-
Notifications
You must be signed in to change notification settings - Fork 36.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for "exact send" with manual coin selection #354
Conversation
This patch introduces CWallet::CreateExactTransaction() function that works like CWallet::CreateTransaction(), but takes explicit list of prev_out transactions for sourcing the new transaction and fixed value of transaction fee. Furthermore, new RPC call 'sendexact' is introduced; it works like 'sendmany', but takes explicit list of transactions to use as coin sources, and explicit value of transaction fee. All outputs of the listed transactions that the account can claim are used to source coins; the output of the new transaction must be exactly the same amount, the user is responsible for dealing with any change. The user is also responsible for setting the transaction fee to such a value that other nodes will relay the transaction. The point is to provide a low-level interface for making transactions without all the auto-guessing implicitly done by the client. My primary motivation is that I am a control freak and I want to have precise control over the addresses used as "sources" of my transactions. There are other applications too - even if more specific interfaces might be more suited to them, this interface makes them possible at all as the lowest common denominator. E.g. people who wish to be sure no transaction fees will be paid for their transaction can use this interface. Or people wishing to try out different coin selection algorithms (or when coin selection makes sense at the moment of transaction setup, e.g. in case of anonymizers). Q: Why use explicit transactions instead of addresses? A: In reality, you do not quite transfer money "from" an address. Address is just a token that proves you are authorized to claim a particular amount of bitcoins listed as one of outputs of some transaction. Specific use-cases might be simplified, but you would still be in hands of a fixed coin selection algorithm. You can use (somewhat laborously) listtransactions or external service to discover transactions that send money to a given address. Q: Why use account instead of explicit addresses? A: First, it is more consistent with the other "send" interfaces and the wallet organization. Second, I believe account is the right abstraction - as mentioned, address is just a token for claiming some bitcoins, but different kind of claim proofs might be used (e.g. the now-deprecated "send to IP address", or it could be possible to also specify password-protected coins). In the future, you could associate further methods of authentication with accounts, but addresses are limited. If you require a specific set of addresses to be used, you can set up an ad-hoc account. Q: What does that bit about "change" mean? A: If transaction input claims some output of a previous transaction, it must claim all the coins in the output. If you need to transfer smaller amount than that, you must specify what to do with the remaining amount (change). The built-in coin selection algorithm either sends them to a new address (for better anonymity) or returns them to the source address. Here, you are responsible for manually specifying the destiny of your remaining amount. Q: Can I be finally sure I pay only the TX fee I specify? A: Yes, the TX fee you specify is final. However, please note that if the new transaction is large (i.e. has many inputs and outputs) or transfers too small amount and you do not offer any TX fee, it may not be accepted by any other nodes. Note that this is more serious than not being included in a block - you could just wait longer for a benevolent miner. In these circumstances, your transaction is not likely to even *reach* a mining node because the P2P network will not relay it.
This feels like the wrong level of abstraction to me. If you want this level of control, then an even lower-level interface seems like the way to go-- something like "here's a transaction, please sign it and broadcast it if it is valid (return txid if it is a valid transaction, error if not)". I also don't like all the duplicated code in CreateTransaction/CreateExactTransaction, it may make bug fixing any problems in send or supporting new transaction types like 3-party escrows harder. Finally, what is the TxIn syntax? Just txid? What happens if you point this at a send-to-self or a receive-many where you own more than one TxOut of a previous transaction? |
Thanks for the feedback! I'm not sure about your suggestion of providing a raw transaction. I aim at something that is suitable for automated use, but at the same time users can still realistically use manually. It is not clear what exactly do you mean by "here's a transaction" - would you like something like, say:
There is a couple of questions here:
I'm all for switching to explicit n-form for inputs, but how to integrate this with the account system then? Currently, each transaction has single strFromAccount. Should the user still specify the account and the input amount just gets subtracted from that account's balance and it's the user's responsibility to sort out the account balance? I agree that the duplicated code is bad. I was a bit shy to do large changes in CreateTransaction(), but I will refactor this part of code and I agree it will make the code better. I just want to agree on the final way to select inputs first. |
