Age | Commit message (Collapse) | Author | Files | Lines |
|
6a37da8 threadpool: guard against exceptions in jobs, and armour plating (moneromooo-monero)
|
|
Those would, if uncaught, exit run and leave the waiter to wait
indefinitely for the number of active jobs to reach 0
|
|
b641e0a2c Add clear method to byte_stream (Lee Clagett)
|
|
|
|
They are allowed from v12, and MLSAGs are rejected from v13.
|
|
|
|
7175dcb10 replace most boost serialization with existing monero serialization (moneromooo-monero)
|
|
|
|
This reverts commit 921dd8dde5d381052d0aa2936304a3541a230c55.
|
|
This reduces the attack surface for data that can come from
malicious sources (exported output and key images, multisig
transactions...) since the monero serialization is already
exposed to the outside, and the boost lib we were using had
a few known crashers.
For interoperability, a new load-deprecated-formats wallet
setting is added (off by default). This allows loading boost
format data if there is no alternative. It will likely go
at some point, along with the ability to load those.
Notably, the peer lists file still uses the boost serialization
code, as the data it stores is define in epee, while the new
serialization code is in monero, and migrating it was fairly
hairy. Since this file is local and not obtained from anyone
else, the marginal risk is minimal, but it could be migrated
later if needed.
Some tests and tools also do, this will stay as is for now.
|
|
85efc88c1 Fix overflow issue in epee:misc_utils::rolling_median_t and median(), with unit test (koe)
|
|
76c16822d wallet2_api: implement runtime proxy configuration (xiphon)
|
|
4e2377995 Change ZMQ-JSON txextra to hex and remove unnecessary base fields (Lee Clagett)
|
|
98c151ecb Optimize ZMQ-JSON vector reading; GetBlocksFast reads 24%+ faster (Lee Clagett)
60627c9f2 Switch to insitu parsing for ZMQ-JSON; GetBlocksFast reads 13%+ faster (Lee Clagett)
fe96e66eb Fix pruned tx for ZMQ's GetBlocksFast (Lee Clagett)
|
|
921dd8dde Use domain-separated ChaCha20 for in-memory key encryption (Sarang Noether)
|
|
6bfcd3101 Updates InProofV1, OutProofV1, and ReserveProofV1 to new V2 variants that include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests. (Sarang Noether)
|
|
|
|
|
|
|
|
include all public proof parameters in Schnorr challenges, along with hash function domain separators. Includes new randomized unit tests.
|
|
67ade8005 Add randomized delay when forwarding txes from i2p/tor -> ipv4/6 (Lee Clagett)
|
|
unit test
|
|
|
|
8656a8c9f remove double includes (sumogr)
|
|
5ef0607da Update copyright year to 2020 (SomaticFanatic)
|
|
15538f7 ByteSlice: Fix persisting ptr to std::moved SSO buffer (Doy-lee)
|
|
The Bug:
1. Construct `byte_slice.portion_` with `epee::span(buffer)` which copies a pointer to the SSO buffer to `byte_slice.portion_`
2. It constructs `byte_slice.storage_` with `std::move(buffer)` (normally this swap pointers, but SSO means a memcpy and clear on the original SSO buffer)
3. `slice.data()` returns a pointer from `slice.portion_` that points to the original SSO cleared buffer, `slice.storage_` has the actual string.
|
|
|
|
|
|
|
|
Update copyright year to 2020
|
|
|
|
f9441c5 Fixed string_ref usage bug in epee::from_hex::vector (vtnerd)
|
|
|
|
4ed60b6 Bulletproofs: verification speedup (SarangNoether)
|
|
f8b1480 unit_tests: fix gcc+ warning (sumogr)
|
|
|
|
|
|
e719760 Fix receive order leakage with tx fluffing (vtnerd)
|
|
68a6507 Fixed bug in ZMQ JSON-RPC method field (vtnerd)
|
|
42a7a4d daemon: auto public nodes - cache and prioritize most stable nodes (xiphon)
|
|
81c5943 Remove temporary std::string creation in some hex->bin calls (vtnerd)
5fcc23a Move hex->bin conversion to monero copyright files and with less includes (vtnerd)
3387f0e Reduce template bloat in hex->bin for ZMQ json (vtnerd)
|
|
dbfa4f8 unit_tests: fix missing test names (xiphon)
|
|
c61abf8 remove empty statements (shopglobal)
|
|
0078ce7 wipeable_string: split - treat CR, LF and Tabs as separators (xiphon)
|
|
|
|
054b4c7 protocol: request txpool contents when synced (moneromooo-monero)
|
|
|
|
|
|
d0641b42 net: fix incorrect less operator for top/i2p addresses (Aaron Hook)
|
|
- New flag in NOTIFY_NEW_TRANSACTION to indicate stem mode
- Stem loops detected in tx_pool.cpp
- Embargo timeout for a blackhole attack during stem phase
|
|
A newly synced Alice sends a (typically quite small) list of
txids in the local tpxool to a random peer Bob, who then uses
the existing tx relay system to send Alice any tx in his txpool
which is not in the list Alice sent
|
|
|
|
0f78b06e Various improvements to the ZMQ JSON-RPC handling: (Lee Clagett)
|
|
|
|
|
|
- Finding handling function in ZMQ JSON-RPC now uses binary search
- Temporary `std::vector`s in JSON output now use `epee::span` to
prevent allocations.
