e18cb33e update checkpoints (Riccardo Spagni)
f1cdcba9 update checkpoints for point release (Riccardo Spagni)
ed273a88 bump version for point release (Riccardo Spagni)
6f859e43 cryptonote: make sure outPk setup always happens (moneromooo-monero)
3880bf39 cryptonote_protocol_handler.inl: remove span read just now that failed to pass some basic tests (stoffu)
da249fd5 cryptonote_protocol_handler.inl: fix return type mismatches (int vs bool) (stoffu)
e3c68b90 README.md: mention building deps with -fPIC for static builds (moneromooo-monero)
c1886155 unit_tests: fix build after get_output_didstribution signature change (moneromooo-monero)
82b05d50 Adding required library (dependency of boost::this_thread::sleep_for) (Gene Peters)
f9d0827b Fix broken interactive daemon 'limit' commands plus RPC calls (rbrunner7)
53a1962d epee: Drop deprecated Boost.Thread header (Jan Beich)
18c2f6e2 mlog: fix setting no logs (moneromooo-monero)
7346a59c Build: update miniupnp submodule (anonimal)
dad10775 Only log an error if fork version is higher AND is not known. (Thaer Khawaja)
ffeeefde speedup get_output_histogram for all amounts when min_count > 0 (moneromooo-monero)
2dae0f20 wallet2: add missing parameters to get_output_histogram (moneromooo-monero)
5bd7f760 import_multisig_info: fix sanity check crash in detach_blockchain (Mikhail Mitkevichl)
19e01378 Build: remove UPnP definition from snap (anonimal)
6b853980 Build: update CMake and p2p for in-tree miniupnp (anonimal)
859db52f CMake: update new location of in-tree miniupnpc (anonimal)
f21df05c Build: add miniupnp submodule (anonimal)
10685648 Build: remove in-tree miniupnpc (anonimal)
0b88fff3 simplewallet: fix help message of sign_transfer (stoffu)
f82c10dc WalletManagerImpl: reuse existing connection to daemon instead of reconnectivng every time (stoffu)
998c1461 daemon: read config file before reading any other args (stoffu)
f914df84 device: add a one off override keyword where appropriate (moneromooo-monero)
51b511be simplewallet: add version command (moneromooo-monero)
35d1269f daemon: add a version command (moneromooo-monero)
d8584fc8 util: log stack trace on crash (moneromooo-monero)
875c1cab wallet2: increase rpc timeout for get_output_distribution (moneromooo-monero)
70f23217 add top height to get_output_distribution, and cache it for rct (moneromooo-monero)
8c7363fb rpc: add missing perf timer for get_output_distribution (moneromooo-monero)
b5d6c723 wallet2: store subaddress lookahead settings (stoffu)
3367ed86 blockchain_blackball: fix build with CLANG 5 (moneromooo-monero)
94b899db Use 'boost' mutex instead of 'std' mutex (cslashm)
2c274e05 Fix sub-address tx scan. (cslashm)
73951cbd wallet2: request transactions in slices when scanning for known rings (moneromooo-monero)
25fe67e4 rpc: allow getting pruned blocks from gettransactions (moneromooo-monero)
08343aba tx_pool: fix loading with colliding key images (moneromooo-monero)
a9cc88ee common: make this build with unbound 1.4.20 (moneromooo-monero)
24acb66e wallet2: fix misc issues when the ringdb can't be initialized (moneromooo-monero)
0b26c4d5 wallet2: move segregation height to v7 (moneromooo-monero)
eecfb57d wallet: warn if not using the default ring size (moneromooo-monero)
aa5c2e01 simplewallet: warn about key reuse on startup (moneromooo-monero)
1e0958c0 wallet: fix default mixin (4 -> 6) (sneurlax)
0beb94f3 device: fix endianess dependence on subaddress secret key generation (moneromooo-monero)
11c933e1 fix lambda compile error on openbsd (moneromooo-monero)
c77d2bfa Add the possibility to export private view key for fast scan. (cslashm)
100b7bc1 Change mutex lock model to avoid dead lock and ensure locks are always released. (cslashm)
641dfc99 Automatic height setup when creating/restoring hw device. (cslashm)
dac3895a update block hashes for checkpoints.dat (Riccardo Spagni)
b1398fff core: fix use of uninitialised data (moneromooo-monero)
3880bf39 cryptonote_protocol_handler.inl: remove span read just now that failed to pass some basic tests (stoffu)
da249fd5 cryptonote_protocol_handler.inl: fix return type mismatches (int vs bool) (stoffu)
16b20229 cryptonote_protocol_handler.inl: remove span read just now that failed to pass some basic tests (stoffu)
409bf2d6 cryptonote_protocol_handler.inl: fix return type mismatches (int vs bool) (stoffu)
d003f07c speedup get_output_histogram for all amounts when min_count > 0 (moneromooo-monero)
df9d59ca wallet2: add missing parameters to get_output_histogram (moneromooo-monero)
7d0505c8 wallet2: increase rpc timeout for get_output_distribution (moneromooo-monero)
96370488 add top height to get_output_distribution, and cache it for rct (moneromooo-monero)
bc4d53be rpc: add missing perf timer for get_output_distribution (moneromooo-monero)
ffeeefde speedup get_output_histogram for all amounts when min_count > 0 (moneromooo-monero)
2dae0f20 wallet2: add missing parameters to get_output_histogram (moneromooo-monero)
In file included from src/cryptonote_basic/hardfork.cpp:33:
In file included from src/blockchain_db/blockchain_db.h:42:
In file included from src/cryptonote_basic/hardfork.h:31:
contrib/epee/include/syncobj.h:37:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from src/rpc/daemon_handler.cpp:29:
In file included from src/rpc/daemon_handler.h:36:
In file included from src/p2p/net_node.h:41:
In file included from contrib/epee/include/net/levin_server_cp2.h:32:
In file included from contrib/epee/include/net/abstract_tcp_server2.h:324:
contrib/epee/include/net/abstract_tcp_server2.inl:44:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp> // TODO
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
contrib/epee/include/math_helper.h: In member function 'bool epee::math_helper::average<val, default_base>::set_base()':
contrib/epee/include/syncobj.h:227:56: error: 'sleep_for' is not a member of 'boost::this_thread'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
contrib/epee/include/syncobj.h:227:56: note: suggested alternative: 'sleep'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
f21df05 was never supposed to be merged into the master branch.
fluffypony merged #3670 before #3668 was rebased and resolved.
Note: the cherry-picked commit hashes are now invalid because #3670
was merged before #3668 was rebased with the updated repo location.
875c1cab wallet2: increase rpc timeout for get_output_distribution (moneromooo-monero)
70f23217 add top height to get_output_distribution, and cache it for rct (moneromooo-monero)
8c7363fb rpc: add missing perf timer for get_output_distribution (moneromooo-monero)
Though we only need miniupnpc, rebasing and maintaining a miniupnpc-only
repo is unrealistic.
(cherry picked from commit 3c40eb768c292a4dec79d7dffd6685fd37940a2a)
In file included from src/cryptonote_basic/hardfork.cpp:33:
In file included from src/blockchain_db/blockchain_db.h:42:
In file included from src/cryptonote_basic/hardfork.h:31:
contrib/epee/include/syncobj.h:37:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from src/rpc/daemon_handler.cpp:29:
In file included from src/rpc/daemon_handler.h:36:
In file included from src/p2p/net_node.h:41:
In file included from contrib/epee/include/net/levin_server_cp2.h:32:
In file included from contrib/epee/include/net/abstract_tcp_server2.h:324:
contrib/epee/include/net/abstract_tcp_server2.inl:44:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp> // TODO
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
contrib/epee/include/math_helper.h: In member function 'bool epee::math_helper::average<val, default_base>::set_base()':
contrib/epee/include/syncobj.h:227:56: error: 'sleep_for' is not a member of 'boost::this_thread'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
contrib/epee/include/syncobj.h:227:56: note: suggested alternative: 'sleep'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
When additional keys was needed, the TX scan failed because the
derivation data was always recomputed with the main tx_key and not
the corresponding additional one.
Moreover this patch avoid perf decreasing when not using HW device.
73951cbd wallet2: request transactions in slices when scanning for known rings (moneromooo-monero)
25fe67e4 rpc: allow getting pruned blocks from gettransactions (moneromooo-monero)
58f66073 wallet2: request transactions in slices when scanning for known rings (moneromooo-monero)
2897c269 rpc: allow getting pruned blocks from gettransactions (moneromooo-monero)
c77d2bfa Add the possibility to export private view key for fast scan. (cslashm)
100b7bc1 Change mutex lock model to avoid dead lock and ensure locks are always released. (cslashm)
641dfc99 Automatic height setup when creating/restoring hw device. (cslashm)
eaa8bfe7 wallet2: set from_height of GET_OUTPUT_DISTRIBUTION correctly The previous expression (stoffu)
0a619f78 wallet2: enable the mitigation only after the fork height (stoffu)
A key image may be present more than once if all but one of the
txes spending that key image are coming from blocks. When loading
a txpool from storage, we must load the one that's not from a
block first to avoid rejection
A key image may be present more than once if all but one of the
txes spending that key image are coming from blocks. When loading
a txpool from storage, we must load the one that's not from a
block first to avoid rejection
When additional keys was needed, the TX scan failed because the
derivation data was always recomputed with the main tx_key and not
the corresponding additional one.
Moreover this patch avoid perf decreasing when not using HW device.
and get them pruned in find_and_save_rings, since it does not need
the pruned data in the first place.
Also set decode_to_json to false where missing, we don't need this
either.
and get them pruned in find_and_save_rings, since it does not need
the pruned data in the first place.
Also set decode_to_json to false where missing, we don't need this
either.
On client startup the device asks for authorization to export the private view key.
If user agree, the client hold the private view key allowing a fast blockchain scan.
If the user does not agree, the blockchain scan is fully done via the device.
When creating/restoring wallet, if --restore-height option is not used the current estimate
height is used for starting the scan. In other words it is assume we are creating a new account.
0f3ff8ce Add the possibility to export private view key for fast scan. (cslashm)
da5de484 Change mutex lock model to avoid dead lock and ensure locks are always released. (cslashm)
4c0545cc Automatic height setup when creating/restoring hw device. (cslashm)
On client startup the device asks for authorization to export the private view key.
If user agree, the client hold the private view key allowing a fast blockchain scan.
If the user does not agree, the blockchain scan is fully done via the device.