By the way, thinking things through more, now I think that sendtxfee/paytxfee should not be imposed on these transactions (our goal is still creating transaction only based on pubkeys stored in our wallet, but no extra client automagic), but creating unrelayable transactions still should not be allowed. Does that make sense? In line with that, AIUI I should check against nMinFee but not nPayFee? |
When I say "here's a transaction, please sign it (if you need to) and send it" I'm imagining you hand it the serialized hex version of a transaction (with all-zeros placeholders for the ECDSA signatures). Really extremely low-level. My thinking is that a very-low-level routine like that might be the path to all sorts of interesting functionality, including things like escrow transactions where some of the transaction signing is done outside the p2p network. But I haven't thought about this terribly hard, and, frankly, the high priorities right now are NOT new features like this but scalability and security. |
Ok, I agree that such a command would open other interesting I will do the modifications I outlined before and re-submit, you guys |
Closing; specifying precise coin flow just isn't a high priority. Also, new RPC commands should be discussed on the mailing list or forum. |
b14e642 Merge commit 'a2fb086d07b7dbd9c4a59fe57646bd465841edd5' into merge_variablefilesize a2fb086 Add option for max file size. The currend hard-coded value of 2M is inefficient in colossus. 1913d71 Merge upstream LevelDB 1.19 3080a45 Increase leveldb version to 1.19. fa6dc01 A zippy change broke test assumptions about the size of compressed output. Fix the tests by allowing more slop in zippy's behavior. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=123432472 06a191b fix problems in LevelDB's caching code a7bff69 Fix LevelDB build when asserts are enabled in release builds. (bitcoin#367) ea992b4 Change std::uint64_t to uint64_t (bitcoin#354) e84b5bd This CL fixes a bug encountered when reading records from leveldb files that have been split, as in a [] input task split. 3211343 Deleted redundant null ptr check prior to delete. 7306ef8 Merge pull request bitcoin#348 from randomascii/master 6b18316 Fix signed/unsigned mismatch on VC++ builds adbe3eb Putting build artifacts in subdirectory. 2d0320a Merge pull request bitcoin#329 from ralphtheninja/travis-badge dd1c3c3 add travis build badge 43fcf23 Merge pull request bitcoin#328 from cmumford/master 9fcae61 Added a Travis CI build file. dac40d2 Merge pull request bitcoin#284 from ideawu/master 8ec241a Merge pull request bitcoin#317 from falvojr/patch-1 5d36bed Merge pull request bitcoin#272 from vapier/master 4753c9b Added a contributors section to README.md e2446d0 Merge pull request bitcoin#275 from paulirish/patch-1 706b7f8 Resolve race when getting approximate-memory-usage property 3c9ff3c Only compiling TrimSpace on linux. f8d205c Including atomic_pointer.h in port_posix 889de31 Let LevelDB use xcrun to determine Xcode.app path instead of using a hardcoded path. 528c2bc Add "approximate-memory-usage" property to leveldb::DB::GetProperty 359b6bc Add leveldb::Cache::Prune 50e77a8 Fix size_t/int comparison/conversion issues in leveldb. 5208e79 Added leveldb::Status::IsInvalidArgument() method. ce45404 Suppress error reporting after seeking but before a valid First or Full record is encountered. b9afa1f include <assert> -> <cassert> edf2939 Update README.md 65190ac Will not reuse manifest if reuse_logs options is false. ac1d69d LevelDB now attempts to reuse the preceding MANIFEST and log file when re-opened. 76bba13 fix indent 8fcceb2 log compaction output file's level along with number 0e0f074 documentation. improved link c85addc readme: improved documentation link ceff6f1 Fix Android/MIPS build. 77948e7 Add benchmark that measures cost of repeatedly opening the database. 34ad72e Move header guard below copyright banner. a75d435 Clean up layering of storage/leveldb/... b234f65 Added a new fault injection test. c4c38f9 Add arm64 support to leveldb. cea9b10 Fixed incorrect comment wording for Iterator::Seek. c00c569 Deleted old README file. git-subtree-dir: src/leveldb git-subtree-split: b14e64250dfd37d25d379000eae34ff8cbe2a332