- Binary -> hex in JSON output no longer allocates temporary buffer
- C++ structs -> JSON skips intermediate DOM creation, and instead
write directly to an output stream.
|
|
a9bdc6e4 Improved performance for epee serialization: (Lee Clagett)
|
|
02b80513 unit_tests: remove invalid bulletproofs unit test (moneromooo-monero)
|
|
|
|
|
|
Cleaning up a little around the code base.
|
|
|
|
|
|
|
|
dce6f05 rpc: Only show version string if it matches expected pattern (ndorf)
3293780 daemon: Use rpc for 'version' command (ndorf)
|
|
It was intended to check a case which is actually valid (0 gamma),
but was actually duplicating the bad amount test.
Reported by WhatDo_ on IRC.
|
|
|
|
|
|
|
|
- Removed copy of field names in binary deserialization
- Removed copy of array values in binary deserialization
- Removed copy of string values in json deserialization
- Removed unhelpful allocation in json string value parsing
- Removed copy of blob data on binary and json serialization
|
|
|
|
|
|
9447e72 cryptonote: add function to get weight from a pruned tx (moneromooo-monero)
|
|
be82c40 Support median block size > 4 GB (moneromooo-monero)
|
|
add a 128/64 division routine so we can use a > 32 bit median block
size in calculations
|
|
|
|
|
|
The weight of the prunable data is deterministic from the
unpruned data, so it can be determined from a pruned tx
|
|
|
|
8330e77 monerod can now sync from pruned blocks (moneromooo-monero)
|
|
ae34e1b unit_tests: fix ringdb unit tests (moneromooo-monero)
|
|
2a7d915 Fixed i2p/tor tx flooding bug (white noise disabled) (vtnerd)
|
|
|
|
fdc00d0 unit tests: replace global var with lambda returning static local var (stoffu)
|
|
If the peer (whether pruned or not itself) supports sending pruned blocks
to syncing nodes, the pruned version will be sent along with the hash
of the pruned data and the block weight. The original tx hashes can be
reconstructed from the pruned txes and theur prunable data hash. Those
hashes and the block weights are hashes and checked against the set of
precompiled hashes, ensuring the data we received is the original data.
It is currently not possible to use this system when not using the set
of precompiled hashes, since block weights can not otherwise be checked
for validity.
This is off by default for now, and is enabled by --sync-pruned-blocks
|
|
7b076d5 p2p: fix bans taking port into account (moneromooo-monero)
|
|
f9b3f6e Removed Berkeley DB and db switching logic (JesusRami)
|
|
2cd4fd8 Changed the use of boost:value_initialized for C++ list initializer (JesusRami)
4ad191f Removed unused boost/value_init header (whyamiroot)
928f4be Make null hash constants constexpr (whyamiroot)
|
|
|
|
As a side effect, colouring on Windows should now work
regardless of version
|
|
|
|
f91a06c Dropping cppzmq dependency; adding some zmq utils (vtnerd)
|
|
Fixes assertion failure (curstate == 1) in random.c in debug mode
|
|
a5c7eeb unit_tests: fix build with CLANG 8 and boost 1.69 (moneromooo-monero)
|
|
f56e160 unit_tests: Fix uninitialized values (liptakmatyas)
|
|
|
|
|
|
|
|
|
|
bdfc63a Add ref-counted buffer byte_slice. Currently used for sending TCP data. (vtnerd)
3b24b1d Added support for 'noise' over I1P/Tor to mask Tx transmission. (vtnerd)
|
|
3a0451a MLSAG speedup and additional checks (SarangNoether)
|
|
|
|
- Initialize the `hash` in the `get_block_hash()` function of the
`output_distribution` unit test explicitly, to silence `valgrind`
warnings.
|
|
b350726 boost: update obsolete usage of endian API (moneromooo-monero)
|
|
7b9a420 Replace std::random_shuffle with std::shuffle (tomsmeding)
|
|
c8709fe wallet: do not print log settings when unset (moneromooo-monero)
7b18e83 unit_tests: check return values on test data parsing (moneromooo-monero)
|
|
|
|
f81cb4f unit_tests: add more leeway to the 'same distribution' check (moneromooo-monero)
|
|
According to [1], std::random_shuffle is deprecated in C++14 and removed
in C++17. Since std::shuffle is available since C++11 as a replacement
and monero already requires C++11, this is a good replacement.
