| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
c50ade5 Daemon-specific proxy for the wallet-rpc. (0xFFFC0000)
|
|
47042ce wallet2: call on_reorg callback in handle_reorg (j-berman)
|
|
To transfer ~5 XMR to an address such that your balance drops by exactly 5 XMR, provide a `subtractfeefrom` flag to the `transfer` command. For example:
transfer 76bDHojqFYiFCCYYtzTveJ8oFtmpNp3X1TgV2oKP7rHmZyFK1RvyE4r8vsJzf7SyNohMnbKT9wbcD3XUTgsZLX8LU5JBCfm 5 subtractfeefrom=all
If my walet balance was exactly 30 XMR before this transaction, it will be exactly 25 XMR afterwards and the destination address will receive slightly
less than 5 XMR. You can manually select which destinations fund the transaction fee and which ones do not by providing the destination index.
For example:
transfer 75sr8AAr... 3 74M7W4eg... 4 7AbWqDZ6... 5 subtractfeefrom=0,2
This will drop your balance by exactly 12 XMR including fees and will spread the fee cost proportionally (3:5 ratio) over destinations with addresses
`75sr8AAr...` and `7AbWqDZ6...`, respectively.
Disclaimer: This feature was paid for by @LocalMonero.
|
|
1. Daemon-specific proxy is exclusive with global proxy (--proxy).
2. If you set global proxy (--proxy) you cannot set daemon-specific proxy.
3. If you don't set global proxy, you can set proxy (or not set) proxy for
each daemon connection with the proxy field in jsonrpc to the wallet-rpc.
|
|
2525200 serialization: remove container wrappers and serialize directly (jeffro256)
|
|
1062b17 wallet: sign_tx: get tx pubkey from extra (tobtoht)
|
|
b2eb47d wallet: mitigate statistical dependence for decoy selection within rings (jeffro256)
|
|
Some downstream code (most notably PR https://github.com/UkoeHB/monero/pull/25) wants to use the src/serialization lib
for storing information persistently. When one builds classes/machines wishing to serialize containers, they must use
the `serializable_*` container classes. In this case, this makes the Seraphis library code unnecessarily tightly coupled
with the src/serialization code since one cannot swap out their type of storage format without major refactoring of class
field types. By serializing STL containers directly, we can abstract the serialization details away, making for much
cleaner design. Also small bonus side effect of this change is that STL containers with custom Comparators, Allocators,
and Hashers are serializable. `std::multimap` is added to the list of serializable containers.
Depends upon https://github.com/monero-project/monero/pull/9069.
|
|
|
|
Multisig keys per-transfer were being wiped, but not erased, which lead to a ginormous
quadratic bloat the more transfers and exports you performed with the wallet.
|
|
759293d wallet2: fix version check at hf version 1 (j-berman)
|
|
Since we are required to check for uniqueness of decoy picks within any given
ring, and since some decoy picks may fail due to unlock time or malformed EC points,
the wallet2 decoy selection code was building up a larger than needed *unique* set of
decoys for each ring according to a certain distribution *without replacement*. After
filtering out the outputs that it couldn't use, it chooses from the remaining decoys
uniformly random *without replacement*.
The problem with this is that the picks later in the picking process are not independent
from the picks earlier in the picking process, and the later picks do not follow the
intended decoy distribution as closely as the earlier picks. To understand this
intuitively, imagine that you have 1023 marbles. You label 512 marbles with the letter A,
label 256 with the letter B, so on and so forth, finally labelling one marble with the
letter J. You put them all into a bag, shake it well, and pick 8 marbles from the bag,
but everytime you pick a marble of a certain letter, you remove all the other marbles
from that bag with the same letter. That very first pick, the odds of picking a certain
marble are exactly how you would expect: you are twice as likely to pick A as you are B,
twice as likely to pick B as you are C, etc. However, on the second pick, the odds of
getting the first pick are 0%, and the chances for everything else is higher. As you go
down the line, your picked marbles will have letters that are increasingly more unlikely
to pick if you hadn't remove the other marbles. In other words, the distribution of the
later marbles will be more "skewed" in comparison to your original distribution of marbles.