When creating/restoring wallet, if --restore-height option is not used the current estimate
height is used for starting the scan. In other words it is assume we are creating a new account.
eaa8bfe7 wallet2: set from_height of GET_OUTPUT_DISTRIBUTION correctly The previous expression (stoffu)
0a619f78 wallet2: enable the mitigation only after the fork height (stoffu)
changed wording in hard fork section because reasons. Added prospective slot of next hardfork to communicate that more are coming because it never stops.
its everywhere and all at the same time.
b86f1e5d Add command line option allowing to restrict the default sub-address lookahead in order to avoid so looooong time of set-up when creating a HW based wallet. (stoffu)
eac3a11e wallet: more user friendly print_ring (moneromooo-monero)
79853514 wallet2_api: add key reuse mitigations API (moneromooo-monero)
b057a21d wallet2_api: add ring api (moneromooo-monero)
d32ef7b0 ringdb: factor ring addition code (moneromooo-monero)
a7da8208 wallet2_api: add blackball api (moneromooo-monero)
2ab66ff1 liblmdb: install lmdb library for wallet2_api usage (stoffu)
504428ab ringdb: use the genesis block as a db name (moneromooo-monero)
b09e5181 wallet: add a set_ring command (moneromooo-monero)
0590f62a new blockchain_usage tool, reports on output usage (moneromooo-monero)
db10dd6d wallet: make ringdb an object with database state (moneromooo-monero)
df6fad4c blockchain_utilities: new blockchain_blackball tool (moneromooo-monero)
d29ea045 wallet: add an output blackball list to avoid using those in rings (moneromooo-monero)
18eaf194 wallet: key reuse mitigation options (moneromooo-monero)
5f146873 wallet: add shared ring database (moneromooo-monero)
41f727ce add RPC to get a histogram of outputs of a given amount (moneromooo-monero)
This will avoid careless forkers polluting the shared database
even if they make their own chain. They'll then automatically
start using another subdb, and any key-reusing fork of those
forks will reuse their subdbs.
It scans for known spent outputs and stores their public keys
in a database which can then be read by the wallet, which can
then avoid using those as fake outs in new transactions.
Usage: monero-blockchain-blackball db1 db2...
This uses the shared database in ~/.shared-ringdb
If a pre-fork output is spent on both Monero and attack chain,
any post-fork output can be deduced to be a fake output, thereby
decreasing the effective ring size.
The segregate-per-fork-outputs option, on by default, allows
selecting only pre-fork outputs in this case, so that the same
ring can be used when spending it on the other side, which does
not decrease the effective ring size.
This is intended to be SET when intending to spend Monero on the
attack fork, and to be UNSET if not intending to spend Monero
on the attack fork (since it leaks the fact that the output being
spent is pre-fork).
If the user is not certain yet whether they will spend pre-fork
outputs on a key reusing fork, the key-reuse-mitigation2 option
should be SET instead.
If you use this option and intend to spend Monero on both forks,
then spend real Monero first.
This maps key images to rings, so that different forks can reuse
the rings by key image. This avoids revealing the real inputs like
would happen if two forks spent the same outputs with different
rings. This database is meant to be shared with all Monero forks
which don't bother making a new chain, putting users' privacy at
risk in the process. It is placed in a shared data directory by
default ($HOME/.shared-ringdb on UNIX like systems). You may
use --shared-ringdb-dir to override this location, and should
then do so for all Monero forks for them to share the database.
a7266d6d wallet2+cli+rpc: eliminate redundant m_http_client from cli/rpc and delegate calls to wallet2 (stoffu)
71d18656 replace invoke_http_json("/json_rpc",...) with invoke_http_json_rpc("/json_rpc",methodname,...) to reduce boilerplate (stoffu)
4405e4fc wallet2: check_tx_key() shouldn't require hardware encryption (stoffu)
7dfa5e9e chacha: call prehashed version explicitly as generate_chacha_key_prehashed hash: add prehashed version cn_slow_hash_prehashed slow-hash: let cn_slow_hash take 4th parameter for deciding prehashed or not slow-hash: add support for prehashed version for the other 3 platforms (stoffu)
b2d23b18 crypto: revert odd namespace changes made in #3303 (stoffu)
8705beaf keypair::generate: always require hw::device to avoid possible mistake (stoffu)
27a196b1 device: untangle cyclic depenency (stoffu)
c9b38b47 device: made function prototypes consistent with pre-#3303 codebase (stoffu)
hash: add prehashed version cn_slow_hash_prehashed
slow-hash: let cn_slow_hash take 4th parameter for deciding prehashed or not
slow-hash: add support for prehashed version for the other 3 platforms
When #3303 was merged, a cyclic dependency chain was generated:
libdevice <- libcncrypto <- libringct <- libdevice
This was because libdevice needs access to a set of basic crypto operations
implemented in libringct such as scalarmultBase(), while libringct also needs
access to abstracted crypto operations implemented in libdevice such as
ecdhEncode(). To untangle this cyclic dependency chain, this patch splits libringct
into libringct_basic and libringct, where the basic crypto ops previously in
libringct are moved into libringct_basic. The cyclic dependency is now resolved
thanks to this separation:
libcncrypto <- libringct_basic <- libdevice <- libcryptonote_basic <- libringct
This eliminates the need for crypto_device.cpp and rctOps_device.cpp.
Also, many abstracted interfaces of hw::device such as encrypt_payment_id() and
get_subaddress_secret_key() were previously implemented in libcryptonote_basic
(cryptonote_format_utils.cpp) and were then called from hw::core::device_default,
which is odd because libdevice is supposed to be independent of libcryptonote_basic.
Therefore, those functions were moved to device_default.cpp.
91d97dd4 fuzz_tests: set small subaddress lookahead for speed (moneromooo-monero)
5f85cc7e wallet2: guard against overflowing of subaddress indices (moneromooo-monero)
* Removed the db package, as it is not required
* Added the libiconv package
* Updated the boost build instructions (added locale)
* Updated cppzmq to version 4.2.3 which does not require the symlink hack anymore
added missing hashes for boost patches
Fix the way the REAL mode is handle:
Let create_transactions_2 and create_transactions_from construct the vector of transactions.
Then iterate on it and resign.
We just need to add 'outs' list in the TX struct for that.
Fix default secret keys value when DEBUG_HWDEVICE mode is off
The magic value (00...00 for view key and FF..FF for spend key) was not correctly set
when DEBUG_HWDEVICE was off. Both was set to 00...00.
Add sub-address info in ABP map in order to correctly display destination sub-address on device
Fix DEBUG_HWDEVICE mode:
- Fix compilation errors.
- Fix control device init in ledger device.
- Add more log.
Fix sub addr control
Fix debug Info
Previously, a file containing the unencrypted Monero address was
created by default in the wallet's directory. This file might pose
as a privacy risk. The creation of this file is now opt-in and can
be enabled by providing
--create-address-file
In package mingw-w64-x86_64-icu, version 58.2-3, the names of static
library files were changed, which leads to changes in CMakeLists.txt as
needed for compiling for Windows.
- save the new keys file as FOO-watchonly.keys, not FOO.keys-watchonly
- catch any exception (eg, I/O errors) and error out
- print the new keys filename in simplewallet
e136bc6b tweaks to the monerov1 cryptonight algorithm (Lee Clagett)
d58c9ec9 slow-hash: optimized version (SChernykh)
608fd6f1 Monero Cryptonight variants, and add one for v7 (moneromooo-monero)
0e7ad2e2 Wallet API: generalize 'bool testnet' to 'NetworkType nettype' (stoffu)
af773211 Stagenet (stoffu)
cc9a0bee command_line: allow args to depend on more than one args (stoffu)
55f8d917 command_line::get_arg: remove 'required' for dependent args as they're always optional (stoffu)
450306a0 command line: allow has_arg to handle arg_descriptor<bool,false,true> #3318 (stoffu)
9f9e095a Use `genesis_tx` parameter in `generate_genesis_block`. #3261 (Jean Pierre Dudey)
* src/cryptnote_config.h: The constant `config::testnet::GENESIS_TX` was
changed to be the same as `config::GENESIS_TX` (the mainnet's transaction)
because the mainnet's transaction was being used for both networks.
* src/cryptonote_core/cryptonote_tx_utils.cpp: The `generate_genesis_block` function
was ignoring the `genesis_tx` parameter, and instead it was using the `config::GENESIS_TX`
constant. That's why the testnet genesis transaction was changed. Also five lines of unused
code were removed.
Signed-off-by: Jean Pierre Dudey <jeandudey@hotmail.com>
The basic approach it to delegate all sensitive data (master key, secret
ephemeral key, key derivation, ....) and related operations to the device.
As device has low memory, it does not keep itself the values
(except for view/spend keys) but once computed there are encrypted (with AES
are equivalent) and return back to monero-wallet-cli. When they need to be
manipulated by the device, they are decrypted on receive.
Moreover, using the client for storing the value in encrypted form limits
the modification in the client code. Those values are transfered from one
C-structure to another one as previously.
The code modification has been done with the wishes to be open to any
other hardware wallet. To achieve that a C++ class hw::Device has been
introduced. Two initial implementations are provided: the "default", which
remaps all calls to initial Monero code, and the "Ledger", which delegates
all calls to Ledger device.
Boost does not use Sourceforge anymore. Instead, their download links
point to dl.bintray.com.
Earlier today Sourceforge was down, and later the Boost downloaded file
checksum did not match, which further reinforces the need to change
the URL.
The logging to /tmp/bitmonero.daemon.stdout.stderr caused segfaults
if the /tmp mount was full (#2851).
Now the daemon is only logging to /tmp/bitmonero.daemon.stdout.stderr
in the debug builds.
When a block is added as part of a chunk (when syncing historical
blocks), a block may end up already in the blockchain if it was
added to the queue before being added to the chain (though it's
not clear how that could happen, but it's an implementation detail)
and thus may not be added to the chain when add_block is called.
This would cause m_blocks_txs_check to not be cleared, causing it
to get out of sync at next call, and thus wrongfully reject the
next block.
Since commit b0426d4c refresh height for a newly created wallet
connected to a sync'd daemon was off by a month. Now we only use
the 1 month safety margin if we're unable to talk to a daemon.
e4646379 keccak: fix mdlen bounds sanity checking (moneromooo-monero)
2e3e90ac pass large parameters by const ref, not value (moneromooo-monero)
61defd89 blockchain: sanity check number of precomputed hash of hash blocks (moneromooo-monero)
9af6b2d1 ringct: fix infinite loop in unused h2b function (moneromooo-monero)
8cea8d0c simplewallet: double check a new multisig wallet is multisig (moneromooo-monero)
9b98a6ac threadpool: catch exceptions in dtor, to avoid terminate (moneromooo-monero)
24803ed9 blockchain_export: fix buffer overflow in exporter (moneromooo-monero)
f3f7da62 perf_timer: rewrite to make it clear there is no division by zero (moneromooo-monero)
c6ea3df0 performance_tests: remove add_arg call stray extra param (moneromooo-monero)
fa6b4566 fuzz_tests: fix an uninitialized var in setup (moneromooo-monero)
03887f11 keccak: fix sanity check bounds test (moneromooo-monero)
ad11db91 blockchain_db: initialize m_open in base class ctor (moneromooo-monero)
bece67f9 miner: restore std::cout precision after modification (moneromooo-monero)
1aabd14c db_lmdb: check hard fork info drop succeeded (moneromooo-monero)
a99ef176 wallet-rpc: take subaddress account as arg for get_transfer_by_txid (stoffu)
77125096 wallet-rpc: rename *_INDEX_OUTOFBOUND into *_INDEX_OUT_OF_BOUNDS (stoffu)
bc61ae69 tx_pool: add a max pool size, settable with --max-txpool-size (moneromooo-monero)
3b4e6b35 txpool: increase unmined tx expiry to three days (moneromooo-monero)
f90c76be Return appropriate error code when there's no connection to daemon (Michał Sałaban)
3cb65b3f Return appropriate error code when not enough money for tx (Michał Sałaban)
628b78ae Fix in_peers/out_peers RPC operations (Erik de Castro Lopo)
ece9bcf5 rpc_client: Fix error handling (Erik de Castro Lopo)
8f30350d Fix method name in invoke_http_json_rpc (Erik de Castro Lopo)
32c0f908 Allow the number of incoming connections to be limited (Erik de Castro Lopo)
d609a2c1 Rename delete_connections to delete_out_connections (Erik de Castro Lopo)
b927c0fc Rename connections_count to max_out_connection_count (Erik de Castro Lopo)
* src/cryptnote_config.h: The constant `config::testnet::GENESIS_TX` was
changed to be the same as `config::GENESIS_TX` (the mainnet's transaction)
because the mainnet's transaction was being used for both networks.
