912ff6abe simplewallet: plug a timing leak (moneromooo-monero)
cc2fc0bc3 epee: allow a random component in once_a_time timeouts (moneromooo-monero)
c0f504787 wallet: reuse cached height when set after refresh (moneromooo-monero)
f98d9673e wallet2: fix is_synced checking target height, not height (moneromooo-monero)
98cdc8492 wallet: fix another facet of "did I get some monero" information leak (moneromooo-monero)
69b8aa5a2 wallet2: do not send an unnecessary last getblocks.bin call on refresh (moneromooo-monero)
2ca057402 wallet2: do not repeatedly ask for pool txes sent to us (moneromooo-monero)
Make sure it links to our libtinfo from our ncurses build.
Hardcode some basic terminal descriptions into our libtinfo.
Re-enable $HOME/.terminfo support to allow user customization.
Use unlikely terminfo-dir, to prevent accidentally using
differently-configured system databases.
As reported by Tramèr et al, timing of refresh requests can be used
to see whether a password was requested (and thus at least one output
received) since this will induce a delay in subsequent calls.
To avoid this, we schedule calls at a given time instead of sleeping
for a set time (which would make delays additive).
To further avoid a scheduled call being during the time in which a
password is prompted, the actual scheduled time is now randomized.
Refreshing sets cached height, which is otherwise got by calling
get_info. Since get_info is called upon needing to display a prompt
after a command has finished, it can be used to determine how much
time a given command took to run if the cache timeout lapses while
the command runs. Refreshing caches the height as a side effect, so
get_info will never be called as a result of displaying a prompt
after refreshing (and potentially leaking how much time it took to
process a set of transactions, therefore leaking whether we got
some monero in them).
Target height would be appropriate for the daemon, which syncs
off other daemons, but the wallet syncs off the daemon it's
connected to, and its target is the daemon's current height.
We get new pool txes before processing any tx, pool or not.
This ensures that if we're asked for a password, this does not
cause a measurable delay in the txpool query after the last
block query.
The "everything refreshed" state was detected when a refresh call did
not return any new blocks. This can be detected without that extra
"empty" call by comparing the claimed node height to the height of
the last block retrieved. Doing this avoids that last call, saves
some bandwidth, and makes the common refresh case use only one call
rather than two.
As a side effect, it prevents an information leak reported by
Tramèr et al: if the wallet retrieves a set of blocks which includes
an output sent to the refreshing wallet, the wallet will prompt the
user for the password to decode the amount and calculate the key
image for the new output, and this will delay subsequent calls to
getblocks.bin, allowing a passive adversary to note the delay and
deduce when the wallet receives at least one output.
This can still happen if the wallet downloads more than 1000 blocks,
since this will be split in several calls, but then the most the
adversary can tell is which 1000 block section the user received
some monero (the adversary can estimate the heights of the blocks
by calculating how many "large" transfers are done, which will be
sections of blocks, the last of which will usually be below 1000,
but the size of the data should allow the actual number of blocks
sent to be determined fairly accurately).
This timing trick still be used via the subsequent scan for incoming
txes in the txpool, which will be fixed later.
This lets a passive attacker with access to the network link
between node and wallet perform traffic analysis to deduce
when an idle wallet receives a transaction.
Reported by Tramèr et al.
3816ac2 build: fix building on Windows due to _FORTIFY_SOURCE changes in MSYS2 (iDunk5400)
78b076c Windows: enable high-entropy ASLR where available (iDunk5400)
This allows flushing internal caches (for now, the bad tx cache,
which will allow debugging a stuck monerod after it has failed to
verify a transaction in a block, since it would otherwise not try
again, making subsequent log changes pointless)
b3a9a4d add a quick early out to get_blocks.bin when up to date (moneromooo-monero)
2899379 daemon, wallet: new pay for RPC use system (moneromooo-monero)
ffa4602 simplewallet: add public_nodes command (moneromooo-monero)
Daemons intended for public use can be set up to require payment
in the form of hashes in exchange for RPC service. This enables
public daemons to receive payment for their work over a large
number of calls. This system behaves similarly to a pool, so
payment takes the form of valid blocks every so often, yielding
a large one off payment, rather than constant micropayments.
This system can also be used by third parties as a "paywall"
layer, where users of a service can pay for use by mining Monero
to the service provider's address. An example of this for web
site access is Primo, a Monero mining based website "paywall":
https://github.com/selene-kovri/primo
This has some advantages:
- incentive to run a node providing RPC services, thereby promoting the availability of third party nodes for those who can't run their own
- incentive to run your own node instead of using a third party's, thereby promoting decentralization
- decentralized: payment is done between a client and server, with no third party needed
- private: since the system is "pay as you go", you don't need to identify yourself to claim a long lived balance
- no payment occurs on the blockchain, so there is no extra transactional load
- one may mine with a beefy server, and use those credits from a phone, by reusing the client ID (at the cost of some privacy)
- no barrier to entry: anyone may run a RPC node, and your expected revenue depends on how much work you do
- Sybil resistant: if you run 1000 idle RPC nodes, you don't magically get more revenue
- no large credit balance maintained on servers, so they have no incentive to exit scam
- you can use any/many node(s), since there's little cost in switching servers
- market based prices: competition between servers to lower costs
- incentive for a distributed third party node system: if some public nodes are overused/slow, traffic can move to others
- increases network security
- helps counteract mining pools' share of the network hash rate
- zero incentive for a payer to "double spend" since a reorg does not give any money back to the miner
And some disadvantages:
- low power clients will have difficulty mining (but one can optionally mine in advance and/or with a faster machine)
- payment is "random", so a server might go a long time without a block before getting one
- a public node's overall expected payment may be small
Public nodes are expected to compete to find a suitable level for
cost of service.
The daemon can be set up this way to require payment for RPC services:
monerod --rpc-payment-address 4xxxxxx \
--rpc-payment-credits 250 --rpc-payment-difficulty 1000
These values are an example only.
The --rpc-payment-difficulty switch selects how hard each "share" should
be, similar to a mining pool. The higher the difficulty, the fewer
shares a client will find.
The --rpc-payment-credits switch selects how many credits are awarded
for each share a client finds.
Considering both options, clients will be awarded credits/difficulty
credits for every hash they calculate. For example, in the command line
above, 0.25 credits per hash. A client mining at 100 H/s will therefore
get an average of 25 credits per second.
For reference, in the current implementation, a credit is enough to
sync 20 blocks, so a 100 H/s client that's just starting to use Monero
and uses this daemon will be able to sync 500 blocks per second.
The wallet can be set to automatically mine if connected to a daemon
which requires payment for RPC usage. It will try to keep a balance
of 50000 credits, stopping mining when it's at this level, and starting
again as credits are spent. With the example above, a new client will
mine this much credits in about half an hour, and this target is enough
to sync 500000 blocks (currently about a third of the monero blockchain).
There are three new settings in the wallet:
- credits-target: this is the amount of credits a wallet will try to
reach before stopping mining. The default of 0 means 50000 credits.
- auto-mine-for-rpc-payment-threshold: this controls the minimum
credit rate which the wallet considers worth mining for. If the
daemon credits less than this ratio, the wallet will consider mining
to be not worth it. In the example above, the rate is 0.25
- persistent-rpc-client-id: if set, this allows the wallet to reuse
a client id across runs. This means a public node can tell a wallet
that's connecting is the same as one that connected previously, but
allows a wallet to keep their credit balance from one run to the
other. Since the wallet only mines to keep a small credit balance,
this is not normally worth doing. However, someone may want to mine
on a fast server, and use that credit balance on a low power device
such as a phone. If left unset, a new client ID is generated at
each wallet start, for privacy reasons.
To mine and use a credit balance on two different devices, you can
use the --rpc-client-secret-key switch. A wallet's client secret key
can be found using the new rpc_payments command in the wallet.
Note: anyone knowing your RPC client secret key is able to use your
credit balance.
The wallet has a few new commands too:
- start_mining_for_rpc: start mining to acquire more credits,
regardless of the auto mining settings
- stop_mining_for_rpc: stop mining to acquire more credits
- rpc_payments: display information about current credits with
the currently selected daemon
The node has an extra command:
- rpc_payments: display information about clients and their
balances
The node will forget about any balance for clients which have
been inactive for 6 months. Balances carry over on node restart.
b295e3c simplewallet: reinstate short payment id nag, only if non default (moneromooo-monero)
455f9e3 wallet2: ignore received unencrypted payment IDs (but warn hard) (moneromooo-monero)
19c0506 wallet: remove long payment ID sending support (moneromooo-monero)
4d0aadc wallet_rpc_server: don't report integrated addresses for 0 payment ID (moneromooo-monero)
added for mainnet, testnet, and stagenet.
server is owner by snipa, both snipa and I have access to it. No idea where its hosted.
xmrchain.net is a block explorer thats been around a while.
* Faster cache initialization with SSSE3/AVX2
* Automatic detection of CPU capabilities in RandomX
* Fixed a possible out-of-bounds access in superscalar program generator
* Use MONERO_RANDOMX_UMASK to manually disable RandomX flags in monerod
In case of a 0 tx weight, we use a placeholder value to insert in the
fee-per-byte set. This is used for pruning and mining, and those txes
are pruned, so will not be too large, nor added to the block template
if mining, so this is safe.
CID 204465
Use the lesser of the short and long terms medians, rather then
the long term median alone
From ArticMine:
I found a bug in the new fee calculation formula with using only the long term median
It actually needs to be the lesser of the long term median and the old (modified short term median)
short term median with the last 10 blocks calculated as empty
Yes the issue occurs if there is a large long term median and, the short term median then falls and tries to then rise again
The fees are could be not high enough
for example LTM and STM rise to say 2000000 bytes
STM falls back to 300000 bytes
Fees are now based on 2000000 bytes until LTM also falls
So the STM is could prevented from rising back up
STM short term median LTM long term median
If the peer (whether pruned or not itself) supports sending pruned blocks
to syncing nodes, the pruned version will be sent along with the hash
of the pruned data and the block weight. The original tx hashes can be
reconstructed from the pruned txes and theur prunable data hash. Those
hashes and the block weights are hashes and checked against the set of
precompiled hashes, ensuring the data we received is the original data.
It is currently not possible to use this system when not using the set
of precompiled hashes, since block weights can not otherwise be checked
for validity.
This is off by default for now, and is enabled by --sync-pruned-blocks
Usually it's unset, but depends toolchain files set it explicitly
for cross-compiling. Don't override preset values. But make sure
it's set for all x86 / x86_64 builds, not just Linux.
Also make sure -std=c++11 is set for Darwin builds, not all
submodules were getting it consistently before.
Unbound uses a 64 kb large character array on the stack, which
leads to a stack overflow for some libc implementations. musl
only gives 80 kb in total. This PR changes the stack size for
these threads to 1mb, which solves the segmentation fault.
Use shorter, prefix-unique directory names
gitian-builder -> builder
gitian-sigs -> sigs
monero-binaries -> out
Just use builder/inputs/monero, no need for 2nd repo clone
2cd4fd8 Changed the use of boost:value_initialized for C++ list initializer (JesusRami)
4ad191f Removed unused boost/value_init header (whyamiroot)
928f4be Make null hash constants constexpr (whyamiroot)
- easylogging assumes certain non-standard headers and functions
- these function only exist in glibc
- compiling under linux without glibc thus broke compilation
11f13da blockchain: fix logging bad number of blocks if first one fails (moneromooo-monero)
19bfe7e simplewallet: fix warnings about useless std::move (moneromooo-monero)
Resetting the timer after shutdown was initiated would keep
a reference to the object inside ASIO, which would keep the
connection alive until the timer timed out
Such a template would yield an invalid block, though would require
an attacker to have mined a long blockchain with drifting times
(assuming the miner's clock is roughly correct)
Fixed by crCr62U0
9f68669 blockchain_blackball: add --historical-stat which prints historical stats of spent ratio (stoffu)
2425f27blockchain_blackball: use is_output_spent instead of ringdb.blackballed for spentness test (stoffu)
50813c1 ringdb: fix bug in blackballing (stoffu)
d046ca1 difficulty: fix check_hash on big endian (moneromooo-monero)
bdda084 epee: fix local/loopback checks on big endian (moneromooo-monero)
32c3834 storages: fix writing varints on big endian (moneromooo-monero)
516f7b9 storages: fix 'portable' storage on big endian (moneromooo-monero)
0e2fda5 unit_tests: fix levin unit test on big endian (moneromooo-monero)
4672b5c db_lmdb: print percentages as percentages, not ratios (moneromooo-monero)
54fd97a slow-hash: fix CNv2+ on big endian (moneromooo-monero)
c1fa4a7 boost: fix little/big endian compatibility (moneromooo-monero)
bc1144e Fix IP address serialization on big endian (moneromooo-monero)
The problem actually exists in two parts:
1. When sending chunks over a connection, if the queue size is
greater than N, the seed is predictable across every monero node.
>"If rand() is used before any calls to srand(), rand() behaves as if
it was seeded with srand(1). Each time rand() is seeded with the same seed, it
must produce the same sequence of values."
2. The CID speaks for itself: "'rand' should not be used for security-related
applications, because linear congruential algorithms are too easy to break."
*But* this is an area of contention.
One could argue that a CSPRNG is warranted in order to fully mitigate any
potential timing attacks based on crafting chunk responses. Others could argue
that the existing LCG, or even an MTG, would suffice (if properly seeded). As a
compromise, I've used an MTG with a full bit space. This should give a healthy
balance of security and speed without relying on the existing crypto library
(which I'm told might break on some systems since epee is not (shouldn't be)
dependent upon the existing crypto library).
The issue is triggered by the captured `this` in RPC server, which
passes reference to throwable `core_rpc_server`:
`core_rpc_server.cpp:164: m_bootstrap_daemon.reset(new bootstrap_daemon([this]{ return get_random_public_node(); }));`
The solution is to simply remove noexcept from the remaining `bootstrap_daemon`
constructors because noexcept is false in this context.
>"An exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::asio::invalid_service_owner>>" is thrown but the throw list "noexcept" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate()."
One considers the blockchain, while the other considers the
blockchain and some recent actions, such as a recently created
transaction which spend some outputs, but isn't yet mined.
Typically, the "balance" command wants the latter, to reflect
the recent action, but things like proving ownership wants
the former.
This fixes a crash in get_reserve_proof, where a preliminary
check and the main code used two concepts of "balance".
When no little/big endian flag is given to the writer, it stores
data in host endianness. When loading, if no flag is set, it also
assumes host endianness. This works as long as the loading and
writing are done on machines with the same endianness.
We change this to default to little endian when saving. This will
cause the loader to see the little endian flag, and swap endianness
when loading on a big endian machine. Similarly, writing on a big
endian machine will swap on save, and a little endian machine will
load little endian data.
bdcdb0e Remove unused code under WINDWOS_PLATFORM guard (tomsmeding)
a84aa04 syncobj.h no longer defines shared_guard, so remove those define's (tomsmeding)
bdfc63a Add ref-counted buffer byte_slice. Currently used for sending TCP data. (vtnerd)
3b24b1d Added support for 'noise' over I1P/Tor to mask Tx transmission. (vtnerd)
The 98th percentile position in the agebytes map was incorrectly
calculated: it assumed the transactions in the mempool all have unique
timestamps at second-granularity. This commit fixes this by correctly
finding the right cumulative number of transactions in the map suffix.
