| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The changes to the multisig tests in #8914 and #8904 affected each other, this PR cleans up the code and fixes that issue.
|
|
78348bc wallet-rpc: restore from multisig seed (jeffro256)
|
|
842478c core_rpc_server: return ID of submitted block (jeffro256)
|
|
|
|
dc24312 wallet: respect frozen key images in multisig wallets [RELEASE] (jeffro256)
|
|
|
|
Before this change, if a multisig peer asked you to sign a transaction with a frozen enote, the wallet will do it without any error or warning. This change makes it
so that wallets will refuse to sign multisig transactions with frozen enotes.
Disclaimer: This PR was generously funded by @LocalMonero.
|
|
- Detach & re-process txs >= lowest scan height
- ensures that if a user calls scan_tx(tx1) after scanning tx2,
the wallet correctly processes tx1 and tx2
- if a user provides a tx with a height higher than the wallet's
last scanned height, the wallet will scan starting from that tx's
height
- scan_tx requires trusted daemon iff need to re-process existing
txs: in addition to querying a daemon for txids, if a user
provides a txid of a tx with height *lower* than any *already*
scanned txs in the wallet, then the wallet will also query the
daemon for all the *higher* txs as well. This is likely
unexpected behavior to a caller, and so to protect a caller from
revealing txid's to an untrusted daemon in an unexpected way,
require the daemon be trusted.
|
|
|
|
Being offline is not a good enough heuristic, so we keep track
of whether the wallet ever refreshed from a daemon, which is a
lot better, and probably the best we can do without manual user
designation (which would break existing cold wallet setups till
the user designates those wallets)
|
|
this will make it easier huge wallets to do so without hitting
random limits (eg, max string size in node).
|
|
- only allow offline wallets to import outputs
- don't import empty outputs
- export subaddress indexes when exporting outputs
|
|
|
|
There are vulnerabilities in multisig protocol if the parties do not
trust each other, and while there is a patch for it, it has not been
throroughly reviewed yet, so it is felt safer to disable multisig by
default for now.
If all parties in a multisig setup trust each other, then it is safe
to enable multisig.
|
|
0d6ecb1 multisig: add post-kex verification round to check that all participants have completed the multisig address (koe)
|
|
have completed the multisig address
|
|
|
|
https://github.com/ArticMine/Monero-Documents/blob/master/MoneroScaling2021-02.pdf
with a change to use 1.7 instead of 2.0 for the max long term increase rate
|
|
The integrated address functional test fails in the workflows due
to an assertion for missing payment id that is no longer needed.
Remove the assertion and update the assertion count.
Fixes 7dcfccb: ("wallet_rpc_server: fix make_integrated_address with no payment id")
|
|
da9aa1f Copyright: Update to 2022 (mj-xmr)
|
|
e5000a9 Balance includes unconfirmed transfers to self (woodser)
|
|
|
|
e08abaa multisig key exchange update and refactor (koe)
|
|
|
|
|
|
|
|
MINING_SILENT and MINING_NO_MEASUREMENT env vars
|
|
|
|
Printing also available RAM. Add comprehensive description.
|
|
|
|
|
|
1aecdcf Increase timeout for the mining test 4 times (to 240s) (mj-xmr)
|
|
|
|
There are quite a few variables in the code that are no longer
(or perhaps never were) in use. These were discovered by enabling
compiler warnings for unused variables and cleaning them up.