* src/cryptonote_core/cryptonote_tx_utils.cpp: The `generate_genesis_block` function
was ignoring the `genesis_tx` parameter, and instead it was using the `config::GENESIS_TX`
constant. That's why the testnet genesis transaction was changed. Also five lines of unused
code were removed.
Signed-off-by: Jean Pierre Dudey <jeandudey@hotmail.com>
If an exception is thrown, it is ignored. While this may hide
a bug, this should only be system exceptions in boost, which
is pretty unlikely. Morever, wait should be called manually
before the dtor anyway. Add an error message if the dtor has
to wait in case some such cases creep in so they get fixed.
Coverity 182538
Previously, when outputs_amount == inputs_amount, the "m_overspend" property
was set, whereas "m_fee_too_low" would have been the correct property to set.
This is unlikely to ever occur and just something I've noticed while reading
through the code.
30c44bce wallet: automatically use low priority if safe (no backlog & recent blocks not full) (stoffu)
c903df5e simplewallet: bug fix for backlog estimate (stoffu)
2f5a9b6b wallet2: split estimate_backlog to allow for raw fee levels (moneromooo-monero)
fd1dfac5 p2p: don't lookup seed IPs if using an exclusive peer (moneromooo-monero)
b50182ae p2p: don't connect to seeds if using an exclusive peer (moneromooo-monero)
3160a930 wallet2: remove {set|get}_default_decimal_point and use the same funcs under cryptonote:: instead (stoffu)
7d1088d3 wallet2: make scan_output const and omit keys arg (stoffu)
bc1ee2c2 wallet2: make member functions const when possible (stoffu)
5ae617d5 simplewallet: single out 0 amount destinations as dummy ones (moneromooo-monero)
c1d19f3c wallet2: fix sweep_all sending an atomic unit (moneromooo-monero)
ge_scalarmult_p3
ge_double_scalarmult_precomp_vartime2_p3
ge_double_scalarmult_base_vartime_p3
This makes it possible to reuse the result without having to
convert back to unsigned char[32] and back to ge types.
9996d5e9 wallet2: guard against the dameon sending blocks before last checkpoint (moneromooo-monero)
eadaa6aa wallet_rpc_server: fix wallet leak on error exit (moneromooo-monero)
6d8b29ef fix some link errors in debug mode for macos (stoffu)
fdd4c5e5 move memwipe to epee to avoid common<->crypto circular dependencies (moneromooo-monero)
40ab12a7 epee: remove dependency on common (moneromooo-monero)
On some systems, there is a /usr/bin/lrelease wrapper even if the real
lrelease program is not installed. So let's try to execute lrelease
after it has been found by find_program to see if it is really working.
Define generate_translations_header as an external project to be able
to use the compilation toolchain for the host instead of the toolchain
for the target.
Reset thread-local info if it doesn't match the current env.
Only happens when a process opens/closes env multiple times in the
same process, doesn't affect monerod.
da0fd71d only include the easylogging++ stack trace code when needed (moneromooo-monero)
81b04cfa easlogging++: omit some unneded macros (moneromooo-monero)
Wallet caches and keys files are loaded with chacha8 as needed,
but only saved with chacha20. Other data (eg, cold wallet data
files, etc) will be incompatible.
cb9aa23c levin_protocol_handler_async: another attempt at fixing at exception (moneromooo-monero)
64d23ce3 Revert "epee: keep a ref to a connection we're deleting" (moneromooo-monero)
bd5cce07 network_throttle: fix ineffective locking (moneromooo-monero)
e0a61299 network_throttle: remove unused xxx static member (moneromooo-monero)
24f584d9 cryptonote_core: remove unused functions with off by one bugs (moneromooo-monero)
b1634aa3 blockchain: don't leave dangling pointers in this (moneromooo-monero)
8e60b81c cryptonote_core: fix db leak on error (moneromooo-monero)
213e326c abstract_tcp_server2: log init_server errors as fatal (moneromooo-monero)
b51dc566 use const refs in for loops for non tiny types (moneromooo-monero)
f0568ca6 net_parse_helpers: fix regex error checking (moneromooo-monero)
b49ddc76 check accessing an element past the end of a container (moneromooo-monero)
2305bf26 check return value for generate_key_derivation and derive_public_key (moneromooo-monero)
a4240d9f catch const exceptions (moneromooo-monero)
45a1c4c0 add empty container sanity checks when using front() and back() (moneromooo-monero)
56fa6ce1 tests: fix a buffer overread in a unit test (moneromooo-monero)
b4524892 rpc: guard against json parsing a non object (moneromooo-monero)
c2ed8618 easylogging++: avoid buffer underflow (moneromooo-monero)
187a6ab2 epee: trap failure to parse URI from request (moneromooo-monero)
061789b5 checkpoints: trap failure to load JSON checkpoints (moneromooo-monero)
ba2fefb9 checkpoints: pass std::string by const ref, not const value (moneromooo-monero)
38c8f4e0 mlog: terminate a string at last char, just in case (moneromooo-monero)
d753d716 fix a few leaks by throwing objects, not newed pointers to objects (moneromooo-monero)
fe568db8 p2p: use size_t for arbitrary counters instead of uint8_t (moneromooo-monero)
46d6fa35 cryptonote_protocol: sanity check chain hashes from peer (moneromooo-monero)
25584f86 cryptonote_protocol: print peer versions when unexpected (moneromooo-monero)
490a5d41 rpc: do not try to use an invalid txid in relay_tx (moneromooo-monero)
ca18ff64 wallet2: detect spends in txes without a valid public tx key (moneromooo-monero)
6afcd8e3 cn_deserialize: print tx extra fields in partly decoded tx extra (moneromooo-monero)
Fixes the unit test failure about SHA1 being unavailable,
and hopefully the monerod complaints about not being able
to verify DNSSEC.
Thanks to iDunk for the remote Windows testing.
If a queued job uses a waiter, then we want to run that waiter's
jobs in the current thread if all threads are busy, even if the
queue is empty, since there is no guarantee that any thread will
free up to take care of that new job, since all the threads might
be running a job which spawns such a recursive job and will block
till that recursive job is done, which it will never be since it
relies on the queue being polled by one of those blocked threads.
6c94516f wipeable_string: move a wipe from reserve to grow (moneromooo-monero)
5f801b6a wipeable_string: ignore reserve size less than actual size (moneromooo-monero)
9ec44a2b wipeable_string: fix clear and push_back (moneromooo-monero)
Scheme by luigi1111:
Multisig for RingCT on Monero
2 of 2
User A (coordinator):
Spendkey b,B
Viewkey a,A (shared)
User B:
Spendkey c,C
Viewkey a,A (shared)
Public Address: C+B, A
Both have their own watch only wallet via C+B, a
A will coordinate spending process (though B could easily as well, coordinator is more needed for more participants)
A and B watch for incoming outputs
B creates "half" key images for discovered output D:
I2_D = (Hs(aR)+c) * Hp(D)
B also creates 1.5 random keypairs (one scalar and 2 pubkeys; one on base G and one on base Hp(D)) for each output, storing the scalar(k) (linked to D),
and sending the pubkeys with I2_D.
A also creates "half" key images:
I1_D = (Hs(aR)+b) * Hp(D)
Then I_D = I1_D + I2_D
Having I_D allows A to check spent status of course, but more importantly allows A to actually build a transaction prefix (and thus transaction).
A builds the transaction until most of the way through MLSAG_Gen, adding the 2 pubkeys (per input) provided with I2_D
to his own generated ones where they are needed (secret row L, R).
At this point, A has a mostly completed transaction (but with an invalid/incomplete signature). A sends over the tx and includes r,
which allows B (with the recipient's address) to verify the destination and amount (by reconstructing the stealth address and decoding ecdhInfo).
B then finishes the signature by computing ss[secret_index][0] = ss[secret_index][0] + k - cc[secret_index]*c (secret indices need to be passed as well).
B can then broadcast the tx, or send it back to A for broadcasting. Once B has completed the signing (and verified the tx to be valid), he can add the full I_D
to his cache, allowing him to verify spent status as well.
NOTE:
A and B *must* present key A and B to each other with a valid signature proving they know a and b respectively.
Otherwise, trickery like the following becomes possible:
A creates viewkey a,A, spendkey b,B, and sends a,A,B to B.
B creates a fake key C = zG - B. B sends C back to A.
The combined spendkey C+B then equals zG, allowing B to spend funds at any time!
The signature fixes this, because B does not know a c corresponding to C (and thus can't produce a signature).
2 of 3
User A (coordinator)
Shared viewkey a,A
"spendkey" j,J
User B
"spendkey" k,K
User C
"spendkey" m,M
A collects K and M from B and C
B collects J and M from A and C
C collects J and K from A and B
A computes N = nG, n = Hs(jK)
A computes O = oG, o = Hs(jM)
B anc C compute P = pG, p = Hs(kM) || Hs(mK)
B and C can also compute N and O respectively if they wish to be able to coordinate
Address: N+O+P, A
The rest follows as above. The coordinator possesses 2 of 3 needed keys; he can get the other
needed part of the signature/key images from either of the other two.
Alternatively, if secure communication exists between parties:
A gives j to B
B gives k to C
C gives m to A
Address: J+K+M, A
3 of 3
Identical to 2 of 2, except the coordinator must collect the key images from both of the others.
The transaction must also be passed an additional hop: A -> B -> C (or A -> C -> B), who can then broadcast it
or send it back to A.
N-1 of N
Generally the same as 2 of 3, except participants need to be arranged in a ring to pass their keys around
(using either the secure or insecure method).