In Monero's decoy selection, this same statistical effect applies. It is not as dramatic
since the distribution is not so steep, and we have more unique values to choose from,
but the effect *is* measureable. Because of the protocol rules, we cannot have duplicate
ring members, so unless that restriction is removed, we will never have perfectly
independent picking. However, since the earlier picks are less affected by this
statistical effect, the workaround that this commit offers is to store the order that
the outputs were picked and commit to this order after fetching output information over RPC.
|
|
|
|
The Monero GUI code was calling `Monero::wallet::setPassword()` on every open/close for some reason,
and the old `store_to()` code called `store_keys()` with `watch_only=false`, even for watch-only wallets.
This caused a bug where the watch-only keys file got saved with with the JSON field `watch_only` set to 0,
and after saving a watch-only wallet once, a user could never open it back up against because `load()` errored out.
This never got brought up before this because you would have to change the file location of the watch-only
wallet to see this bug, and I guess that didn't happen often, but calling the new `store_to()` function with the
new `force_rewrite` parameter set to `true` triggers key restoring and the bug appeared.
|
|
Resolves #8932 and:
2. Not storing cache when new path is different from old in `store_to()` and
3. Detecting same path when new path contains entire string of old path in `store_to()` and
4. Changing your password / decrypting your keys (in this method or others) and providing a bad original password and getting no error and
5. Changing your password and storing to a new file
|
|
|
|
f7fb5c7 scan_tx: fix custom comparator for == case; fixes #8951 (j-berman)
|
|
a0e5c3c wallet2: when checking frozen multisig tx set, don't assume order (jeffro256)
|
|
45b52de wallet-rpc: restore from multisig seed (jeffro256)
|
|
a8d2a58 wallet2: ensure transfers and sweeps use same fee calc logic (j-berman)
|
|
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
|
|
369a5a8 wallet: respect frozen key images in multisig wallets (jeffro256)
|
|
c138a28 wallet2: take ignored-by-value outputs into account in balance (Crypto City)
|
|
|
|
eeda4a8 wallet2: do not lose exception in current thread on refresh (Crypto City
f868768 wallet2: fix missing exceptions from failing wallet refresh (Crypto City)
|
|
- Detach & re-process txs >= lowest scan height
- ensures that if a user calls scan_tx(tx1) after scanning tx2,
the wallet correctly processes tx1 and tx2
- if a user provides a tx with a height higher than the wallet's
last scanned height, the wallet will scan starting from that tx's
height
- scan_tx requires trusted daemon iff need to re-process existing
txs: in addition to querying a daemon for txids, if a user
provides a txid of a tx with height *lower* than any *already*
scanned txs in the wallet, then the wallet will also query the
daemon for all the *higher* txs as well. This is likely
unexpected behavior to a caller, and so to protect a caller from
revealing txid's to an untrusted daemon in an unexpected way,
require the daemon be trusted.
|
|
Before this change, if a multisig peer asked you to sign a transaction with a frozen enote, the wallet will do it without any error or warning. This change makes it
so that wallets will refuse to sign multisig transactions with frozen enotes.
Disclaimer: This PR was generously funded by @LocalMonero.
|
|
|
|
|
|
|
|
Ensures both transfers and sweeps use a fee that's calculated
from the tx's weight. Using different logic could theoretically
enable distinguishability between the two types of txs. We don't
want that.
|
|
|
|
d2a591d wallet, simplewallet: Drop support for mine-to-use RPC system (Jeffrey Ryan)
|
|
eb0e405 gamma picker: relax constructor requirements and test for selecting outputs from first spendable block (jeffro256)
|
|
f383fd3 wallet2: make m_process_pool_txs local to refresh method (jeffro256)
|
|
7a4a03d wallet2: do not commit transactions more than once (moneromooo-monero)
|
|
c61d33e wallet2: fix outdated wallet check (Crypto City)
|
|
Using post-PR wallet with pre-PR node will generate error message specific to this PR and not generic "command failed" mesages.
|
|
9c7d28b wallet2: add on_reorg callback (Crypto City)
|
|
5b4fea7 Copyright: Update to 2023 (mj-xmr)
|
|
from first spendable block
|
|
The gamma picker and the caller code did not quite agree on the
number of rct outputs available for use - by one block - which
caused an infinite loop if the picker could never pick outputs
from that block but already had picked all other outputs from
previous blocks.