a31c8aa Add NewAppendableFile for win32 environment 1913d71 Merge upstream LevelDB 1.19 3080a45 Increase leveldb version to 1.19. fa6dc01 A zippy change broke test assumptions about the size of compressed output. Fix the tests by allowing more slop in zippy's behavior. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=123432472 06a191b fix problems in LevelDB's caching code a7bff69 Fix LevelDB build when asserts are enabled in release builds. (bitcoin#367) ea992b4 Change std::uint64_t to uint64_t (bitcoin#354) e84b5bd This CL fixes a bug encountered when reading records from leveldb files that have been split, as in a [] input task split. 3211343 Deleted redundant null ptr check prior to delete. 7306ef8 Merge pull request bitcoin#348 from randomascii/master 6b18316 Fix signed/unsigned mismatch on VC++ builds adbe3eb Putting build artifacts in subdirectory. 2d0320a Merge pull request bitcoin#329 from ralphtheninja/travis-badge dd1c3c3 add travis build badge 43fcf23 Merge pull request bitcoin#328 from cmumford/master 9fcae61 Added a Travis CI build file. dac40d2 Merge pull request bitcoin#284 from ideawu/master 8ec241a Merge pull request bitcoin#317 from falvojr/patch-1 5d36bed Merge pull request bitcoin#272 from vapier/master 4753c9b Added a contributors section to README.md e2446d0 Merge pull request bitcoin#275 from paulirish/patch-1 706b7f8 Resolve race when getting approximate-memory-usage property 3c9ff3c Only compiling TrimSpace on linux. f8d205c Including atomic_pointer.h in port_posix 889de31 Let LevelDB use xcrun to determine Xcode.app path instead of using a hardcoded path. 528c2bc Add "approximate-memory-usage" property to leveldb::DB::GetProperty 359b6bc Add leveldb::Cache::Prune 50e77a8 Fix size_t/int comparison/conversion issues in leveldb. 5208e79 Added leveldb::Status::IsInvalidArgument() method. ce45404 Suppress error reporting after seeking but before a valid First or Full record is encountered. b9afa1f include <assert> -> <cassert> edf2939 Update README.md 65190ac Will not reuse manifest if reuse_logs options is false. ac1d69d LevelDB now attempts to reuse the preceding MANIFEST and log file when re-opened. 76bba13 fix indent 8fcceb2 log compaction output file's level along with number 0e0f074 documentation. improved link c85addc readme: improved documentation link ceff6f1 Fix Android/MIPS build. 77948e7 Add benchmark that measures cost of repeatedly opening the database. 34ad72e Move header guard below copyright banner. a75d435 Clean up layering of storage/leveldb/... b234f65 Added a new fault injection test. c4c38f9 Add arm64 support to leveldb. cea9b10 Fixed incorrect comment wording for Iterator::Seek. c00c569 Deleted old README file. git-subtree-dir: src/leveldb git-subtree-split: a31c8aa
[Doc] Add release notes for BU ver 1.0.1
Qt wallet bugs and changes
1086fda Merge bitcoin#354: [ECDH API change] Support custom hash function 1e6f1f5 Merge bitcoin#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case git-subtree-dir: src/secp256k1 git-subtree-split: 1086fda
ee99f12 Merge bitcoin#599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93 Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee Merge bitcoin#597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 8348386 Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154 Merge bitcoin#568: Fix integer overflow in ecmult_multi_var when n is large 2277af5 Fix integer overflow in ecmult_multi_var when n is large 85d0e1b Merge bitcoin#591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 1419637 Merge bitcoin#580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82 Add trivial ecmult_multi to the benchmark tool bade617 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13 Merge bitcoin#584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869 Merge bitcoin#516: improvements to random seed in src/tests.c b76e45d Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977 Merge bitcoin#562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d Fixup for C90 mixed declarations. c71dd2c Merge bitcoin#509: Fix algorithm selection in bench_ecmult 6492bf8 Merge bitcoin#518: Summarize build options after running configure 0e9ada1 Merge bitcoin#567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a Merge bitcoin#587: Make randomization of a non-signing context a noop 58df8d0 Merge bitcoin#511: Portability fix for the configure scripts generated 2ebdad7 Merge bitcoin#552: Make constants static: 1c131af Merge bitcoin#551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f8 Merge bitcoin#539: Assorted minor corrections 949e85b Merge bitcoin#550: Optimize secp256k1_fe_normalize_weak calls. a34bcaa Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4ce configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a Merge bitcoin#579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375 Make randomization of a non-signing context a noop c663397 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb3 Merge bitcoin#557: Eliminate scratch memory used when generating contexts b3bf5f9 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f Store z-ratios in the 'x' coord they'll recover ffd3b34 add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740ac ecmult_impl: save one fe_inv_var 4704527 ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d Merge bitcoin#553: add static context object which has no capabilities 89a20a8 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda Merge bitcoin#354: [ECDH API change] Support custom hash function d3cb1f9 Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde61 prevent attempts to modify `secp256k1_context_no_precomp` ed7c084 add static context object which has no capabilities 496c5b4 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96f clean dependendies in field_*_impl.h deff5ed Correct math typos in field_*.h 4efb3f8 Add check that restrict pointers don't alias with all parameters. 