For example (ignoring viewkey so letters line up):
[4 of 5]
User: spendkey
A: a
B: b
C: c
D: d
E: e
a -> B, b -> C, c -> D, d -> E, e -> A
Order of signing does not matter, it just must reach n-1 users. A "remaining keys" list must be passed around with
the transaction so the signers know if they should use 1 or both keys.
Collecting key image parts becomes a little messy, but basically every wallet sends over both of their parts with a tag for each.
Thia way the coordinating wallet can keep track of which images have been added and which wallet they come from. Reasoning:
1. The key images must be added only once (coordinator will get key images for key a from both A and B, he must add only one to get the proper key actual key image)
2. The coordinator must keep track of which helper pubkeys came from which wallet (discussed in 2 of 2 section). The coordinator
must choose only one set to use, then include his choice in the "remaining keys" list so the other wallets know which of their keys to use.
You can generalize it further to N-2 of N or even M of N, but I'm not sure there's legitimate demand to justify the complexity. It might
also be straightforward enough to support with minimal changes from N-1 format.
You basically just give each user additional keys for each additional "-1" you desire. N-2 would be 3 keys per user, N-3 4 keys, etc.
The process is somewhat cumbersome:
To create a N/N multisig wallet:
- each participant creates a normal wallet
- each participant runs "prepare_multisig", and sends the resulting string to every other participant
- each participant runs "make_multisig N A B C D...", with N being the threshold and A B C D... being the strings received from other participants (the threshold must currently equal N)
As txes are received, participants' wallets will need to synchronize so that those new outputs may be spent:
- each participant runs "export_multisig FILENAME", and sends the FILENAME file to every other participant
- each participant runs "import_multisig A B C D...", with A B C D... being the filenames received from other participants
Then, a transaction may be initiated:
- one of the participants runs "transfer ADDRESS AMOUNT"
- this partly signed transaction will be written to the "multisig_monero_tx" file
- the initiator sends this file to another participant
- that other participant runs "sign_multisig multisig_monero_tx"
- the resulting transaction is written to the "multisig_monero_tx" file again
- if the threshold was not reached, the file must be sent to another participant, until enough have signed
- the last participant to sign runs "submit_multisig multisig_monero_tx" to relay the transaction to the Monero network
43f5269f Wallets now do not depend on the daemon rpc lib (moneromooo-monero)
bb89ae8b move connection_basic and network_throttle from src/p2p to epee (moneromooo-monero)
4abf25f3 cryptonote_core does not depend on p2p anymore (moneromooo-monero)
Partially implements #74.
Securely erases keys from memory after they are no longer needed. Might have a
performance impact, which I haven't measured (perf measurements aren't
generally reliable on laptops).
Thanks to @stoffu for the suggestion to specialize the pod_to_hex/hex_to_pod
functions. Using overloads + SFINAE instead generalizes it so other types can
be marked as scrubbed without adding more boilerplate.
41fc11fa Scheduled mandatory software upgrades (xmr-eric)
3b5382fe Keep VRP a proper noun (xmr-eric)
7160cbd6 CONTRIBUTING.md capitalization (xmr-eric)
f36ffc07 Shorten a title, remove a section, small edits (xmr-eric)
00179917 Capitalization on first word only (xmr-eric)
6ffae079 Readme.md: Normalize heading capitalization (xmr-eric)
3dffe71b new wipeable_string class to replace std::string passphrases (moneromooo-monero)
7a2a5741 utils: initialize easylogging++ in on_startup (moneromooo-monero)
54950829 use memwipe in a few relevant places (moneromooo-monero)
000666ff add a memwipe function (moneromooo-monero)
If a translation file exists in a "translations" directory located in
the same directory as the binary, it is used in priority (this can be
useful when working on translations as you don't have to recompile the
whole program all the time), and if no such file is found the embedded
translation file is used (if it exists).
This fixes a hang on exit due to race where a connection adds
itself to the server after the starting connections are closed,
but before the net server marks itself as stopped.
Binding RPC to 127.0.0.1 makes no sense. Despite the fact port 18081 is
exposed, no one will be able to connect to the daemon.
RPC should be listening at all interfaces when running inside a Docker
container.
27aa8ce9 net_utils_base: fix peer list parsing (moneromooo-monero)
fe5ab2c4 epee: fix kv_unserialize return value when a field is not found (moneromooo-monero)
Those are not serialized, but are restored from the outPk masks,
so depending on what tries to validate the tx, those commitments
may or may not be filled with valid data at the time. The outPk
masks are already hashed as part of the rctSigBase field.
c83d0b3e add bulletproofs from v7 on testnet (moneromooo-monero)
8620ef0a bulletproofs: switch H/G in Pedersen commitments to match rct (moneromooo-monero)
d58835b2 integrate bulletproofs into monero (moneromooo-monero)
90b8d9f2 add bulletproofs to the build, with basic unit tests (moneromooo-monero)
fe120264 perf_timer: add non scoped start/stop timer defines (moneromooo-monero)
ada42914 add a version of ge_double_scalarmult_precomp_vartime with A precomp (moneromooo-monero)
d43eef6d ringct: add a version of addKeys which returns the result (moneromooo-monero)
7ff07928 sc_mul and sc_muladd (luigi1111)
3d0b54bd epee: add do while(0) around brace statement in a macro (moneromooo-monero)
Deleted 3 out of 4 calls to method connection_basic::sleep_before_packet
that were erroneous / superfluous, which enabled the elimination of a
"fudge" factor of 2.1 in connection_basic::set_rate_up_limit;
also ended the multiplying of limit values and numbers of bytes
transferred by 1024 before handing them over to the global throttle
objects
9739da1e wallet_rpc_server: new relay_tx command (moneromooo-monero)
01dc8297 wallet: transfer RPC can now return tx metadata (pending_tx) (moneromooo-monero)
83fa9047 serialization: add std::set and std::unordered_set serialization (moneromooo-monero)
998777ec Tx proof (revised): - refactoring: proof generation/checking code was moved from simplewallet.cpp to wallet2.cpp - allow an arbitrary message to be signed together with txid - introduce two types (outbound & inbound) of tx proofs; with the same syntax, inbound is selected when <address> belongs to this wallet, outbound otherwise. see GitHub thread for more discussion - wallet RPC: added get_tx_key, check_tx_key, get_tx_proof, check_tx_proof - wallet API: moved WalletManagerImpl::checkPayment to Wallet::checkTxKey, added Wallet::getTxProof/checkTxProof - get_tx_key/check_tx_key: handle additional tx keys by concatenating them into a single string (stoffu)
- refactoring: proof generation/checking code was moved from simplewallet.cpp to wallet2.cpp
- allow an arbitrary message to be signed together with txid
- introduce two types (outbound & inbound) of tx proofs; with the same syntax, inbound is selected when <address> belongs to this wallet, outbound otherwise. see GitHub thread for more discussion
- wallet RPC: added get_tx_key, check_tx_key, get_tx_proof, check_tx_proof
- wallet API: moved WalletManagerImpl::checkPayment to Wallet::checkTxKey, added Wallet::getTxProof/checkTxProof
- get_tx_key/check_tx_key: handle additional tx keys by concatenating them into a single string
0d9c0db9 Do not build against epee_readline if it was not built (Howard Chu)
178014c9 split off readline code into epee_readline (moneromooo-monero)
a9e14a19 link against readline only for monerod and wallet-wallet-{rpc,cli} (moneromooo-monero)
437421ce wallet: move some scoped_message_writer calls from the libs (moneromooo-monero)
e89994e9 wallet: rejig to avoid prompting in wallet2 (moneromooo-monero)
ec5135e5 move input_line from command_line to simplewallet (moneromooo-monero)
082db75f move cryptonote command line options to cryptonote_core (moneromooo-monero)
wallet2 is a library, and should not prompt for stdin. Instead,
pass a function so simplewallet can prompt on stdin, and a GUI
might display a window, etc.
ec48e8d8 core: do not forbid txes without destination (moneromooo-monero)
523084bc core: don't add empty additional pub keys field to extra (moneromooo-monero)
cryptonote::miner::get_system_times(): Fetch the system's total and
idle time using sysctl kern.cp_time.
cryptonote::miner::get_process_time(): Use the same implementation as
Linux and OSX, the times(3) function conforms to POSIX.1 and is
available on FreeBSD.
cryptonote::miner::on_battery_power(): Try to fetch the battery status
using sysctl hw.acpi.acline. If that fails (if ACPI is not enabled on
the system), then try querying /dev/apm.
f3e09f36 hooked a dependency on libatomic on 32 bit machines if Clang is
used because compilation failed with:
`std::__atomic_base<unsigned long long>::load(std::memory_order) const':
/usr/bin/../lib/gcc/i686-pc-linux-gnu/6.1.1/../../../../include/c++/6.1.1/bits/atomic_base.h:396:
undefined reference to `__atomic_load_8'
But that does not happen on FreeBSD. The problem is likely that on Linux
Clang tries to use GCC-provided C++11 library. Further,
__atomic_load_8() (for 8-byte integers) is not readily available on 32
bit machines. From https://gcc.gnu.org/wiki/Atomic/GCCMM: "When lock
free instructions are not available (either through hardware or OS
support) atomic operations are left as function calls to be resolved by
a library."
This patch allows to filter out sensitive information for queries that rely on the pool state, when running in restricted mode.
This filtering is only applied to data sent back to RPC queries. Results of inline commands typed locally in the daemon are not affected.
In practice, when running with `--restricted-rpc`:
* get_transaction_pool will list relayed transactions with the fields "last relayed time" and "received time" set to zero.
* get_transaction_pool will not list transaction that have do_not_relay set to true, and will not list key images that are used only for such transactions
* get_transaction_pool_hashes.bin will not list such transaction
* get_transaction_pool_stats will not count such transactions in any of the aggregated values that are computed
The implementation does not make filtering the default, so developers should be mindful of this if they add new RPC functionality.
Fixes#2590.
Transactions in the txpool are marked when another transaction
is seen double spending one or more of its inputs.
This is then exposed wherever appropriate.
Note that being marked with this "double spend seen" flag does
NOT mean this transaction IS a double spend and will never be
mined: it just means that the network has seen at least another
transaction spending at least one of the same inputs, so care
should be taken to wait for a few confirmations before acting
upon that transaction (ie, mostly of use for merchants wanting
to accept unconfirmed transactions).
ff7745bb Edited test readme for accuracy and depth (Cole Lightfighter)
c300ae56 Added test documentation & Keccak unit test (Cole Lightfighter)
f6119a8e Added test documentation & Keccak unit test (Cole Lightfighter)
d0463312 fix libwallet api test after api change (Jaquee)
a46c1eed Wallet2: Don't throw when subaddress label doesn't exist (Jaquee)
086b7db2 Wallet API: default values for account and subaddr index (Jaquee)
It is safe in those cases, though might return slightly out of date
information if another thread is busy modifying the blockchain,
but it avoids potentially lengthy delays just to get things like
the current blockchain height.