Also change the range to select from using code from UkoeHB.
|
|
|
|
Fixes #8793
|
|
it was mistaking the number of forks in the fork table for
the last fork, and assuming the table was including every
single fork
|
|
c4af33e Enforce restricted # pool txs served via RPC + optimize chunked reqs (j-berman)
9752116 wallet2, RPC: Optimize RPC calls for periodic refresh from 3 down to 1 call (rbrunner7)
|
|
- `/getblocks.bin` respects the `RESTRICTED_TX_COUNT` (=100) when
returning pool txs via a restricted RPC daemon.
- A restricted RPC daemon includes a max of `RESTRICTED_TX_COUNT` txs
in the `added_pool_txs` field, and returns any remaining pool hashes
in the `remaining_added_pool_txids` field. The client then requests
the remaining txs via `/gettransactions` in chunks.
- `/gettransactions` no longer does expensive no-ops for ALL pool txs
if the client requests a subset of pool txs. Instead it searches for
the txs the client explicitly requests.
- Reset `m_pool_info_query_time` when a user:
(1) rescans the chain (so the wallet re-requests the whole pool)
(2) changes the daemon their wallets points to (a new daemon would
have a different view of the pool)
- `/getblocks.bin` respects the `req.prune` field when returning
pool txs.
- Pool extension fields in response to `/getblocks.bin` are optional
with default 0'd values.
|
|
|
|
Co-authored-by: plowsof <plowsof@protonmail.com>
extra files
|
|
7a3a593 common: move boost_serialization_helper.h out and cleanup includes (Jeffrey Ryan)
|
|
|
|
|
|
cac5083 wallet2: fix create view-only wallet from existing wallet (j-berman)
|
|
23fde15 wallet_rpc_server: chunk refresh to keep responding to RPC while refreshing (moneromooo-monero) 5bb2369 wallet_rpc_server: add --no-initial-sync flag for quicker network binding (moneromooo-monero)
|
|
|
|
e9ce347 wallet2: fail to establish daemon cxn == 'Disconnected' cxn status (j-berman)
|
|
28f25c0 Second thread pool for IO (SChernykh)
|
|
4b0785f add an option to force-update multisig key exchange under some circumstances (koe)
|
|
|
|
|
|
|
|
b8271ab wallet2: check wallet compatibility with daemon's hard fork version (j-berman)
|
|
eca7f6a Fix segfault restoring encrypted multisig seed (j-berman)
f713c3c Require user ack multisig is experimental to restore (j-berman)
564a7a3 multisig: fix #8537 seed restore (suggestions by @UkoeHB) (j-berman)
|
|
|
|
76a5b54 Fix missing semi-colon in error message (j-berman)
|
|
959a3e6 wallet2: ensure imported outputs subaddresses are created (moneromooo-monero)
a098504 wallet2: better test on whether to allow output import (moneromooo-monero)
c5579ac allow exporting outputs in chunks (moneromooo-monero)
1e912ec wallet2: fixes for export/import output flow (j-berman)
692f1d4 wallet2: do not assume imported outputs must be non empty (moneromooo-monero)
67b6d6a wallet2: prevent importing outputs in a hot wallet (moneromooo-monero)
d9fc666 wallet2: fix missing subaddress indices in 'light' exported outputs (moneromooo-monero)
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
- spend secret key is no longer the sum of multisig key shares;
no need to check that is the case upon restore.
