Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
Also remove port for I2P seed nodes
|
|
Co-authored-by: selsta <selsta@sent.at>
|
|
|
|
|
|
When creating a private file we need to delete the file if exist.
|
|
- fix If there is no protobuf version installed, if fails
- passphrase test fix, wallet keys init was missing
|
|
|
|
|
|
|
|
Looks like the logic from #8882 was accidentally removed in #8861
(regressing to the behavior noted in the #8882 description).
This commit brings that logic back.
|
|
|
|
|
|
Caused in commit 05231400cebfeedbbc0a5386f38a033bba6314b3, PR #9035.
|
|
There is currently no compiler protection when someone tries to
do (for example) `BLOB_SERIALIZER(std::vector<int>)`. You just
get runtime allocation errors. This has already eaten up dev time
before, so this PR adds a static assertion that the type must be
trivially copyable, as defined by the C++ standard. Types can
override this if applicable if they use `BLOB_SERIALIZER_FORCED`.
|
|
|
|
- Removed `localhost:8080` default value to address string in wallet rpc
- Added an error response in case string is empty
fixed indentation
removed if and errors, default to localhost and port based on nettype
Forgot ":"
forgot ; and m_
removed wallet_rpc_server_error_codes.h
|
|
- Fixed undefined behavior after a call to `remove_tx_from_transient_lists` (it used an invalid iterator)
- Fixed `txCompare` (it wasn't strictly weak ordered)
|
|
std::sort is unstable, so it can return random sets of transactions when mempool has many transactions with the same fee/byte. It can result in p2pool mining empty blocks sometimes because it doesn't pick up "new" transactions immediately.
|
|
|
|
Nodes who see different txs in a double spend attack will drop each other, splitting the network.
Issue found by @boog900.
|
|
Related to https://github.com/monero-project/research-lab/issues/78
Added a relay rule that enforces the `unlock_time` field is equal to 0 for non-coinbase transactions.
UIs changed:
* Removed `locked_transfer` and `locked_sweep_all` commands from `monero-wallet-cli`
APIs changed:
* Removed `unlock_time` parameters from `wallet2` transfer methods
* Wallet RPC transfer endpoints send error codes when requested unlock time is not 0
* Removed `unlock_time` parameters from `construct_tx*` cryptonote core functions
|
|
Example usage for Seraphis types (in global or `sp` namespace):
```
BEGIN_SERIALIZE_OBJECT_FN(sp::SpCoinbaseEnoteCore)
FIELD_F(onetime_address)
VARINT_FIELD_F(amount)
END_SERIALIZE()
BEGIN_SERIALIZE_OBJECT_FN(sp::SpEnoteCore)
FIELD_F(onetime_address)
FIELD_F(amount_commitment)
END_SERIALIZE()
```
|
|
|
|
|
|
To transfer ~5 XMR to an address such that your balance drops by exactly 5 XMR, provide a `subtractfeefrom` flag to the `transfer` command. For example:
transfer 76bDHojqFYiFCCYYtzTveJ8oFtmpNp3X1TgV2oKP7rHmZyFK1RvyE4r8vsJzf7SyNohMnbKT9wbcD3XUTgsZLX8LU5JBCfm 5 subtractfeefrom=all
If my walet balance was exactly 30 XMR before this transaction, it will be exactly 25 XMR afterwards and the destination address will receive slightly
less than 5 XMR. You can manually select which destinations fund the transaction fee and which ones do not by providing the destination index.
For example:
transfer 75sr8AAr... 3 74M7W4eg... 4 7AbWqDZ6... 5 subtractfeefrom=0,2
This will drop your balance by exactly 12 XMR including fees and will spread the fee cost proportionally (3:5 ratio) over destinations with addresses
`75sr8AAr...` and `7AbWqDZ6...`, respectively.
Disclaimer: This feature was paid for by @LocalMonero.
|
|
|
|
1. Daemon-specific proxy is exclusive with global proxy (--proxy).
2. If you set global proxy (--proxy) you cannot set daemon-specific proxy.
3. If you don't set global proxy, you can set proxy (or not set) proxy for
each daemon connection with the proxy field in jsonrpc to the wallet-rpc.
|
|
Resolves https://github.com/monero-project/monero/issues/9127
|
|
|
|
|
|
|
|
* No need for entire new class (Fix #8732).