1e6f1f5 Merge bitcoin#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case 452d8e4 Merge bitcoin#523: scratch: add stack frame support 6fe5043 scratch: add stack frame support 9bc2e26 Merge bitcoin#522: parameterize ecmult_const over input size 7c1b91b parameterize ecmult_const over input size dbc3ddd Merge bitcoin#513: Increase sparsity of pippenger fixed window naf representation 3965027 Summarize build options in configure script 0f05173 Fix algorithm selection in bench_ecmult fb9271d Merge bitcoin#510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f602 Merge bitcoin#515: Fix typo 09146ae Merge bitcoin#512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3 Don't touch leading zeros in wnaf_fixed. 9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c fix bug in fread() failure check cddef0c tests: add warning message when /dev/urandom fails 9b7c47a Fix typo 6dbb007 Increase sparsity of pippenger fixed window naf representation 1646ace secp256k1_ec_privkey_negate - fix documentation 270f6c8 Portability fix for the configure scripts generated 9b3ff03 add a couple missing `const`s to ecmult_pippenger_wnaf cd329db Merge bitcoin#460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1 Merge bitcoin#498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d Merge bitcoin#499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d Merge bitcoin#472: [build] Set --enable-jni to no by default instead of auto. d333521 Merge bitcoin#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5 Merge bitcoin#495: Add bench_ecmult to .gitignore 82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5 Avoid calling fclose(...) with an invalid argument cb32940 Add bench_ecmult to .gitignore 31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1 Merge bitcoin#487: fix tests typo, s/changed/unchanged fb46c83 Merge bitcoin#463: Reduce usage of hardcoded size constants 02f5001 Merge bitcoin#490: Disambiguate bench functions and types 1f46d60 Disambiguate bench functions and types f54c6c5 Merge bitcoin#480: Enable benchmark building by default c77fc08 Merge bitcoin#486: Add pippenger_wnaf for multi-multiplication d2f9c6b Use more precise pippenger bucket windows 4c950bb Save some additions per window in _pippenger_wnaf a58f543 Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9 Use scratch space dependent batching in ecmult_multi 355a38f Add pippenger_wnaf ecmult_multi bc65aa7 Add bench_ecmult dba5471 Add ecmult_multi tests 8c1c831 Generalize Strauss to support multiple points 548de42 add resizeable scratch space API 0e96cdc fix typo, s/changed/unchanged c7680e5 Reduce usage of hardcoded size constants 6ad5cdb Merge bitcoin#479: Get rid of reserved _t in type names 7a78f60 Print whether we're building benchmarks 4afec9f Build benchmarks by default d1dc9df Get rid of reserved _t in type names 57752d2 [build] Set --enable-jni to no by default instead of auto. e7daa9b [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: ee99f12
b19c000 Merge bitcoin#607: Use size_t shifts when computing a size_t 4d01bc2 Merge bitcoin#606: travis: Remove unused sudo:false e6d01e9 Use size_t shifts when computing a size_t 7667532 travis: Remove unused sudo:false ee99f12 Merge bitcoin#599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93 Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee Merge bitcoin#597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 8348386 Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154 Merge bitcoin#568: Fix integer overflow in ecmult_multi_var when n is large 2277af5 Fix integer overflow in ecmult_multi_var when n is large 85d0e1b Merge bitcoin#591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 1419637 Merge bitcoin#580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82 Add trivial ecmult_multi to the benchmark tool bade617 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13 Merge bitcoin#584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869 Merge bitcoin#516: improvements to random seed in src/tests.c b76e45d Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977 Merge bitcoin#562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d Fixup for C90 mixed declarations. c71dd2c Merge bitcoin#509: Fix algorithm selection in bench_ecmult 6492bf8 Merge bitcoin#518: Summarize build options after running configure 0e9ada1 Merge bitcoin#567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a Merge bitcoin#587: Make randomization of a non-signing context a noop 58df8d0 Merge bitcoin#511: Portability fix for the configure scripts generated 2ebdad7 Merge bitcoin#552: Make constants static: 1c131af Merge bitcoin#551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f8 Merge bitcoin#539: Assorted minor corrections 949e85b Merge bitcoin#550: Optimize secp256k1_fe_normalize_weak calls. a34bcaa Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4ce configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a Merge bitcoin#579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375 Make randomization of a non-signing context a noop c663397 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb3 Merge bitcoin#557: Eliminate scratch memory used when generating contexts b3bf5f9 