- restoring a multisig wallet from multisig info means that the
wallet must have already completed all setup rounds. Upon restore,
set the number of rounds completed accordingly.
|
|
reported by j-berman
|
|
4d7f6f5 GCC: fix some unused warnings (Jeffrey Ryan)
|
|
Being offline is not a good enough heuristic, so we keep track
of whether the wallet ever refreshed from a daemon, which is a
lot better, and probably the best we can do without manual user
designation (which would break existing cold wallet setups till
the user designates those wallets)
|
|
this will make it easier huge wallets to do so without hitting
random limits (eg, max string size in node).
|
|
- only allow offline wallets to import outputs
- don't import empty outputs
- export subaddress indexes when exporting outputs
|
|
|
|
|
|
|
|
db8181a wallet2: force using output distribution for ringct outs (tobtoht)
|
|
key images
|
|
c7b2944 multisig: fix critical vulnerabilities in signing (anon)
|
|
hash_extra: don't test for success in `jh_hash` and `skein_hash` since its guaranteed
device_ledger: move anonymous global variable apdu_verbose into .cpp file
Add comments to `refreshed` method variable in wallet2
|
|
09a597b wallet2: don't use DNS to obtain segregation heights (tobtoht)
|
|
50ccc7e wallet2: remove obsolete rpc version check (tobtoht)
|
|
4278a3a cryptonote_basic: catch crypto api errors (moneromooo-monero)
|
|
04c0da2 Chunk /gettransactions to avoid hitting restricted RPC limit (tobtoht)
|
|
|
|
|
|
|
|
Co-authored-by: j-berman <justinberman@protonmail.com>
|
|
|
|
|
|
|
|
unconfirmed solely uses a - b, and received now accepts b so it can
provide more detailed logs on what occurred (printing a - b, yet with a
and b).
|
|
fde7c96 wallet2: fix spurious reorg detection with untrusted nodes (moneromooo-monero)
|
|
2979474 disable multisig by default (moneromooo-monero)
|
|
There are vulnerabilities in multisig protocol if the parties do not
trust each other, and while there is a patch for it, it has not been
throroughly reviewed yet, so it is felt safer to disable multisig by
default for now.
If all parties in a multisig setup trust each other, then it is safe
to enable multisig.
|
|
f63f7dc wallet2: fix a couple unused variable warnings (selsta)
|
|
When forced to deal with an untrusted node, a wallet will quantize
its current height to disguise the real height to the adversary, to
try and minimize the daemon's ability to distinguish returning
wallets.
Daemons will thus return more blocks than the wallet needs, starting
from earlier in the chain. These extra blocks will be disregarded
by the wallet, which had already scanned them.
However, for the purposes of reorg size detection, the wallet assumes
all blocks the daemon sends are different, which is only correct if
the wallet hasn't been coy, which is only the case for trusted
daemons (which you should use). This causes an issue when the size
of this "fake reorg" is above the sanity check threshold at which
the wallet refuses a reorg.
To fix this, the reorg size check is moved later on, when the reorg
is about to actually happen, after the wallet has checked which
blocks are actually different from the ones it expects.
|
|
2.8 seconds -> 2.6 seconds on a test case
|
|
3.3 seconds -> 2.8 seconds on a test case
|
|
5.2 seconds -> 4.1 seconds on a test case
|
|
5.9 second -> 5.2 seconds on a test case
|
|
baee2c0 Preserve commitment format inside transactions (kayabaNerve)
|
|
0d6ecb1 multisig: add post-kex verification round to check that all participants have completed the multisig address (koe)
|
|
|
|
have completed the multisig address
|
|
5d388eb Bump ring size to 16 for v15 & remove set default in wallet cli (j-berman)
|
|
|
|
9df7179 wallet2: use BP+ for cold signing (moneromooo-monero)
|
|
|
|
Implements view tags as proposed by @UkoeHB in MRL issue
https://github.com/monero-project/research-lab/issues/73
At tx construction, the sender adds a 1-byte view tag to each
output. The view tag is derived from the sender-receiver
shared secret. When scanning for outputs, the receiver can
check the view tag for a match, in order to reduce scanning
time. When the view tag does not match, the wallet avoids the
more expensive EC operations when deriving the output public
key using the shared secret.