* Fix stdint.h header include in contrib/epee/include/net/http_base.h.
|
|
reported by sech1
|
|
|
|
Some downstream code (most notably PR https://github.com/UkoeHB/monero/pull/25) wants to use the src/serialization lib
for storing information persistently. When one builds classes/machines wishing to serialize containers, they must use
the `serializable_*` container classes. In this case, this makes the Seraphis library code unnecessarily tightly coupled
with the src/serialization code since one cannot swap out their type of storage format without major refactoring of class
field types. By serializing STL containers directly, we can abstract the serialization details away, making for much
cleaner design. Also small bonus side effect of this change is that STL containers with custom Comparators, Allocators,
and Hashers are serializable. `std::multimap` is added to the list of serializable containers.
Depends upon https://github.com/monero-project/monero/pull/9069.
|
|
Resolves #8687
|
|
|
|
|
|
- Fixed uninitialized `state->x` warning
- Fixed broken code with `-O3` or `-Ofast`
The old code is known to break GCC 10.1 and GCC 11.4
|
|
|
|
|
|
Multisig keys per-transfer were being wiped, but not erased, which lead to a ginormous
quadratic bloat the more transfers and exports you performed with the wallet.
|
|
|
|
|
|
Accessing an object of type `char` thru an lvalue of type `crypto::hash8` is undefined behavior.
https://developers.redhat.com/blog/2020/06/03/the-joys-and-perils-of-aliasing-in-c-and-c-part-2
|
|
Header was using `uint64_t` without including `<cstdint>` which caused some issues downstream for windows builds
|
|
Since we are required to check for uniqueness of decoy picks within any given
ring, and since some decoy picks may fail due to unlock time or malformed EC points,
the wallet2 decoy selection code was building up a larger than needed *unique* set of
decoys for each ring according to a certain distribution *without replacement*. After
filtering out the outputs that it couldn't use, it chooses from the remaining decoys
uniformly random *without replacement*.
The problem with this is that the picks later in the picking process are not independent
from the picks earlier in the picking process, and the later picks do not follow the
intended decoy distribution as closely as the earlier picks. To understand this
intuitively, imagine that you have 1023 marbles. You label 512 marbles with the letter A,
label 256 with the letter B, so on and so forth, finally labelling one marble with the
letter J. You put them all into a bag, shake it well, and pick 8 marbles from the bag,
but everytime you pick a marble of a certain letter, you remove all the other marbles
from that bag with the same letter. That very first pick, the odds of picking a certain
marble are exactly how you would expect: you are twice as likely to pick A as you are B,
twice as likely to pick B as you are C, etc. However, on the second pick, the odds of
getting the first pick are 0%, and the chances for everything else is higher. As you go
down the line, your picked marbles will have letters that are increasingly more unlikely
to pick if you hadn't remove the other marbles. In other words, the distribution of the
later marbles will be more "skewed" in comparison to your original distribution of marbles.
In Monero's decoy selection, this same statistical effect applies. It is not as dramatic
since the distribution is not so steep, and we have more unique values to choose from,
but the effect *is* measureable. Because of the protocol rules, we cannot have duplicate
ring members, so unless that restriction is removed, we will never have perfectly
independent picking. However, since the earlier picks are less affected by this
statistical effect, the workaround that this commit offers is to store the order that
the outputs were picked and commit to this order after fetching output information over RPC.
|
|
|
|
The long term block weight cache was doing a wrong calculation when
adding a new block to the cache.
|
|
- passphrase logic: remove backward compatibility for 2.4.3, code cleanup.
- fix LibUSB cmake for static builds on OSX
- tests: all tests now work with passphrase logic enabled. Passphrase test added with different passphrase. no_passphrase test added, Trezor pin test added. Testing wallet opening with correct and incorrect passphrase. Trezor test chain revamp, cleanup. Smaller chain, chain file versioning added.
- tests: Trezor tests support TEST_MINING_ENABLED, TEST_MINING_TIMEOUT env vars to change mining-related tests behaviour.