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f Store z-ratios in the 'x' coord they'll recover ffd3b34 add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740ac ecmult_impl: save one fe_inv_var 4704527 ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d Merge bitcoin#553: add static context object which has no capabilities 89a20a8 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda Merge bitcoin#354: [ECDH API change] Support custom hash function d3cb1f9 Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde61 prevent attempts to modify `secp256k1_context_no_precomp` ed7c084 add static context object which has no capabilities 496c5b4 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96f clean dependendies in field_*_impl.h deff5ed Correct math typos in field_*.h 4efb3f8 Add check that restrict pointers don't alias with all parameters. 1e6f1f5 Merge bitcoin#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case 452d8e4 Merge bitcoin#523: scratch: add stack frame support 6fe5043 scratch: add stack frame support 9bc2e26 Merge bitcoin#522: parameterize ecmult_const over input size 7c1b91b parameterize ecmult_const over input size dbc3ddd Merge bitcoin#513: Increase sparsity of pippenger fixed window naf representation 3965027 Summarize build options in configure script 0f05173 Fix algorithm selection in bench_ecmult fb9271d Merge bitcoin#510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f602 Merge bitcoin#515: Fix typo 09146ae Merge bitcoin#512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3 Don't touch leading zeros in wnaf_fixed. 9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c fix bug in fread() failure check cddef0c tests: add warning message when /dev/urandom fails 9b7c47a Fix typo 6dbb007 Increase sparsity of pippenger fixed window naf representation 1646ace secp256k1_ec_privkey_negate - fix documentation 270f6c8 Portability fix for the configure scripts generated 9b3ff03 add a couple missing `const`s to ecmult_pippenger_wnaf cd329db Merge bitcoin#460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1 Merge bitcoin#498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d Merge bitcoin#499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d Merge bitcoin#472: [build] Set --enable-jni to no by default instead of auto. d333521 Merge bitcoin#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5 Merge bitcoin#495: Add bench_ecmult to .gitignore 82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5 Avoid calling fclose(...) with an invalid argument cb32940 Add bench_ecmult to .gitignore 31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1 Merge bitcoin#487: fix tests typo, s/changed/unchanged fb46c83 Merge bitcoin#463: Reduce usage of hardcoded size constants 02f5001 Merge bitcoin#490: Disambiguate bench functions and types 1f46d60 Disambiguate bench functions and types f54c6c5 Merge bitcoin#480: Enable benchmark building by default c77fc08 Merge bitcoin#486: Add pippenger_wnaf for multi-multiplication d2f9c6b Use more precise pippenger bucket windows 4c950bb Save some additions per window in _pippenger_wnaf a58f543 Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9 Use scratch space dependent batching in ecmult_multi 355a38f Add pippenger_wnaf ecmult_multi bc65aa7 Add bench_ecmult dba5471 Add ecmult_multi tests 8c1c831 Generalize Strauss to support multiple points 548de42 add resizeable scratch space API 0e96cdc fix typo, s/changed/unchanged c7680e5 Reduce usage of hardcoded size constants 6ad5cdb Merge bitcoin#479: Get rid of reserved _t in type names 7a78f60 Print whether we're building benchmarks 4afec9f Build benchmarks by default d1dc9df Get rid of reserved _t in type names 57752d2 [build] Set --enable-jni to no by default instead of auto. e7daa9b [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000
b19c000 Merge bitcoin#607: Use size_t shifts when computing a size_t 4d01bc2 Merge bitcoin#606: travis: Remove unused sudo:false e6d01e9 Use size_t shifts when computing a size_t 7667532 travis: Remove unused sudo:false ee99f12 Merge bitcoin#599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93 Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee Merge bitcoin#597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 8348386 Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154 Merge bitcoin#568: Fix integer overflow in ecmult_multi_var when n is large 2277af5 Fix integer overflow in ecmult_multi_var when n is large 85d0e1b Merge bitcoin#591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 1419637 Merge bitcoin#580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82 Add trivial ecmult_multi to the benchmark tool bade617 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13 Merge bitcoin#584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869 Merge bitcoin#516: improvements to random seed in src/tests.c b76e45d Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977 Merge bitcoin#562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d Fixup for C90 mixed declarations. c71dd2c Merge bitcoin#509: Fix algorithm selection in bench_ecmult 6492bf8 Merge bitcoin#518: Summarize build options after running configure 0e9ada1 Merge