This also makes negative transaction versions non-standard.
This avoids an issue triggered in block 256818 where transactions with
negative version numbers were incorrectly serialized into the UTXO set.
On restart nodes detect the inconsistency and refuse to start so long as
a block with these transactions is inside the self-consistency check
window, logging "coin database inconsistencies found". The software
recommends reindexing, but reindexing does not correct the problem.
This should be fixed by changing the chainstate serialization, but
working around it seems harmless for now because the version is not
used by any network rule currently.
A patch free workaround is to start with -checklevel=2 which skips
the consistency checks, but the IsStandard change is important for
miners in order to protect unpatched nodes.
- prepend "Bitcoin-Qt" in front of debug.log entries, which come from Qt
- move DebugMessageHandler installation upwards to the event handler
installation, which fits much better
Correctly use the purpose of addresses that are added after the start
of the client. Addresses with purpose "refund" and "change" should not
be visible in the GUI. This is now handled correctly.
- extend PaymentServer with setOptionsModel() and rework initNetManager()
to make use of that
- fix all other places in the code to use display unit from options and no
hard-coded unit
There have been several incidents where mainnet experimentation with
raw transactions resulted in insane fees. This is hard to prevent
in the raw transaction api because the inputs may not be known.
Since sending doesn't work if the inputs aren't known, we can catch
it there.
This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
defaults and can be overridden with a bool at the rpc.
We're not seeing large reorgs that would justify waiting a large
amount past the rule required maturity, and the extra three
hours is just a nuisance. Take one more block to at least give
the 100th block time to propagate.
Seems it was forgotten about when IsPushOnly() and the unittests were
written. A particular oddity is that OP_RESERVED doesn't count towards
the >201 opcode limit unlike every other named opcode.
getblocktemplate only uses certain portions of the coinbase transaction,
notably ignoring the coinbase TX output entirely.
Use CreateNewBlock() rather than CreateNewBlockWithKey(), eliminating
the needless key passing.
Should be zero behavior changes.
With an encrypted wallet the GUI was prompting for a passphrase every time
the user requested a new address. This is unnecessary, increases the
exposure to keyboard sniffers, and discourages using fresh addresses for
every transaction.
Instead only prompt for a passphrase when the keypool runs out, also call
the new address function with the flag that prevents reuse.
Thanks to AlexNagy on IRC for pointing this out and who wouldn't take any
lip from a curmudgeonly developer and insisted on what he knew to be true.
WalletView:
- add new signal showNormalIfMinimized()
- emit the new signal in handleURI() to fix a bug, preventing the main
window to show up when using bitcoin: URIs
WalletStack:
- connect the showNormalIfMinimized() signal from WalletView with the
showNormalIfMinimized() slot in BitcoinGUI
- rework setCurrentWallet() to return a bool
- add check for valid walletModel in addWallet()
- add missing gui attribute initialisation in constructor
WalletFrame:
- remove unused or unneded class attributes gui and clientModel
- add a check for valid clientModel in setClientModel()
General:
- small code formatting changes
Add support for a Payment Protocol to Bitcoin-Qt.
Payment messages are protocol-buffer encoded and communicated over
http(s), so this adds a dependency on the Google protocol buffer
library, and requires Qt with OpenSSL support.
- move SelectParamsFromCommandLine() from init.cpp to bitcoin.cpp to allow
to use TestNet() for Bitcoin-Qt instead of GetBoolArg("-testnet", false)
- change order in bitcoind.cpp to match bitcoin.cpp functionality
- hamonize error message strings for missing datadir and failing
SelectParamsFromCommandLine() in bitcoin.cpp and bitcoind.cpp
- use TestNet() call in splashscreen.cpp
Straight refactor, so mapAddressBook stores a CAddressBookData
(which just contains a std::string) instead of a std::string.
Preparation for payment protocol work, which will add the notion
of refund addresses to the address book.
Replaces the validation check for "amount == 0" with an isDust check,
so very small output amounts are caught before the wallet
is unlocked, a transaction is created, etc.
- update translation master files
- include current translations from Transifex
- add several new languages
- fix a bug in bitcoin.qrc, which prevents some languages from beeing used
(wrong file extension .ts instead of .qm was used)
This reduces a peer's ability to attack network resources by
using a full bloom filter, but without reducing the usability
of bloom filters. It sets a default match everything filter
for peers and it generalizes a prior optimization to
cover more cases.
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)
The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.
This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
Fixes issue#2838; this is a tweaked version of pull#2845 that
should not leak the length of the password and is more generic,
in case we run into other situations where we need
timing-attack-resistant comparisons.