This bug could lead to an out-of-bounds write in the rare case that
all transactions in the mempool were received (and added to the mempool)
at a rate of at least 50 transactions per second. (More specifically,
the number of *unique* receive_time values, which have second-
granularity, must be at most 2% of the number of transactions in the
mempool for this crash to trigger.) If this condition is satisfied, 'it'
points to *before* the agebytes map, 'delta' gets a nonsense value, and
the value of 'i' in the first stats.histo-filling loop will be out of
bounds of stats.histo.
It does not leak much since you can make a fair guess by RPC
version already, and some people want to avoid non release
clients when using third parties' nodes (because they'd never
lie about it)
The removed preprocessor macro's refer to types that are not defined in
the file anymore; the only other place where shared_guard is defined is
in winobj.h, which also defines the same macro's. Therefore, this change
is safe.
(Side note is that these macro's weren't used at all anyway, but that is
orthogonal to the issue.)
New CLI wallet variable: export-format with options "binary" (the default),
or "ascii". "Binary" behaves as before, "ascii" forces the wallet to convert
data to ASCII using base64.
Reading files from the disk tries to auto detect what format has been
used (using a magic string added when exporting the data).
Implements https://github.com/monero-project/monero/issues/2859
914b106 wallet_rpc_server: use original addresses in destinations in get_transfers (moneromooo-monero)
da694d4 functional_tests: add tests for pending/out transfer addresses (moneromooo-monero)
c8709fe wallet: do not print log settings when unset (moneromooo-monero)
7b18e83 unit_tests: check return values on test data parsing (moneromooo-monero)
Fixes issue with libtinfo5 being required by iconv1.15 but not installed
by default in latest Debian stable.
Tested with a fresh build of the Android image.
eeca5ca epee: support unicode in parsed strings (moneromooo-monero)
3e11bb5 functional_tests: test creating wallets with local language names (moneromooo-monero)
The check added here (in #5732/#5733) is supposed to disconnect behind
peers when the current node is syncing, but actually disconnects behind
peers always.
We are syncing when `target > our_height`, but the check here triggers
when `target > remote_height`, which is basically always true when the
preceding `m_core.have_block(hshd.top_id)` check is true.
fcbf7b3 p2p: propagate out peers limit to payload handler (moneromooo-monero)
098aadf p2p: close the right number of connections on setting max in/out peers (moneromooo-monero)
According to [1], std::random_shuffle is deprecated in C++14 and removed
in C++17. Since std::shuffle is available since C++11 as a replacement
and monero already requires C++11, this is a good replacement.
A cryptographically secure random number generator is used in all cases
to prevent people from perhaps copying an insecure std::shuffle call
over to a place where a secure one would be warranted. A form of
defense-in-depth.
[1]: https://en.cppreference.com/w/cpp/algorithm/random_shuffle
0605406 daemon: sort alt chains by height (moneromooo-monero)
4228ee0 daemon: add optional arguments to alt_chain_info (moneromooo-monero)
880ebfd daemon: add more chain specific info in alt_chain_info (moneromooo-monero)
new cli options (RPC ones also apply to wallet):
--p2p-bind-ipv6-address (default = "::")
--p2p-bind-port-ipv6 (default same as ipv4 port for given nettype)
--rpc-bind-ipv6-address (default = "::1")
--p2p-use-ipv6 (default false)
--rpc-use-ipv6 (default false)
--p2p-require-ipv4 (default true, if ipv4 bind fails and this is
true, will not continue even if ipv6 bind
successful)
--rpc-require-ipv4 (default true, description as above)
ipv6 addresses are to be specified as "[xx:xx:xx::xx:xx]:port" except
in the cases of the cli args for bind address. For those the square
braces can be omitted.
a96c1a46 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ab361df2 p2p: add a few missing connection close calls (moneromooo-monero)
1dbfc81 Add debug targets to depends Makefile (TheCharlatan)
cbbb24c Remove clutter in depends installed packages (TheCharlatan)
496cd46 Add ncurses package for linux and darwin readline (TheCharlatan)
Any peer that's behind us while syncing is useless to us (though
not to them). This ensures that we don't get our peer slots filled
with peers that we can't use. Once we've synced, we can connect
to them and they can then sync off us if they want.
Circumvents the need to create a new blockhashing blob when you already
know the data you want to set in the extra_nonce (so use this instead of
reserve_size).
The tar archives generated by gitian are currently unversioned. This
adds either a tag name when building from a tag, or a short commit id
when building from a commit hash.
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
Before this commit the icu4c repo was fetched from TheCharlatan's
repository. This step was made, because up until recently the source
code was hosted on sourceforge and their downloads proved very
unreliable. The origin is now the official icu4c repository.
Also remove some commented lines left over from development.
This commits adds the `--no-apt` flag to the gitian-build.py script.
This allows gitian builds to be run without root access and non-debian
based operating systems.
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
- Trezor: support for device address display (subaddress, integrated address)
- Wallet::API support added
- Simplewallet:
- address device [<index>]
- address new <label> // shows address on device also
- integrated_address [device] <payment_id|address> // new optional "device" arg to display also on the device
2eef90d6 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
0564da5f ensure no NULL is passed to memcpy (moneromooo-monero)
bc09766b abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
1387549e serialization: check stream good flag at the end (moneromooo-monero)
a00cabd4 tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
f2152192 cryptonote: throw on tx hash calculation error (moneromooo-monero)
db2b9fba serialization: fail on read_varint error (moneromooo-monero)
68ad5481 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
1cc61018 cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
8f66b705 cryptonote_protocol_handler: prevent potential DoS (anonimal)
39169ace epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
35da33be blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
4b51f9a3 core: do not commit half constructed batch db txn (moneromooo-monero)
9bfa4c20 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
3544596f Add ssl_options support to monerod's rpc mode. (Lee Clagett)
c9aaccf3 Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
When the wallet auto refreshes after mining the last two blocks
but before popping them, it will then try to use outputs which
are not unlocked yet. This is really a wallet problem, which
will be fixed later.
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.
Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.
The above (1.1) is patched in openssl, where it was marked as low severity. Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
3f612cda Changed odd bullet point to low level header (Rohaq)
af9bc4ec Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35 Made code block usage consistent across all .md files (Rohaq)
68103075 Updated Copyright notice (Rohaq)
39bd157f Added Table of Contents to main README.md (Rohaq)
add two RSA based ciphers for Windows/depends compatibility
also enforce server cipher ordering
also set ECDH to auto because vtnerd says it is good :)
When built with the depends system, openssl does not include any
cipher on the current whitelist, so add this one, which fixes the
problem, and does seem sensible.
98fb98f9 wallet_rpc_server: adding missing return on error in set_daemon (moneromooo-monero)
9074c0d8 wallet_rpc_server: return false on error in set_log_categories (moneromooo-monero)
968848a7 wallet_rpc_server: fix crash in validate_address if no wallet is loaded (moneromooo-monero)
If we have fewer outputs available on the chain than what we
require, but the output we're spending already has a ring,
it would loop picking outputs randomly, but never find enough.
Also tune logs for better debugging this kind of thing.
- Trezor type detection refactored, T1 disabled (was enabled before which was a bug)
- Sort connected devices by env TREZOR_PATH
- Compatibility with Trezor ecosystem using TREZOR_PATH env var
- Enables to pick particular Trezor to use in GUI as we don't have the multi-device selection yet
- Dump all detected devices to log for better debugging / troubleshooting
aba2b2e7 functional_tests: reset blockchain on test start (moneromooo-monero)
375fde94 hardfork: fix off by one updating fork index after popping (moneromooo-monero)
This can be used for fingerprinting and working out the
network topology.
Instead of sending the first N (which are sorted by last
seen time), we sent a random subset of the first N+N/5,
which ensures reasonably recent peers are used, while
preventing repeated calls from deducing new entries are
peers the target node just connected to.
The list is also randomly shuffled so the original set of
timestamps cannot be approximated.
In the case where previously a second unneeded output would be
added to a transaction. This should help *some* of the cases
where outputs are slowly being consolidated, leading to the
whole balance being locked when sending monero.
It can allocate a lot when getting a lot of connections
(in particular, the stress test on windows apparently pushes
that memory to actual use, rather than just allocated)
Boost got upgraded to 1.70.0 in MSYS2. As a result, cmake (v3.13.4 as of this commit) can not configure boost properly, and cmake configuration fails as a result. This is a workaround as per https://gitlab.kitware.com/cmake/cmake/issues/18865
d009f6dd rpc: fix get_block_hashes.bin from wallet on pruned blockchain (moneromooo-monero)
bb0ef5b1 blockchain: lock the blockchain while pruning (moneromooo-monero)
b3648232 daemon: fix ratio not being floating point (moneromooo-monero)
e1b097b9 core_rpc_server: remove dummy assigning int to bool (moneromooo-monero)
e9fac29a unit_tests/long_term_block_weight: some tweaks that seem to make more sense (stoffu)
467f4c7e tests/block_weight: use integer division when computing median (stoffu)
815d08dc tests/block_weight: remove unused MULTIPLIER_SMALL (stoffu)
661f1fb8 blockchain: remove unused calc of short_term_constraint (stoffu)
The db txn in add_block ending caused the entire overarching
batch txn to stop.
Also add a new guard class so a db txn can be stopped in the
face of exceptions.
Also use a read only db txn in init when the db itself is
read only, and do not save the max tx size in that case.
When closing connections due to exiting, the IO service is
already gone, so the data exchange needed for a gracious SSL
shutdown cannot happen. We just close the socket in that case.
Loading the same wallet as the currently loaded one would autosave
the current state after loading it, leading to some kind of rollback
effect. We now save before loading to avoid this. If loading fails,
it means the current wallet will be saved (or maybe not, depending
on where the failure occurs: most of the sanity checks occur before
saving). There is a new autosave_current flag to open/restore calls
so the (enabled by default) autosave can be skipped.
0eee6cd7 block_weight: catch exceptions in main for clean exit on error (moneromooo-monero)
4b3bb829 epee: init a new ssl related variable in ctor (moneromooo-monero)
I saw one when landing on www.tribler.org, and it seemed
like a good idea to have something similar, alongside some
more general "what is monero" text.
Also throw exceptions instead of print+exit, since that makes
the error print last, below the python stack trace, where it's
much less easy to miss it.
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
113e4877 blockchain_stats: fix sign in formatting function (moneromooo-monero)
adaea3ea various: remove unused variables (moneromooo-monero)
631ef00e blockchain: some debug info when adding txes-from-block fails (moneromooo-monero)
2e578b82 Enabling daemon-rpc SSL now requires non-system CA verification (Lee Clagett)
d58f3682 Require manual override for user chain certificates. (Lee Clagett)
97cd1fa9 Only check top-level certificate against fingerprint list. (Lee Clagett)
7c388fb3 Call `use_certificate_chain_file` instead of `use_certificate_file` (Lee Clagett)
eca0fea4 Perform RFC 2818 hostname verification in client SSL handshakes (Lee Clagett)
0416764c Require server verification when SSL is enabled. (Lee Clagett)
96d602ac Add `verify_fail_if_no_cert` option for proper client authentication (Lee Clagett)
21eb1b07 Pass SSL arguments via one class and use shared_ptr instead of reference (Lee Clagett)
1f5ed328 Change default SSL to "enabled" if user specifies fingerprint/certificate (Lee Clagett)
f18a069f Do not require client certificate unless server has some whitelisted. (Lee Clagett)
a3b02848 Change SSL certificate file list to OpenSSL builtin load_verify_location (Lee Clagett)
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
This allows "chain" certificates to be used with the fingerprint
whitelist option. A user can get a system-ca signature as backup while
clients explicitly whitelist the server certificate. The user specified
CA can also be combined with fingerprint whitelisting.
The former has the same behavior with single self signed certificates
while allowing the server to have separate short-term authentication
keys with long-term authorization keys.
If the verification mode is `system_ca`, clients will now do hostname
verification. Thus, only certificates from expected hostnames are
allowed when SSL is enabled. This can be overridden by forcible setting
the SSL mode to autodetect.
Clients will also send the hostname even when `system_ca` is not being
performed. This leaks possible metadata, but allows servers providing
multiple hostnames to respond with the correct certificate. One example
is cloudflare, which getmonero.org is currently using.
If SSL is "enabled" via command line without specifying a fingerprint or
certificate, the system CA list is checked for server verification and
_now_ fails the handshake if that check fails. This change was made to
remain consistent with standard SSL/TLS client behavior. This can still
be overridden by using the allow any certificate flag.
If the SSL behavior is autodetect, the system CA list is still checked
but a warning is logged if this fails. The stream is not rejected
because a re-connect will be attempted - its better to have an
unverified encrypted stream than an unverified + unencrypted stream.
Using `verify_peer` on server side requests a certificate from the
client. If no certificate is provided, the server silently accepts the
connection and rejects if the client sends an unexpected certificate.
Adding `verify_fail_if_no_cert` has no affect on client and for server
requires that the peer sends a certificate or fails the handshake. This
is the desired behavior when the user specifies a fingerprint or CA file.
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
Currently a client must provide a certificate, even if the server is
configured to allow all certificates. This drops that requirement from
the client - unless the server is configured to use a CA file or
fingerprint(s) for verification - which is the standard behavior for SSL
servers.
The "system-wide" CA is not being used as a "fallback" to verify clients
before or after this patch.
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
ae6885f6 blockchain: incremental long term block weight cache (moneromooo-monero)
9b687c78 blockchain: simple cache for the long term block weights (moneromooo-monero)
The original intent of one false positive a week on average
was not met, since what we really want is not the probability
of having N blocks in T seconds, but either N blocks of fewer
in T seconds, or N blocks or more in T seconds.
Some of this could be cached since it calculates the same fairly
complex floating point values, but it seems pretty fast already.
It allows one to connect to a running daemon or wallet, and use
its RPC API from python.
Usage: python -i console.py <port>
It will detect whether it's talking to a daemon or wallet and
initialize itself accordingly.
These commands let one freeze outputs by key image, so they
do not appear in balance, nor are considered when creating
a transaction, etc
This is helpful when receiving an output from a suspected spy,
who might try to track your other outputs by seeing with what
other outputs it gets spent.
The frozen command may be used without parameters to list all
currently frozen outputs.
- tests fixes for HF10, builder change, rct_config; fix_chain
- get_tx_key test
- proper testing after live refresh added
- live refresh synthetic test
- log available funds for easier test construction
- wallet::API tests with mocked daemon
- import only key images generated by cold signing process
- wallet_api: trezor methods added
- wallet: button request code added
- const added to methods
- wallet2::get_tx_key_device() tries to decrypt stored tx private keys using the device.