In most cases where the unused variables were the result
of a function call the call was left but the variable
assignment removed, unless it was obvious that it was
a simple getter with no side effects.
|
|
8a282f6 Add RELINK_TARGETS, monero_add_target_no_relink and use monero_add_executable/monero_add_library where possible (mj-xmr) Add monero_add_minimal_executable and use in tests (mj-xmr)
|
|
monero_add_executable/monero_add_library where possible (mj-xmr)
Add monero_add_minimal_executable and use in tests
This is done in order not to have to relink targets, when just an .so changed, but not its interface.
|
|
|
|
|
|
d20ff4f64 functional_tests: add a large (many randomx epochs) p2p reorg test (moneromooo-monero)
6a0b3b1f8 functional_tests: add randomx tests (moneromooo-monero)
9d42649d5 core: fix mining from a block that's not the current top (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
They are allowed from v12, and MLSAGs are rejected from v13.
|
|
839e1f4ba functional_tests: add p2p functional tests (moneromooo-monero)
|
|
Tests tx/block propagation and reorgs
|
|
6f5411d30 tests: fix missing error on missing python entry point (moneromooo-monero)
c6dc2850c python-rpc: add missing sync_txpool python entry point (moneromooo-monero)
|
|
include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests.
|
|
5ef0607da Update copyright year to 2020 (SomaticFanatic)
|
|
6e4a55b rpc: fix relay_tx error return mixup (moneromooo-monero)
9b86e14 functional_tests: add simple relay_tx test (moneromooo-monero)
|
|
|
|
|
|
|
|
Update copyright year to 2020
|
|
|
|
5715460 Always reject duplicate key-images from second txid (vtnerd)
babf25d Allow unrestricted rpc calls to get full txpool info (vtnerd)
|
|
|
|
This fixes a test failure now that timestamps are more constrained
|
|
e69acff functional_tests: update cookie at 10 seconds interval (moneromooo-monero)
f5a11f0 functional_tests: speed up signature generation (moneromooo-monero)
|
|
|
|
|
|
|
|
Executing a new binary for each signature can get really slow
|
|
Otherwise the daemon will start rejecting
|
|
4771a7ae p2p: remove obsolete local time in handshake (moneromooo-monero)
2fbbc4a2 p2p: avoid sending the same peer list over and over (moneromooo-monero)
3004835b epee: remove backward compatible endian specific address serialization (moneromooo-monero)
39a343d7 p2p: remove backward compatible peer list (moneromooo-monero)
60631802 p2p: simplify last_seen serialization now we have optional stores (moneromooo-monero)
9467b2e4 cryptonote_protocol: omit top 64 bits of difficulty when 0 (moneromooo-monero)
b595583f serialization: do not write optional fields with default value (moneromooo-monero)
5f98b46d p2p: remove obsolete local time from TIMED_SYNC (moneromooo-monero)
|
|
987c3139 print_coinbase_tx_sum now supports 128 bits sums (moneromooo-monero)
|
|
d64e5aa7 wallet: allow message sign/verify for subaddresses (moneromooo-monero)
|
|
b90c4bc3 rpc: error out from get_info if the proxied call errors out (moneromooo-monero)
fa16df99 make_test_signature: exit nicely on top level exception (moneromooo-monero)
054b2621 node_rpc_proxy: init some new rpc payment fields in invalidate (moneromooo-monero)
d0faae2a rpc: init a few missing client_info members (moneromooo-monero)
d56a483a rpc: do not propagate exceptions out of a dtor (moneromooo-monero)
3c849188 rpc: always set the update field in update on sucess (moneromooo-monero)
|
|
|
|
|
|
|
|
The tail emission will bring the total above 64 bits
|
|
Coverity 205411
|
|
this prevents messing up any subsequent test too
|
|
|
|
Daemons intended for public use can be set up to require payment
in the form of hashes in exchange for RPC service. This enables
public daemons to receive payment for their work over a large
number of calls. This system behaves similarly to a pool, so
payment takes the form of valid blocks every so often, yielding
a large one off payment, rather than constant micropayments.