bitcoin#567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a Merge bitcoin#587: Make randomization of a non-signing context a noop 58df8d0 Merge bitcoin#511: Portability fix for the configure scripts generated 2ebdad7 Merge bitcoin#552: Make constants static: 1c131af Merge bitcoin#551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f8 Merge bitcoin#539: Assorted minor corrections 949e85b Merge bitcoin#550: Optimize secp256k1_fe_normalize_weak calls. a34bcaa Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4ce configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a Merge bitcoin#579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375 Make randomization of a non-signing context a noop c663397 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb3 Merge bitcoin#557: Eliminate scratch memory used when generating contexts b3bf5f9 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f Store z-ratios in the 'x' coord they'll recover ffd3b34 add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740ac ecmult_impl: save one fe_inv_var 4704527 ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d Merge bitcoin#553: add static context object which has no capabilities 89a20a8 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda Merge bitcoin#354: [ECDH API change] Support custom hash function d3cb1f9 Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde61 prevent attempts to modify `secp256k1_context_no_precomp` ed7c084 add static context object which has no capabilities 496c5b4 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96f clean dependendies in field_*_impl.h deff5ed Correct math typos in field_*.h 4efb3f8 Add check that restrict pointers don't alias with all parameters. 1e6f1f5 Merge bitcoin#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case 452d8e4 Merge bitcoin#523: scratch: add stack frame support 6fe5043 scratch: add stack frame support 9bc2e26 Merge bitcoin#522: parameterize ecmult_const over input size 7c1b91b parameterize ecmult_const over input size dbc3ddd Merge bitcoin#513: Increase sparsity of pippenger fixed window naf representation 3965027 Summarize build options in configure script 0f05173 Fix algorithm selection in bench_ecmult fb9271d Merge bitcoin#510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f602 Merge bitcoin#515: Fix typo 09146ae Merge bitcoin#512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3 Don't touch leading zeros in wnaf_fixed. 9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c fix bug in fread() failure check cddef0c tests: add warning message when /dev/urandom fails 9b7c47a Fix typo 6dbb007 Increase sparsity of pippenger fixed window naf representation 1646ace secp256k1_ec_privkey_negate - fix documentation 270f6c8 Portability fix for the configure scripts generated 9b3ff03 add a couple missing `const`s to ecmult_pippenger_wnaf cd329db Merge bitcoin#460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1 Merge bitcoin#498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d Merge bitcoin#499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d Merge bitcoin#472: [build] Set --enable-jni to no by default instead of auto. d333521 Merge bitcoin#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5 Merge bitcoin#495: Add bench_ecmult to .gitignore 82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5 Avoid calling fclose(...) with an invalid argument cb32940 Add bench_ecmult to .gitignore 31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1 Merge bitcoin#487: fix tests typo, s/changed/unchanged fb46c83 Merge bitcoin#463: Reduce usage of hardcoded size constants 02f5001 Merge bitcoin#490: Disambiguate bench functions and types 1f46d60 Disambiguate bench functions and types f54c6c5 Merge bitcoin#480: Enable benchmark building by default c77fc08 Merge bitcoin#486: Add pippenger_wnaf for multi-multiplication d2f9c6b Use more precise pippenger bucket windows 4c950bb Save some additions per window in _pippenger_wnaf a58f543 Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9 Use scratch space dependent batching in ecmult_multi 355a38f Add pippenger_wnaf ecmult_multi bc65aa7 Add bench_ecmult dba5471 Add ecmult_multi tests 8c1c831 Generalize Strauss to support multiple points 548de42 add resizeable scratch space API 0e96cdc fix typo, s/changed/unchanged c7680e5 Reduce usage of hardcoded size constants 6ad5cdb Merge bitcoin#479: Get rid of reserved _t in type names 7a78f60 Print whether we're building benchmarks 4afec9f Build benchmarks by default d1dc9df Get rid of reserved _t in type names 57752d2 [build] Set --enable-jni to no by default instead of auto. e7daa9b [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000
c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function (Kirill Fomichev) b00be65 [ECDH API change] Support custom hash function (Kirill Fomichev) Pull request description: Solve bitcoin#352 Tree-SHA512: f5985874d03e976cdb3d59036af7720636ad1488da40fd3bd7881b1fb71b05036a952013d519baa84c4ce4b558bdef25c4ce76b384b297e4d0aece9e37e78a01