- requires protobuf@21 on osx for now (c++14), building with unlinked protobuf: `CMAKE_PREFIX_PATH=$(find /opt/homebrew/Cellar/protobuf@21 -maxdepth 1 -type d -name "21.*" -print -quit) \
make debug-test-trezor -j8`
|
|
|
|
|
|
The Monero GUI code was calling `Monero::wallet::setPassword()` on every open/close for some reason,
and the old `store_to()` code called `store_keys()` with `watch_only=false`, even for watch-only wallets.
This caused a bug where the watch-only keys file got saved with with the JSON field `watch_only` set to 0,
and after saving a watch-only wallet once, a user could never open it back up against because `load()` errored out.
This never got brought up before this because you would have to change the file location of the watch-only
wallet to see this bug, and I guess that didn't happen often, but calling the new `store_to()` function with the
new `force_rewrite` parameter set to `true` triggers key restoring and the bug appeared.
|
|
|
|
|
|
|
|
Resolves #8932 and:
2. Not storing cache when new path is different from old in `store_to()` and
3. Detecting same path when new path contains entire string of old path in `store_to()` and
4. Changing your password / decrypting your keys (in this method or others) and providing a bad original password and getting no error and
5. Changing your password and storing to a new file
|
|
|
|
Prereq of https://github.com/monero-project/monero/pull/8867
|
|
Resolves https://github.com/monero-project/monero/issues/8493
|
|
|
|
Read more about k-anonymity [here](https://en.wikipedia.org/wiki/K-anonymity). We implement this feature in the monero daemon for transactions
by providing a "Txid Template", which is simply a txid with all but `num_matching_bits` bits zeroed out, and the number `num_matching_bits`. We add an operation to `BlockchainLMDB` called
`get_txids_loose` which takes a txid template and returns all txids in the database (chain and mempool) that satisfy that template. Thus, a client can
ask about a specific transaction from a daemon without revealing the exact transaction they are inquiring about. The client can control the statistical
chance that other TXIDs (besides the one in question) match the txid template sent to the daemon up to a power of 2. For example, if a client sets their `num_matching_bits`
to 5, then statistically any txid has a 1/(2^5) chance to match. With `num_matching_bits`=10, there is a 1/(2^10) chance, so on and so forth.
Co-authored-by: ACK-J <60232273+ACK-J@users.noreply.github.com>
|
|
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
|
|
|
|
Co-authored-by: j-berman <justinberman@protonmail.com>
|
|
|
|
All the files in src/platform are currently unused and unnecessary. See below:
* `mingw/alloca.h`: unused throughout project
* `msc/sys/param.h`:
1. In `fix_darwin.patch`, `sys/param.h` is well-defined to be used only in OpenBSD environment
2. `int-util.h` already handles when `sys/param.h` is not present and injects its own values
3. `db_drivers/liblmdb/mdb.c` is a similar situation: already explicity handles different platforms
4. `src/crypto/chacha.h` uses `int-util.h` for endianness context
* `msc/alloca.h`: unused
* `msc/inline_c.h`: not needed. the `inline` keyword is supported for C99 I believe, and certainly for C11, C14+
* `msc/stdbool.h`: `stdbool.h` is standard since C99, and MSVC has supported it for a long time (~10 years)
|
|
|
|
Add help for max-reorg-depth and load-deprecated-formats options
|
|
|
|
|
|
|
|
|
|
Looks like the extra MWARNING was supposed to be guarded by the if statement.
|
|
|
|
- Detach & re-process txs >= lowest scan height
- ensures that if a user calls scan_tx(tx1) after scanning tx2,
the wallet correctly processes tx1 and tx2
- if a user provides a tx with a height higher than the wallet's
last scanned height, the wallet will scan starting from that tx's
height
- scan_tx requires trusted daemon iff need to re-process existing
txs: in addition to querying a daemon for txids, if a user
provides a txid of a tx with height *lower* than any *already*
scanned txs in the wallet, then the wallet will also query the
daemon for all the *higher* txs as well. This is likely
unexpected behavior to a caller, and so to protect a caller from
revealing txid's to an untrusted daemon in an unexpected way,
require the daemon be trusted.
|
|
Before this change, if a multisig peer asked you to sign a transaction with a frozen enote, the wallet will do it without any error or warning. This change makes it
so that wallets will refuse to sign multisig transactions with frozen enotes.