|
|
reported by ukoehb
|
|
https://github.com/ArticMine/Monero-Documents/blob/master/MoneroScaling2021-02.pdf
with a change to use 1.7 instead of 2.0 for the max long term increase rate
|
|
da9aa1f Copyright: Update to 2022 (mj-xmr)
|
|
3c82958 wallet2: update stagenet rollback blocks (selsta)
|
|
ae0a840 wallet2: decrease the amount of data exchanged for output export (moneromooo-monero)
|
|
bd27deb Bulletproofs+ (SarangNoether)
b7713cc Precompute initial transcript hash (SarangNoether)
b535d66 Updates from security audit (SarangNoether)
a0d80b1 plug bulletproofs plus into consensus (moneromooo-monero)
75bd004 ringct: a few minor optimizations from review (moneromooo-monero)
a345060 ringct: port some of vtnerd's review changes from BP+ to BP (moneromooo-monero)
4c94cfe store outPk/8 in the tx for speed (moneromooo-monero)
5acdd0e bulletproofs+: some minor cleanup from vtnerd's review (moneromooo-monero)
|
|
354e1d9 Make the wallet name optional when locked. (Norman Moeschter)
|
|
It avoids dividing by 8 when deserializing a tx, which is a slow
operation, and multiplies by 8 when verifying and extracing the
amount, which is much faster as well as less frequent
|
|
|
|
|
|
e5000a9 Balance includes unconfirmed transfers to self (woodser)
|
|
|
|
|
|
e08abaa multisig key exchange update and refactor (koe)
|
|
|
|
|
|
|
|
|
|
|
|
a15466d wallet2: remove 2 unused variables (selsta)
|
|
|
|
we reuse the wallet_keys_unlocker object, which does the right thing
in conjunction with other users of decrypt/encrypt (ie, refresh).
|
|
84c5257 Decrease the 'recent spend window' in gamma re-select to 15 blocks (j-berman)
|
|
76542ea Fix precision of average_output_time (j-berman)
|
|
13a8a57 trezor: try empty passphrase first (Dusan Klinec)
|
|
- combined with patching integer truncation (#7798), this gets the algorithm marginally closer to mirroring empirically observed output ages
- 50 was originally chosen assuming integer truncation would remain in the client for that client release version. But patching integer truncation causes the client to select more outputs in the 10-100 block range, and therefore the benefit of choosing a larger recent spend window of 50 has less merit
- 15 seems well-suited to cover the somewhat sizable observable gap in the early window of blocks
|
|
The fix as suggested by <jberman> on IRC. Before the fix, it would truncate 1.9 to 1 skewing the output selection.
|
|
cd76eb7 wallet: fix unused lambda capture warning (selsta)
|
|
24d3d65 monero-wallet-rpc: Prevent --password-file from being used with --wallet-dir (Kermit Alexander II)
|
|
520ce1c Attempt to carve the fee from a partial payment early (lxop)
|
|
|
|
RefreshOptimizeCoinbase was an optimization to speed up scanning of coinbase transactions before RingCT (tx version 2) where they split miner reward into multiple denominations, all to the same wallet.
When RingCT was introduced, all coinbase transactions became 1 output only, so this optimization does nothing now.
With p2pool, this optimization will skip scanning p2pool payouts because they use more than 1 output in coinbase transaction.
Fix it by applying this optimization only to pre-RingCT transactions (version < 2).
|
|
6f15a0c Make sure node returns to wallet that real output is unlocked (j-berman)
|
|
e1af8dc Protect client from divide by 0 caused by integer truncation (j-berman)
|
|
da2955f Apply gamma distr from chain tip when selecting decoys (j-berman)
|
|
|
|
|
|
- matches the paper by Miller et al to apply the gamma from chain tip, rather than after unlock time
- if the gamma produces an output more recent than the unlock time, the algo packs that output into one of the first 50 spendable blocks, respecting the block density factor
|
|
9c6e094 fix #7784 - deinit wallet in wallet dtor (Dusan Klinec)
|
|
|
|
- Try empty passphrase first when opening a wallet, as all Trezors will have passphrase enabled by default by Trezor Suite by default.