- simplewallet supports get_tx_key and get_tx_proof on hw device using the get_tx_key feature
- live refresh enables refresh with trezor i.e. computing key images on the fly. More convenient and efficient for users.
- device: has_ki_live_refresh added
- a thread is watching whether live refresh is being computed, if not for 30 seconds, it terminates the live refresh process - switches Trezor state
Manually initialize the array_entry_t iterator to ensure it points
to the correct m_array, thereby preventing a potential use-after-free
situation.
Signed-off-by: Guido Vranken <guidovranken@gmail.com>
- enables to perform rescan_spent / ki sync with untrusted daemon. Spent check status involves RPC calls which require trusted daemon status as it leaks information. The new call performs soft reset while preserving key images thus a sequence: refresh, ki sync / import, rescan_bc keep_ki will correctly perform spent checking without need for trusted daemon.
- useful to detect spent outputs with untrusted daemon on watch_only / multisig / hw-cold wallets after expensive key image sync.
- cli: rescan_bc keep_ki
If a thread asks to stop the miner, m_stop will be set, and
that thread will wait to join. If the main thread is exiting
at that time, it will ask the miner to stop, but the miner
will claim it's not mining and early out since m_stop is
set. This will cause the database and other things to get
shutdown. If the miner happens to find a block at that time,
it will try to call core, and crash.
Instead, lock and check whether any threads are currently
in m_threads, since they'll only be cleared once the threads
are joined. Moreover, since we lock, the second thread will
have to wait for the first one to have finished. Calling
join twice on a thread seems fine as per pthread_join(3).
This avoids the annoying case where the shell prints its prompt
after the last line from Monero output, causing line editing to
sometimes go wonky, for lack of a better term
It's better to just ignore them, the user does not really need
to know they're here. If the mask is wrong, they'll fail to be
used, and sweeping will fail as it tries to use it.
Reported by Josh Davis.
- return the right output data when offset is not zero
- do not consider import failed if result height is zero
(it can be 0 if unknown)
- select the right tx pubkey when using subaddresses (it's faster,
and we might select the wrong one if we got an output using one
of the additional tx keys)
- account for skipped outputs for spent/unspent balance info
"spent" is arguably wrong, since it will count spent change
multiple times as it goes through receive/spend cycles.
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
108c625b CryptonightR: define out i386/x86_64 specific code on other archs (moneromooo-monero)
1b8757dd slow-hash: fix build on arm (moneromooo-monero)
5057eb11 cmake: ARCH_ID fixes for cross compilation (TheCharlatan)
1f5680c8 simplewallet: add help for ask-password options (moneromooo-monero)
c7c74caf simplewallet: mark confirm-missing-payment-id as obsolete (moneromooo-monero)
0de14396 tests: add a CNv4 JIT test (moneromooo-monero)
24d281c3 crypto: plug CNv4 JIT into cn_slow_hash (moneromooo-monero)
78ab59ea crypto: clear cache after generating random program (moneromooo-monero)
b9a61884 performance_tests: add tests for new Cryptonight variants (moneromooo-monero)
fff23bf7 CNv4 JIT compiler for x86-64 and tests (SChernykh)
3dde67d8 blockchain: add v10 fork heights (moneromooo-monero)
2dbc487e Add support for V10 protocol with BulletProofV2 and short amount. (cslashm)
63cc02c0 Fix dummy decryption in debug mode (cslashm)
f0e55ceb fix log namespace (cslashm)
460da140 New scheme key destination contrfol (cslashm)
a17da720 Print the reason why a notification spec failed to parse (moneromooo-monero)
356d8137 blockchain: include number of discarded blocks in --reorg-notify (moneromooo-monero)
4d598e3d core: add a few more block rate window sizes (moneromooo-monero)
d4fb9641 core: add --block-rate-notify (moneromooo-monero)
28b6dbf2 notify: fix tokenizing being too strict (moneromooo-monero)
Minimalistic JIT code generator for random math sequence in CryptonightR.
Usage:
- Allocate writable and executable memory
- Call v4_generate_JIT_code with "buf" pointed to memory allocated on the previous step
- Call the generated code instead of "v4_random_math(code, r)", omit the "code" parameter
The 10 minute one will never trigger for 0 blocks, as it's still
fairly likely to happen even without the actual hash rate changing
much, so we add a 20 minute window, where it will (for 0 blocks)
and a one hour window.
This curbs runaway growth while still allowing substantial
spikes in block weight
Original specification from ArticMine:
here is the scaling proposal
Define: LongTermBlockWeight
Before fork:
LongTermBlockWeight = BlockWeight
At or after fork:
LongTermBlockWeight = min(BlockWeight, 1.4*LongTermEffectiveMedianBlockWeight)
Note: To avoid possible consensus issues over rounding the LongTermBlockWeight for a given block should be calculated to the nearest byte, and stored as a integer in the block itself. The stored LongTermBlockWeight is then used for future calculations of the LongTermEffectiveMedianBlockWeight and not recalculated each time.
Define: LongTermEffectiveMedianBlockWeight
LongTermEffectiveMedianBlockWeight = max(300000, MedianOverPrevious100000Blocks(LongTermBlockWeight))
Change Definition of EffectiveMedianBlockWeight
From (current definition)
EffectiveMedianBlockWeight = max(300000, MedianOverPrevious100Blocks(BlockWeight))
To (proposed definition)
EffectiveMedianBlockWeight = min(max(300000, MedianOverPrevious100Blocks(BlockWeight)), 50*LongTermEffectiveMedianBlockWeight)
Notes:
1) There are no other changes to the existing penalty formula, median calculation, fees etc.
2) There is the requirement to store the LongTermBlockWeight of a block unencrypted in the block itself. This is to avoid possible consensus issues over rounding and also to prevent the calculations from becoming unwieldy as we move away from the fork.
3) When the EffectiveMedianBlockWeight cap is reached it is still possible to mine blocks up to 2x the EffectiveMedianBlockWeight by paying the corresponding penalty.
Note: the long term block weight is stored in the database, but not in the actual block itself,
since it requires recalculating anyway for verification.
When all our outgoing peer slots are filled, we cycle one peer at
a time looking for syncing peers until we have at least two such
peers. This brings two advantages:
- Peers without incoming connections will find more syncing peers
that before, thereby strengthening network decentralization
- Peers will have more resistance to isolation attacks, as they
are more likely to find a "good" peer than they were before
NetBSD emits:
warning: Warning: reference to the libc supplied alloca(3); this most likely will not work. Please use the compiler provided version of alloca(3), by supplying the appropriate compiler flags (e.g. not -std=c89).
and man 3 alloca says:
Normally, gcc(1) translates calls to alloca() with inlined code. This is not done when either the -ansi, -std=c89, -std=c99, or the
-std=c11 option is given and the header <alloca.h> is not included. Otherwise, (without an -ansi or -std=c* option) the glibc version of
<stdlib.h> includes <alloca.h> and that contains the lines:
#ifdef __GNUC__
#define alloca(size) __builtin_alloca (size)
#endif
It looks like alloca is a bad idea in modern C/C++, so we use
VLAs for C and std::vector for C++.
Further speedups to icu compilation, it is faster to run the
pre-generated configure scripts.
Ensure that the native protobuf installation only generates the required
libraries and binaries.
Disable qt compilation when running travis on windows. Qt is used for
lrelease, the travis recipe instead usese the a local installation of
lrelease.
Remove various packages and options from the travis recipe.
Update Readline to version 8.0. The previously used url 404'd sometimes,
use the official gnu ftp server instead.
Remove unused cmake config.
Building with docker is arguably easier and more familiar to most people
than either kvm, or lxc.
This commit also relaxes the back compat requirement a bit. 32 bit linux
now uses glibc version 2.0. Also, the docker shell could not handle gcc arguments
containing spaces, so the explicit '-DFELT_TYPE' declaration was dropped.
Lastly, this removes some packages from the osx descriptor.
```
Undefined symbols for architecture x86_64:
"common_category()", referenced from:
make_error_code(common_error) in parse.cpp.o
make_error_code(common_error) in tor_address.cpp.o
"boost::system::detail::system_category_ncx()", referenced from:
boost::system::system_category() in parse.cpp.o
boost::system::system_category() in socks.cpp.o
boost::system::system_category() in libepee.a(net_utils_base.cpp.o)
"boost::system::detail::generic_category_ncx()", referenced from:
boost::system::generic_category() in parse.cpp.o
boost::system::generic_category() in socks.cpp.o
boost::system::generic_category() in tor_address.cpp.o
boost::system::generic_category() in libepee.a(string_tools.cpp.o)
boost::system::generic_category() in libepee.a(net_utils_base.cpp.o)
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[3]: *** [src/net/libnet.dylib] Error 1
make[2]: *** [src/net/CMakeFiles/net.dir/all] Error 2
```
The change made for v2 broke v1, and we have no way to know which
version we're serializing here. However, since we don't actually
care about space savings in this case, we continue serialiazing
both mask and amount.
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
According to [1], the ios_base::streampos member type is deprecated, and
removed in C++17. This type was an alias for pos_type, which this commit
uses instead.
[1]: https://en.cppreference.com/w/cpp/io/ios_base
tested on current FreeBSD 11.2-p4 , used master and release-v0.13 branchs of monero (w\o any patches)
`gmake` - success
`gmake release-static` - fail (-fPIC error, i think i need build dependencies from ports static instead install from pkg)
`gmake debug` - fail (wallet2.cpp.o - file not recognized: file format no recognized)
`gmake release-test` - success (100% passed)
- Support for ".onion" in --add-exclusive-node and --add-peer
- Add --anonymizing-proxy for outbound Tor connections
- Add --anonymous-inbounds for inbound Tor connections
- Support for sharing ".onion" addresses over Tor connections
- Support for broadcasting transactions received over RPC exclusively
over Tor (else broadcast over public IP when Tor not enabled).
23813c71 blockchain: add --reorg-notify (moneromooo-monero)
f6db59b0 notify: handle arbitrary tags (moneromooo-monero)
ff959216 notify: warn if the spec contains one of '"\ (moneromooo-monero)
13852678 common: set MONERO_DEFAULT_LOG_CATEGORY for notify and spawn (moneromooo-monero)
This will trigger if a reorg is seen. This may be used to do things
like stop automated withdrawals on large reorgs.
%s is replaced by the height at the split point
%h is replaced by the height of the new chain
%n is replaced by the number of new blocks after the reorg
cb3b4adb translations: update and sync all language files (erciccione)
dc0f618e utils: 'update-translations.sh' now removes obsolete strings (erciccione)
b6534c40 ringct: remove unused senderPk from ecdhTuple (moneromooo-monero)
7d375981 ringct: the commitment mask is now deterministic (moneromooo-monero)
99d946e6 ringct: encode 8 byte amount, saving 24 bytes per output (moneromooo-monero)
cdc3ccec ringct: save 3 bytes on bulletproof size (moneromooo-monero)
f931e16c add a bulletproof version, new bulletproof type, and rct config (moneromooo-monero)
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
c6d38718 core: include a dummy encrypted payment id when no payment is used (moneromooo-monero)
b7441c4a core, wallet: remember original text version of destination address (moneromooo-monero)
a9b1c04a crptonote_core: do not error out sending unparsable extra field (moneromooo-monero)
464097e5 blockchain_ancestry: allow getting ancestry of a single output (moneromooo-monero)
a6216d1a blockchain_db: allow getting output keys without commitment (moneromooo-monero)
15904610 simplewallet: remove extra colon in a few calls to input_secure_line (stoffu)
247dab73 simplewallet: avoid conversion to string in input_secure_line (stoffu)
bf9ef7ad simplewallet: factor yesno hint into input_line (stoffu)
This includes more fine grained configure options and skipping the
openssl and zlib dependencies when compiling qt. The zlib and libevent
packages are removed.
This involved a reorg of the code, to factor and speedup some bits,
as well as using the cache for all modes, and making both modes
usable in the same run.
Number matching semantics are slightly changed: since this is used
as a filter to check whether a number is signed and/or floating
point, we can speed this up further. strto* functions are called
afterwards and will error out where necessary. We now also accept
numbers like .4 which were not accepted before.
The strto* calls on a boost::string_ref will not access unallocated
memory since the parsers always stop at the first bad character,
and the original string is zero terminated.
in arbitrary time measurement units for some arbitrary test case:
match_number2: 235 -> 70
match_word2: 330 -> 108
5ee6f037 blockchain: fix wrong hf version when popping multiple blocks (moneromooo-monero)
634d359a blockchain: use the version passed as parameter, not a new one (moneromooo-monero)
94a375d5 hardfork: remove batch transactions setup (moneromooo-monero)
it occurred to me that someone discovering monero for the first time, through the code and actually reading the readme, would not have any indication of the design focuses of keeping monero decentralized, both in terms of the mining infrastructure and the low cost of node operation. I know the topic is sort of a ... wishy washy thing, but I tried to craft some language that gets the point across in general terms.
Half of the patch was correct, but half was introducing another bug,
where a wallet asking for a fork that the daemon does not know about
yet would decide to use those rules.
(1) If the user denies something on the Ledger,
a proper error message is now shown.
(2) Ledger doesn't time out anymore while waiting
on user input.
(3) Lower the timeout to 2 seconds, this is enough for
normal Ledger <-> System communication.
This avoids the constant message about needed to run refresh
to enter a password.
Also mention the txpool when asking for the password if the
reason is a pool tx.
get_output_key method is commonly used when working with txs and their key images. Because the method is not const, passing blockchain object though const& or pointers to const is not possible in this context. This is especially problematic in external projects (e.g., projects in moneroexamples) that use monero C++ api to operate on the blockchain and txs.
Thus, having get_output_key method will simplify moving blockchain object around through const references and pointers to const objects.
93c59b29 perf_timer: check allowed categories before logging (moneromooo-monero)
6a507dab perf_timer: add a way to get and reset the current time (moneromooo-monero)
c1581a5b perf_timer: only log to file (moneromooo-monero)
a13eb0a1 epee: speed up string matching a bit (moneromooo-monero)
3a3858dc epee: avoid string allocation when parsing a pod from string (moneromooo-monero)
`pacman -Syuu` can either upgrade or degrade the packages (depending upon the package lists), and should not be normally used. Instead of that, one should use `pacman -Syu` which only upgrades the packages.
6644b9b blockchain_db: remove a couple unused functions (moneromooo-monero)
ce594f5 blockchain_db: allocate known size vector only once (moneromooo-monero)
8332698 db_lmdb: inline check_open, it's trivial and called everywhere (moneromooo-monero)
5511563 db_lmdb: avoid pointless division (moneromooo-monero)
d1efe3d cryptonote: set tx hash on newly parsed txes when known (moneromooo-monero)
9cc68a2 tx_pool: add a few std::move where it can make a difference (moneromooo-monero)
While the lookups are faster, the zeroCommit calls have to be
done again when storing the new outputs in the db, which ends
up making the whole thing slower after all, and the ways this
can be cached aren't very nice code wise, so let's forget it
since the gains aren't very large anyway.
Help messages describe the commands usage. When users run the command
with wrong arguments, it usually helpfully offers the usage, too.