Disclaimer: This PR was generously funded by @LocalMonero.
|
|
|
|
|
|
All Monero binaries have 1 second startup delay because of this code. This is especially noticeable and affects UX in Monero GUI wallet with local node where it often starts another monerod instance to run commands and query node status.
|
|
|
|
On systems where `ULONG_MAX` != `ULLONG_MAX` (e.g. most 32-bit systems), the `round_money_up` function will not correctly detect overflows.
|
|
|
|
|
|
|
|
Ensures both transfers and sweeps use a fee that's calculated
from the tx's weight. Using different logic could theoretically
enable distinguishability between the two types of txs. We don't
want that.
|
|
|
|
|
|
reported by sech1
|
|
|
|
|
|
for a slight performance boost in functional tests
|
|
Force sync every 100k blocks instead of every 1k blocks. Bumping this
value is reported to make a big difference in sync performance, eg:
https://github.com/monero-project/monero/issues/8189
|
|
|
|
|
|
|
|
Using post-PR wallet with pre-PR node will generate error message specific to this PR and not generic "command failed" mesages.
|
|
|
|
|
|
from first spendable block
|
|
The gamma picker and the caller code did not quite agree on the
number of rct outputs available for use - by one block - which
caused an infinite loop if the picker could never pick outputs
from that block but already had picked all other outputs from
previous blocks.
Also change the range to select from using code from UkoeHB.
|
|
Also: txs with tx_extra which is too large will not get published to ZMQ
Co-authored-by: SChernykh <sergey.v.chernykh@gmail.com>
|
|
It's not allowed to use WaitForSingleObject with _beginthread, because the thread closes its own handle before exiting.
So the wait function will either wait on an invalid handle, or on a different handle used by something else.
Or, if it starts waiting before the thread exits, the behavior is undefined according to MS: "If this handle is closed while the wait is still pending, the function's behavior is undefined."
In my test sync I observed threads getting stuck infinitely on WaitForSingleObject, and then rx_set_main_seedhash spamming new threads when RandomX seed changes again. Eventually the system ran out of resources, and monerod aborted with "Couldn't start RandomX seed thread" message.
This PR fixes it by using `_beginthreadex` instead and explicitly closing the handle when it's safe.
|
|
|
|
|
|
Fixes #8793
|
|
|
|
it was mistaking the number of forks in the fork table for
the last fork, and assuming the table was including every
single fork
|
|
|
|
|
|
|
|
|
|
|
|
- `/getblocks.bin` respects the `RESTRICTED_TX_COUNT` (=100) when
returning pool txs via a restricted RPC daemon.
- A restricted RPC daemon includes a max of `RESTRICTED_TX_COUNT` txs
in the `added_pool_txs` field, and returns any remaining pool hashes
in the `remaining_added_pool_txids` field. The client then requests
the remaining txs via `/gettransactions` in chunks.
- `/gettransactions` no longer does expensive no-ops for ALL pool txs
if the client requests a subset of pool txs. Instead it searches for
the txs the client explicitly requests.
- Reset `m_pool_info_query_time` when a user:
(1) rescans the chain (so the wallet re-requests the whole pool)
(2) changes the daemon their wallets points to (a new daemon would
have a different view of the pool)
- `/getblocks.bin` respects the `req.prune` field when returning
pool txs.