This system can also be used by third parties as a "paywall"
layer, where users of a service can pay for use by mining Monero
to the service provider's address. An example of this for web
site access is Primo, a Monero mining based website "paywall":
https://github.com/selene-kovri/primo
This has some advantages:
- incentive to run a node providing RPC services, thereby promoting the availability of third party nodes for those who can't run their own
- incentive to run your own node instead of using a third party's, thereby promoting decentralization
- decentralized: payment is done between a client and server, with no third party needed
- private: since the system is "pay as you go", you don't need to identify yourself to claim a long lived balance
- no payment occurs on the blockchain, so there is no extra transactional load
- one may mine with a beefy server, and use those credits from a phone, by reusing the client ID (at the cost of some privacy)
- no barrier to entry: anyone may run a RPC node, and your expected revenue depends on how much work you do
- Sybil resistant: if you run 1000 idle RPC nodes, you don't magically get more revenue
- no large credit balance maintained on servers, so they have no incentive to exit scam
- you can use any/many node(s), since there's little cost in switching servers
- market based prices: competition between servers to lower costs
- incentive for a distributed third party node system: if some public nodes are overused/slow, traffic can move to others
- increases network security
- helps counteract mining pools' share of the network hash rate
- zero incentive for a payer to "double spend" since a reorg does not give any money back to the miner
And some disadvantages:
- low power clients will have difficulty mining (but one can optionally mine in advance and/or with a faster machine)
- payment is "random", so a server might go a long time without a block before getting one
- a public node's overall expected payment may be small
Public nodes are expected to compete to find a suitable level for
cost of service.
The daemon can be set up this way to require payment for RPC services:
monerod --rpc-payment-address 4xxxxxx \
--rpc-payment-credits 250 --rpc-payment-difficulty 1000
These values are an example only.
The --rpc-payment-difficulty switch selects how hard each "share" should
be, similar to a mining pool. The higher the difficulty, the fewer
shares a client will find.
The --rpc-payment-credits switch selects how many credits are awarded
for each share a client finds.
Considering both options, clients will be awarded credits/difficulty
credits for every hash they calculate. For example, in the command line
above, 0.25 credits per hash. A client mining at 100 H/s will therefore
get an average of 25 credits per second.
For reference, in the current implementation, a credit is enough to
sync 20 blocks, so a 100 H/s client that's just starting to use Monero
and uses this daemon will be able to sync 500 blocks per second.
The wallet can be set to automatically mine if connected to a daemon
which requires payment for RPC usage. It will try to keep a balance
of 50000 credits, stopping mining when it's at this level, and starting
again as credits are spent. With the example above, a new client will
mine this much credits in about half an hour, and this target is enough
to sync 500000 blocks (currently about a third of the monero blockchain).
There are three new settings in the wallet:
- credits-target: this is the amount of credits a wallet will try to
reach before stopping mining. The default of 0 means 50000 credits.
- auto-mine-for-rpc-payment-threshold: this controls the minimum
credit rate which the wallet considers worth mining for. If the
daemon credits less than this ratio, the wallet will consider mining
to be not worth it. In the example above, the rate is 0.25
- persistent-rpc-client-id: if set, this allows the wallet to reuse
a client id across runs. This means a public node can tell a wallet
that's connecting is the same as one that connected previously, but
allows a wallet to keep their credit balance from one run to the
other. Since the wallet only mines to keep a small credit balance,
this is not normally worth doing. However, someone may want to mine
on a fast server, and use that credit balance on a low power device
such as a phone. If left unset, a new client ID is generated at
each wallet start, for privacy reasons.
To mine and use a credit balance on two different devices, you can
use the --rpc-client-secret-key switch. A wallet's client secret key
can be found using the new rpc_payments command in the wallet.
Note: anyone knowing your RPC client secret key is able to use your
credit balance.
The wallet has a few new commands too:
- start_mining_for_rpc: start mining to acquire more credits,
regardless of the auto mining settings
- stop_mining_for_rpc: stop mining to acquire more credits
- rpc_payments: display information about current credits with
the currently selected daemon
The node has an extra command:
- rpc_payments: display information about clients and their
balances
The node will forget about any balance for clients which have
been inactive for 6 months. Balances carry over on node restart.
|
|
|
|
These are dummy ones
|
|
|
|
|
|
2cd4fd8 Changed the use of boost:value_initialized for C++ list initializer (JesusRami)
4ad191f Removed unused boost/value_init header (whyamiroot)
928f4be Make null hash constants constexpr (whyamiroot)
|
|
|
|
|
|
and add missing tests
|
|
|
|
|
|
Also fix part of the RPC results being returned as binary.