Unfortunately, these two usage messages were duplicated in the code and
started to get out of sync.
Fixing with constant strings.
- docker protobuf dependencies, cross-compilation
- device/trezor protobuf build fixes, try_compile
- libusb built under all platforms, used by trezor for direct connect
Depends still contained some leftovers, like the `wallet` target that
included bdb from bitcoin. This commit removes these unneeded targets,
the miniupnpc package and the berkeley db package. Reflect the changes
in the README as well.
ab783b17 easylogging++: ensure logger is initialized before main (moneromooo-monero)
9b69a0ae daemon: print monero version at startup when calling a detached daemon (moneromooo-monero)
4d71d463 mlocker: remove early page size log (moneromooo-monero)
a48f2dab blockchain_prune_known_spent_data: blackball file is now optional (moneromooo-monero)
17b45725 Outputs where all amounts are known spent can now be pruned (moneromooo-monero)
- checks if the device is in the correct usable state
- implements check for the v2.0.9 firmware which does not support payment IDs
- simple transacttion check, payment id fmt consistency
- minor fixes, refactoring, webusb session counting fix
When doing a first refresh on HW-token based wallet KI sync is required if money were received. Received money may indicate wallet was already used before the restore I.e., some transaction could have been already sent from the wallet. The spent UTXO would not be detected as spent which could lead to double spending errors on submitting a new transaction.
Thus if the wallet is HW-token based with the cold signing protocol and the first refresh detected received money the user is asked to perform the key image sync.
- adds a new option `--hw-device-deriv-path` to the simple wallet. Enables to specify wallet derivation path / wallet code (path avoided so it can be misinterpreted as a file path).
- devices can use different derivation mechanisms. Trezor uses standard SLIP-10 mechanism with fixed SLIP-44 prefix for Monero
- Trezor: when empty, the default derivation mechanism is used with 44'/128'/0'. When entered the derivation path is 44'/128'/PATH.
- Trezor: the path is always taken as elements are hardened (1<<31 bit turned on)
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
b36353e2 unit_tests: add some hex parsing test for non hex input (xiphon)
6671110c unit_tests: add a test for parse_hexstr_to_binbuff (moneromooo-monero)
f6187cd8 epee: speed up parse_hexstr_to_binbuff a little (Howard Chu)
It comes before the logger is initialized, so gets displayed
even though it should not be by default, and apparenly comes
too early for (some versions of) Android, where it crashes.
This avoids the miner erroring out trying to submit blocks
to a core that's already shut down (and avoids pegging
the CPU while we're busy shutting down).
- simple device callback object added. Device can request passphrase/PIN entry via the callback or notify user some action is required
- callback is routed to wallet2, which routes the callback to i_wallet_callback so CLI or GUI wallets can support passphrase entry for HW tokens
- wallet: device open needs wallet callback first - passphrase protected device needs wallet callback so user can enter passphrase
Only for pre rct for obvious reasons.
Note: DO NOT use a known spent list which includes outputs
which are not known spent. If the list includes any output
that's just strongly thought to be spent, but not provably
so, you risk finding yourself unable to sync past the point
where that output is spent.
I estimate only 200 MB saved on current mainnet though,
unless the new blackballing rule unearths a good amount of
large-amount-set extra spent outs.
Some of the inputs for block in a span will be from other earlier
blocks in that span. Keep track of those outputs so we don't have
to look them up again after those early blocks are added to the
blockchain.
Turns out getting the global shared_ptr hits the profile,
and passing it around still keeps it at close to ~1% CPU,
which is too much for mostly silent logging.
Leak the object instead, which is even safer for late logging.
- webusb transport based on libusb added. Provides direct access to Trezor via USB, no need for Trezor bridge.
- trezor protocol message handler improved, no recursion used. Ready for upcoming integration tests.
- libusb (for docker) bumped from v1.0.9 to v1.0.22, newer version required for webusb transport, for device enumeration.
- cmake improvements and fixes. Cmake Trezor checks are moved to a dedicated CheckTrezor.cmake file. In case of a problem Trezor is excluded from build.
- ifdefs made consistent to Ledger.
- UDP Transport enumeration disabled by default in release mode
Motivated by https://monero.stackexchange.com/questions/10483
Some exchanges appear to have customized the wallet software
in an inappropriate way, making the tx extra field partially
unreadable. PR #3716 changed the wallet behavior disallowing
such partially valid tx extra.
An example tx reported by the user is
e87c675a85f34ecac58a8846613d25062f1813e1023c552b705afad32b972c38
where the normal tx pubkey appears again with the aditional
tx pubkeys tag `04` which is inappropriate.
This prevents exceptions from showing up in various awkward
places such as dtors, since the only exception that can be
thrown is a lock failure, and nothing handles a lock failure
anyway.
03fc731b p2p: less frequent incoming connections check (moneromooo-monero)
14a5c206 p2p: tone down "no incoming connections" warning to info if in peers is 0 (moneromooo-monero)
This can go out of sync with m_core's nettype if you run in fakechain
mode since entering fakechain mode is done through code not the command
line and core_rpc_server only looks at the command line to figure out
the nettype.
5808530f blockchain: remove unused output_scan_worker parameter (moneromooo-monero)
1426209a blockchain: don't run threads if we have just one function to run (moneromooo-monero)
6f7a5fd4 db_lmdb: slight speedup getting array data from the blockchain (moneromooo-monero)
99fbe100 db_lmdb: save some string copies for readonly db keys/values (moneromooo-monero)
bf31447e tx_pool: speed up take_tx for transactions from blocks (moneromooo-monero)
4f005a77 tx_pool: remove unnecessary get_transaction_hash (moneromooo-monero)
593ef598 perf_timer: call reserve on new timer array (moneromooo-monero)
6ecc99ad core: avoid unnecessary tx/blob conversions (moneromooo-monero)
00cc1a16 unit_tests: notify test special case for the usual weirdo (moneromooo-monero)
6d3311ac libwallet_api_tests: add missing dependency on Boost Locale and ICU (stoffu)
f0459abb cmake: move Boost_LOCALE_LIBRARY out of ICU_LIBRARIES (stoffu)
The version prefix 'v' should just be set constantly.
Reflect this change in the README as well.
This should allow building commits as well, if a commit
is passed in instead of a tag.
73e504c1 rpc: adjust ring size error message now that too high is also possible (moneromooo-monero)
a5ca7f4f core: fix unmixable special case allowing ring size below 11 (moneromooo-monero)
To help protect one's privacy from traffic volume analysis
for people using Tor or I2P. This will really fly once we
relay txes on a timer rather than on demand, though.
Off by default for now since it's wasteful and doesn't bring
anything until I2P's in.
5f614ba9 simplewallet: print the number of show/all transfers (moneromooo-monero)
8d71b2b1 wallet2: only export necessary outputs and key images (moneromooo-monero)
769ae42a wallet2: faster output and key image import/export (moneromooo-monero)
Undefined symbols for architecture x86_64:
"cryptonote::core::get_output_distribution(unsigned long long, unsigned long long, unsigned long long, unsigned long long&, std::__1::vector<unsigned long long, std::__1::allocator<unsigned long long> >&, unsigned long long&) const", referenced from:
cryptonote::rpc::RpcHandler::get_output_distribution(cryptonote::core&, unsigned long long, unsigned long long, unsigned long long, bool) in rpc_handler.cpp.o
74fb3d88 multiexp: some minor speedups (moneromooo-monero)
a6d2e246 bulletproofs: only enable profiling on request (moneromooo-monero)
a110e6aa multiexp: tune which variants to use for which number of points (moneromooo-monero)
8b476722 bulletproofs: speedup prover (moneromooo-monero)
6f9ae5b6 multiexp: handle pippenger multiexps with part precalc (moneromooo-monero)
10e5a927 bulletproofs: maintain -z4, -z5, and -y0 to avoid subtractions (moneromooo-monero)
8629a42c bulletproofs: rework flow to use sarang's fast batch inversion code (moneromooo-monero)
fc9f7d9c bulletproofs: merge multiexps as per sarang's new python code (moneromooo-monero)
4061960a multiexp: pack the digits table when STRAUS_C is 4 (moneromooo-monero)
bf8e4b98 bulletproofs: some more minor speedup (moneromooo-monero)
c415df97 performance_tests: sc_check and ge_dsm_precomp (moneromooo-monero)
a281b950 bulletproofs: remove single value prover (moneromooo-monero)
484155d0 bulletproofs: some more speedup (moneromooo-monero)
a621d6c8 bulletproofs: random minor speedups (moneromooo-monero)
a49a1761 bulletproofs: shave off a lot of scalar muls from the g/h construction (moneromooo-monero)
4564a5d1 bulletproofs: speedup PROVE (moneromooo-monero)
15:43 < hahsun> Im on stagenet and I suddenly get this exception: 2018-11-04 14:42:52.416 [RPC0] ERROR wallet.wallet2 src/wallet/wallet2.cpp:2070 !m_blockchain.is_in_bounds(current_index). THROW EXCEPTION: error::out_of_hashchain_bounds_error
16:01 <+moneromooo> OK, possibly because the blckchain is always seeded with the genesis block hash...
16:02 <+moneromooo> So that case should be allowed, assuming it doesn't break the code around it.
16:05 <+moneromooo> OK if stop_height == size || (size==1 && stop_heigt ==0)
16:05 <+moneromooo> Throw if not that.
16:06 < hahsun> k
This happens for every historical tx when syncing, and the
unnecessary parsing is actually showing up on profile.
Since these are kept cached for just one block, this does
not increase memory usage after syncing.
It seems the more prudent thing to do here. It will not catch
attempts to use that value before it is initialized when using
ASAN or valgrind, but in a case where it does, it will have
smaller repercussions.
So it seems appropriate in this particular case.
Coverity 182498
Even if it is never relayed, it ensures a daemon supplying
fake outs on demand will never be asked for a set with the
real input being the only intersecting member (only a problem
with people who trust their privacy to some stranger's node,
but it seems to be a massively common thing, even in Monero)
3ffbec15 rpc: init m_rpc_version in Message ctor (moneromooo-monero)
bfa2dce1 rpc: remove unused ctors (moneromooo-monero)
7cc39845 account: init creation timestamp to 0 (moneromooo-monero)
32123789 wallet2: initialize some scalar fields in ctor where appropriate (moneromooo-monero)
4eca42b2 blockchain_db: initialize m_hardfork in ctor just in case (moneromooo-monero)
539debc4 Finish all contexts but simple_wallet, translate 23% of simple_wallet (sanecito)
ee71ba98 Add translations for Monero::PendingTransactionImpl, command_line Contexts (sanecito)
5c4fe3d4 Create Japanese file, add translations for "Monero::AddressBookImpl" and "Wallet" Contexts (sanecito)
- These functions are declared twice in slow-hash.c. Remove one of the copies.
- The declarations have the wrong return type, should be void, not int.
Function definitions here: 1e74586ee9/src/crypto/aesb.c (L151-L180)
Test plan: make release-test
0 is placeholder for whole chain, so we should compare chain
height changes rather than chain-height-or-zero. Even this isn't
totally foolproof if a blocks are popped and the same number
added again, but it is much better as it prevents the data from
slowly going out of sync.
Depends can now be compiled with `make depends target=$triple`, where
$triple is one of the supported build targets.
Adapt the Makefile for this change, remove not needed windows deps from
depends setup description.
00901e9c epee: initialize a few data members where it seems to be appropriate (moneromooo-monero)
144a6c32 abstract_tcp_server2: move m_period to subclass (moneromooo-monero)
758d7684 connection_basic: remove unused floating time start time (moneromooo-monero)
e5108a29 Catch more exceptions in dtors (moneromooo-monero)
c3b8328c daemon: do not run complex code in a signal handler (moneromooo-monero)
e736964a Remove epee header dependency on cryptonote_core (moneromooo-monero)
Windows is built with a seperate descriptor to handle additional changes
that need to be done to the end binary. Consolidate the gitian-build
script for this change.
The signature prepare tool and the gitian-builder git repo should be
checked for their content. For this purpose, checkout the gitian-builder
repo at a specific commit and take the sha256sum of the osslsigncode
tool.
This adds a build script to run gitian builds for linux.
The build script was copied from bitcoin and then adapted for monero.
Build step documentation is outlined in the README in the contrib/gitian
directory.
9acf42d3 Multisig M/N functionality core tests added (naughtyfox)
9f3963e8 Arbitrary M/N multisig schemes: * support in wallet2 * support in monero-wallet-cli * support in monero-wallet-rpc * support in wallet api * support in monero-gen-trusted-multisig * unit tests for multisig wallets creation (naughtyfox)
This removes some small amount of fingerprinting entropy.
There is no consensus rule to require this since this field
is technically free form, and a transaction is free to have
custom data in it.
2fbf38ee Fix 32bit depends builds (TheCharlatan)
17142ec9 malloc scratchpad for all supported android archs (m2049r)
6a781408 Make depends use self built clang for darwin (TheCharlatan)
69da14e1 fixes make debug compilation on OSX (Dusan Klinec)
fe125647 Fixup RENAME_DB() macro (Howard Chu)
b2972927 osx compilation fix: missing boost libs added (Dusan Klinec)
174f31bf simplewallet: don't complain about payment id on pool mined blocks (moneromooo-monero)
89288863 README: mention ASAN usage alongside valgrind (moneromooo-monero)
83debef9 wallet_rpc_server: remove verbose field in incoming_transfers query (moneromooo-monero)
a69271fa Fixed a typo (Piotr Kąkol)
92d1da28 unit_tests: fix build with GCC 5.4.0 on ubuntu (moneromooo-monero)
a21da905 Wallet: use unique_ptr for WalletImpl members (oneiric)
7a056f44 WalletAPI: multisigSignData bug fixed (naughtyfox)
43a06350 ringdb: use cursors to be a bit faster (moneromooo-monero)
7964d4f8 wallet2: handle corner case in picking fake outputs (moneromooo-monero)
6f5360b3 bump version to 0.13.0.1 (Riccardo Spagni)
cf470bf3 switch from master to rc (Riccardo Spagni)
* support in wallet2
* support in monero-wallet-cli
* support in monero-wallet-rpc
* support in wallet api
* support in monero-gen-trusted-multisig
* unit tests for multisig wallets creation
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero)
3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero)
a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero)
1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero)
fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero)
2e2139ff epee: do not propagate exception through dtor (moneromooo-monero)
0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero)
1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero)
418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero)
ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero)
6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero)
53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero)
e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero)
661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero)
5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero)
7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero)
a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero)
d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero)
02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero)
c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
The key image (which was only supplied if verbose was true) is
readily available, not a secret key, and it was only modelled
after the CLI command because it's a bit spammy for the CLI.
The configure script in hidapi and libsodium tried to find clang in /usr/bin,
even though the correct prefix was passed in. This sets the correct CC flag.
This was previously undetected, because clang and the sdk where
installed in the global environment.
This also fixes a subsequent error, where IOKIT and CoreFoundation are
not found, again for the reason stated above.
Clang needs to get its cctools path passed directly for the hid build to
succeed.
