Age | Commit message (Collapse) | Author | Files | Lines |
|
This plugs a privacy leak, where the wallet tells the daemon
which transactions contain outputs for the wallet by asking
for additional information for that particular transaction.
As a nice bonus, this actually makes refresh slightly faster.
|
|
|
|
We try to avoid related inputs, when possible
|
|
Found by luigi1111w
|
|
With RCT, we allow 0 size outputs, to try and encourage txes
with two inputs and two outputs. Consolidation would then
have two non zero inputs, one zero output, and one larger
output.
|
|
|
|
|
|
|
|
|
|
Allows the fake outs to be in different positions for each ring.
For rct inputs only.
|
|
Before the normal selection, we attempt to find either one or two
suitable outputs to use as inputs to the rct tx. The intent is that
most rct txes will have one or two inputs, and we want all to look
the same if possible.
When two outputs are needed, we try to find a pair which are not
related (ie, by being from the same or similar block height).
|
|
|
|
|
|
The "transfer" simplewallet command is renamed to "transfer_original".
"transfer_new" is renamed "transfer", "transfer_rct" is removed,
and the new "transfer" now selects rct or non rct transactions
based on the current block height.
|
|
|
|
Since these are needed at the same time as the output pubkeys,
this is a whole lot faster, and takes less space. Only outputs
of 0 amount store the commitment. When reading other outputs,
a fake commitment is regenerated on the fly. This avoids having
to rewrite the database to add space for fake commitments for
existing outputs.
This code relies on two things:
- LMDB must support fixed size records per key, rather than
per database (ie, all records on key 0 are the same size, all
records for non 0 keys are same size, but records from key 0
and non 0 keys do have different sizes).
- the commitment must be directly after the rest of the data
in outkey and output_data_t.
|
|
to protect the non-signatures parts of the tx from tampering.
|
|
|
|
The mixRing (output keys and commitments) and II fields (key images)
can be reconstructed from vin data.
This saves some modest amount of space in the tx.
|
|
rather than using the current one. No functional changes, but may
save some bugs in the future.
|
|
|
|
If the blockchain gets reorganized, all outputs spent in the part
of the blockchain that's blown away need to be reset to unspent
(they may end up spent again on the blocks that replace the blocks
that are removed, however).
|
|
|
|
|
|
|
|
It is not yet constrained to a fork, so don't use on the real network
or you'll be orphaned or rejected.
|
|
- we need to drop the new m_tx_indices database
- we reset the version to current version
This fixes the core tests failing to initialize.
|
|
One to commit to an amount with zero key (for use with fake
commitments for pre-rct outputs), and one with an arbitrary
key (for rct outputs).
|
|
It may be suboptimal, but it's a pain to have to rebuild everything
when some of this changes.
Also, no clue why there seems to be two different code paths for
serializing a tx...
|
|
|
|
|
|
|
|
|
|
A new version of genRct takes the mixRing as parameter, instead
of the inPk. inPk are part of the mixRing, and it is cleaner to
pass the mixRing data than to fetch it from the RingCT code.
A new version of decodeRct also returns the mask.
Also, failure to decode throws, so errors are properly detected.
|
|
|
|
|
|
to get random ringct outputs to mix with
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ported from Shen's RingCT repo
|
|
Ported from Shen's RingCT repo
|
|
Ported from Shen's RingCT repo
|
|
Ported from Shen's RingCT repo
|
|
|
|
|
|
|
|
|
|
This lets my gcc picks those instead of the generic template
where appropriate (and then fail since std::vector<something>
does not have a serialize method.
|
|
|
|
|
|
|
|
|
|
Throw when inputs aren't the expected size.
|
|
|
|
|
|
f88029e db_lmdb: do not try to modify the database in read only mode (moneromooo-monero)
|
|
|
|
78035d2 Fix fake 'network synchronized, begin using' messages (Thomas Winget)
|
|
65238d2 fix #691 removed help about leaving wallet name empty on --generate-new-wallet (guzzi_jones)
|
|
99dd572 libwallet_api: tests: checking for result while opening wallet (Ilya Kitaev)
bcf7b67 libwallet_api: Wallet::amountFromString fixed (Ilya Kitaev)
32bc7b4 libwallet_api: helper method to return maximumAllowedAmount (Ilya Kitaev)
cbe534d libwallet_api: tests: removed logged passwords (Ilya Kitaev)
b1a5a93 libwallet_api: do not store wallet on close if status is not ok (Ilya Kitaev)
|
|
c2f4e16 simplewallet: default to max-concurrency 1 on MacOS X (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
2c5e68f cmake: fix typo in handling of STACK_TRACE (redfish)
|
|
25f529a wallet: store key images after importing them (moneromooo-monero)
|
|
9cca53a wallet: fix build on Mac and Windows (missing include) (moneromooo-monero)
|
|
|
|
A suspected bug in pthread/kernel, though might be that
I messed something up too...
