| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
dfb990e wallet: mitigate statistical dependence for decoy selection within rings (jeffro256)
|
|
9a89e2d wallet2: call on_reorg callback in handle_reorg (j-berman)
1df5630 wallet2: add on_reorg callback (Crypto City)
|
|
To transfer ~5 XMR to an address such that your balance drops by exactly 5 XMR, provide a `subtractfeefrom` flag to the `transfer` command. For example:
transfer 76bDHojqFYiFCCYYtzTveJ8oFtmpNp3X1TgV2oKP7rHmZyFK1RvyE4r8vsJzf7SyNohMnbKT9wbcD3XUTgsZLX8LU5JBCfm 5 subtractfeefrom=all
If my walet balance was exactly 30 XMR before this transaction, it will be exactly 25 XMR afterwards and the destination address will receive slightly
less than 5 XMR. You can manually select which destinations fund the transaction fee and which ones do not by providing the destination index.
For example:
transfer 75sr8AAr... 3 74M7W4eg... 4 7AbWqDZ6... 5 subtractfeefrom=0,2
This will drop your balance by exactly 12 XMR including fees and will spread the fee cost proportionally (3:5 ratio) over destinations with addresses
`75sr8AAr...` and `7AbWqDZ6...`, respectively.
Disclaimer: This feature was paid for by @LocalMonero.
|
|
Since we are required to check for uniqueness of decoy picks within any given
ring, and since some decoy picks may fail due to unlock time or malformed EC points,
the wallet2 decoy selection code was building up a larger than needed *unique* set of
decoys for each ring according to a certain distribution *without replacement*. After
filtering out the outputs that it couldn't use, it chooses from the remaining decoys
uniformly random *without replacement*.
The problem with this is that the picks later in the picking process are not independent
from the picks earlier in the picking process, and the later picks do not follow the
intended decoy distribution as closely as the earlier picks. To understand this
intuitively, imagine that you have 1023 marbles. You label 512 marbles with the letter A,
label 256 with the letter B, so on and so forth, finally labelling one marble with the
letter J. You put them all into a bag, shake it well, and pick 8 marbles from the bag,
but everytime you pick a marble of a certain letter, you remove all the other marbles
from that bag with the same letter. That very first pick, the odds of picking a certain
marble are exactly how you would expect: you are twice as likely to pick A as you are B,
twice as likely to pick B as you are C, etc. However, on the second pick, the odds of
getting the first pick are 0%, and the chances for everything else is higher. As you go
down the line, your picked marbles will have letters that are increasingly more unlikely
to pick if you hadn't remove the other marbles. In other words, the distribution of the
later marbles will be more "skewed" in comparison to your original distribution of marbles.
In Monero's decoy selection, this same statistical effect applies. It is not as dramatic
since the distribution is not so steep, and we have more unique values to choose from,
but the effect *is* measureable. Because of the protocol rules, we cannot have duplicate
ring members, so unless that restriction is removed, we will never have perfectly
independent picking. However, since the earlier picks are less affected by this
statistical effect, the workaround that this commit offers is to store the order that
the outputs were picked and commit to this order after fetching output information over RPC.
|
|
Multisig keys per-transfer were being wiped, but not erased, which lead to a ginormous
quadratic bloat the more transfers and exports you performed with the wallet.
|
|
Ensures both transfers and sweeps use a fee that's calculated
from the tx's weight. Using different logic could theoretically
enable distinguishability between the two types of txs. We don't
want that.
|
|
03d51b7 wallet2: fix refresh function parameters (selsta)
|
|
max_blocks is last on master branch
|
|
|
|
|
|
The Monero GUI code was calling `Monero::wallet::setPassword()` on every open/close for some reason,
and the old `store_to()` code called `store_keys()` with `watch_only=false`, even for watch-only wallets.
This caused a bug where the watch-only keys file got saved with with the JSON field `watch_only` set to 0,
and after saving a watch-only wallet once, a user could never open it back up against because `load()` errored out.