Make gperf a permanent external dependency.
Remove pcsc from depends.
If we originally think we have enough outputs on the blockchain
to pick random fake outputs, we might end up with not enough of
them if enough are actually blackballed.
Add a Travis build script for Monero. This was blatantly copied from
Bitcoin. It spawns jobs in docker containers running an ubuntu bionic
image.
This commit also a fixes a problem where librt was still linked, even
when compiling statically.
b2bb9312 blockchain: simplify output distribution code (moneromooo-monero)
befdcbf4 db_lmdb: do not use base for cumulative distribution (moneromooo-monero)
26a42fe5 Added features to epee::span<T> : - Support for classes - Added `remove_prefix` function - Added `to_mut_span` and `as_mut_byte_span` (Lee Clagett)
56b50faa wallet: use wipeable_string in more places where a secret is used (moneromooo-monero)
07ec748c wipeable_string: add hex_to_pod function (moneromooo-monero)
42397359 Fixup 32bit arm build (TheCharlatan)
a06d2581 Fix Windows build (TheCharlatan)
ecaf5b3f Add libsodium to the packages, the arm build was complaining about it. (TheCharlatan)
cbbf4d24 Adapt translations to upstream changes (TheCharlatan)
db571546 Updated pcsc url (TheCharlatan)
f0ba19fd Add lrelease to the depends (TheCharlatan)
cfb30462 Add Miniupnp submodule (TheCharlatan)
5f7da005 Unbound is now a submodule. Adapt depends for this. (TheCharlatan)
d6b9bdd3 Update readmes to reflect the usage of depends (TheCharlatan)
56b6e41e Add support for apple and arm building (TheCharlatan)
29311fd1 Disable stack unwinding for mingw32 depends build. (TheCharlatan)
8db3d573 Modify depends for monero's dependencies (TheCharlatan)
0806a23a Initial depends addition (TheCharlatan)
Implemented strategy splits total amount into N equal parts,
where N is a specified number of outputs. If N > 1, dummy
change output is NOT created.
rebased by moneromooo
'outputs' option allows to specify the number of
separate outputs of smaller denomination that will
be created by sweep operation.
rebased by moneromooo
This makes it easier to avoid bugs on the caller side if errors are
represented by non empty strings.
This fixes the refresh height setting in new wallets when no daemon
is running.
4cb1d879 blockchain_blackball: s/return false;/return 0;/ (moneromooo-monero)
9bdc9109 blockchain_blackball: use %zu for size_t (moneromooo-monero)
db3db093 blockchain_blackball: use mdb_size_t where appropriate (moneromooo-monero)
b1f05f58 blockchain_blackball: error out on fgets error (moneromooo-monero)
- device name is a new wallet property
- full device name is now a bit more structured so we can address particular device vendor + device path. Example: 'Ledger', 'Trezor:udp', 'Trezor:udp:127.0.0.1:21324', 'Trezor:bridge:usb01'. The part before ':' identifies HW device implementation, the optional part after ':' is device path to look for.
- new --hw-device parameter added to the wallet, can name the hardware device
- device reconnect added
4469b0c4 abstract_tcp_server2: fix binding to the wrong IP (moneromooo-monero)
8eab6147 epee: use the socket::bind variant which does not throw (moneromooo-monero)
a54dbaee blockchain_blackball: add --force-chain-reaction-pass flag (moneromooo-monero)
44439c32 record blackballs as amount/offset, and add export ability (moneromooo-monero)
4bce935b blockchain_blackball: more optimizations (moneromooo-monero)
b66ba783 blockchain_blackball: do not process duplicate blockchains parts (moneromooo-monero)
639a3c01 blockchain_blackball: make it clear secondary passes are not incremental (moneromooo-monero)
eb8a51be blockchain_blackball: detect spent outputs by partial ring reuse (moneromooo-monero)
d6d276c6 blockchain_blackball: fix chain reaction phase in incremental mode (moneromooo-monero)
2b2a681b blockchain_blackball: avoid false positives for different amounts (moneromooo-monero)
80e4fef3 blockchain_blackball: set transaction looping txn to read only (moneromooo-monero)
4801d6b5 blockchain_blackball: add stats (moneromooo-monero)
846190fd blockchain_blackball: support pre-v2 databases (moneromooo-monero)
daa6cc7d blockchain_blackball: use LMDB for the cache (moneromooo-monero)
50cb370d ringdb: allow blackballing many outputs at once (moneromooo-monero)
62511df6 wallet2: fix refresh retry when a block/tx fails to parse (moneromooo-monero)
b219c24c wallet2: trim hash chain after fast refresh of hashes (moneromooo-monero)
5b6bcca3 wallet2: fix checking the wrong vector when adding hashes (moneromooo-monero)
5019852a cn_deserialize: extract payment ids from extra nonce (moneromooo-monero)
2af1ec3a cn_deserialize: support pruned transactions (moneromooo-monero)
a4d2d842 blockchain_depth: add average min depth (moneromooo-monero)
289880d8 blockchain_depth: get the average min depth of a set of txes (moneromooo-monero)
628428a0 blockchain_ancestry: faster and uses less memory (moneromooo-monero)
2382484d blockchain_ancestry: add an incremental mode (moneromooo-monero)
888324fa blockchain_ancestry: finds all ancestors of a tx, block, or chain (moneromooo-monero)
This proposal allows to perform multiple compilation from different branch/arch in
separate directories.
Example:
build
├── GNU_Linux
│ ├── multi-compilation
│ │ └── release
│ └── NanoS-USBHID
│ └── release
└── Msys
└── NanoS-USBHID
└── release
Edit 1:
Try to handle special char as : / \ .
--data-dir in unit test not yet tested
Edit 2:
donot use param for uname. -o is not supported by MacOS.
9137ad2c blockchain: add a testnet v9 a day after v8 (moneromooo-monero)
ac4f71c2 wallet2: bump testnet rollback to account for coming reorg (moneromooo-monero)
8f418a6d bulletproofs: #include <openssl/bn.h> (moneromooo-monero)
2bf63650 bulletproofs: speed up the latest changes a bit (moneromooo-monero)
044dff5a bulletproofs: scale points by 8 to ensure subgroup validity (moneromooo-monero)
c83012c4 bulletproofs: match aggregated verification to sarang's latest prototype (moneromooo-monero)
ce0c7432 performance_tests: add padded bulletproof construction (moneromooo-monero)
1224e53b core_tests: add a test for 4-aggregated BP verification (moneromooo-monero)
0e6ed559 fuzz_tests: add a bulletproof fuzz test (moneromooo-monero)
463434d1 more comprehensive test for ge_p3 comparison to identity/point at infinity (moneromooo-monero)
d0a0565f unit_tests: add a few more multiexp unit tests (moneromooo-monero)
6526d87f core_tests: add a test for a tx with empty bulletproof (moneromooo-monero)
a129bbd9 multiexp: fix maxscalar off by one (moneromooo-monero)
7ed496cc ringct: error out when hashToPoint* returns the point at infinity (moneromooo-monero)
d1591853 cryptonote_basic: check output type before using it (moneromooo-monero)
61632dc1 ringct: prevent a potential very large allocation (moneromooo-monero)
a4317e61 crypto: some paranoid checks in generate_signature/check_signature (moneromooo-monero)
7434df1c crypto: never return zero in random32_unbiased (moneromooo-monero)
0825e974 multiexp: fix wrong Bos-Coster result for 1 non trivial input (moneromooo-monero)
a1359ad4 Check inputs to addKeys are in range (moneromooo-monero)
fe0fa3b9 bulletproofs: reject x, y, z, or w[i] being zero (moneromooo-monero)
5ffb2ff9 v8: per byte fee, pad bulletproofs, fixed 11 ring size (moneromooo-monero)
869b3bf8 bulletproofs: a few fixes from the Kudelski review (moneromooo-monero)
c4291762 bulletproofs: reject points not in the main subgroup (moneromooo-monero)
15697177 bulletproofs: speed up a few multiplies using existing Hi cache (moneromooo-monero)
0b05a0fa Add Pippenger cache and limit Straus cache size (moneromooo-monero)
51eb3bdc add pippenger unit tests (moneromooo-monero)
b17b8db3 performance_tests: add stats and loop count multiplier options (moneromooo-monero)
7314d919 perf_timer: split timer class into a base one and a logging one (moneromooo-monero)
d126a02b performance_tests: add aggregated bulletproof tx verification (moneromooo-monero)
263431c4 Pippenger multiexp (moneromooo-monero)
1ed0ed4d multiexp: cut down on memory allocations (moneromooo-monero)
1b867e7f precalc the ge_p3 representation of H (moneromooo-monero)
ef56529f performance_tests: document the tested bulletproof layouts (moneromooo-monero)
30111780 unit_tests: a couple more bulletproof unit tests for gamma (moneromooo-monero)
c444b1b2 require canonical multi output bulletproof layout (moneromooo-monero)
7e67c52f Add a define for the max number of bulletproof multi-outputs (moneromooo-monero)
2a8fcb42 Bulletproof aggregated verification and tests (moneromooo-monero)
126196b0 multiexp: some speedups (moneromooo-monero)
71d67bda aligned: aligned memory alloc/realloc/free (moneromooo-monero)
cb9ecab1 performance_tests: add signature generation/verification (moneromooo-monero)
bacf0a1e bulletproofs: add aggregated verification (moneromooo-monero)
e895c3de make straus cached mode thread safe, and add tests for it (moneromooo-monero)
7f48bf05 multiexp: bos coster now works for just one point (moneromooo-monero)
9ce9f8ca bulletproofs: add multi output bulletproofs to rct (moneromooo-monero)
f34e2e20 performance_tests: add tx checking tests with more than 2 outputs (moneromooo-monero)
0793184b performance_tests: add a --verbose flag, and default to terse (moneromooo-monero)
939bc223 add Straus multiexp (moneromooo-monero)
9ff6e6a0 ringct: add bos coster multiexp (moneromooo-monero)
e9164bb3 bulletproofs: misc optimizations (moneromooo-monero)
112f32f0 performance_tests: add crypto ops (moneromooo-monero)
f5d7b993 performance_tests: add bulletproofs (moneromooo-monero)
8f4ce989 performance_tests: add RingCT MLSAG gen/ver tests (moneromooo-monero)
1aa10c43 performance_tests: add (Borromean) range proofs (moneromooo-monero)
aacfd6e3 bulletproofs: multi-output bulletproofs (moneromooo-monero)
cb1cc757 performance_tests: don't override log level to 0 (moneromooo-monero)
- fix integer overflow in n_bulletproof_amounts
- check input scalars are in range
- remove use of environment variable to tweak straus performance
- do not use implementation defined signed shift for signum
Drop miniupnp and unbound depends builds. Make sure that build variables are propageted properly to unbound and miniupnp.
Rebase to after the v0.12 release
Add pcsc-lite to linux builds
Fixup windows icu4c linking with depends, the static libraries have an 's' appended to them
Compiling depends arm-linux-gnueabihf will allow you to compile armv6zk monero binaries
Add readline, ldns, graphviz, unbound to depends packages
Add a cmake toolchain file to depends that is uniquely created for every build and placed in triple/share/toolchain.cmake
This file is then passed to cmake with -DCMAKE_TOOLCHAIN_FILE=/path/to/triple/share/toolchain.cmake
Add the boost locale package to depends
In the depends cmake toolchain file, a DEPENDS flag is added
to exclude, or change cmake checks done that are required for depends
Link miniupnpc and unwind from depends and not external
Add libiconv and icu4c to depends, required for mingw32 builds.
Headers (winsock) need to be lower case in order to compile on unix systems.
This should not affect building on windows.
Depends cross compiles project dependencies for linux, mac and windows and multiple architectures.
Depends is original work by Cory Fields and used in bitcoin and a wide range of bitcoin related projects.
Contains two modifications to improve ASIC resistance: shuffle and integer math.
Shuffle makes use of the whole 64-byte cache line instead of 16 bytes only, making Cryptonight 4 times more demanding for memory bandwidth.
Integer math adds 64:32 bit integer division followed by 64 bit integer square root, adding large and unavoidable computational latency to the main loop.
More details and performance numbers: https://github.com/SChernykh/xmr-stak-cpu/blob/master/README.md
This uses less memory and makes it faster to load/save, though
makes it slower to run (which is actually faster since it would
previously start swapping anyway).
Let it be autodiscovered instead to avoid cmake thinking it's crosscompiling builds where host = target. This resolves a cmake configure error in MSYS2 caused by CMAKE_CROSSCOMPILING checks in #4294.
29dea03 epee: resize vectors where possible in serialization (moneromooo-monero)
76affd9 epee: some speedup in parsing (moneromooo-monero)
dc6c069 db_lmdb: speedup the get_output_distribution common case (moneromooo-monero)
76ac5a8 wallet2: ask for a binary output distribution, for speed (moneromooo-monero)
ea37614 wallet: wipe seed from memory where appropriate (moneromooo-monero)
e9ffa91 store secret keys encrypted where possible (moneromooo-monero)
70271fa common: add a class to safely wrap mlock/munlock (moneromooo-monero)
ab74dc2 crypto: make secret_key automatically mlock (moneromooo-monero)
This avoids constant rechecking of the same things each time
a miner asks for the block template. The tx pool maintains
a cookie to allow users to detect when the pool state changed,
which means the block template needs rebuilding.
This class will allow mlocking small objects, of which there
may be several per page. It adds refcounting so pages are only
munlocked when the last object on that page munlocks.
The secret spend key is kept encrypted in memory, and
decrypted on the fly when needed.
Both spend and view secret keys are kept encrypted in a JSON
field in the keys file. This avoids leaving the keys in
memory due to being manipulated by the JSON I/O API.
7f8bdeb easylogging++: make the logger handle early/late logging (moneromooo-monero)
bc8cbdb stack_trace: print stack traces on stdout if the logger isn't live (moneromooo-monero)
63e342b crypto: move null_pkey/null_skey to the cpp file (moneromooo-monero)
0496c7c crypto: do not use boost::value_initialized to init null skey/pkey (moneromooo-monero)
Many people are using this as a "let's see what this does" command
when something doesn't work as they thought it should, and thus
destroying info that they might still need.
Fixes failing test during Arch package build (due to attempt to write to
~/.bitmonero/...).
Prefix temp dir path with "monero-" because we are not putting it on the
system, so good to identify ourselves in case the dir gets left over due
to crash, etc.
149da42 db_lmdb: enable batch transactions by default (stoffu)
34cb6b4 add --regtest and --fixed-difficulty for regression testing (vicsn)
9e1403e update get_info RPC and bump RPC version (vicsn)
207b66e first new functional tests (vicsn)
This gets rid of the temporary precalc cache.
Also make the RPC able to send data back in binary or JSON,
since there can be a lot of data
This bumps the LMDB database format to v3, with migration.