This might rope in more platforms though.
|
|
This fixes the log output not getting redirected to log file.
|
|
It avoids rescan_spent resetting spent status, for example.
|
|
Reported by RaskaRuby, tested by iDunk5400.
|
|
|
|
|
|
11dc091 Fake outs set is now decided by the wallet (moneromooo-monero)
1593553 new unlocked parameter to output_histogram (moneromooo-monero)
|
|
This plugs a privacy leak from the wallet to the daemon,
as the daemon could previously see what input is included
as a transaction input, which the daemon hadn't previously
supplied. Now, the wallet requests a particular set of
outputs, including the real one.
This can result in transactions that can't be accepted if
the wallet happens to select too many outputs with non standard
unlock times. The daemon could know this and select another
output, but the wallet is blind to it. It's currently very
unlikely since I don't think anything uses non default
unlock times. The wallet requests more outputs than necessary
so it can use spares if any of the returns outputs are still
locked. If there are not enough spares to reach the desired
mixin, the transaction will fail.
|
|
240864f db_lmdb: errors dropping hf starting height db on reset are not fatal (moneromooo-monero)
|
|
709c724 Better fix (#4) (hyc)
d2644c1 fix restore-deterministic height (luigi1111)
|
|
da1007f simplewallet: make the refresh thread into more generic idle thread (moneromooo-monero)
|
|
663fc32 wallet2: if importing key images fails, print failure index (moneromooo-monero)
|
|
f0c0a3f Fix #864 Squashed commit of the following: commit 9af9e4223b58bbb65a3519af2c2bfc273cbd23d6 fixed some formatting commit c7920e1cf88ff46eb9294101344d9a567f22e2da Merge: 97eb28b 1da1c68 fix#864 fix using boolean commit 97eb28ba5dd49ddde8c8785f39b24d955e5de31c Fix #864 boolean value used to verify on new wallet commit 1da1c68bd3a9a373c70482b6e6e95251096149f1 fix #864 changed to boolean to prompt for verify commit 5bee96652434762d2c91ce31a1b1c9f169446ddc fix 864; made variable names easier for understanding branching. commit 45715960d30293f781b2ff9e5e647c2ec893f4a3 fix #864; allow password to be entered twice for new wallets for verification. fix #864 password entry verification; ammended boolean fix #864 ; default constructor for password_container should set verify=true (guzzi_jones)
|
|
This db is now dropped unconditionally, so may or may not be there
in the first place.
|
|
|
|
Simplewallet improperly skipped the restore from height code if
restoring a deterministic wallet AND not specifying a wallet file in the
command line. The other generate options require a wallet file as an
argument, which prevents "ask_wallet_create_if_needed()" from being
called, which in turn causes "m_generate_new" to remain unset.
Specifying a wallet file at launch with --restore-deterministic emulated
this behavior.
|
|
|
|
|
|
This constrains the number of instances of any amount
to the unlocked ones (as defined by the default unlock time
setting: outputs with non default unlock time are not
considered, so may be counted as unlocked even if they are
not actually unlocked).
|
|
Squashed commit of the following:
commit 9af9e4223b58bbb65a3519af2c2bfc273cbd23d6
fixed some formatting
commit c7920e1cf88ff46eb9294101344d9a567f22e2da
Merge: 97eb28b 1da1c68
fix#864 fix using boolean
commit 97eb28ba5dd49ddde8c8785f39b24d955e5de31c
Fix #864 boolean value used to verify on new wallet
commit 1da1c68bd3a9a373c70482b6e6e95251096149f1
fix #864 changed to boolean to prompt for verify
commit 5bee96652434762d2c91ce31a1b1c9f169446ddc
fix 864; made variable names easier for understanding branching.
commit 45715960d30293f781b2ff9e5e647c2ec893f4a3
fix #864; allow password to be entered twice for new wallets for verification.
fix #864 password entry verification; ammended boolean
fix #864 ; default constructor for password_container should set verify=true
|
|
The previous logic that used a COMMON_*_FLAGS intermediate variable
and then re-assigned CMAKE_*_FLAGS before including each subdirectory
was confusing and ugly. This PR is the right way to do it.