This makes the RPC backward incompatible.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
though not a very good test, but we don't have dust handy
|
|
|
|
One considers the blockchain, while the other considers the
blockchain and some recent actions, such as a recently created
transaction which spend some outputs, but isn't yet mined.
Typically, the "balance" command wants the latter, to reflect
the recent action, but things like proving ownership wants
the former.
This fixes a crash in get_reserve_proof, where a preliminary
check and the main code used two concepts of "balance".
|
|
|
|
914b106 wallet_rpc_server: use original addresses in destinations in get_transfers (moneromooo-monero)
da694d4 functional_tests: add tests for pending/out transfer addresses (moneromooo-monero)
|
|
eeca5ca epee: support unicode in parsed strings (moneromooo-monero)
3e11bb5 functional_tests: test creating wallets with local language names (moneromooo-monero)
|
|
1a93aa4 functional_tests: add get_fee_estimate to blockchain test (moneromooo-monero)
|
|
|
|
a5127cc tests: functional: fix python syntax (radfish)
|
|
6eb2638 functional_tests: add a 3/3 multisig test (moneromooo-monero)
|
|
df83ed7 consensus: from v12, enforce >= 2 outputs (moneromooo-monero)
|
|
|
|
ddf7890 python-rpc: add missing getblock RPC parameters (moneromooo-monero)
|
|
|
|
|
|
77594c4f functional_tests: fix python3 compatibility (moneromooo-monero)
|
|
Also add missing bans test to the default tests
|
|
When the wallet auto refreshes after mining the last two blocks
but before popping them, it will then try to use outputs which
are not unlocked yet. This is really a wallet problem, which
will be fixed later.
|
|
|
|
0eb0d6b8 rpc: improve get_output_distribution (moneromooo-monero)
|
|
36ced067 functional_tests: flush stdout before popening new process (moneromooo-monero)
|
|
|
|
|
|
It can now handle small reorgs without having to rescan the
whole blockchain.
Also add a test for it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cbf32241 rpc: make wide_difficulty hexadecimal (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
get_transfer_by_txid, get_height, open/close
|
|
|
|
Related to emission, reorgs, getting tx data back, output
distribution and histogram
|
|
|
|
This should be friendlier for clients which don't have bignum support
|
|
It allows one to connect to a running daemon or wallet, and use
its RPC API from python.
Usage: python -i console.py <port>
It will detect whether it's talking to a daemon or wallet and
initialize itself accordingly.
|
|
|
|
|
|
|
|
|
|
manual relay, transfer to integrated address, and a few negative
transfer tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The secret spend key is kept encrypted in memory, and
decrypted on the fly when needed.
Both spend and view secret keys are kept encrypted in a JSON
field in the keys file. This avoids leaving the keys in
memory due to being manipulated by the JSON I/O API.
|
|
149da42 db_lmdb: enable batch transactions by default (stoffu)
34cb6b4 add --regtest and --fixed-difficulty for regression testing (vicsn)
9e1403e update get_info RPC and bump RPC version (vicsn)
207b66e first new functional tests (vicsn)
|
|
|
|
for privacy reasons, so an untrusted node can't easily track
wallets from IP address to IP address, etc. The granularity
is 1024 blocks, which is about a day and a half.
|
|
|
|
|
|
|
|
|
|
|
|
fix a cmakelist
|
|
|
|
|
|
- http_simple_client now uses std::chrono for timeouts
- http_simple_client accepts timeouts per connect / invoke call
- shortened names of epee http invoke functions
- invoke command functions only take relative path, connection
is not automatically performed
|
|
This replaces the epee and data_loggers logging systems with
a single one, and also adds filename:line and explicit severity
levels. Categories may be defined, and logging severity set
by category (or set of categories). epee style 0-4 log level
maps to a sensible severity configuration. Log files now also
rotate when reaching 100 MB.