34de7bc2 device_ledger: fix buffer underflow on bad data from device (moneromooo-monero)
41e9cab4 device: misc cleanup (moneromooo-monero)
3b4dec2d device_ledger: fix potential buffer overflow from bad size calc (moneromooo-monero)
Also added notes to WalletManager::verifyWalletPassword (which afaik seems unused
by anyone at the moment) regarding the need to unlock the keys file beforehand.
on_generateblocks RPC call combines functionality from the on_getblocktemplate and on_submitblock RPC calls to allow rapid block creation. Difficulty is set permanently to 1 for regtest.
Makes use of FAKECHAIN network type, but takes hard fork heights from mainchain
Default reserve_size in generate_blocks RPC call is now 1. If it is 0, the following error occurs 'Failed to calculate offset for'.
Queries hard fork heights info of other network types
1d17647 epee.string_tools: add conversion between UTF-8 and UTF-16 (stoffu)
59de6f8 util: add file_locker class (stoffu)
3d623a8 wallet: prevent the same wallet file from being opened by multiple processes (stoffu)
This is based on how much an attacking miner stands to lose in block
rewardy by mining a private chain which double spends a payment.
This is not foolproof, since mining is based on luck, and breaks
down as the attacking miner nears 50% of the network hash rate,
and the estimation is based on a constant block reward.
key derivation and checking for incoming outputs are threaded
in batch before adding blocks to the local blockchain. Other
minor bits and bobs are also cached.
8fc0cdb wallet2: lower default for subaddress lookahead when restoring with hardware (stoffu)
248310d Move parse_subaddress_lookahead() from simplewallet.cpp to util.cpp (stoffu)
46e90b7 Wallet API: add support for wallet creation from hardware device (stoffu)
use snprintf "just in case" where appropriate
consistently use unsigned for temp values
pass std::string by const ref rather than by value
add length check (which can't happen in practice) for memcpy
8962f00 simplewallet: add optional trusted/untrusted argument to set_daemon (moneromooo-monero)
941a608 util: consider Tor/I2P addresses to be non local (moneromooo-monero)
2b3357e README: mention --untrusted-daemon (moneromooo-monero)
f8dd433 epee: fix detection of 172.16.0.0/172.31.255.255 local IP range (moneromooo-monero)
5db9e3c unit_tests: add tests for local IP range detection (moneromooo-monero)
db55263 threadpool: allow constructing an object, and misc tweaks (moneromooo-monero)
ce173cb core: remove threadpool dependency from header (moneromooo-monero)
3147468 unit_tests: add threadpool unit test (moneromooo-monero)
9cc0d42 connection_context: remove state_ prefix from state names (moneromooo-monero)
d9d002c daemon: print peer state in sync_info (moneromooo-monero)
for privacy reasons, so an untrusted node can't easily track
wallets from IP address to IP address, etc. The granularity
is 1024 blocks, which is about a day and a half.
a connection's timeout is halved for every extra connection
from the same host.
Also keep track of when we don't need to use a connection
anymore, so we can close it and free the resource for another
connection.
Also use the longer timeout for non routable local addresses.
b26cd26 blockchain_utilities: do not link against unneeded p2p lib (moneromooo-monero)
66f4700 blockchain_blackball: add incremental mode (moneromooo-monero)
e09710f blockchain_blackball: also blackball N N-sized duplicate rings (moneromooo-monero)
Update readme to explain and warn about building master, and encourage (via example) to build release branches.
Also updated instance where example build instructions had 0.11.0 as the most recent release.
47fdb74 WalletApi: getMultisigInfo entry for gui wallets... (naughtyfox)
47fdb74 Refactored: work with wallet api statuses to make setting and getting operations atomic along with error strings (naughtyfox)
740da1b core: fix automatic safe db sync mode switching (moneromooo-monero)
e942d34 protocol: do not switch to unsafe sync mode for just a few blocks (moneromooo-monero)
These are unlikely to happen at random, but Wijaya et al made
a paper about it, so people might try it on purpose now (and it
turns out it's easy to add anyway)
use unsigned int to avoid having to range check negative numbers,
use const where possible, don't needlessly create empty objects,
use std::move where possible
This can happen if a peer tries to obtain the next span from other
peers if that span is needed for not downloaded yet. Also if the
peer maliciously requests a non existent block hash.
3880bf39 cryptonote_protocol_handler.inl: remove span read just now that failed to pass some basic tests (stoffu)
da249fd5 cryptonote_protocol_handler.inl: fix return type mismatches (int vs bool) (stoffu)
Those were added to the seed nodes list even when they had already
been added. Moreover, the current index was not reset after they
were added, typically causing previous seeds to be used, and some
of those fallback seeds to not be tried.
ffeeefde speedup get_output_histogram for all amounts when min_count > 0 (moneromooo-monero)
2dae0f20 wallet2: add missing parameters to get_output_histogram (moneromooo-monero)
f21df05 was never supposed to be merged into the master branch.
fluffypony merged #3670 before #3668 was rebased and resolved.
Note: the cherry-picked commit hashes are now invalid because #3670
was merged before #3668 was rebased with the updated repo location.
875c1cab wallet2: increase rpc timeout for get_output_distribution (moneromooo-monero)
70f23217 add top height to get_output_distribution, and cache it for rct (moneromooo-monero)
8c7363fb rpc: add missing perf timer for get_output_distribution (moneromooo-monero)
Though we only need miniupnpc, rebasing and maintaining a miniupnpc-only
repo is unrealistic.
(cherry picked from commit 3c40eb768c292a4dec79d7dffd6685fd37940a2a)
In file included from src/cryptonote_basic/hardfork.cpp:33:
In file included from src/blockchain_db/blockchain_db.h:42:
In file included from src/cryptonote_basic/hardfork.h:31:
contrib/epee/include/syncobj.h:37:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from src/rpc/daemon_handler.cpp:29:
In file included from src/rpc/daemon_handler.h:36:
In file included from src/p2p/net_node.h:41:
In file included from contrib/epee/include/net/levin_server_cp2.h:32:
In file included from contrib/epee/include/net/abstract_tcp_server2.h:324:
contrib/epee/include/net/abstract_tcp_server2.inl:44:10: fatal error: 'boost/thread/v2/thread.hpp' file not found
#include <boost/thread/v2/thread.hpp> // TODO
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
contrib/epee/include/math_helper.h: In member function 'bool epee::math_helper::average<val, default_base>::set_base()':
contrib/epee/include/syncobj.h:227:56: error: 'sleep_for' is not a member of 'boost::this_thread'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
contrib/epee/include/syncobj.h:227:56: note: suggested alternative: 'sleep'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^
contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL'
#define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x)
^~~~~~~~~
When additional keys was needed, the TX scan failed because the
derivation data was always recomputed with the main tx_key and not
the corresponding additional one.
Moreover this patch avoid perf decreasing when not using HW device.
73951cbd wallet2: request transactions in slices when scanning for known rings (moneromooo-monero)
25fe67e4 rpc: allow getting pruned blocks from gettransactions (moneromooo-monero)
c77d2bfa Add the possibility to export private view key for fast scan. (cslashm)
100b7bc1 Change mutex lock model to avoid dead lock and ensure locks are always released. (cslashm)
641dfc99 Automatic height setup when creating/restoring hw device. (cslashm)
eaa8bfe7 wallet2: set from_height of GET_OUTPUT_DISTRIBUTION correctly The previous expression (stoffu)
0a619f78 wallet2: enable the mitigation only after the fork height (stoffu)
A key image may be present more than once if all but one of the
txes spending that key image are coming from blocks. When loading
a txpool from storage, we must load the one that's not from a
block first to avoid rejection
and get them pruned in find_and_save_rings, since it does not need
the pruned data in the first place.
Also set decode_to_json to false where missing, we don't need this
either.
On client startup the device asks for authorization to export the private view key.
If user agree, the client hold the private view key allowing a fast blockchain scan.
If the user does not agree, the blockchain scan is fully done via the device.
When creating/restoring wallet, if --restore-height option is not used the current estimate
height is used for starting the scan. In other words it is assume we are creating a new account.
WalletApi: makeMultisig call introduced
WalletApi: finalizeMultisig call introduced
WalletApi: new calls exportMultisigImages and importMultisigImages
WalletApi: method to return multisig wallet creation state
WalletApi: create multisig transaction, sign multisig transaction, commit transaction and get multisig data are added
WalletApi: identation and style fixes
changed wording in hard fork section because reasons. Added prospective slot of next hardfork to communicate that more are coming because it never stops.
its everywhere and all at the same time.
Takes about 10 ms, which takes pretty much all of the get_info
RPC, which is called pretty often from wallets.
Also add a new lock so we don't need to lock the blockchain lock,
which will avoid blocking for a long time when calling the getinfo
RPC while syncing. Users of get_difficulty_for_next_block who need
the lock will have locked it already.
b86f1e5d Add command line option allowing to restrict the default sub-address lookahead in order to avoid so looooong time of set-up when creating a HW based wallet. (stoffu)
eac3a11e wallet: more user friendly print_ring (moneromooo-monero)
79853514 wallet2_api: add key reuse mitigations API (moneromooo-monero)
b057a21d wallet2_api: add ring api (moneromooo-monero)
d32ef7b0 ringdb: factor ring addition code (moneromooo-monero)
a7da8208 wallet2_api: add blackball api (moneromooo-monero)
2ab66ff1 liblmdb: install lmdb library for wallet2_api usage (stoffu)
504428ab ringdb: use the genesis block as a db name (moneromooo-monero)
b09e5181 wallet: add a set_ring command (moneromooo-monero)
0590f62a new blockchain_usage tool, reports on output usage (moneromooo-monero)
db10dd6d wallet: make ringdb an object with database state (moneromooo-monero)
df6fad4c blockchain_utilities: new blockchain_blackball tool (moneromooo-monero)
d29ea045 wallet: add an output blackball list to avoid using those in rings (moneromooo-monero)
18eaf194 wallet: key reuse mitigation options (moneromooo-monero)
5f146873 wallet: add shared ring database (moneromooo-monero)
41f727ce add RPC to get a histogram of outputs of a given amount (moneromooo-monero)
This will avoid careless forkers polluting the shared database
even if they make their own chain. They'll then automatically
start using another subdb, and any key-reusing fork of those
forks will reuse their subdbs.
It scans for known spent outputs and stores their public keys
in a database which can then be read by the wallet, which can
then avoid using those as fake outs in new transactions.
Usage: monero-blockchain-blackball db1 db2...
This uses the shared database in ~/.shared-ringdb
If a pre-fork output is spent on both Monero and attack chain,
any post-fork output can be deduced to be a fake output, thereby
decreasing the effective ring size.
The segregate-per-fork-outputs option, on by default, allows
selecting only pre-fork outputs in this case, so that the same
ring can be used when spending it on the other side, which does
not decrease the effective ring size.
This is intended to be SET when intending to spend Monero on the
attack fork, and to be UNSET if not intending to spend Monero
on the attack fork (since it leaks the fact that the output being
spent is pre-fork).
If the user is not certain yet whether they will spend pre-fork
outputs on a key reusing fork, the key-reuse-mitigation2 option
should be SET instead.
If you use this option and intend to spend Monero on both forks,
then spend real Monero first.
This maps key images to rings, so that different forks can reuse
the rings by key image. This avoids revealing the real inputs like
would happen if two forks spent the same outputs with different
rings. This database is meant to be shared with all Monero forks
which don't bother making a new chain, putting users' privacy at
risk in the process. It is placed in a shared data directory by
default ($HOME/.shared-ringdb on UNIX like systems). You may
use --shared-ringdb-dir to override this location, and should
then do so for all Monero forks for them to share the database.
a7266d6d wallet2+cli+rpc: eliminate redundant m_http_client from cli/rpc and delegate calls to wallet2 (stoffu)
71d18656 replace invoke_http_json("/json_rpc",...) with invoke_http_json_rpc("/json_rpc",methodname,...) to reduce boilerplate (stoffu)
4405e4fc wallet2: check_tx_key() shouldn't require hardware encryption (stoffu)
7dfa5e9e chacha: call prehashed version explicitly as generate_chacha_key_prehashed hash: add prehashed version cn_slow_hash_prehashed slow-hash: let cn_slow_hash take 4th parameter for deciding prehashed or not slow-hash: add support for prehashed version for the other 3 platforms (stoffu)
b2d23b18 crypto: revert odd namespace changes made in #3303 (stoffu)
8705beaf keypair::generate: always require hw::device to avoid possible mistake (stoffu)
27a196b1 device: untangle cyclic depenency (stoffu)
c9b38b47 device: made function prototypes consistent with pre-#3303 codebase (stoffu)
hash: add prehashed version cn_slow_hash_prehashed
slow-hash: let cn_slow_hash take 4th parameter for deciding prehashed or not
slow-hash: add support for prehashed version for the other 3 platforms
When #3303 was merged, a cyclic dependency chain was generated:
libdevice <- libcncrypto <- libringct <- libdevice
This was because libdevice needs access to a set of basic crypto operations
implemented in libringct such as scalarmultBase(), while libringct also needs
access to abstracted crypto operations implemented in libdevice such as
ecdhEncode(). To untangle this cyclic dependency chain, this patch splits libringct
into libringct_basic and libringct, where the basic crypto ops previously in
libringct are moved into libringct_basic. The cyclic dependency is now resolved
thanks to this separation:
libcncrypto <- libringct_basic <- libdevice <- libcryptonote_basic <- libringct
This eliminates the need for crypto_device.cpp and rctOps_device.cpp.
Also, many abstracted interfaces of hw::device such as encrypt_payment_id() and
get_subaddress_secret_key() were previously implemented in libcryptonote_basic
(cryptonote_format_utils.cpp) and were then called from hw::core::device_default,
which is odd because libdevice is supposed to be independent of libcryptonote_basic.
Therefore, those functions were moved to device_default.cpp.
91d97dd4 fuzz_tests: set small subaddress lookahead for speed (moneromooo-monero)
5f85cc7e wallet2: guard against overflowing of subaddress indices (moneromooo-monero)
* Removed the db package, as it is not required
* Added the libiconv package
* Updated the boost build instructions (added locale)
* Updated cppzmq to version 4.2.3 which does not require the symlink hack anymore
added missing hashes for boost patches
Fix the way the REAL mode is handle:
Let create_transactions_2 and create_transactions_from construct the vector of transactions.
Then iterate on it and resign.
We just need to add 'outs' list in the TX struct for that.
Fix default secret keys value when DEBUG_HWDEVICE mode is off
The magic value (00...00 for view key and FF..FF for spend key) was not correctly set
when DEBUG_HWDEVICE was off. Both was set to 00...00.
Add sub-address info in ABP map in order to correctly display destination sub-address on device
Fix DEBUG_HWDEVICE mode:
- Fix compilation errors.
- Fix control device init in ledger device.
- Add more log.
Fix sub addr control
Fix debug Info
Previously, a file containing the unencrypted Monero address was
created by default in the wallet's directory. This file might pose
as a privacy risk. The creation of this file is now opt-in and can
be enabled by providing
--create-address-file
In package mingw-w64-x86_64-icu, version 58.2-3, the names of static
library files were changed, which leads to changes in CMakeLists.txt as
needed for compiling for Windows.