Issue: #2575
Build instructions for OpenBSD 6.2:
* boost (built with clang)
* cppzmq
Fixed a issue, where cmake was not able to find and link against libressl in unbound.
restored OpenBSD 5.8 build instructions
Tests for checking proper error throwing for out-of-bounds subaddress
indexes, and proper addition of subaddresses.
Signed-off-by: Cole Lightfighter <cole@onicsla.bz>
They are actually wrong if the wallet is setup in a different
denomination, and it's incursion of extrinsic lingo where monero
fits perfectly in the first place.
This fixes linking when path to openssl
is defined manually:
cmake -DOPENSSL_ROOT_DIR='/usr/include/openssl-1.0;/usr/lib/openssl-1.0' ...
This is useful for building with OpenSSL v1.0
when default system installation is v1.1.
The linking error is undefined SSL_load_error_strings symbol.
This is due to -L /usr/lib/openssl-1.0 not making it onto
the linkline (so -lssl pulls in the default system openssl).
Fixes compile error when building with OpenSSL v1.1:
contrib/epee/include/net/net_helper.h: In member function ‘void epee::net_utils::blocked_mode_client::shutdown_ssl()’:
contrib/epee/include/net/net_helper.h:579:106: error: ‘SSL_R_SHORT_READ’ was not declared in this scope
if (ec.category() == boost::asio::error::get_ssl_category() && ec.value() != ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ))
^
contrib/epee/include/net/net_helper.h:579:106: note: suggested alternative: ‘SSL_F_SSL_READ’
See boost/asio/ssl/error.hpp.
Boost handles differences between OpenSSL versions.
cmake: fail if Boost is too old for OpenSSL v1.1
default install targets
Binaries available to download on https://getmonero.org/downloads/ as
embedding monerod, monero-wallet-{cli,rpc} and
monero-blockchain-{ex,im}port.
This change synchronise download results with a manual build from
source
22b51e06 db_lmdb: include chain height when failing to find an output key (moneromooo-monero)
5db433b3 blockchain: avoid exceptions in output verification (moneromooo-monero)
dc19659d Remove network_address_base which has been merged with ipv4_network_address in 8b006877 (Michał Sałaban)
2183ade0 Don't try to create wallet-dir when it's not given, don't crash if wallet-dir already exists. (Michał Sałaban)
In practice, this seems to cause monero-wallet-rpc to exit
when ^C quits whatever its output is piped into (such as tee),
but it saves, while it did not before.
The commands handler must not be destroyed before the config
object, or we'll be accessing freed memory.
An earlier attempt at using boost::shared_ptr to control object
lifetime turned out to be very invasive, though would be a
better solution in theory.
This is safer, as we don't risk break expectations (eg, requesting
block hashes and then receiving a late set of blocks). Dropping a
connection means another will be attempted in a fresh state.
Also bump the kick timeout to 5 minutes, to ensure we only kick
really idle peers.
15e62581 connection_context: initialize m_callback_request_count to 0 (moneromooo-monero)
5fa199c6 copyable_atomic: add a ctor with initial value (moneromooo-monero)
8b006877 Upgrades to epee::net_utils::network_address - internal nullptr checks - prevent modifications to network_address (shallow copy issues) - automagically works with any type containing interface functions - removed fnv1a hashing - ipv4_network_address now flattened with no base class (Lee Clagett)
- internal nullptr checks
- prevent modifications to network_address (shallow copy issues)
- automagically works with any type containing interface functions
- removed fnv1a hashing
- ipv4_network_address now flattened with no base class
792ba4f0 Log categories can now be added to and removed from (moneromooo-monero)
48f92eb6 easylogging++: add categories getter (moneromooo-monero)
f35afe62 epee: factor log level/categories setting (moneromooo-monero)
Lack of it results in `m_refresh_from_block_height` being < 0 (18446744...) on low heights, which blocks `process_new_blockchain_entry` and never process coins on heights less than blocks_per_month.
Follow-up to #2258
36c3465b wallet2: do not keep block hashes below last checkpoint (moneromooo-monero)
cdbbe99c checkpoints: add a token checkpoint on testnet (the genesis block) (moneromooo-monero)
493fad80 serialization: add deque serialization (moneromooo-monero)
fa54b205 fix typo in basic and core CMakeLists.txt (moneromooo-monero)
5d65a75b move checkpoints in a separate library (moneromooo-monero)
06a681cf performance_tests: add a test for is_out_to_acc_precomp (moneromooo-monero)
2ec928ba wallet2: simplify tx processing a bit (moneromooo-monero)
740e6533 wallet2: factor some of the tx scanning code (moneromooo-monero)
0aaaca29 tx_pool: set the "invalid input" bit when check_tx_inputs fails (moneromooo-monero)
9236823b simplewallet: print tx rejection reason where it was missing (moneromooo-monero)
3dee3301 core_rpc_server: print tx rejection reason at L0 too (moneromooo-monero)
6137a0b9 blockchain: reject unsorted ins and outs from v7 (moneromooo-monero)
16afab90 core: sort ins and outs key key image and public key, respectively (moneromooo-monero)
0c36b9f9 common: add apply_permutation file and function (moneromooo-monero)
It was always returning true, and could not be foreseen to
usefully return errors in the future. This silences CID 162652
as well as saves some checking code in a few places.
a15e8583 wallet2: guard against daemon sending txes in the wrong order (moneromooo-monero)
8fe5f609 rpc: order transactions in the order they were requested (moneromooo-monero)
Warning issued on older boost and/or OS:
In file included from /usr/include/boost/asio/detail/socket_types.hpp:61:0,
from /usr/include/boost/asio/detail/epoll_reactor.hpp:30,
from /usr/include/boost/asio/detail/reactor.hpp:21,
from /usr/include/boost/asio/detail/impl/task_io_service.ipp:24,
from /usr/include/boost/asio/detail/task_io_service.hpp:198,
from /usr/include/boost/asio/impl/io_service.hpp:71,
from /usr/include/boost/asio/io_service.hpp:767,
from /usr/include/boost/asio/basic_io_object.hpp:19,
from /usr/include/boost/asio/basic_socket.hpp:20,
from /usr/include/boost/asio/basic_datagram_socket.hpp:20,
from /usr/include/boost/asio.hpp:21,
from /home/vagrant/slave/monero-static-alpine-3_5-x86_64/build/src/common/download.cpp:32:
/usr/include/sys/poll.h:1:2: warning: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Wcpp]
#warning redirecting incorrect #include <sys/poll.h> to <poll.h>
Setting COMPILE_FLAGS (or COMPILE_OPTIONS) property directly does not
end up on the command line (even though it should because
add_compile_options does just that).
Also, set -Werror for tests as well, because no warnings now.
Not set for 'external' only because simply moving add_compile_options
above add_subdirectory(external) doesn't do it, and moving add_usbdirectory
down is too big of a change (it will pick up new flags).
-Werror set only for GCC on Linux, since warnings not yet
cleared for other compilers/systems.
ef005f5e p2p: add a couple early outs when the stop signal is received (moneromooo-monero)
80d361c7 abstract_tcp_server2: improve tracking/cancelling of early connections (moneromooo-monero)
9cad4981 readme.me again, fixed v2 fork info on table (Gingeropolous)
8f68291d README.md - update info for first fork (Gingeropolous)
43813327 README.md - update fork table with fork height (Gingeropolous)
0e7e307c update hardfork table with height and version info (Gingeropolous)
close might end up dropping a ref, ending up removing the
connection from m_connects, as the lock is recursive. This'd
cause an out of bounds exception and kill the idle connection
maker thread
87f58974 Docs: C4 revisions as discussed in #2174 (anonimal)
84d25d25 Docs: C4 development process addendum (anonimal)
e022c4e9 Docs: add C4 to contributing guide (anonimal)
0299cb77 Fix various oversights/bugs in ZMQ RPC server code (Thomas Winget)
77986023 json serialization for rpc-relevant monero types (Thomas Winget)
5c1e08fe Refactor some things into more composable (smaller) functions (Thomas Winget)
9ac2ad07 DRY refactoring (Thomas Winget)
And optimize import startup:
Remember start_height position during initial count_blocks pass
to avoid having to reread entire file again to arrive at start_height
The last known hash was calculated incorrectly, causing
further chain hash downloads to restart from the current
chain. When the block queue has close to 10k blocks waiting,
this causes frequent downloads of 10k more hashes, but
with only the last few hashes actually being useful.
It is unused, as it was apparently a future optimization,
and it leaks some information (though since pools publish
thei blocks they find, that amount seems small).
- Add some RPC commands (and touch up a couple others)
- some bounds checking
- some better pointer management
- const correctness and error handling
-- Thanks @vtnerd for type help with serialization and CMake changes
Structured {de-,}serialization methods for (many new) types
which are used for requests or responses in the RPC.
New types include RPC requests and responses, and structs which compose
types within those.
# Conflicts:
# src/cryptonote_core/blockchain.cpp
This commit refactors some of the rpc-related functions in the
Blockchain class to be more composable. This change was made
in order to make implementing the new zmq rpc easier without
trampling on the old rpc.
New functions:
Blockchain::get_num_mature_outputs
Blockchain::get_random_outputs
Blockchain::get_output_key
Blockchain::get_output_key_mask_unlocked
Blockchain::find_blockchain_supplement (overload)
functions which previously had this functionality inline now call these
functions as necessary.
This might prevent some calls to terminate when the LockedTXN
dtor is called as part of stack unwinding caused by another
exception in the first place.