A cryptographically secure random number generator is used in all cases
to prevent people from perhaps copying an insecure std::shuffle call
over to a place where a secure one would be warranted. A form of
defense-in-depth.
[1]: https://en.cppreference.com/w/cpp/algorithm/random_shuffle
|
|
|
|
de27651 use crypto::rand instead of libc rand in a few tests (moneromooo-monero)
|
|
25a7cfd add a few checks where it seems appropriate (moneromooo-monero)
1a66a86 remove unused code (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
The code generated is exactly the same as the direct access
one on x86_64
|
|
Won't trigger in practice, but you never know when that code changes
Coverity 199723, 199685
|
|
This is an inherently probabilistic check, which occasionally fails
for a matching distribution
|
|
It's an inherently random test
|
|
We don't need secure randomness here, but it should shut coverity up
|
|
e9809382 fix wide difficulty conversion with some versions of boost (moneromooo-monero)
|
|
1c44e658 wallet2: reject standalone short payment IDs in monero: URI API (moneromooo-monero)
|
|
a4c4a2d8 blockchain: keep a rolling long term block weight median (moneromooo-monero)
|
|
0eb0d6b8 rpc: improve get_output_distribution (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
updating the block size limit needs recent block sizes,
so we feed it dummy ones
|
|
It can now handle small reorgs without having to rescan the
whole blockchain.
Also add a test for it.
|
|
|
|
|
|
Based on python code by sarang:
https://github.com/SarangNoether/skunkworks/blob/outputs/outputs/simulate.py
|
|
5fafb90e testdb: add override keyword where missing (stoffu)
|
|
and delete obsolete BlockchainBDB::get_tx_output_indices along the way
|
|
The is_host_blocked method is not on master yet
|
|
58585986 p2p: fix integer overflow in host bans (moneromooo-monero)
|
|
93bb2f48 ringct: prevent use of full ringct signatures for more than one input (moneromooo-monero)
|
|
e9fac29a unit_tests/long_term_block_weight: some tweaks that seem to make more sense (stoffu)
467f4c7e tests/block_weight: use integer division when computing median (stoffu)
815d08dc tests/block_weight: remove unused MULTIPLIER_SMALL (stoffu)
661f1fb8 blockchain: remove unused calc of short_term_constraint (stoffu)
|
|
The db txn in add_block ending caused the entire overarching
batch txn to stop.
Also add a new guard class so a db txn can be stopped in the
face of exceptions.
Also use a read only db txn in init when the db itself is
read only, and do not save the max tx size in that case.
|
|
|
|
|
|
|
|
71907980 unit_tests: fix long term block weight test after cache change (moneromooo-monero)
|
|
0218bc49 test: hmac_keccak - fix number of chunks counting (Dusan Klinec)
|
|
|
|
91f4c7f4 Make difficulty 128 bit instead of 64 bit (moneromooo-monero)
|
|
|
|
Based on Boolberry work by:
jahrsg <jahr@jahr.me>
cr.zoidberg <crypto.zoidberg@gmail.com>
|
|
|
|
dc0c0c91 tests: disable wallet SSL init for tests involving wallet2 (moneromooo-monero)
|
|
4b21d38d blockchain: speed up getting N blocks weights/long term weights (moneromooo-monero)
|
|
c9b13fbb tests/trezor: HF9 and HF10 tests (Dusan Klinec)
a1fd1d49 device/trezor: HF10 support added, wallet::API (Dusan Klinec)
d74d26f2 crypto: hmac_keccak added (Dusan Klinec)
|
|
|
|
|
|
|
|
|
|
|
|
057c279c epee: add SSL support (Martijn Otto)
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
|
|
|
|
fcd00079 unit_tests: remove leftover debug print (moneromooo-monero)
|
|
This curbs runaway growth while still allowing substantial
spikes in block weight
Original specification from ArticMine:
here is the scaling proposal
Define: LongTermBlockWeight
Before fork:
LongTermBlockWeight = BlockWeight
At or after fork:
LongTermBlockWeight = min(BlockWeight, 1.4*LongTermEffectiveMedianBlockWeight)
Note: To avoid possible consensus issues over rounding the LongTermBlockWeight for a given block should be calculated to the nearest byte, and stored as a integer in the block itself. The stored LongTermBlockWeight is then used for future calculations of the LongTermEffectiveMedianBlockWeight and not recalculated each time.