- Pool extension fields in response to `/getblocks.bin` are optional
with default 0'd values.
|
|
|
|
|
|
|
|
multisig_account_status and including '.kex_is_done' member
|
|
|
|
from time to time, some people don't realize their wallets get
created in their current working directory
|
|
|
|
it's too low a limit (at least one person mentioned having to
call create_address in a loop due to it)
|
|
|
|
|
|
|
|
|
|
Fix #8711
|
|
|
|
Co-authored-by: plowsof <plowsof@protonmail.com>
extra files
|
|
|
|
- Straight-forward call interface: `void rx_slow_hash(const char *seedhash, const void *data, size_t length, char *result_hash)`
- Consensus chain seed hash is now updated by calling `rx_set_main_seedhash` whenever a block is added/removed or a reorg happens
- `rx_slow_hash` will compute correct hash no matter if `rx_set_main_seedhash` was called or not (the only difference is performance)
- New environment variable `MONERO_RANDOMX_FULL_MEM` to force use the full dataset for PoW verification (faster block verification)
- When dataset is used for PoW verification, dataset updates don't stall other threads (verification is done in light mode then)
- When mining is running, PoW checks now also use dataset for faster verification
|
|
|
|
|
|
|
|
For privacy reasons, time functions use GMT, to avoid logs leaking
timezones. It'd make more sense to use localtime for wallet output
(which are not logged by default), but that adds inconsistencies
which can also be confusing. So add a Z suffix for now to make it
clear these are not local time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Unrelated, but similar code-wise to #8643. There is a check in `DNSResolver` which automatically fails to resolve hostnames which do not contain the `.` character. This PR removes that check.
|
|
Fixes #8633. The function `append_net_address` did not parse hostname + port addresses (e.g. `bar:29080`) correctly if the hostname did not contain a `'.'` character.
@vtnerd comments 1
clear up 2nd conditional statement
|
|
- fix integrated address test, it was not testing integrated address suport
- fix trezor test build as dependent classes were changed
- add a friend test class for Monero::WalletImpl to support wallet api tests
When using wallet_api in tests, synthetic chain is used. Without being able to set `allow_mismatched_daemon_version` in the underlying wallet, we are not able to use a synthetic chain with the tests
|
|
|
|
|
|
|
|
|
|
update_checkpoints() makes a few DNS requests and can take up to 20-30 seconds to complete (3-6 seconds on average). It is currently called from core::handle_incoming_block() which holds m_incoming_tx_lock, so it blocks all incoming transactions and blocks processing while update_checkpoints() is running. This PR moves it to until after a new block has been processed and relayed, to avoid full monerod locking.
|
|
|
|
|
|
|
|
|
|
|
|
Co-authored-by: woodser <woodser@protonmail.com>
|
|
|
|
|
|
- spend secret key is no longer the sum of multisig key shares;
no need to check that is the case upon restore.
- restoring a multisig wallet from multisig info means that the
wallet must have already completed all setup rounds. Upon restore,
set the number of rounds completed accordingly.
|
|
reported by j-berman
|
|
|
|
|
|
|
|
|
|
Being offline is not a good enough heuristic, so we keep track
of whether the wallet ever refreshed from a daemon, which is a
lot better, and probably the best we can do without manual user
designation (which would break existing cold wallet setups till
the user designates those wallets)
|
|
this will make it easier huge wallets to do so without hitting
random limits (eg, max string size in node).
|
|
- only allow offline wallets to import outputs
- don't import empty outputs
- export subaddress indexes when exporting outputs
|
|
|
|
|
|
|
|
on my anecdotal SSD, goes from about 9 hours to 1h20.
|
|
Otherwise Ledger rejects the wallet.
|
|
|
|
|
|
Before the fix, it processed all transactions in the mempool which could be very slow when mempool grows to several MBs in size. I observed `get_block_template_backlog` taking up to 15 seconds of CPU time under high mempool load.
After the fix, only transactions that can potentially be mined in the next block will be processed (a bit more than the current block median weight).
|
|
|
|
|
|
That RPC will wait for mining to actually stop, which can be a while
if randomx has just started on randomx_init_dataset.
This fixes occasional failures in the mining functional test
|
|
|
|
|
|
key images
|
|
hash_extra: don't test for success in `jh_hash` and `skein_hash` since its guaranteed
device_ledger: move anonymous global variable apdu_verbose into .cpp file
Add comments to `refreshed` method variable in wallet2
|
|
If we were to call it with 100, it would cause rsiz to be 0,
leading to an infinite loop.
This is really a pedantic patch, but since there's already a
range test, might as well make it better.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Co-authored-by: j-berman <justinberman@protonmail.com>
|
|
|