53ad841 Add explanation about how BIP32 unhardened derivation can be used to simplify whitelisting 71c5fe0 Add comment to explain effect of max_n_iterations in surjectionproof_init 85fd42f add unit test for generator and pedersen commitment roundtripping 2ccf885 rangeproof: fix serialization of pedersen commintments 60c173b rangeproof: verify correctness of pedersen commitments when parsing 32d7526 generator: verify correctness of point when parsing ae14e8a rangeproof: check that points deserialize correctly when verifying rangeproof 44fe43d rangeproof: add fixed vector test case e065d7d Expose generator in shared library fb1ba32 fix spelling in documentation fb75faa Test for rejection of trailing bytes in range proofs 9b2cf17 Test for rejection of trailing bytes in surjection proofs a3a1800 Reject surjection proofs with trailing garbage 0c77ae9 Minor bugfix. Wrong length due to NUL character. b1f31bc Add whitelisting benchmark 52a9f8f add whitelist_impl.h to include for dist a707865 generator: add API tests ec1ef04 generator: remove unnecessary ARG_CHECK from generate() b0e9aa8 Fix generator makefile 526c654 Fix pedersen_blind_generator_blind_sum return value documentation b51886e Add n_keys argument to whitelist_verify 37c57de Fix checks of whitelist serialize/parse arguments 9b8a9d9 whitelist: fix serialize/parse API to take serialized length 7f17515 Fix include/secp256k1_rangeproof.h function argument documentation. 0d81702 rangeproof: add API tests 417bb06 surjectionproof: rename unit test functions to be more consistent with other modules 1e2d5c1 surjectionproof: add API unit tests 7878a29 surjectionproof: tests_impl.h s/assert/CHECK/g e609591 rangeproof: fix memory leak in unit tests 0c17f79 add surjection proof module c174f0c Implement ring-signature based whitelist delegation scheme a2bc660 rangeproof: several API changes 21bfb3c Expose generator in pedersen/rangeproof API f4620de Constant-time generator module d46fc3c rangeproof: expose sidechannel message field in the signing API cf40b1b [RANGEPROOF BREAK] Use quadratic residue for tie break and modularity cleanup 6d28767 Get rid of precomputed H tables (Pieter Wuille) ae1e576 Pedersen commitments, borromean ring signatures, and ZK range proofs. efc61dc Add 64-bit integer utilities e34ceb3 Merge bitcoin#557: Eliminate scratch memory used when generating contexts b3bf5f9 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f Store z-ratios in the 'x' coord they'll recover ffd3b34 add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740ac ecmult_impl: save one fe_inv_var 4704527 ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d Merge bitcoin#553: add static context object which has no capabilities 1086fda Merge bitcoin#354: [ECDH API change] Support custom hash function 40fde61 prevent attempts to modify `secp256k1_context_no_precomp` ed7c084 add static context object which has no capabilities 1e6f1f5 Merge bitcoin#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case 452d8e4 Merge bitcoin#523: scratch: add stack frame support 6fe5043 scratch: add stack frame support 9bc2e26 Merge bitcoin#522: parameterize ecmult_const over input size 7c1b91b parameterize ecmult_const over input size dbc3ddd Merge bitcoin#513: Increase sparsity of pippenger fixed window naf representation fb9271d Merge bitcoin#510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f602 Merge bitcoin#515: Fix typo 09146ae Merge bitcoin#512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3 Don't touch leading zeros in wnaf_fixed. 9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 9b7c47a Fix typo 6dbb007 Increase sparsity of pippenger fixed window naf representation 1646ace secp256k1_ec_privkey_negate - fix documentation 9b3ff03 add a couple missing `const`s to ecmult_pippenger_wnaf cd329db Merge bitcoin#460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1 Merge bitcoin#498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d Merge bitcoin#499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d Merge bitcoin#472: [build] Set --enable-jni to no by default instead of auto. d333521 Merge bitcoin#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5 Merge bitcoin#495: Add bench_ecmult to .gitignore 82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5 Avoid calling fclose(...) with an invalid argument cb32940 Add bench_ecmult to .gitignore 31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1 Merge bitcoin#487: fix tests typo, s/changed/unchanged fb46c83 Merge bitcoin#463: Reduce usage of hardcoded size constants 02f5001 Merge bitcoin#490: Disambiguate bench functions and types 1f46d60 Disambiguate bench functions and types f54c6c5 Merge bitcoin#480: Enable benchmark building by default c77fc08 Merge bitcoin#486: Add pippenger_wnaf for multi-multiplication d2f9c6b Use more precise pippenger bucket windows 4c950bb Save some additions per window in _pippenger_wnaf a58f543 Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9 Use scratch space dependent batching in ecmult_multi 355a38f Add pippenger_wnaf ecmult_multi bc65aa7 Add bench_ecmult dba5471 Add ecmult_multi tests 8c1c831 Generalize Strauss to support multiple points 548de42 add resizeable scratch space API 0e96cdc fix typo, s/changed/unchanged c7680e5 Reduce usage of hardcoded size constants 6ad5cdb Merge bitcoin#479: Get rid of reserved _t in type names 7a78f60 Print whether we're building benchmarks 4afec9f Build benchmarks by default d1dc9df Get rid of reserved _t in type names 57752d2 [build] Set --enable-jni to no by default instead of auto. e7daa9b [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: 53ad841cafa3bcb94b65409aec91fd7043533cf7