Define: LongTermEffectiveMedianBlockWeight
LongTermEffectiveMedianBlockWeight = max(300000, MedianOverPrevious100000Blocks(LongTermBlockWeight))
Change Definition of EffectiveMedianBlockWeight
From (current definition)
EffectiveMedianBlockWeight = max(300000, MedianOverPrevious100Blocks(BlockWeight))
To (proposed definition)
EffectiveMedianBlockWeight = min(max(300000, MedianOverPrevious100Blocks(BlockWeight)), 50*LongTermEffectiveMedianBlockWeight)
Notes:
1) There are no other changes to the existing penalty formula, median calculation, fees etc.
2) There is the requirement to store the LongTermBlockWeight of a block unencrypted in the block itself. This is to avoid possible consensus issues over rounding and also to prevent the calculations from becoming unwieldy as we move away from the fork.
3) When the EffectiveMedianBlockWeight cap is reached it is still possible to mine blocks up to 2x the EffectiveMedianBlockWeight by paying the corresponding penalty.
Note: the long term block weight is stored in the database, but not in the actual block itself,
since it requires recalculating anyway for verification.
|
|
|
|
- Support for ".onion" in --add-exclusive-node and --add-peer
- Add --anonymizing-proxy for outbound Tor connections
- Add --anonymous-inbounds for inbound Tor connections
- Support for sharing ".onion" addresses over Tor connections
- Support for broadcasting transactions received over RPC exclusively
over Tor (else broadcast over public IP when Tor not enabled).
|
|
|
|
5ecc5cc7 added two tests for partial word and case tolerance in mnemonics (Paul Shapiro)
|
|
b6534c40 ringct: remove unused senderPk from ecdhTuple (moneromooo-monero)
7d375981 ringct: the commitment mask is now deterministic (moneromooo-monero)
99d946e6 ringct: encode 8 byte amount, saving 24 bytes per output (moneromooo-monero)
cdc3ccec ringct: save 3 bytes on bulletproof size (moneromooo-monero)
f931e16c add a bulletproof version, new bulletproof type, and rct config (moneromooo-monero)
|
|
This was an early ringct field, which was never used in production
|
|
saves space in the tx and is safe
Found by knaccc
|
|
Found by knaccc
|
|
This makes it easier to modify the bulletproof format
|
|
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
|
|
464097e5 blockchain_ancestry: allow getting ancestry of a single output (moneromooo-monero)
a6216d1a blockchain_db: allow getting output keys without commitment (moneromooo-monero)
|
|
Since the commitment has to be calculated for non rct outputs,
it slows down a lot unnecessarily if we don't need it
|
|
Number matching semantics are slightly changed: since this is used
as a filter to check whether a number is signed and/or floating
point, we can speed this up further. strto* functions are called
afterwards and will error out where necessary. We now also accept
numbers like .4 which were not accepted before.
The strto* calls on a boost::string_ref will not access unallocated
memory since the parsers always stop at the first bad character,
and the original string is zero terminated.
in arbitrary time measurement units for some arbitrary test case:
match_number2: 235 -> 70
match_word2: 330 -> 108
|
|
008647d7 blockchain_db: speedup tx output gathering (moneromooo-monero)
|
|
85665003 epee: better network buffer data structure (moneromooo-monero)
|
|
|
|
get_output_key method is commonly used when working with txs and their key images. Because the method is not const, passing blockchain object though const& or pointers to const is not possible in this context. This is especially problematic in external projects (e.g., projects in moneroexamples) that use monero C++ api to operate on the blockchain and txs.
Thus, having get_output_key method will simplify moving blockchain object around through const references and pointers to const objects.
|
|
570dd369 p2p: use vector instead of list for peer lists (moneromooo-monero)
|
|
1cfd6f1 unit_tests: strengthen notify test against OS scheduling (moneromooo-monero)
|
|
avoids pointless allocs and memcpy
|
|
We know all the data we'll want for getblocks.bin is contiguous
|
|
a48f2dab blockchain_prune_known_spent_data: blackball file is now optional (moneromooo-monero)
17b45725 Outputs where all amounts are known spent can now be pruned (moneromooo-monero)
|
|
3dba7f25 protocol: option to pad transaction relay to the next kB (moneromooo-monero)
|
|
|
|
|
|
3de7d52f unit_tests: fix malloc/delete mismatch (moneromooo-monero)
|
|
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
|
|
|
|
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
|
|
b36353e2 unit_tests: add some hex parsing test for non hex input (xiphon)
6671110c unit_tests: add a test for parse_hexstr_to_binbuff (moneromooo-monero)
f6187cd8 epee: speed up parse_hexstr_to_binbuff a little (Howard Chu)
|
|
80be2dca unit_tests: don't take the address of an unwrapped secret key (moneromooo-monero)
|