To select which logs to output, use the MONERO_LOGS environment
variable, with a comma separated list of categories (globs are
supported), with their requested severity level after a colon.
If a log matches more than one such setting, the last one in
the configuration string applies. A few examples:
This one is (mostly) silent, only outputting fatal errors:
MONERO_LOGS=*:FATAL
This one is very verbose:
MONERO_LOGS=*:TRACE
This one is totally silent (logwise):
MONERO_LOGS=""
This one outputs all errors and warnings, except for the
"verify" category, which prints just fatal errors (the verify
category is used for logs about incoming transactions and
blocks, and it is expected that some/many will fail to verify,
hence we don't want the spam):
MONERO_LOGS=*:WARNING,verify:FATAL
Log levels are, in decreasing order of priority:
FATAL, ERROR, WARNING, INFO, DEBUG, TRACE
Subcategories may be added using prefixes and globs. This
example will output net.p2p logs at the TRACE level, but all
other net* logs only at INFO:
MONERO_LOGS=*:ERROR,net*:INFO,net.p2p:TRACE
Logs which are intended for the user (which Monero was using
a lot through epee, but really isn't a nice way to go things)
should use the "global" category. There are a few helper macros
for using this category, eg: MGINFO("this shows up by default")
or MGINFO_RED("this is red"), to try to keep a similar look
and feel for now.
Existing epee log macros still exist, and map to the new log
levels, but since they're used as a "user facing" UI element
as much as a logging system, they often don't map well to log
severities (ie, a log level 0 log may be an error, or may be
something we want the user to see, such as an important info).
In those cases, I tried to use the new macros. In other cases,
I left the existing macros in. When modifying logs, it is
probably best to switch to the new macros with explicit levels.
The --log-level options and set_log commands now also accept
category settings, in addition to the epee style log levels.
|
|
Keep the immediate direct deps at the library that depends on them,
declare deps as PUBLIC so that targets that link against that library
get the library's deps as transitive deps.
Break dep cycle between blockchain_db <-> crytonote_core.
No code refactoring, just hide cycle from cmake so that
it doesn't complain (cycles are allowed only between
static libs, not shared libs).
This is in preparation for supproting BUILD_SHARED_LIBS cmake
built-in option for building internal libs as shared.
|
|
When RingCT is enabled, outputs from coinbase transactions
are created as a single output, and stored as RingCT output,
with a fake mask. Their amount is not hidden on the blockchain
itself, but they are then able to be used as fake inputs in
a RingCT ring. Since the output amounts are hidden, their
"dustiness" is not an obstacle anymore to mixing, and this
makes the coinbase transactions a lot smaller, as well as
helping the TXO set to grow more slowly.
Also add a new "Null" type of rct signature, which decreases
the size required when no signatures are to be stored, as
in a coinbase tx.
|
|
Saves some substantial space.
Also avoid calculating tx hashes we don't need.
|
|
|
|
|
|
This now requests the set of outputs that can be mixed first,
to avoid trying non dust but unmixable outputs, which we know
will fail.
|
|
This avoids the need to define that variable in every program
which uses epee.
|
|
|
|
|
|
|
|
+toc -doc -drmonero
Fixed the windows path, and improved logging and data
(for graph) logging, fixed some locks and added more checks.
Still there is a locking error,
not added by my patches, but present in master version
(locking of map/list of peers).
|
|
|
|
|
|
Older versions of CMake support LINK_{PUBLIC,PRIVATE} while newer
versions prefer PUBLIC and PRIVATE instead, but still support the LINK_
prefix.
|
|
|
|
|
|
|
|
|
|
|