This commit is purely refactoring: built binaries unchanged.
|
|
0f990d0 cmake,common: flag for stack trace (redfish)
|
|
4618873 tests: fix a bitflag test typo (moneromooo-monero)
89e68d7 unit_tests: check adding checkpoints succeeded (moneromooo-monero)
121165f db_lmdb: add some missing api call checks (moneromooo-monero)
22d8344 core_rpc_server: fix gray/white peer list mixup (moneromooo-monero)
|
|
By default the flag is enabled whenever libunwind is found on the
system, with the exception of static build on OSX (for which we can't
install the throw hook #932 due to lack of support for --wrap in OSX
ld64 linker).
|
|
|
|
|
|
ebf97d7 wallet: new {ex,im}port_key_images commands and RPC calls (moneromooo-monero)
|
|
This code should die anyway.
|
|
They are used to export a signed set of key images from a wallet
with a private spend key, so an auditor with the matching view key
may see which of those are spent, and which are not.
|
|
It is not clear why libunbound was added to this in the first place,
since it wasn't here before and #915 doesn't seem to introduce any
new dependency on it.
Tested build with STATIC=OFF (with and without libunbound-dev libunbound8
installed) and STATIC=ON, on Ubuntu Trusty, Debian Jessie, and Arch
Linux. For static builds, beware of #926 and #907.
If this hack was introduced to make it build on some other system
(Windows? OS X?), then it will have to be dealt with, but not this way.
|
|
8312887 simplewallet: suggest removing cache when loading fails (moneromooo-monero)
|
|
b89b963 wallet: add unconfirmed incoming txes from the txpool (moneromooo-monero)
|
|
d7597c5 refreshing wallet even if error happened (Ilya Kitaev)
6d32a3d wallet_api: async init, Wallet::connected status, log level (Ilya Kitaev)
193d251 libwallet_api cmake: conditionally creating libwallet_merged2 only for STATIC build (Ilya Kitaev)
10c06dd wallet_api: segfault on refresh fixed (Ilya Kitaev)
9d2cb4f WalletListener functionality (Ilya Kitaev)
d27b883 hack to successfull linking for MSYS2 (Ilya Kitaev)
083380c Transaction fee multiplier aka priority integraged (Ilya Kitaev)
00ed12b Wallet::paymentIdValid (Ilya Kitaev)
|
|
080a606 simplewallet: revert to foreground refresh at startup (moneromooo-monero)
|
|
|
|
Shown in show_transfers simplewallet command, and get_transfers
RPC command, if req.pool is true.
|
|
Background refresh is confusing to users at startup.
|
|
87b1153 wallet2_api: use uint64_t for amounts (moneromooo-monero)
|
|
d7b681c remove hf_starting_height db (moneromooo-monero)
|
|
f07f120 cmake: don't try to link with atomic on Apple (redfish)
19349d7 cmake: ARM: clang: make warning non-fatal: inline asm (redfish)
f3e09f3 cmake: link with -latomic for clang (redfish)
f4b35ae cmake: include -ldl via cmake built-in var (redfish)
fa85cd8 common: stack trace: make clang happy with func ptrs (redfish)
4dce26b cmake: do not pass -stdlib=c++ to clang >=3.7 (redfish)
|
|
014f3a0 Add a daemon RPC version, and make simplewallet check it (moneromooo-monero)
|
|
78cc10f daemon: fix ban seconds being misinterpreted as absolute (moneromooo-monero)
34ecfdb rpc: fix get_bans and set_bans RPC names, they were missing a _ (moneromooo-monero)
|
|
a95a2cb wallet_rpc_server: add payment id from integrated addresses to extra (moneromooo-monero)
|
|
ce6b831 daemonizer: posix: keep parent's working dir and umask (redfish)
|
|
Signing is done using the spend key, since the view key may
be shared. This could be extended later, to let the user choose
which key (even a per tx key).
simplewallet's sign/verify API uses a file. The RPC uses a
string (simplewallet can't easily do strings since commands
receive a tokenized set of arguments).
|
|
|
|
|
|
STATIC build
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It's not really needed, it used to be an optimization for when
that code was not using the db and needed to recalculate things
fast on startup.
|
|
Tested that it builds with:
gcc 6.1.1, STATIC=OFF,i686
gcc 6.1.1, STATIC=OFF,armv7h
clang 3.8, STATIC=OFF,i686
clang 3.8, STATIC=OFF,armv7h
gcc 6.1.1, STATIC=ON,i686
clang 3.8, STATIC=ON,i686
Also tested that stack trace is generated fine on exception on:
i686, gcc 6.1.1, STATIC=OFF
(didn't bother testing all the other platforms/configs)
This should fix the build problem on OSX (#871, #901), but
I don't have OSX, so I could only test Clang on Linux.
|
|
If the version is different, simplewallet will refuse to use that
daemon, unless --allow-mismatched-daemon-version is used.
|
|
Absolute to relative conversion is already done by the callee.
|
|
|
|
|
|
Keep the working directory (and umask) inherited from
the parent. Otherwise, it's impossible to control
the working directory of the daemon (from systemd, for
example).