This never got brought up before this because you would have to change the file location of the watch-only
wallet to see this bug, and I guess that didn't happen often, but calling the new `store_to()` function with the
new `force_rewrite` parameter set to `true` triggers key restoring and the bug appeared.
|
|
356e687 wallet_rpc_server: chunk refresh to keep responding to RPC while refreshing (moneromooo-monero) 633e1b7 wallet_rpc_server: add --no-initial-sync flag for quicker network binding (moneromooo-monero)
|
|
Resolves #8932 and:
2. Not storing cache when new path is different from old in `store_to()` and
3. Detecting same path when new path contains entire string of old path in `store_to()` and
4. Changing your password / decrypting your keys (in this method or others) and providing a bad original password and getting no error and
5. Changing your password and storing to a new file
|
|
|
|
|
|
b51f4a9 scan_tx: fix custom comparator for == case; fixes #8951 (j-berman)
|
|
ed05ac6 wallet2: when checking frozen multisig tx set, don't assume order (jeffro256)
|
|
78348bc wallet-rpc: restore from multisig seed (jeffro256)
|
|
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
|
|
[release-v0.18]
- `/getblocks.bin` respects the `RESTRICTED_TX_COUNT` (=100) when
returning pool txs via a restricted RPC daemon.
- A restricted RPC daemon includes a max of `RESTRICTED_TX_COUNT` txs
in the `added_pool_txs` field, and returns any remaining pool hashes
in the `remaining_added_pool_txids` field. The client then requests
the remaining txs via `/gettransactions` in chunks.
- `/gettransactions` no longer does expensive no-ops for ALL pool txs
if the client requests a subset of pool txs. Instead it searches for
the txs the client explicitly requests.
- Reset `m_pool_info_query_time` when a user:
(1) rescans the chain (so the wallet re-requests the whole pool)
(2) changes the daemon their wallets points to (a new daemon would
have a different view of the pool)
- `/getblocks.bin` respects the `req.prune` field when returning
pool txs.
- Pool extension fields in response to `/getblocks.bin` are optional
with default 0'd values.
|
|
[release-v0.18]
|
|
835896e wallet2: do not lose exception in current thread on refresh (Crypto City)
62bb95b wallet2: fix missing exceptions from failing wallet refresh (Crypto City)
|
|
dc24312 wallet: respect frozen key images in multisig wallets [RELEASE] (jeffro256)
|
|
aa139f0 wallet_rpc_server: dedup transfer RPC responses [RELEASE] (jeffro256)
|
|
65e13db wallet2: fix rescanning tx via scan_tx (j-berman)
|
|
|
|
|
|
Before this change, if a multisig peer asked you to sign a transaction with a frozen enote, the wallet will do it without any error or warning. This change makes it
so that wallets will refuse to sign multisig transactions with frozen enotes.
Disclaimer: This PR was generously funded by @LocalMonero.
|
|
|
|
|
|
The gamma picker and the caller code did not quite agree on the
number of rct outputs available for use - by one block - which
caused an infinite loop if the picker could never pick outputs
from that block but already had picked all other outputs from
previous blocks.
Also change the range to select from using code from UkoeHB.
|
|
- Detach & re-process txs >= lowest scan height
- ensures that if a user calls scan_tx(tx1) after scanning tx2,
the wallet correctly processes tx1 and tx2
- if a user provides a tx with a height higher than the wallet's
last scanned height, the wallet will scan starting from that tx's
height
- scan_tx requires trusted daemon iff need to re-process existing
txs: in addition to querying a daemon for txids, if a user
provides a txid of a tx with height *lower* than any *already*
scanned txs in the wallet, then the wallet will also query the
daemon for all the *higher* txs as well. This is likely
unexpected behavior to a caller, and so to protect a caller from
revealing txid's to an untrusted daemon in an unexpected way,
require the daemon be trusted.
|
|
- Straight-forward call interface: `void rx_slow_hash(const char *seedhash, const void *data, size_t length, char *result_hash)`
- Consensus chain seed hash is now updated by calling `rx_set_main_seedhash` whenever a block is added/removed or a reorg happens
- `rx_slow_hash` will compute correct hash no matter if `rx_set_main_seedhash` was called or not (the only difference is performance)
- New environment variable `MONERO_RANDOMX_FULL_MEM` to force use the full dataset for PoW verification (faster block verification)
- When dataset is used for PoW verification, dataset updates don't stall other threads (verification is done in light mode then)
- When mining is running, PoW checks now also use dataset for faster verification
|
|
85c9fe5 wallet2: fix create view-only wallet from existing wallet (j-berman)
|
|
|
|
|
|
5ffa31c wallet2: fail to establish daemon cxn == 'Disconnected' cxn status (j-berman)
|
|
1cd21bf add an option to force-update multisig key exchange under some circumstances (koe)
|
|
|
|
|
|
|
|
12e7c41 Merge pull request #5 from j-berman/restore-msig-encrypted-seed (Justin Berman)
848a0c0 Fix segfault restoring encrypted multisig seed (j-berman)
401f5d9 Require user ack multisig is experimental to restore (j-berman)
fc8a5d6 multisig: fix #8537 seed restore (suggestions by @UkoeHB) (j-berman)
|
|
|
|
e29b2e9 wallet2: ensure imported outputs subaddresses are created (moneromooo-monero)
1d3657a wallet2: better test on whether to allow output import (moneromooo-monero)
0cbf557 allow exporting outputs in chunks (moneromooo-monero)
b03d709 wallet2: fixes for export/import output flow (j-berman)
4b7eb57 wallet2: do not assume imported outputs must be non empty (moneromooo-monero)
5b98beb wallet2: prevent importing outputs in a hot wallet (moneromooo-monero)
0de1571 wallet2: fix missing subaddress indices in 'light' exported outputs (moneromooo-monero)
|
|
reported by j-berman
|
|
Being offline is not a good enough heuristic, so we keep track
of whether the wallet ever refreshed from a daemon, which is a
lot better, and probably the best we can do without manual user
designation (which would break existing cold wallet setups till
the user designates those wallets)
|
|
this will make it easier huge wallets to do so without hitting
random limits (eg, max string size in node).