This feature enables easier access to all users using disabled passphrase (or empty passhprase)
- If wallet address differs from device address with empty passphrase, another opening attempt is made, without passphrase suppression,
so user can enter his passhprase if using some. In this scenario, nothing changes to user, wallet opening just consumes one more call
to Trezor (get wallet address with empty passphrase)
- also change how m_passphrase is used. Previous version did not work well with recent passphrase entry mechanism change (made in Trezor),
thus this commit fixes the behaviour).
|
|
0c6e1d3 wallet2: chunk get_outs.bin calls to avoid sanity limits (moneromooo-monero)
|
|
bc8d764 wallet: rephrase error message on invalid device address (Dusan Klinec)
|
|
f5eb2ce wallet2: Don't auto lock device on process parsed blocks (tobtoht)
|
|
8cf95c8 wallet2: refresh: check error and throw before potentially breaking out of loop (tobtoht)
|
|
8cea9d8 wallet: Reset RPC Pay ID on node switch (tobtoht)
|
|
|
|
|
|
|
|
|
|
08e4497 Improve cryptonote (block and tx) binary read performance (Lee Clagett)
|
|
4da1112 rpc: send confirmations in get_transactions result (moneromooo-monero)
|
|
|
|
RPC pay client ID is sent with each RPC request, set a new secret every time we switch nodes to mitigate trivial correlation
|
|
bbdb612 Wallet2: Update 'approximate_testnet_rolled_back_blocks' (rbrunner7)
|
|
|
|
|
|
c8ff1d4 monero-wallet-cli: improve error message when tx amount is zero (Elliot Wirrick)
|
|
|
|
if the wallet does it, it would get a wrong result (possibly even
negative) if its local chain is not synced up to the daemon's yet
|
|
|
|
447bfae wallet2: fix unlocked mixup in light wallet mode (moneromooo-monero)
|
|
|
|
On Mac, size_t is a distinct type from uint64_t, and some
types (in wallet cache as well as cold/hot wallet transfer
data) use pairs/containers with size_t as fields. Mac would
save those as full size, while other platforms would save
them as varints. Might apply to other platforms where the
types are distinct.
There's a nasty hack for backward compatibility, which can
go after a couple forks.
|
|
bd12984 Remove copies from foreach loops (thanks to Clang) (Lee Clagett)
1572df9 Removing unused namespace alias (Lee Clagett)
|
|
85db173 Remove unused variables in monero codebase (Kevin Barbour)
|
|
b587ffa Stop adding more outputs than bulletproof allows (Alex Opie)
|
|
186271e monero-wallet-cli: Added command scan_tx (Horia Mihai David)
|
|
To implement this feature, the wallet2::scan_tx API was implemented.
|
|
ee58f4f Balance includes unconfirmed payments (woodser)
|
|
There are quite a few variables in the code that are no longer
(or perhaps never were) in use. These were discovered by enabling
compiler warnings for unused variables and cleaning them up.
In most cases where the unused variables were the result
of a function call the call was left but the variable
assignment removed, unless it was obvious that it was
a simple getter with no side effects.
|
|
|
|
Do this for both the estimate and actual fee.
#7337
|
|
If more outputs are requested, they are split across
multiple transactions.
#7322
|
|
|
|
do not include blocked hosts in peer lists or public node lists by default,
warn about no https on clearnet and about untrusted peers likely being spies
|
|
|
|
|
|
17c537039 wallet2: check imported multisig curve points are in main subgroup (Crypto City)
|
|
|
|
ec14e4b8c wallet2: skip reorgs exceeding max-reorg-depth wallet setting (xiphon)
|
|
|
|
|
|
|
|
- index out of bounds when importing outputs
- accessing invalid CLSAG data
|
|
de9a9fb update error message 'No unlocked balance in the specified account' (woodser)
|
|
|