4e0e4e99 blockchain_import: warn for chunks over 500000, not 100000 (moneromooo-monero)
5b29e87f blockchain_import: properly cleanup core/db on exit (moneromooo-monero)
e167c4d9 blockchain_import: do not error out on truncated files (moneromooo-monero)
c867357a cryptonote_protocol: error handling on cleanup_handle_incoming_blocks (moneromooo-monero)
ce901fcb Fix blockchain_import wedge on exception in cleanup_handle_incoming_blocks (moneromooo-monero)
84fa015e core: guard against exceptions in handle_incoming_{block,tx} (moneromooo-monero)
3d19ab70 Revert "Cleanup test impact of moving blockchain_db_types()" (Howard Chu)
a95e460c move db specific options to BlockchainDB (moneromooo-monero)
d58700e0 WalletAPI: only allow trusted daemon when importing key images (Jaquee)
8a9bbd26 WalletAPI: copy wallet data when creating a view only wallet (Jaquee)
d27fe32e wallet2: export/import wallet data functions (Jaquee)
225a25f3 import_key_images - allow importing without being connected to daemon (Jaquee)
5807529e blockchain: cap memory size of retrieved blocks (moneromooo-monero)
c1b10381 rpc: decrease memory usage a bit in getblocks.bin (moneromooo-monero)
3dd34a49 Cleanup test impact of moving blockchain_db_types() (Howard Chu)
80344740 More DB support cleanup (Howard Chu)
4c7f8ac0 DB cleanup (Howard Chu)
f906d87e wallet: new option to check/confirm txpool backlog when sending (moneromooo-monero)
55bec1f0 rpc: add a new RPC to get current txpool backlog (sizes and fees) (moneromooo-monero)
df0cffed cryptonote_protocol: warn if we see a higher top version we expect (moneromooo-monero)
317ab21a cryptonote_protocol: less strict check on top version on connect (moneromooo-monero)
cc81a371 cryptonote_protocol: update target height when syncing too (moneromooo-monero)
e2ad372b cryptonote_protocol: simplify and remove unnecessary casts (moneromooo-monero)
727e67ca cryptonote_protocol: print peer top height along with its version (moneromooo-monero)
b5345ef4 crypto: use malloc instead of alloca (moneromooo-monero)
80794b31 thread_group: set thread size to THREAD_STACK_SIZE (moneromooo-monero)
5524bc31 print peer id in 0 padded hex for consistency (moneromooo-monero)
8f8cc09b contrib: add sync_info to rlwrap command set (moneromooo-monero)
70b8c6d7 cryptonote_protocol: misc fixes to the new sync algorithm (moneromooo-monero)
64ab8844 rpc_client: print destination host/port when failing to connect (moneromooo-monero)
333f7012 http_client: add getters for host and port (moneromooo-monero)
Fix sync wedge corner case:
It could happen if a connection went into standby mode, while
it was the one which had requested the next span, and that span
was still waiting for the data, and that peer is not on the
main chain. Other peers can then start asking for that data
again and again, but never get it as only that forked peer does.
And various other fixes
If monerod is started with default sync mode, set it to SAFE after
synchronization completes. Set it back to FAST if synchronization
restarts (e.g. because another peer has a longer blockchain).
If monerod is started with an explicit sync mode, none of this
automation takes effect.
Hide DB types from db_types.h - no reason to recompile dependencies
when DB types change.
Also remove lingering in-memory DB references, they've been
obsolete since 9e82b694da
We don't actually need to keep them past the call to start, as this
adds them to the config object list, and so they'll then be cancelled
already when the stop signal arrives. This allows removing the periodic
call to cleanup connections.
@@ -6,13 +6,13 @@ if you want to help that way. Testing is invaluable in making a piece
of software solid and usable.
## General Guidelines
## General guidelines
* Comments are encouraged.
* If modifying code for which Doxygen headers exist, that header must be modified to match.
* Tests would be nice to have if you're adding functionality.
Patches are preferably to be sent via a github pull request. If that
Patches are preferably to be sent via a Github pull request. If that
can't be done, patches in "git format-patch" format can be sent
(eg, posted to fpaste.org with a long enough timeout and a link
posted to #monero-dev on irc.freenode.net).
@@ -21,20 +21,151 @@ Patches should be self contained. A good rule of thumb is to have
one patch per separate issue, feature, or logical change. Also, no
other changes, such as random whitespace changes or reindentation.
Following the code style of the particular chunk of code you're
modifying is encourgaged. Proper squashing should be done (eg, if
modifying is encouraged. Proper squashing should be done (eg, if
you're making a buggy patch, then a later patch to fix the bug,
both patches should be merged).
## Commits and Pull Requests
If you've made random unrelated changes (either because your editor
is annoying or you made them for other reasons), you can select
what changes go into the coming commit using git add -p, which
walks you through all the changes and asks whether or not to
include this particular change. This helps create clean patches
without any irrelevant changes. git diff will show you the changes
in your tree. git diff --cached will show what is currently staged
for commit. As you add hunks with git add -p, those hunks will
"move" from the git diff output to the git diff --cached output,
so you can see clearly what your commit is going to look like.
## Commits and pull requests
Commit messages should be sensible. That means a subject line that
describes the patch, with an optional longer body that gives details,
documentation, etc.
When submitting a pull request on github, make sure your branch is
When submitting a pull request on Github, make sure your branch is
rebased. No merge commits nor stray commits from other people in
your submitted branch, please. You may be asked to rebase if there
are conflicts (even trivially resolvable ones).
PGP signing commits is strongly encouraged. That should explain why
the previous paragraph is here.
# [Code of Conduct (22/C4.1)](http://rfc.zeromq.org/spec:22)
## License
Copyright (c) 2009-2015 Pieter Hintjens.
Copyright (c) 2017-2018 The Monero Project.
This Specification is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This Specification is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses>.
## Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
The "Monero Maintainer Team" is defined in this document as the following users:
- fluffypony
- moneromooo
- hyc
## Goals
C4 is meant to provide a reusable optimal collaboration model for open source software projects. It has these specific goals:
- To maximize the scale and diversity of the community around a project, by reducing the friction for new Contributors and creating a scaled participation model with strong positive feedbacks;
- To relieve dependencies on key individuals by separating different skill sets so that there is a larger pool of competence in any required domain;
- To allow the project to develop faster and more accurately, by increasing the diversity of the decision making process;
- To support the natural life cycle of project versions from experimental through to stable, by allowing safe experimentation, rapid failure, and isolation of stable code;
- To reduce the internal complexity of project repositories, thus making it easier for Contributors to participate and reducing the scope for error;
- To enforce collective ownership of the project, which increases economic incentive to Contributors and reduces the risk of hijack by hostile entities.
## Design
### Preliminaries
- The project SHALL use the git distributed revision control system.
- The project SHALL be hosted on github.com or equivalent, herein called the "Platform".
- The project SHALL use the Platform issue tracker.
- Non-GitHub example:
- "Platform" could be a vanilla git repo and Trac hosted on the same machine/network.
- The Platform issue tracker would be Trac.
- The project SHOULD have clearly documented guidelines for code style.
- A "Contributor" is a person who wishes to provide a patch, being a set of commits that solve some clearly identified problem.
- A "Maintainer" is a person who merges patches to the project. Maintainers are not developers; their job is to enforce process.
- Contributors SHALL NOT have commit access to the repository unless they are also Maintainers.
- Maintainers SHALL have commit access to the repository.
- Everyone, without distinction or discrimination, SHALL have an equal right to become a Contributor under the terms of this contract.
### Licensing and ownership
- The project SHALL use a share-alike license, such as BSD-3, the GPLv3 or a variant thereof (LGPL, AGPL), or the MPLv2.
- All contributions to the project source code ("patches") SHALL use the same license as the project.
- All patches are owned by their authors. There SHALL NOT be any copyright assignment process.
- The copyrights in the project SHALL be owned collectively by all its Contributors.
- Each Contributor SHALL be responsible for identifying themselves in the project Contributor list.
### Patch requirements
- Maintainers MUST have a Platform account and SHOULD use their real names or a well-known alias.
- Contributors SHOULD have a Platform account and MAY use their real names or a well-known alias.
- A patch SHOULD be a minimal and accurate answer to exactly one identified and agreed problem.
- A patch MUST adhere to the code style guidelines of the project if these are defined.
- A patch MUST adhere to the "Evolution of Public Contracts" guidelines defined below.
- A patch SHALL NOT include non-trivial code from other projects unless the Contributor is the original author of that code.
- A patch MUST compile cleanly and pass project self-tests on at least the principle target platform.
- A patch commit message SHOULD consist of a single short (less than 50 character) line summarizing the change, optionally followed by a blank line and then a more thorough description.
- A "Correct Patch" is one that satisfies the above requirements.
### Development process
- Change on the project SHALL be governed by the pattern of accurately identifying problems and applying minimal, accurate solutions to these problems.
- To request changes, a user SHOULD log an issue on the project Platform issue tracker.
- The user or Contributor SHOULD write the issue by describing the problem they face or observe.
- The user or Contributor SHOULD seek consensus on the accuracy of their observation, and the value of solving the problem.
- Users SHALL NOT log feature requests, ideas, or suggestions unrelated to Monero code or Monero's dependency code or Monero's potential/future dependency code or research which successfully implements Monero.
- Users SHALL NOT log any solutions to problems (verifiable or hypothetical) of which are not explicitly documented and/or not provable and/or cannot be reasonably proven.
- Thus, the release history of the project SHALL be a list of meaningful issues logged and solved.
- To work on an issue, a Contributor SHALL fork the project repository and then work on their forked repository.
- To submit a patch, a Contributor SHALL create a Platform pull request back to the project.
- A Contributor SHALL NOT commit changes directly to the project.
- To discuss a patch, people MAY comment on the Platform pull request, on the commit, or elsewhere.
- To accept or reject a patch, a Maintainer SHALL use the Platform interface.
- Maintainers SHOULD NOT merge their own patches except in exceptional cases, such as non-responsiveness from other Maintainers for an extended period (more than 30 days) or unless urgent as defined by the Monero Maintainers Team.
- Maintainers SHALL NOT make value judgments on correct patches unless the Maintainer (as may happen in rare circumstances) is a core code developer.
- Maintainers MUST NOT merge pull requests in less than 168 hours (1 week) unless deemed urgent by at least 2 people from the Monero Maintainer Team.
- The Contributor MAY tag an issue as "Ready" after making a pull request for the issue.
- The user who created an issue SHOULD close the issue after checking the patch is successful.
- Maintainers SHOULD ask for improvements to incorrect patches and SHOULD reject incorrect patches if the Contributor does not respond constructively.
- Any Contributor who has value judgments on a correct patch SHOULD express these via their own patches.
- Maintainers MAY commit changes to non-source documentation directly to the project.
### Creating stable releases
- The project SHALL have one branch ("master") that always holds the latest in-progress version and SHOULD always build.
- The project SHALL NOT use topic branches for any reason. Personal forks MAY use topic branches.
- To make a stable release someone SHALL fork the repository by copying it and thus become maintainer of this repository.
- Forking a project for stabilization MAY be done unilaterally and without agreement of project maintainers.
- A patch to a stabilization project declared "stable" SHALL be accompanied by a reproducible test case.
### Evolution of public contracts
- All Public Contracts (APIs or protocols) SHALL be documented.
- All Public Contracts SHOULD have space for extensibility and experimentation.
- A patch that modifies a stable Public Contract SHOULD not break existing applications unless there is overriding consensus on the value of doing this.
- A patch that introduces new features to a Public Contract SHOULD do so using new names.
- Old names SHOULD be deprecated in a systematic fashion by marking new names as "experimental" until they are stable, then marking the old names as "deprecated".
- When sufficient time has passed, old deprecated names SHOULD be marked "legacy" and eventually removed.
- Old names SHALL NOT be reused by new features.
- When old names are removed, their implementations MUST provoke an exception (assertion) if used by applications.
### Project administration
- The project founders SHALL act as Administrators to manage the set of project Maintainers.
- The Administrators SHALL ensure their own succession over time by promoting the most effective Maintainers.
- A new Contributor who makes a correct patch SHALL be invited to become a Maintainer.
- Administrators MAY remove Maintainers who are inactive for an extended period of time, or who repeatedly fail to apply this process accurately.