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
- only allow offline wallets to import outputs
- don't import empty outputs
- export subaddress indexes when exporting outputs
|
|
|
|
|
|
|
|
- spend secret key is no longer the sum of multisig key shares;
no need to check that is the case upon restore.
- restoring a multisig wallet from multisig info means that the
wallet must have already completed all setup rounds. Upon restore,
set the number of rounds completed accordingly.
|
|
db8181a wallet2: force using output distribution for ringct outs (tobtoht)
|
|
edcc094 derive multisig tx secret keys from an entropy source plus the tx inputs' key images (koe)
|
|
5770265 wallet2: keep around transaction prefix for confirmed transfers (tobtoht)
|
|
key images
|
|
bd1e7c5 wallet2: prevent crash when reading tx w/fewer outputs than expected (j-berman)
|
|
c7b2944 multisig: fix critical vulnerabilities in signing (anon)
|
|
09a597b wallet2: don't use DNS to obtain segregation heights (tobtoht)
|
|
50ccc7e wallet2: remove obsolete rpc version check (tobtoht)
|
|
4278a3a cryptonote_basic: catch crypto api errors (moneromooo-monero)
|
|
04c0da2 Chunk /gettransactions to avoid hitting restricted RPC limit (tobtoht)
|
|
16f8e04 Remove erraneous commas (Luke Parker)
da0715e Improve consistency between on_money_received and on_money_received_unconfirmed (Luke Parker)
|
|
|
|
de2f0d0 wallet_api: add scanTransactions function (selsta)
|
|
|
|
|
|
|
|
Co-authored-by: j-berman <justinberman@protonmail.com>
|
|
|
|
|
|
|
|
unconfirmed solely uses a - b, and received now accepts b so it can
provide more detailed logs on what occurred (printing a - b, yet with a
and b).
|
|
fde7c96 wallet2: fix spurious reorg detection with untrusted nodes (moneromooo-monero)
|
|
2979474 disable multisig by default (moneromooo-monero)
|
|
|
|
There are vulnerabilities in multisig protocol if the parties do not
trust each other, and while there is a patch for it, it has not been
throroughly reviewed yet, so it is felt safer to disable multisig by
default for now.
If all parties in a multisig setup trust each other, then it is safe
to enable multisig.
|
|
f63f7dc wallet2: fix a couple unused variable warnings (selsta)
|
|
When forced to deal with an untrusted node, a wallet will quantize
its current height to disguise the real height to the adversary, to
try and minimize the daemon's ability to distinguish returning
wallets.
Daemons will thus return more blocks than the wallet needs, starting
from earlier in the chain. These extra blocks will be disregarded
by the wallet, which had already scanned them.
However, for the purposes of reorg size detection, the wallet assumes
all blocks the daemon sends are different, which is only correct if
the wallet hasn't been coy, which is only the case for trusted
daemons (which you should use). This causes an issue when the size
of this "fake reorg" is above the sanity check threshold at which
the wallet refuses a reorg.