Multisig fix for bitcoin#347
(cherry picked from commit c4e6041)
…names ac4bd9c rpc: Amend copyright notice in names.cpp (yanmaani) 9d333c1 doc: Add release notes for PR bitcoin#354 (yanmaani) fd5987a rpc: Change default value of allow_expired to false (yanmaani) bac4eff test: Make name tests explicitly set -allowexpired parameter (yanmaani) ffa06a6 test: Add functional test for allow_expired options and parameters (yanmaani) 36bdf42 cli: Add parameter -allowexpired for whether to allow expired names by default (yanmaani) 866dafd rpc: Make name_show take option for whether to error on expired names (yanmaani) 3915272 rpc: Let name_show error for expired names (disabled by default) (yanmaani) Pull request description: This set of changes makes `name_show` throw an error for expired names. This behavior can be overridden by setting the `allowExpired` RPC option to true, or by using the `-allowexpired` command-line parameter. This behavior is discussed in issue bitcoin#194. Top commit has no ACKs. Tree-SHA512: 8e41f54f32b1aaf180d410526f2442d261d9861b9a194dbb25feb3ea3eb7ec4748e4be669a12a32ec9ad0ead4c7b4129ab35dd08e635bc578ac2e81a2ae180c4
Node client chapter corrections
These commits introduce CWallet::CreateExactTransaction() function that
works like CWallet::CreateTransaction(), but takes explicit list of
prev_out transactions for sourcing the new transaction and fixed value
of transaction fee.
Furthermore, new RPC call 'sendexact' is introduced; it works like
'sendmany', but takes explicit list of transactions to use as coin
sources, and explicit value of transaction fee.
All outputs of the listed transactions that the account can claim are
used to source coins; the output of the new transaction must be exactly
the same amount, the user is responsible for dealing with any change.
The user is also responsible for setting the transaction fee to such
a value that other nodes will relay the transaction.
The point is to provide a low-level interface for making transactions
without all the auto-guessing implicitly done by the client. My primary
motivation is that I am a control freak and I want to have precise
control over the addresses used as "sources" of my transactions.
There are other applications too - even if more specific interfaces
might be more suited to them, this interface makes them possible at all
as the lowest common denominator. E.g. people who wish to be sure no
transaction fees will be paid for their transaction can use this
interface. Or people wishing to try out different coin selection
algorithms (or when coin selection makes sense at the moment of
transaction setup, e.g. in case of anonymizers).
Q: Why use explicit transactions instead of addresses?
A: In reality, you do not quite transfer money "from" an address.
Address is just a token that proves you are authorized to claim
a particular amount of bitcoins listed as one of outputs of some
transaction. Specific use-cases might be simplified, but you would
still be in hands of a fixed coin selection algorithm. You can use
(somewhat laborously) listtransactions or external service to discover
transactions that send money to a given address.
Q: Why use account instead of explicit addresses?
A: First, it is more consistent with the other "send" interfaces
and the wallet organization. Second, I believe account is the right
abstraction - as mentioned, address is just a token for claiming some
bitcoins, but different kind of claim proofs might be used (e.g. the
now-deprecated "send to IP address", or it could be possible to also
specify password-protected coins). In the future, you could associate
further methods of authentication with accounts, but addresses are
limited. If you require a specific set of addresses to be used, you can
set up an ad-hoc account.
Q: What does that bit about "change" mean?
A: If transaction input claims some output of a previous transaction,
it must claim all the coins in the output. If you need to transfer
smaller amount than that, you must specify what to do with the
remaining amount (change). The built-in coin selection algorithm
either sends them to a new address (for better anonymity) or returns
them to the source address. Here, you are responsible for manually
specifying the destiny of your remaining amount.
Q: Can I be finally sure I pay only the TX fee I specify?
A: Yes, the TX fee you specify is final. However, please note that
if the new transaction is large (i.e. has many inputs and outputs)
or transfers too small amount and you do not offer any TX fee, it
may not be accepted by any other nodes. Note that this is more
serious than not being included in a block - you could just wait
longer for a benevolent miner. In these circumstances, your
transaction is not likely to even reach a mining node because
the P2P network will not relay it.
(If you like the feature, you can send donations to
19VF444umGxX76DZwPuWVMHpv7i84DHM1D.)