- Administrators SHOULD block or ban "bad actors" who cause stress and pain to others in the project. This should be done after public discussion, with a chance for all parties to speak. A bad actor is someone who repeatedly ignores the rules and culture of the project, who is needlessly argumentative or hostile, or who is offensive, and who is unable to self-correct their behavior when asked to do so by others.
The Monero command line tools can be translated in various languages.
The Monero command line tools can be translated in various languages. If you wish to contribute and need help/support, contact the [Monero Localization Workgroup on Taiga](https://taiga.getmonero.org/project/erciccione-monero-localization/) or come chat on `#monero-translations` (Freenode/IRC, riot/matrix, MatterMost)
In order to use the same translation workflow as the [Monero Core GUI](https://github.com/monero-project/monero-core), they use Qt Linguist translation files. However, to avoid the dependencies on Qt this normally implies, they use a custom loader to read those files at runtime.
- We are also available via [HackerOne](https://hackerone.com/monero)
## Announcements
You can subscribe to an [announcement listserv](https://lists.getmonero.org) to get critical announcements from the Monero core team. The announcement list can be very helpful for knowing when software updates are needed.
## Build
| Operating System | Processor | Status |
@@ -45,7 +55,7 @@ Monero is a private, secure, untraceable, decentralised digital currency. You ar
**Untraceability:** By taking advantage of ring signatures, a special property of a certain type of cryptography, Monero is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
## About this Project
## About this project
This is the core implementation of Monero. It is open source and completely free to use without restrictions, except for those specified in the license agreement below. There are no restrictions on anyone creating an alternative implementation of Monero that uses the protocol and network in a compatible manner.
@@ -53,18 +63,14 @@ As with many development projects, the repository on Github is considered to be
**Anyone is welcome to contribute to Monero's codebase!** If you have a fix or code change, feel free to submit it as a pull request directly to the "master" branch. In cases where the change is relatively small or does not affect other parts of the codebase it may be merged in immediately by any one of the collaborators. On the other hand, if the change is particularly large or complex, it is expected that it will be discussed at length either well in advance of the pull request being submitted, or even directly on the pull request.
## Supporting the Project
## Supporting the project
Monero development can be supported directly through donations.
Both Monero and Bitcoin donations can be made to donate.getmonero.org if using a client that supports the [OpenAlias](https://openalias.org) standard
Monero is a 100% community-sponsored endeavor. If you want to join our efforts, the easiest thing you can do is support the project financially. Both Monero and Bitcoin donations can be made to **donate.getmonero.org** if using a client that supports the [OpenAlias](https://openalias.org) standard. Alternatively you can send XMR to the Monero donation address via the `donate` command (type `help` in the command-line wallet for details).
The Monero donation address is: `44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A` (viewkey: `f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501`)
The Bitcoin donation address is: `1KTexdemPdxSBcG55heUuTjDRYqbC5ZL8H`
*Note: you can easily donate XMR to the Monero donation address by using the `donate` command. Type `help` in the command-line wallet for details.*
Core development funding and/or some supporting services are also graciously provided by sponsors:
Monero uses a fixed-schedule hard fork mechanism to implement new features. This means that users of Monero (end users and service providers) need to run current versions and update their software on a regular schedule. Here is the current schedule, versions, and compatibility.
Monero uses a fixed-schedule software upgrade (hard fork) mechanism to implement new features. This means that users of Monero (end users and service providers) should run current versions and upgrade their software on a regular schedule. Software upgrades occur during the months of April and October. The required software for these upgrades will be available prior to the scheduled date. Please check the repository prior to this date for the proper Monero software version. Below is the historical schedule and the projected schedule for the next upgrade.
Dates are provided in the format YYYY-MM-DD.
| Fork Date | Consensus version | Minimum Monero Version | Recommended Monero Version | Details |
| XXXXXXX | 2018-10-XX | XX | XXXXXXXXX | XXXXXXXXX | X
## Installing Monero from a Package
X's indicate that these details have not been determined as of commit date.
## Release staging schedule and protocol
Approximately three months prior to a scheduled software upgrade, a branch from Master will be created with the new release version tag. Pull requests that address bugs should then be made to both Master and the new release branch. Pull requests that require extensive review and testing (generally, optimizations and new features) should *not* be made to the release branch.
## Installing Monero from a package
Packages are available for
@@ -114,7 +125,15 @@ Installing a snap is very quick. Snaps are secure. They are isolated with all of
* Arch Linux (via [AUR](https://aur.archlinux.org/)):
| expat | 1.1 | NO | `libexpat1-dev` | `expat` | `expat-devel` | YES | XML parsing |
| GTest | 1.5 | YES | `libgtest-dev`^ | `gtest` | `gtest-devel` | YES | Test suite |
| Doxygen | any | NO | `doxygen` | `doxygen` | `doxygen` | YES | Documentation |
| Graphviz | any | NO | `graphviz` | `graphviz` | `graphviz` | YES | Documentation |
[^] On Debian/Ubuntu `libgtest-dev` only includes sources and headers. You must
build the library binary manually. This can be done with the following command ```sudo apt-get install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/ ```
Monero uses the CMake build system and a top-level [Makefile](Makefile) that
@@ -184,6 +221,9 @@ invokes cmake commands as needed.
this to be worthwhile, the machine should have one core and about 2GB of RAM
available per thread.
*Note*: If cmake can not find zmq.hpp file on OS X, installing `zmq.hpp` from
https://github.com/zeromq/cppzmq to `/usr/local/include` should fix that error.
* The resulting executables can be found in `build/release/bin`
* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
@@ -194,7 +234,7 @@ invokes cmake commands as needed.
make release-test
*NOTE*: `coretests` test may take a few hours to complete.
*NOTE*: `core_tests` test may take a few hours to complete.
* **Optional**: to build binaries suitable for debugging:
@@ -204,17 +244,19 @@ invokes cmake commands as needed.
make release-static
Dependencies need to be built with -fPIC. Static libraries usually aren't, so you may have to build them yourself with -fPIC. Refer to their documentation for how to build them.
* **Optional**: build documentation in `doc/html` (omit `HAVE_DOT=YES` if `graphviz` is not installed):
HAVE_DOT=YES doxygen Doxyfile
#### On the Raspberry Pi 2
#### On the Raspberry Pi
Tested on a Raspberry Pi 2 with a clean install of minimal Debian Jessie from https://www.raspberrypi.org/downloads/raspbian/
Tested on a Raspberry Pi Zero with a clean install of minimal Raspbian Stretch (2017-09-07 or later) from https://www.raspberrypi.org/downloads/raspbian/. If you are using Raspian Jessie, [please see note in the following section](#note-for-raspbian-jessie-users).
* `apt-get update && apt-get upgrade` to install all of the latest software
* Install the dependencies for Monero except libunwind and libboost-all-dev
* Install the dependencies for Monero from the 'Debian' column in the table above.
* Increase the system swap size:
```
@@ -223,6 +265,41 @@ Tested on a Raspberry Pi 2 with a clean install of minimal Debian Jessie from ht
CONF_SWAPSIZE=1024
sudo /etc/init.d/dphys-swapfile start
```
* Clone monero and checkout most recent release version:
* The resulting executables can be found in `build/release/bin`
* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
* Run Monero with `monerod --detach`
* You may wish to reduce the size of the swap file after the build has finished, and delete the boost directory from your home directory
#### *Note for Raspbian Jessie users:*
If you are using the older Raspbian Jessie image, compiling Monero is a bit more complicated. The version of Boost available in the Debian Jessie repositories is too old to use with Monero, and thus you must compile a newer version yourself. The following explains the extra steps, and has been tested on a Raspberry Pi 2 with a clean install of minimal Raspbian Jessie.
* As before, `apt-get update && apt-get upgrade` to install all of the latest software, and increase the system swap size
```
sudo /etc/init.d/dphys-swapfile stop
sudo nano /etc/dphys-swapfile
CONF_SWAPSIZE=1024
sudo /etc/init.d/dphys-swapfile start
```
* Then, install the dependencies for Monero except `libunwind` and `libboost-all-dev`
* Install the latest version of boost (this may first require invoking `apt-get remove --purge libboost*` to remove a previous version if you're not using a clean install):
```
cd
@@ -238,20 +315,7 @@ Tested on a Raspberry Pi 2 with a clean install of minimal Debian Jessie from ht
```
* Wait ~4 hours
* Change to the root of the source code directory and build:
```
cd monero
make release
```
* Wait ~4 hours
* The resulting executables can be found in `build/release/bin`
* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
* Run Monero with `monerod --detach`
* You may wish to reduce the size of the swap file after the build has finished, and delete the boost directory from your home directory
* From here, follow the [general Raspberry Pi instructions](#on-the-raspberry-pi) from the "Clone monero and checkout most recent release version" step.
#### On Windows:
@@ -261,7 +325,7 @@ POSIX system. The toolchain runs within the environment and *cross-compiles*
binaries that can run outside of the environment as a regular Windows
application.
**Preparing the Build Environment**
**Preparing the build environment**
* Download and install the [MSYS2 installer](http://msys2.github.io), either the 64-bit or the 32-bit package, depending on your system.
* Open the MSYS shell via the `MSYS2 Shell` shortcut
@@ -280,11 +344,11 @@ application.
To build for 64-bit Windows:
pacman -S mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost
pacman -S mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-zeromq mingw-w64-x86_64-libsodium
To build for 32-bit Windows:
pacman -S mingw-w64-i686-toolchain make mingw-w64-i686-cmake mingw-w64-i686-boost
pacman -S mingw-w64-i686-toolchain make mingw-w64-i686-cmake mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-zeromq mingw-w64-i686-libsodium
* Open the MingW shell via `MinGW-w64-Win64 Shell` shortcut on 64-bit Windows
or `MinGW-w64-Win64 Shell` shortcut on 32-bit Windows. Note that if you are
@@ -310,6 +374,8 @@ We expect to add Monero into the ports tree in the near future, which will aid i
### On OpenBSD:
#### OpenBSD < 6.2
This has been tested on OpenBSD 5.8.
You will need to add a few packages to your system. `pkg_add db cmake gcc gcc-libs g++ miniupnpc gtest`.
@@ -323,6 +389,90 @@ You will have to add the serialization, date_time, and regex modules to Boost wh
To build: `env CC=egcc CXX=eg++ CPP=ecpp DEVELOPER_LOCAL_TOOLS=1 BOOST_ROOT=/path/to/the/boost/you/built make release-static-64`
#### OpenBSD >= 6.2
You will need to add a few packages to your system. `pkg_add cmake miniupnpc zeromq libiconv`.
The doxygen and graphviz packages are optional and require the xbase set.
Build the Boost library using clang. This guide is derived from: https://github.com/bitcoin/bitcoin/blob/master/doc/build-openbsd.md
We assume you are compiling with a non-root user and you have `doas` enabled.
Note: do not use the boost package provided by OpenBSD, as we are installing boost to `/usr/local`.
