log (moneromooo-monero)
|
|
|
|
|
|
|
|
To help protect one's privacy from traffic volume analysis
for people using Tor or I2P. This will really fly once we
relay txes on a timer rather than on demand, though.
Off by default for now since it's wasteful and doesn't bring
anything until I2P's in.
|
|
704b60c block_queue: faster check whether a block was requested (moneromooo-monero)
|
|
ce9457a cryptonote_protocol: don't serialize an unneeded new block message (moneromooo-monero)
|
|
c24a0af [monerod] Added blocks remaining count during syncronisation. (Jorropo)
|
|
Non fluffy block nodes should now be very rare
|
|
And percent if usefull (% < 99)
|
|
|
|
a2b557f 6795bd0 209ec96 ed2c81e a830db2 57ea902 31a895e ba8331c f7f1917 41be339 f025ae9 ef2cb63 dcfd299 5d3e702 2704624 2771a18 0e4c7d0 (moneromooo-monero)
|
|
also use reserve where appropriate
|
|
|
|
|
|
|
|
3880bf39 cryptonote_protocol_handler.inl: remove span read just now that failed to pass some basic tests (stoffu)
da249fd5 cryptonote_protocol_handler.inl: fix return type mismatches (int vs bool) (stoffu)
|
|
pass some basic tests
|
|
|
|
|
|
|
|
0e7ad2e2 Wallet API: generalize 'bool testnet' to 'NetworkType nettype' (stoffu)
af773211 Stagenet (stoffu)
cc9a0bee command_line: allow args to depend on more than one args (stoffu)
55f8d917 command_line::get_arg: remove 'required' for dependent args as they're always optional (stoffu)
450306a0 command line: allow has_arg to handle arg_descriptor<bool,false,true> #3318 (stoffu)
9f9e095a Use `genesis_tx` parameter in `generate_genesis_block`. #3261 (Jean Pierre Dudey)
|
|
|
|
|
|
928c1825 cryptonote_protocol: guard against all threads in standby (moneromooo-monero)
|
|
e3f0980a daemon: don't drop RPC with busy error when running offline (moneromooo-monero)
|
|
|