To fix this, the reorg size check is moved later on, when the reorg
is about to actually happen, after the wallet has checked which
blocks are actually different from the ones it expects.
|
|
2.8 seconds -> 2.6 seconds on a test case
|
|
3.3 seconds -> 2.8 seconds on a test case
|
|
5.2 seconds -> 4.1 seconds on a test case
|
|
5.9 second -> 5.2 seconds on a test case
|
|
baee2c0 Preserve commitment format inside transactions (kayabaNerve)
|
|
0d6ecb1 multisig: add post-kex verification round to check that all participants have completed the multisig address (koe)
|
|
|
|
have completed the multisig address
|
|
a14fdf8 Remove /include (Jeffrey)
|
|
5d388eb Bump ring size to 16 for v15 & remove set default in wallet cli (j-berman)
|
|
|
|
9df7179 wallet2: use BP+ for cold signing (moneromooo-monero)
|
|
|
|
Implements view tags as proposed by @UkoeHB in MRL issue
https://github.com/monero-project/research-lab/issues/73
At tx construction, the sender adds a 1-byte view tag to each
output. The view tag is derived from the sender-receiver
shared secret. When scanning for outputs, the receiver can
check the view tag for a match, in order to reduce scanning
time. When the view tag does not match, the wallet avoids the
more expensive EC operations when deriving the output public
key using the shared secret.
|
|
reported by ukoehb
|
|
https://github.com/ArticMine/Monero-Documents/blob/master/MoneroScaling2021-02.pdf
with a change to use 1.7 instead of 2.0 for the max long term increase rate
|
|
* `IWallet.h` hasn't been touched since 2014, and has been replaced by `src/wallet/api/wallet2_api.h`
* `INode.h` is in a similar situation with `src/p2p/net_node.h`
|
|
d1f1947 wallet_rpc_server: support regex for get_accounts tag (reemuru)
|
|
7dcfccb wallet_rpc_server: fix make_integrated_address with no payment id (moneromooo-monero)
|
|
da9aa1f Copyright: Update to 2022 (mj-xmr)
|
|
3c82958 wallet2: update stagenet rollback blocks (selsta)
|
|
ae0a840 wallet2: decrease the amount of data exchanged for output export (moneromooo-monero)
|
|
bd27deb Bulletproofs+ (SarangNoether)
b7713cc Precompute initial transcript hash (SarangNoether)
b535d66 Updates from security audit (SarangNoether)
a0d80b1 plug bulletproofs plus into consensus (moneromooo-monero)
75bd004 ringct: a few minor optimizations from review (moneromooo-monero)
a345060 ringct: port some of vtnerd's review changes from BP+ to BP (moneromooo-monero)
4c94cfe store outPk/8 in the tx for speed (moneromooo-monero)
5acdd0e bulletproofs+: some minor cleanup from vtnerd's review (moneromooo-monero)
|
|
354e1d9 Make the wallet name optional when locked. (Norman Moeschter)
|
|
It avoids dividing by 8 when deserializing a tx, which is a slow
operation, and multiplies by 8 when verifying and extracing the
amount, which is much faster as well as less frequent
|
|
|
|
|
|
e5000a9 Balance includes unconfirmed transfers to self (woodser)
|
|
This commit adds a 'regexp' boolean field to the get_accounts
request. The flag is set to false by default and maintains backwards
compatibility. When set to true the user can search tags by regular
expression filters. An additional error message was added for failed
regular expression searches. Bump minor version to 25.
|
|
|
|
|
|
|
|
fb5b2b3 support authentication in monero-wallet-rpc set_daemon (woodser)
|
|
e08abaa multisig key exchange update and refactor (koe)
|
|
|
|
|
|
|
|
4446cc8 wallet inits cache if file and blob missing (woodser)
|
|
a02b342 Avoid unnecessary 'Invalid hashing blob' error message (rbrunner7)
|
|
|
|
|
|
|
|
|
|
47e7a43 wallet_api: enable set_strict_default_file_permissions (tobtoht)
|
|
a15466d wallet2: remove 2 unused variables (selsta)
|
|
2cad563 wallet2: fix key encryption when changing ask-password from 0/1 to 2 (moneromooo-monero)
|
|
|
|
|
|
|
|
we reuse the wallet_keys_unlocker object, which does the right thing
in conjunction with other users of decrypt/encrypt (ie, refresh).
|
|
84c5257 Decrease the 'recent spend window' in gamma re-select to 15 blocks (j-berman)
|
|
eed7e79 UB: Not calling virtual method in destructor of WalletImpl (mj-xmr)
|
|
76542ea Fix precision of average_output_time (j-berman)
|
|
13a8a57 trezor: try empty passphrase first (Dusan Klinec)
|
|
- combined with patching integer truncation (#7798), this gets the algorithm marginally closer to mirroring empirically observed output ages
- 50 was originally chosen assuming integer truncation would remain in the client for that client release version. But patching integer truncation causes the client to select more outputs in the 10-100 block range, and therefore the benefit of choosing a larger recent spend window of 50 has less merit
- 15 seems well-suited to cover the somewhat sizable observable gap in the early window of blocks
|
|
|
|
The fix as suggested by <jberman> on IRC. Before the fix, it would truncate 1.9 to 1 skewing the output selection.