- save the new keys file as FOO-watchonly.keys, not FOO.keys-watchonly
- catch any exception (eg, I/O errors) and error out
- print the new keys filename in simplewallet
e136bc6b tweaks to the monerov1 cryptonight algorithm (Lee Clagett)
d58c9ec9 slow-hash: optimized version (SChernykh)
608fd6f1 Monero Cryptonight variants, and add one for v7 (moneromooo-monero)
0e7ad2e2 Wallet API: generalize 'bool testnet' to 'NetworkType nettype' (stoffu)
af773211 Stagenet (stoffu)
cc9a0bee command_line: allow args to depend on more than one args (stoffu)
55f8d917 command_line::get_arg: remove 'required' for dependent args as they're always optional (stoffu)
450306a0 command line: allow has_arg to handle arg_descriptor<bool,false,true> #3318 (stoffu)
9f9e095a Use `genesis_tx` parameter in `generate_genesis_block`. #3261 (Jean Pierre Dudey)
* src/cryptnote_config.h: The constant `config::testnet::GENESIS_TX` was
changed to be the same as `config::GENESIS_TX` (the mainnet's transaction)
because the mainnet's transaction was being used for both networks.
* src/cryptonote_core/cryptonote_tx_utils.cpp: The `generate_genesis_block` function
was ignoring the `genesis_tx` parameter, and instead it was using the `config::GENESIS_TX`
constant. That's why the testnet genesis transaction was changed. Also five lines of unused
code were removed.
Signed-off-by: Jean Pierre Dudey <jeandudey@hotmail.com>
The basic approach it to delegate all sensitive data (master key, secret
ephemeral key, key derivation, ....) and related operations to the device.
As device has low memory, it does not keep itself the values
(except for view/spend keys) but once computed there are encrypted (with AES
are equivalent) and return back to monero-wallet-cli. When they need to be
manipulated by the device, they are decrypted on receive.
Moreover, using the client for storing the value in encrypted form limits
the modification in the client code. Those values are transfered from one
C-structure to another one as previously.
The code modification has been done with the wishes to be open to any
other hardware wallet. To achieve that a C++ class hw::Device has been
introduced. Two initial implementations are provided: the "default", which
remaps all calls to initial Monero code, and the "Ledger", which delegates
all calls to Ledger device.
Boost does not use Sourceforge anymore. Instead, their download links
point to dl.bintray.com.
Earlier today Sourceforge was down, and later the Boost downloaded file
checksum did not match, which further reinforces the need to change
the URL.
The logging to /tmp/bitmonero.daemon.stdout.stderr caused segfaults
if the /tmp mount was full (#2851).
Now the daemon is only logging to /tmp/bitmonero.daemon.stdout.stderr
in the debug builds.
When a block is added as part of a chunk (when syncing historical
blocks), a block may end up already in the blockchain if it was
added to the queue before being added to the chain (though it's
not clear how that could happen, but it's an implementation detail)
and thus may not be added to the chain when add_block is called.
This would cause m_blocks_txs_check to not be cleared, causing it
to get out of sync at next call, and thus wrongfully reject the
next block.
Since commit b0426d4c refresh height for a newly created wallet
connected to a sync'd daemon was off by a month. Now we only use
the 1 month safety margin if we're unable to talk to a daemon.
e4646379 keccak: fix mdlen bounds sanity checking (moneromooo-monero)
2e3e90ac pass large parameters by const ref, not value (moneromooo-monero)
61defd89 blockchain: sanity check number of precomputed hash of hash blocks (moneromooo-monero)
9af6b2d1 ringct: fix infinite loop in unused h2b function (moneromooo-monero)
8cea8d0c simplewallet: double check a new multisig wallet is multisig (moneromooo-monero)
9b98a6ac threadpool: catch exceptions in dtor, to avoid terminate (moneromooo-monero)
24803ed9 blockchain_export: fix buffer overflow in exporter (moneromooo-monero)
f3f7da62 perf_timer: rewrite to make it clear there is no division by zero (moneromooo-monero)
c6ea3df0 performance_tests: remove add_arg call stray extra param (moneromooo-monero)
fa6b4566 fuzz_tests: fix an uninitialized var in setup (moneromooo-monero)
03887f11 keccak: fix sanity check bounds test (moneromooo-monero)
ad11db91 blockchain_db: initialize m_open in base class ctor (moneromooo-monero)
bece67f9 miner: restore std::cout precision after modification (moneromooo-monero)
1aabd14c db_lmdb: check hard fork info drop succeeded (moneromooo-monero)
a99ef176 wallet-rpc: take subaddress account as arg for get_transfer_by_txid (stoffu)
77125096 wallet-rpc: rename *_INDEX_OUTOFBOUND into *_INDEX_OUT_OF_BOUNDS (stoffu)
bc61ae69 tx_pool: add a max pool size, settable with --max-txpool-size (moneromooo-monero)
3b4e6b35 txpool: increase unmined tx expiry to three days (moneromooo-monero)
f90c76be Return appropriate error code when there's no connection to daemon (Michał Sałaban)
3cb65b3f Return appropriate error code when not enough money for tx (Michał Sałaban)
628b78ae Fix in_peers/out_peers RPC operations (Erik de Castro Lopo)
ece9bcf5 rpc_client: Fix error handling (Erik de Castro Lopo)
8f30350d Fix method name in invoke_http_json_rpc (Erik de Castro Lopo)
32c0f908 Allow the number of incoming connections to be limited (Erik de Castro Lopo)
d609a2c1 Rename delete_connections to delete_out_connections (Erik de Castro Lopo)
b927c0fc Rename connections_count to max_out_connection_count (Erik de Castro Lopo)
* src/cryptnote_config.h: The constant `config::testnet::GENESIS_TX` was
changed to be the same as `config::GENESIS_TX` (the mainnet's transaction)
because the mainnet's transaction was being used for both networks.
* src/cryptonote_core/cryptonote_tx_utils.cpp: The `generate_genesis_block` function
was ignoring the `genesis_tx` parameter, and instead it was using the `config::GENESIS_TX`
constant. That's why the testnet genesis transaction was changed. Also five lines of unused
code were removed.
Signed-off-by: Jean Pierre Dudey <jeandudey@hotmail.com>
If an exception is thrown, it is ignored. While this may hide
a bug, this should only be system exceptions in boost, which
is pretty unlikely. Morever, wait should be called manually
before the dtor anyway. Add an error message if the dtor has
to wait in case some such cases creep in so they get fixed.
Coverity 182538
Previously, when outputs_amount == inputs_amount, the "m_overspend" property
was set, whereas "m_fee_too_low" would have been the correct property to set.
This is unlikely to ever occur and just something I've noticed while reading
through the code.
30c44bce wallet: automatically use low priority if safe (no backlog & recent blocks not full) (stoffu)
c903df5e simplewallet: bug fix for backlog estimate (stoffu)
2f5a9b6b wallet2: split estimate_backlog to allow for raw fee levels (moneromooo-monero)
fd1dfac5 p2p: don't lookup seed IPs if using an exclusive peer (moneromooo-monero)
b50182ae p2p: don't connect to seeds if using an exclusive peer (moneromooo-monero)
3160a930 wallet2: remove {set|get}_default_decimal_point and use the same funcs under cryptonote:: instead (stoffu)
7d1088d3 wallet2: make scan_output const and omit keys arg (stoffu)
bc1ee2c2 wallet2: make member functions const when possible (stoffu)
5ae617d5 simplewallet: single out 0 amount destinations as dummy ones (moneromooo-monero)
c1d19f3c wallet2: fix sweep_all sending an atomic unit (moneromooo-monero)
ge_scalarmult_p3
ge_double_scalarmult_precomp_vartime2_p3
ge_double_scalarmult_base_vartime_p3
This makes it possible to reuse the result without having to
convert back to unsigned char[32] and back to ge types.
9996d5e9 wallet2: guard against the dameon sending blocks before last checkpoint (moneromooo-monero)
eadaa6aa wallet_rpc_server: fix wallet leak on error exit (moneromooo-monero)
6d8b29ef fix some link errors in debug mode for macos (stoffu)
fdd4c5e5 move memwipe to epee to avoid common<->crypto circular dependencies (moneromooo-monero)
40ab12a7 epee: remove dependency on common (moneromooo-monero)
On some systems, there is a /usr/bin/lrelease wrapper even if the real
lrelease program is not installed. So let's try to execute lrelease
after it has been found by find_program to see if it is really working.
Define generate_translations_header as an external project to be able
to use the compilation toolchain for the host instead of the toolchain
for the target.
Reset thread-local info if it doesn't match the current env.
Only happens when a process opens/closes env multiple times in the
same process, doesn't affect monerod.
da0fd71d only include the easylogging++ stack trace code when needed (moneromooo-monero)
81b04cfa easlogging++: omit some unneded macros (moneromooo-monero)
Wallet caches and keys files are loaded with chacha8 as needed,
but only saved with chacha20. Other data (eg, cold wallet data
files, etc) will be incompatible.
cb9aa23c levin_protocol_handler_async: another attempt at fixing at exception (moneromooo-monero)
64d23ce3 Revert "epee: keep a ref to a connection we're deleting" (moneromooo-monero)
bd5cce07 network_throttle: fix ineffective locking (moneromooo-monero)
e0a61299 network_throttle: remove unused xxx static member (moneromooo-monero)
24f584d9 cryptonote_core: remove unused functions with off by one bugs (moneromooo-monero)
b1634aa3 blockchain: don't leave dangling pointers in this (moneromooo-monero)
8e60b81c cryptonote_core: fix db leak on error (moneromooo-monero)
213e326c abstract_tcp_server2: log init_server errors as fatal (moneromooo-monero)
b51dc566 use const refs in for loops for non tiny types (moneromooo-monero)
f0568ca6 net_parse_helpers: fix regex error checking (moneromooo-monero)
b49ddc76 check accessing an element past the end of a container (moneromooo-monero)
2305bf26 check return value for generate_key_derivation and derive_public_key (moneromooo-monero)
a4240d9f catch const exceptions (moneromooo-monero)
45a1c4c0 add empty container sanity checks when using front() and back() (moneromooo-monero)
56fa6ce1 tests: fix a buffer overread in a unit test (moneromooo-monero)
b4524892 rpc: guard against json parsing a non object (moneromooo-monero)
c2ed8618 easylogging++: avoid buffer underflow (moneromooo-monero)
187a6ab2 epee: trap failure to parse URI from request (moneromooo-monero)
061789b5 checkpoints: trap failure to load JSON checkpoints (moneromooo-monero)
ba2fefb9 checkpoints: pass std::string by const ref, not const value (moneromooo-monero)
38c8f4e0 mlog: terminate a string at last char, just in case (moneromooo-monero)
d753d716 fix a few leaks by throwing objects, not newed pointers to objects (moneromooo-monero)
fe568db8 p2p: use size_t for arbitrary counters instead of uint8_t (moneromooo-monero)
46d6fa35 cryptonote_protocol: sanity check chain hashes from peer (moneromooo-monero)
25584f86 cryptonote_protocol: print peer versions when unexpected (moneromooo-monero)
490a5d41 rpc: do not try to use an invalid txid in relay_tx (moneromooo-monero)
ca18ff64 wallet2: detect spends in txes without a valid public tx key (moneromooo-monero)
6afcd8e3 cn_deserialize: print tx extra fields in partly decoded tx extra (moneromooo-monero)
Fixes the unit test failure about SHA1 being unavailable,
and hopefully the monerod complaints about not being able
to verify DNSSEC.
Thanks to iDunk for the remote Windows testing.
If a queued job uses a waiter, then we want to run that waiter's
jobs in the current thread if all threads are busy, even if the
queue is empty, since there is no guarantee that any thread will
free up to take care of that new job, since all the threads might
be running a job which spawns such a recursive job and will block
till that recursive job is done, which it will never be since it
relies on the queue being polled by one of those blocked threads.
6c94516f wipeable_string: move a wipe from reserve to grow (moneromooo-monero)
5f801b6a wipeable_string: ignore reserve size less than actual size (moneromooo-monero)
9ec44a2b wipeable_string: fix clear and push_back (moneromooo-monero)
Scheme by luigi1111:
Multisig for RingCT on Monero
2 of 2
User A (coordinator):
Spendkey b,B
Viewkey a,A (shared)
User B:
Spendkey c,C
Viewkey a,A (shared)
Public Address: C+B, A
Both have their own watch only wallet via C+B, a
A will coordinate spending process (though B could easily as well, coordinator is more needed for more participants)
A and B watch for incoming outputs
B creates "half" key images for discovered output D:
I2_D = (Hs(aR)+c) * Hp(D)
B also creates 1.5 random keypairs (one scalar and 2 pubkeys; one on base G and one on base Hp(D)) for each output, storing the scalar(k) (linked to D),
and sending the pubkeys with I2_D.
A also creates "half" key images:
I1_D = (Hs(aR)+b) * Hp(D)
Then I_D = I1_D + I2_D
Having I_D allows A to check spent status of course, but more importantly allows A to actually build a transaction prefix (and thus transaction).
A builds the transaction until most of the way through MLSAG_Gen, adding the 2 pubkeys (per input) provided with I2_D
to his own generated ones where they are needed (secret row L, R).
At this point, A has a mostly completed transaction (but with an invalid/incomplete signature). A sends over the tx and includes r,
which allows B (with the recipient's address) to verify the destination and amount (by reconstructing the stealth address and decoding ecdhInfo).
B then finishes the signature by computing ss[secret_index][0] = ss[secret_index][0] + k - cc[secret_index]*c (secret indices need to be passed as well).
B can then broadcast the tx, or send it back to A for broadcasting. Once B has completed the signing (and verified the tx to be valid), he can add the full I_D
to his cache, allowing him to verify spent status as well.
NOTE:
A and B *must* present key A and B to each other with a valid signature proving they know a and b respectively.
Otherwise, trickery like the following becomes possible:
A creates viewkey a,A, spendkey b,B, and sends a,A,B to B.
B creates a fake key C = zG - B. B sends C back to A.
The combined spendkey C+B then equals zG, allowing B to spend funds at any time!
The signature fixes this, because B does not know a c corresponding to C (and thus can't produce a signature).
2 of 3
User A (coordinator)
Shared viewkey a,A
"spendkey" j,J
User B
"spendkey" k,K
User C
"spendkey" m,M
A collects K and M from B and C
B collects J and M from A and C
C collects J and K from A and B
A computes N = nG, n = Hs(jK)
A computes O = oG, o = Hs(jM)
B anc C compute P = pG, p = Hs(kM) || Hs(mK)
B and C can also compute N and O respectively if they wish to be able to coordinate
Address: N+O+P, A
The rest follows as above. The coordinator possesses 2 of 3 needed keys; he can get the other
needed part of the signature/key images from either of the other two.
Alternatively, if secure communication exists between parties:
A gives j to B
B gives k to C
C gives m to A
Address: J+K+M, A
3 of 3
Identical to 2 of 2, except the coordinator must collect the key images from both of the others.
The transaction must also be passed an additional hop: A -> B -> C (or A -> C -> B), who can then broadcast it
or send it back to A.