By default, in either dynamically or statically linked builds, binaries target the specific host processor on which the build happens and are not portable to other processors. Portable binaries can be built using the following targets:
* ```make release-static-64``` builds binaries on Linux on x86_64 portable across POSIX systems on x86_64 processors
* ```make release-static-32``` builds binaries on Linux on x86_64 or i686 portable across POSIX systems on i686 processors
* ```make release-static-armv8``` builds binaries on Linux portable across POSIX systems on armv8 processors
* ```make release-static-armv7``` builds binaries on Linux portable across POSIX systems on armv7 processors
* ```make release-static-armv6``` builds binaries on Linux portable across POSIX systems on armv6 processors
* ```make release-static-linux-x86_64``` builds binaries on Linux on x86_64 portable across POSIX systems on x86_64 processors
* ```make release-static-linux-i686``` builds binaries on Linux on x86_64 or i686 portable across POSIX systems on i686 processors
* ```make release-static-linux-armv8``` builds binaries on Linux portable across POSIX systems on armv8 processors
* ```make release-static-linux-armv7``` builds binaries on Linux portable across POSIX systems on armv7 processors
* ```make release-static-linux-armv6``` builds binaries on Linux portable across POSIX systems on armv6 processors
* ```make release-static-win64``` builds binaries on 64-bit Windows portable across 64-bit Windows systems
* ```make release-static-win32``` builds binaries on 64-bit or 32-bit Windows portable across 32-bit Windows systems
@@ -378,35 +528,45 @@ See [README.i18n.md](README.i18n.md).
## Using Tor
While Monero isn't made to integrate with Tor, it can be used wrapped with torsocks, if you add --p2p-bind-ip 127.0.0.1 to the monerod command line. You also want to set DNS requests to go over TCP, so they'll be routed through Tor, by setting DNS_PUBLIC=tcp. You may also disable IGD (UPnP port forwarding negotiation), which is pointless with Tor. To allow local connections from the wallet, you might have to add TORSOCKS_ALLOW_INBOUND=1, some OSes need it and some don't. Example:
While Monero isn't made to integrate with Tor, it can be used wrapped with torsocks, by
setting the following configuration parameters and environment variables:
TAILS ships with a very restrictive set of firewall rules. Therefore, you need to add a rule to allow this connection too, in addition to telling torsocks to allow inbound connections. Full example:
This section contains general instructions for debugging failed installs or problems encountered with Monero. First ensure you are running the latest version built from the Github repo.
While monerod and monero-wallet-cli do not use readline directly, most of the functionality can be obtained by running them via rlwrap. This allows command recall, edit capabilities, etc. It does not give autocompletion without an extra completion file, however. To use rlwrap, simply prepend `rlwrap` to the command line, eg:
Note: rlwrap will save things like your seed and private keys, if you supply them on prompt. You may want to not use rlwrap when you use simplewallet to restore from seed, etc.
# Debugging
This section contains general instructions for debugging failed installs or problems encountered with Monero. First ensure you are running the latest version built from the github repo.
## Obtaining Stack Traces and Core Dumps on Unix Systems
### Obtaining stack traces and core dumps on Unix systems
We generally use the tool `gdb` (GNU debugger) to provide stack trace functionality, and `ulimit` to provide core dumps in builds which crash or segfault.
@@ -426,9 +586,11 @@ Type `thread apply all bt` within gdb in order to obtain the stack trace
Enter `ulimit -c unlimited` on the command line to enable unlimited filesizes for core dumps
Enter `echo core | sudo tee /proc/sys/kernel/core_pattern` to stop cores from being hijacked by other tools
Run the build.
When it terminates with an output along the lines of "Segmentation fault (core dumped)", there should be a core dump file in the same directory as monerod.
When it terminates with an output along the lines of "Segmentation fault (core dumped)", there should be a core dump file in the same directory as monerod. It may be named just `core`, or `core.xxxx` with numbers appended.
You can now analyse this core dump with `gdb` as follows:
@@ -444,13 +606,13 @@ Pass command-line options with `--args` followed by the relevant arguments
Type `run` to run monerod
## Analysing Memory Corruption
### Analysing memory corruption
We use the tool `valgrind` for this.
Run with `valgrind /path/to/monerod`. It will be slow.
## LMDB
### LMDB
Instructions for debugging suspected blockchain corruption as per @HYC
Researchers/Hackers: while you research/hack, we ask that you please refrain from committing the following:
- Denial of Service / Active exploiting against the network
- Social Engineering of Monero staff or contractors
- Any physical or electronic attempts against Monero community property and/or data centers
## I. Point of Contacts for Security Issues
```
ric@getmonero.org
BDA6 BD70 42B7 21C4 67A9 759D 7455 C5E3 C0CD CEB9
luigi1111@getmonero.org
8777 AB8F 778E E894 87A2 F8E7 F4AC A018 3641 E010
moneromooo.monero@gmail.com
48B0 8161 FBDA DFE3 93AD FC3E 686F 0745 4D6C EFC3
```
## II. Security Response Team
- fluffypony
- luigi1111
- moneromooo
## III. Incident Response
1. Researcher submits report via one or both of two methods:
- a. Email
- b. [HackerOne](https://hackerone.com/monero)
2. Response Team designates a Response Manager who is in charge of the particular report based on availability and/or knowledge-set
3. In no more than 3 working days, Response Team should gratefully respond to researcher using only encrypted, secure channels
4. Response Manager makes inquiries to satisfy any needed information to confirm if submission is indeed a vulnerability
- a. If submission proves to be vulnerable, proceed to next step
- b. If not vulnerable:
- i. Response Manager responds with reasons why submission is not a vulnerability
- ii. Response Manager moves discussion to a new or existing ticket on GitHub if necessary
5. If over email, Response Manager opens a HackerOne issue for new submission
6. Establish severity of vulnerability:
- a. HIGH: impacts network as a whole, has potential to break entire network, results in the loss of monero, or is on a scale of great catastrophe
- b. MEDIUM: impacts individual nodes, wallets, or must be carefully exploited
- c. LOW: is not easily exploitable
7. Respond according to the severity of the vulnerability:
- a. HIGH severities must be notified on website and reddit /r/Monero within 3 working days of classification
- i. The notification should list appropriate steps for users to take, if any
- ii. The notification must not include any details that could suggest an exploitation path
- iii. The latter takes precedence over the former
- b. MEDIUM and HIGH severities will require a Point Release
- c. LOW severities will be addressed in the next Regular Release
8. Response Team applies appropriate patch(es)
- a. Response Manager designates a PRIVATE git "hotfix branch" to work in
- b. Patches are reviewed with the researcher
- c. Any messages associated with PUBLIC commits during the time of review should not make reference to the security nature of the PRIVATE branch or its commits
- d. Vulnerability announcement is drafted
- i. Include the severity of the vulnerability
- ii. Include all vulnerable systems/apps/code
- iii. Include solutions (if any) if patch cannot be applied
- e. Release date is discussed
9. At release date, Response Team coordinates with developers to finalize update:
- a. Response Manager propagates the "hotfix branch" to trunk
- b. Response Manager includes vulnerability announcement draft in release notes
- c. Proceed with the Point or Regular Release
## IV. Post-release Disclosure Process
1. Response Team has 90 days to fulfill all points within section III
2. If the Incident Response process in section III is successfully completed:
- a. Response Manager contacts researcher and asks if researcher wishes for credit
- b. Finalize vulnerability announcement draft and include the following:
- i. Project name and URL
- ii. Versions known to be affected
- iii. Versions known to be not affected (for example, the vulnerable code was introduced in a recent version, and older versions are therefore unaffected)
- iv. Versions not checked
- v. Type of vulnerability and its impact
- vi. If already obtained or applicable, a CVE-ID
- vii. The planned, coordinated release date
- viii. Mitigating factors (for example, the vulnerability is only exposed in uncommon, non-default configurations)
- ix. Workarounds (configuration changes users can make to reduce their exposure to the vulnerability)
- x. If applicable, credits to the original reporter
- c. Release finalized vulnerability announcement on website and reddit /r/Monero
- d. For HIGH severities, release finalized vulnerability announcement on well-known mailing lists:
- i. oss-security@lists.openwall.com
- ii. bugtraq@securityfocus.com
- e. If applicable, developers request a CVE-ID
- i. The commit that applied the fix is made reference too in a future commit and includes a CVE-ID
3. If the Incident Response process in section III is *not* successfully completed:
- a. Response Team and developers organize an IRC meeting to discuss why/what points in section III were not resolved and how the team can resolve them in the future
- b. Any developer meetings immediately following the incident should include points made in section V
- c. If disputes arise about whether or when to disclose information about a vulnerability, the Response Team will publicly discuss the issue via IRC and attempt to reach consensus
- d. If consensus on a timely disclosure is not met (no later than 90 days), the researcher (after 90 days) has every right to expose the vulnerability to the public
## V. Incident Analysis
1. Isolate codebase
- a. Response Team and developers should coordinate to work on the following:
- i. Problematic implementation of classes/libraries/functions, etc.
- ii. Focus on apps/distro packaging, etc.
- iii. Operator/config error, etc.
2. Auditing
- a. Response Team and developers should coordinate to work on the following:
- i. Auditing of problem area(s) as discussed in point 1
- ii. Generate internal reports and store for future reference
- iii. If results are not sensitive, share with the public via IRC or GitHub
3. Response Team has 45 days following completion of section III to ensure completion of section V
## VI. Resolutions
Any further questions or resolutions regarding the incident(s) between the researcher and response + development team after public disclosure can be addressed via the following:
delay = epee::net_utils::network_throttle_manager::get_global_throttle_in().get_sleep_time_after_tick( bytes_transferred ); // decission from global throttle
// ! (how ever if in some wonderful juristdictions that is not the case, then why not make another sub-class withat that members and licence it as epee part)
// ! Working on above premise, IF this is valid in your juristdictions, then consider this code as released as:
/// @author rfree (current maintainer in monero.cc project)
/// @brief interface for throttling of connection (count and rate-limit speed etc)
// Copyright (c) 2014-2017, The Monero Project
// Copyright (c) 2014-2018, The Monero Project
//
// All rights reserved.
//
@@ -34,8 +34,8 @@
/* rfree: also includes the manager for singeton/global such objects */
#ifndef INCLUDED_p2p_network_throttle_hpp
#define INCLUDED_p2p_network_throttle_hpp
#ifndef INCLUDED_network_throttle_hpp
#define INCLUDED_network_throttle_hpp
#include<boost/asio.hpp>
#include<string>
@@ -80,7 +80,8 @@ namespace net_utils
{
// just typedefs to in code define the units used. TODO later it will be enforced that casts to other numericals are only explicit to avoid mistakes? use boost::chrono?
typedefdoublenetwork_speed_kbps;
typedefdoublenetwork_speed_kbps;// externally, for parameters and return values, all defined in kilobytes per second
typedefdoublenetwork_speed_bps;// throttle-internally, bytes per second
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