|
|
cd76eb7 wallet: fix unused lambda capture warning (selsta)
|
|
f353c29 wallet_rpc_server: fix help text remaining bold (selsta)
|
|
24d3d65 monero-wallet-rpc: Prevent --password-file from being used with --wallet-dir (Kermit Alexander II)
|
|
520ce1c Attempt to carve the fee from a partial payment early (lxop)
|
|
|
|
|
|
|
|
RefreshOptimizeCoinbase was an optimization to speed up scanning of coinbase transactions before RingCT (tx version 2) where they split miner reward into multiple denominations, all to the same wallet.
When RingCT was introduced, all coinbase transactions became 1 output only, so this optimization does nothing now.
With p2pool, this optimization will skip scanning p2pool payouts because they use more than 1 output in coinbase transaction.
Fix it by applying this optimization only to pre-RingCT transactions (version < 2).
|
|
a9aaa47 wallet_api: add make_uri (tobtoht)
|
|
6f15a0c Make sure node returns to wallet that real output is unlocked (j-berman)
|
|
e1af8dc Protect client from divide by 0 caused by integer truncation (j-berman)
|
|
da2955f Apply gamma distr from chain tip when selecting decoys (j-berman)
|
|
|
|
|
|
- matches the paper by Miller et al to apply the gamma from chain tip, rather than after unlock time
- if the gamma produces an output more recent than the unlock time, the algo packs that output into one of the first 50 spendable blocks, respecting the block density factor
|
|
|
|
a3d2b71 wallet_api: expose offline mode status (rating89us)
|
|
9c6e094 fix #7784 - deinit wallet in wallet dtor (Dusan Klinec)
|
|
|
|
- Try empty passphrase first when opening a wallet, as all Trezors will have passphrase enabled by default by Trezor Suite by default.
This feature enables easier access to all users using disabled passphrase (or empty passhprase)
- If wallet address differs from device address with empty passphrase, another opening attempt is made, without passphrase suppression,
so user can enter his passhprase if using some. In this scenario, nothing changes to user, wallet opening just consumes one more call
to Trezor (get wallet address with empty passphrase)
- also change how m_passphrase is used. Previous version did not work well with recent passphrase entry mechanism change (made in Trezor),
thus this commit fixes the behaviour).
|
|
0c6e1d3 wallet2: chunk get_outs.bin calls to avoid sanity limits (moneromooo-monero)
|
|
bc8d764 wallet: rephrase error message on invalid device address (Dusan Klinec)
|
|
f5eb2ce wallet2: Don't auto lock device on process parsed blocks (tobtoht)
|
|
5fa1c90 Fix describe_transfer for multiple txes in a txset (Alex Opie)
|
|
8cf95c8 wallet2: refresh: check error and throw before potentially breaking out of loop (tobtoht)
|
|
This ensures each list of recipients is only the recipients
for one transaction. It also adds a new field "summary"
that describes the txset as a whole.
Fixes #7344
|
|
8cea9d8 wallet: Reset RPC Pay ID on node switch (tobtoht)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8ef51dc wallet_api: fix typo in exportKeyImages (selsta)
|
|
bbeb555 wallet_api: getPassword (tobtoht)
|
|
|
|
|
|
8e0b8dd wallet/api: remove Bitmonero namespace alias (selsta)
|
|
e63c110 wallet_api: address_book: don't lose pid on setDescription (tobtoht)
|
|
1aa1850 wallet_api: signMessage: add sign with subaddress (tobtoht)
|
|
f174a8f wallet_api: reconnectDevice (tobtoht)
|
|
6914d5b wallet_api: move adjust_mixin call within try block (tobtoht)
|
|
|
|
|
|
08e4497 Improve cryptonote (block and tx) binary read performance (Lee Clagett)
|
|
b2e1558 support freeze, thaw, and frozen in wallet rpc (woodser)
|
|
4da1112 rpc: send confirmations in get_transactions result (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
RPC pay client ID is sent with each RPC request, set a new secret every time we switch nodes to mitigate trivial correlation
|
|
|
|
|
|
|
|
004b167 cmake: wallet_api doesn't need wallet_merged (selsta)
|
|
445a9d8 wallet_api: import / export output function (tobtoht)
|
|
bbdb612 Wallet2: Update 'approximate_testnet_rolled_back_blocks' (rbrunner7)
|
|
|