Furthermoer, bitmonerod attempts to create logging directories and files
*in current working directory*. This fails due to permission denied and
generates a (caught, nonfatal) exception. Below is the strace with this
patch applied (so, no `chdir("/")`), showing successful opens at `log/`
relative path. Without this patch they fail (sorry, didn't save the
trace).
```
28911 getcwd("/.../bitmonero", 128) = 25
28911 stat64("/var/lib/bitmonero/.bitmonero", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
28911 stat64("/etc/bitmonerod.conf", {st_mode=S_IFREG|0644, st_size=244, ...}) = 0
28911 open("/etc/bitmonerod.conf", O_RDONLY|O_LARGEFILE) = 3
28911 open("/var/log/bitmonero/bitmonero.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) = 3
28911 stat64("log", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
28911 stat64("log/dbg", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
28911 open("log/dbg/main.log", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 4
```
The reasoning of chdir("/") in order to prevent the daemon from holding
a filesystem in busy state is not compelling at all: the choice of
working directory for the daemon is the user's business not the
daemon's.
|
|
|
|
c2ad9ca allow peers without port (moneromooo-monero)
|
|
459ec60 daemon: print exception errors when failing to parse config file (moneromooo-monero)
|
|
f11191a rpc: restrict number of fake outs requested in restricted rpc mode (moneromooo-monero)
|
|
6b08001 simplewallet: mention the background refresh thread when starting (moneromooo-monero)
|
|
945c272 wallet: add a fee multiplier (moneromooo-monero)
|
|
d718960 remove POSIX_C_SOURCE and remove dlfcn.h for static builds (luigi1111)
|
|
The default port is then used
|
|
When an exception happens while reading the config file, we need
to print the error, as the logging system isn't initialized yet,
so the generic catch will not print anything.
|
|
|
|
|
|
|
|
"address.txt" files
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Wallet::setDefaultMixin, Wallet::defaultMixin;
wallet::create_transaction_2 used in Wallet::createTransaction
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Transaction API continued
TODOs for Transaction/Transfer interface
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It should be less confusing for people who're used to the foreground
refresh from earlier versions.
|
|
Fee can now be multiplied by 2 or 3, if users want to give
priority to their transactions. There are only three levels
to avoid too much fingerprinting. Default is 1 (minimum fee).
The default multiplier can be set by "set fee-multiplier X".
|
|
|
|
|
|
|
|
The former was a faulty "fix" for gmtime_r not existing on Windows. The latter is needed only for dynamic builds, and is not included with msys2, which ends up fine because Windows is only built static at this time.
|
|
57dce80 gmtime for Windows (luigi1111)
|
|
f0b85c1 simplewallet: add a status command (moneromooo-monero)
|
|
15c2b69 common: fix build without libunwind (moneromooo-monero)
f72388c CMakeLists: fix build without libunwind (moneromooo-monero)
|
|
gmtime_r is not available in Windows, use gmtime_s instead. Also change shorthand codes (also not working in Windows).
|
|
|
|
|
|
It matches the daemon, and should allow people who're suspicious
of the background refresh to know they're synced.
|
|
0c6e9e4 rpc: fix getblock RPC sending blob as binary, not hex dump (moneromooo-monero)
|
|
5dc09f2 wallet_rpc_server: fix some string values being returned between <> (moneromooo-monero)
f8213c0 Require 64/16 characters for payment ids (moneromooo-monero)
|
|
c5f00bc cn_deserialize: add minergate data (moneromooo-monero)
2470b20 cn_deserialize: print extra nonce as hex data (moneromooo-monero)
77d8fc3 tx_extra: parse new chunk added by minergate (blashyrkh)
|
|
de030d9 fix: error: -Werror=misleading-indentation (moneroexample)
c2d7300 contrib: epee: add exception spec to throwing destructors (redfish)
6898741 src: p2p: add exception spec to throwing destructors (redfish)
21dbc95 crypto: slow-hash: fix misleading indent (redfish)
70f3634 crypto: slow-hash: remove unused hash list for ARM (redfish)
1a7772f crypto: oaes_lib: remove unused _NR array (redfish)
6462a3a crypto: fix compile error: use named type in sizeof (redfish)
|
|
e409e59 Print stack trace on exceptions (moneromooo-monero)
ef4ff42 connection_basic: avoid gratuitous exception (moneromooo-monero)
|
|
|
|
|
|
|
|
Wallet::setDefaultMixin, Wallet::defaultMixin;
wallet::create_transaction_2 used in Wallet::createTransaction
|
|
|
|
|