N-1 of N
Generally the same as 2 of 3, except participants need to be arranged in a ring to pass their keys around
(using either the secure or insecure method).
For example (ignoring viewkey so letters line up):
[4 of 5]
User: spendkey
A: a
B: b
C: c
D: d
E: e
a -> B, b -> C, c -> D, d -> E, e -> A
Order of signing does not matter, it just must reach n-1 users. A "remaining keys" list must be passed around with
the transaction so the signers know if they should use 1 or both keys.
Collecting key image parts becomes a little messy, but basically every wallet sends over both of their parts with a tag for each.
Thia way the coordinating wallet can keep track of which images have been added and which wallet they come from. Reasoning:
1. The key images must be added only once (coordinator will get key images for key a from both A and B, he must add only one to get the proper key actual key image)
2. The coordinator must keep track of which helper pubkeys came from which wallet (discussed in 2 of 2 section). The coordinator
must choose only one set to use, then include his choice in the "remaining keys" list so the other wallets know which of their keys to use.
You can generalize it further to N-2 of N or even M of N, but I'm not sure there's legitimate demand to justify the complexity. It might
also be straightforward enough to support with minimal changes from N-1 format.
You basically just give each user additional keys for each additional "-1" you desire. N-2 would be 3 keys per user, N-3 4 keys, etc.
The process is somewhat cumbersome:
To create a N/N multisig wallet:
- each participant creates a normal wallet
- each participant runs "prepare_multisig", and sends the resulting string to every other participant
- each participant runs "make_multisig N A B C D...", with N being the threshold and A B C D... being the strings received from other participants (the threshold must currently equal N)
As txes are received, participants' wallets will need to synchronize so that those new outputs may be spent:
- each participant runs "export_multisig FILENAME", and sends the FILENAME file to every other participant
- each participant runs "import_multisig A B C D...", with A B C D... being the filenames received from other participants
Then, a transaction may be initiated:
- one of the participants runs "transfer ADDRESS AMOUNT"
- this partly signed transaction will be written to the "multisig_monero_tx" file
- the initiator sends this file to another participant
- that other participant runs "sign_multisig multisig_monero_tx"
- the resulting transaction is written to the "multisig_monero_tx" file again
- if the threshold was not reached, the file must be sent to another participant, until enough have signed
- the last participant to sign runs "submit_multisig multisig_monero_tx" to relay the transaction to the Monero network
43f5269f Wallets now do not depend on the daemon rpc lib (moneromooo-monero)
bb89ae8b move connection_basic and network_throttle from src/p2p to epee (moneromooo-monero)
4abf25f3 cryptonote_core does not depend on p2p anymore (moneromooo-monero)
Partially implements #74.
Securely erases keys from memory after they are no longer needed. Might have a
performance impact, which I haven't measured (perf measurements aren't
generally reliable on laptops).
Thanks to @stoffu for the suggestion to specialize the pod_to_hex/hex_to_pod
functions. Using overloads + SFINAE instead generalizes it so other types can
be marked as scrubbed without adding more boilerplate.
41fc11fa Scheduled mandatory software upgrades (xmr-eric)
3b5382fe Keep VRP a proper noun (xmr-eric)
7160cbd6 CONTRIBUTING.md capitalization (xmr-eric)
f36ffc07 Shorten a title, remove a section, small edits (xmr-eric)
00179917 Capitalization on first word only (xmr-eric)
6ffae079 Readme.md: Normalize heading capitalization (xmr-eric)
3dffe71b new wipeable_string class to replace std::string passphrases (moneromooo-monero)
7a2a5741 utils: initialize easylogging++ in on_startup (moneromooo-monero)
54950829 use memwipe in a few relevant places (moneromooo-monero)
000666ff add a memwipe function (moneromooo-monero)
If a translation file exists in a "translations" directory located in
the same directory as the binary, it is used in priority (this can be
useful when working on translations as you don't have to recompile the
whole program all the time), and if no such file is found the embedded
translation file is used (if it exists).
This fixes a hang on exit due to race where a connection adds
itself to the server after the starting connections are closed,
but before the net server marks itself as stopped.
Binding RPC to 127.0.0.1 makes no sense. Despite the fact port 18081 is
exposed, no one will be able to connect to the daemon.
RPC should be listening at all interfaces when running inside a Docker
container.
27aa8ce9 net_utils_base: fix peer list parsing (moneromooo-monero)
fe5ab2c4 epee: fix kv_unserialize return value when a field is not found (moneromooo-monero)
Those are not serialized, but are restored from the outPk masks,
so depending on what tries to validate the tx, those commitments
may or may not be filled with valid data at the time. The outPk
masks are already hashed as part of the rctSigBase field.
c83d0b3e add bulletproofs from v7 on testnet (moneromooo-monero)
8620ef0a bulletproofs: switch H/G in Pedersen commitments to match rct (moneromooo-monero)
d58835b2 integrate bulletproofs into monero (moneromooo-monero)
90b8d9f2 add bulletproofs to the build, with basic unit tests (moneromooo-monero)
fe120264 perf_timer: add non scoped start/stop timer defines (moneromooo-monero)
ada42914 add a version of ge_double_scalarmult_precomp_vartime with A precomp (moneromooo-monero)
d43eef6d ringct: add a version of addKeys which returns the result (moneromooo-monero)
7ff07928 sc_mul and sc_muladd (luigi1111)
3d0b54bd epee: add do while(0) around brace statement in a macro (moneromooo-monero)
Deleted 3 out of 4 calls to method connection_basic::sleep_before_packet
that were erroneous / superfluous, which enabled the elimination of a
"fudge" factor of 2.1 in connection_basic::set_rate_up_limit;
also ended the multiplying of limit values and numbers of bytes
transferred by 1024 before handing them over to the global throttle
objects
9739da1e wallet_rpc_server: new relay_tx command (moneromooo-monero)
01dc8297 wallet: transfer RPC can now return tx metadata (pending_tx) (moneromooo-monero)
83fa9047 serialization: add std::set and std::unordered_set serialization (moneromooo-monero)
998777ec Tx proof (revised): - refactoring: proof generation/checking code was moved from simplewallet.cpp to wallet2.cpp - allow an arbitrary message to be signed together with txid - introduce two types (outbound & inbound) of tx proofs; with the same syntax, inbound is selected when <address> belongs to this wallet, outbound otherwise. see GitHub thread for more discussion - wallet RPC: added get_tx_key, check_tx_key, get_tx_proof, check_tx_proof - wallet API: moved WalletManagerImpl::checkPayment to Wallet::checkTxKey, added Wallet::getTxProof/checkTxProof - get_tx_key/check_tx_key: handle additional tx keys by concatenating them into a single string (stoffu)
- refactoring: proof generation/checking code was moved from simplewallet.cpp to wallet2.cpp
- allow an arbitrary message to be signed together with txid
- introduce two types (outbound & inbound) of tx proofs; with the same syntax, inbound is selected when <address> belongs to this wallet, outbound otherwise. see GitHub thread for more discussion
- wallet RPC: added get_tx_key, check_tx_key, get_tx_proof, check_tx_proof
- wallet API: moved WalletManagerImpl::checkPayment to Wallet::checkTxKey, added Wallet::getTxProof/checkTxProof
- get_tx_key/check_tx_key: handle additional tx keys by concatenating them into a single string
0d9c0db9 Do not build against epee_readline if it was not built (Howard Chu)
178014c9 split off readline code into epee_readline (moneromooo-monero)
a9e14a19 link against readline only for monerod and wallet-wallet-{rpc,cli} (moneromooo-monero)
437421ce wallet: move some scoped_message_writer calls from the libs (moneromooo-monero)
e89994e9 wallet: rejig to avoid prompting in wallet2 (moneromooo-monero)
ec5135e5 move input_line from command_line to simplewallet (moneromooo-monero)
082db75f move cryptonote command line options to cryptonote_core (moneromooo-monero)
wallet2 is a library, and should not prompt for stdin. Instead,
pass a function so simplewallet can prompt on stdin, and a GUI
might display a window, etc.
ec48e8d8 core: do not forbid txes without destination (moneromooo-monero)
523084bc core: don't add empty additional pub keys field to extra (moneromooo-monero)
cryptonote::miner::get_system_times(): Fetch the system's total and
idle time using sysctl kern.cp_time.
cryptonote::miner::get_process_time(): Use the same implementation as
Linux and OSX, the times(3) function conforms to POSIX.1 and is
available on FreeBSD.
cryptonote::miner::on_battery_power(): Try to fetch the battery status
using sysctl hw.acpi.acline. If that fails (if ACPI is not enabled on
the system), then try querying /dev/apm.
f3e09f36 hooked a dependency on libatomic on 32 bit machines if Clang is
used because compilation failed with:
`std::__atomic_base<unsigned long long>::load(std::memory_order) const':
/usr/bin/../lib/gcc/i686-pc-linux-gnu/6.1.1/../../../../include/c++/6.1.1/bits/atomic_base.h:396:
undefined reference to `__atomic_load_8'
But that does not happen on FreeBSD. The problem is likely that on Linux
Clang tries to use GCC-provided C++11 library. Further,
__atomic_load_8() (for 8-byte integers) is not readily available on 32
bit machines. From https://gcc.gnu.org/wiki/Atomic/GCCMM: "When lock
free instructions are not available (either through hardware or OS
support) atomic operations are left as function calls to be resolved by
a library."
This patch allows to filter out sensitive information for queries that rely on the pool state, when running in restricted mode.
This filtering is only applied to data sent back to RPC queries. Results of inline commands typed locally in the daemon are not affected.
In practice, when running with `--restricted-rpc`:
* get_transaction_pool will list relayed transactions with the fields "last relayed time" and "received time" set to zero.
* get_transaction_pool will not list transaction that have do_not_relay set to true, and will not list key images that are used only for such transactions
* get_transaction_pool_hashes.bin will not list such transaction
* get_transaction_pool_stats will not count such transactions in any of the aggregated values that are computed
The implementation does not make filtering the default, so developers should be mindful of this if they add new RPC functionality.
Fixes#2590.
Transactions in the txpool are marked when another transaction
is seen double spending one or more of its inputs.
This is then exposed wherever appropriate.
Note that being marked with this "double spend seen" flag does
NOT mean this transaction IS a double spend and will never be
mined: it just means that the network has seen at least another
transaction spending at least one of the same inputs, so care
should be taken to wait for a few confirmations before acting
upon that transaction (ie, mostly of use for merchants wanting
to accept unconfirmed transactions).
ff7745bb Edited test readme for accuracy and depth (Cole Lightfighter)
c300ae56 Added test documentation & Keccak unit test (Cole Lightfighter)
f6119a8e Added test documentation & Keccak unit test (Cole Lightfighter)
d0463312 fix libwallet api test after api change (Jaquee)
a46c1eed Wallet2: Don't throw when subaddress label doesn't exist (Jaquee)
086b7db2 Wallet API: default values for account and subaddr index (Jaquee)
It is safe in those cases, though might return slightly out of date
information if another thread is busy modifying the blockchain,
but it avoids potentially lengthy delays just to get things like
the current blockchain height.
Issue: #2575
Build instructions for OpenBSD 6.2:
* boost (built with clang)
* cppzmq
Fixed a issue, where cmake was not able to find and link against libressl in unbound.
restored OpenBSD 5.8 build instructions
Tests for checking proper error throwing for out-of-bounds subaddress
indexes, and proper addition of subaddresses.
Signed-off-by: Cole Lightfighter <cole@onicsla.bz>
They are actually wrong if the wallet is setup in a different
denomination, and it's incursion of extrinsic lingo where monero
fits perfectly in the first place.
This fixes linking when path to openssl
is defined manually:
cmake -DOPENSSL_ROOT_DIR='/usr/include/openssl-1.0;/usr/lib/openssl-1.0' ...
This is useful for building with OpenSSL v1.0
when default system installation is v1.1.
The linking error is undefined SSL_load_error_strings symbol.
This is due to -L /usr/lib/openssl-1.0 not making it onto
the linkline (so -lssl pulls in the default system openssl).
Fixes compile error when building with OpenSSL v1.1:
contrib/epee/include/net/net_helper.h: In member function ‘void epee::net_utils::blocked_mode_client::shutdown_ssl()’:
contrib/epee/include/net/net_helper.h:579:106: error: ‘SSL_R_SHORT_READ’ was not declared in this scope
if (ec.category() == boost::asio::error::get_ssl_category() && ec.value() != ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ))
^
contrib/epee/include/net/net_helper.h:579:106: note: suggested alternative: ‘SSL_F_SSL_READ’
See boost/asio/ssl/error.hpp.
Boost handles differences between OpenSSL versions.
cmake: fail if Boost is too old for OpenSSL v1.1
default install targets
Binaries available to download on https://getmonero.org/downloads/ as
embedding monerod, monero-wallet-{cli,rpc} and
monero-blockchain-{ex,im}port.
This change synchronise download results with a manual build from
source
22b51e06 db_lmdb: include chain height when failing to find an output key (moneromooo-monero)
5db433b3 blockchain: avoid exceptions in output verification (moneromooo-monero)
dc19659d Remove network_address_base which has been merged with ipv4_network_address in 8b006877 (Michał Sałaban)
2183ade0 Don't try to create wallet-dir when it's not given, don't crash if wallet-dir already exists. (Michał Sałaban)
In practice, this seems to cause monero-wallet-rpc to exit
when ^C quits whatever its output is piped into (such as tee),
but it saves, while it did not before.
The commands handler must not be destroyed before the config
object, or we'll be accessing freed memory.
An earlier attempt at using boost::shared_ptr to control object
lifetime turned out to be very invasive, though would be a
better solution in theory.
This is safer, as we don't risk break expectations (eg, requesting
block hashes and then receiving a late set of blocks). Dropping a
connection means another will be attempted in a fresh state.
Also bump the kick timeout to 5 minutes, to ensure we only kick
really idle peers.
15e62581 connection_context: initialize m_callback_request_count to 0 (moneromooo-monero)
5fa199c6 copyable_atomic: add a ctor with initial value (moneromooo-monero)
8b006877 Upgrades to epee::net_utils::network_address - internal nullptr checks - prevent modifications to network_address (shallow copy issues) - automagically works with any type containing interface functions - removed fnv1a hashing - ipv4_network_address now flattened with no base class (Lee Clagett)
- internal nullptr checks
- prevent modifications to network_address (shallow copy issues)
- automagically works with any type containing interface functions
- removed fnv1a hashing
- ipv4_network_address now flattened with no base class
792ba4f0 Log categories can now be added to and removed from (moneromooo-monero)
48f92eb6 easylogging++: add categories getter (moneromooo-monero)
f35afe62 epee: factor log level/categories setting (moneromooo-monero)
Lack of it results in `m_refresh_from_block_height` being < 0 (18446744...) on low heights, which blocks `process_new_blockchain_entry` and never process coins on heights less than blocks_per_month.
Follow-up to #2258
36c3465b wallet2: do not keep block hashes below last checkpoint (moneromooo-monero)
cdbbe99c checkpoints: add a token checkpoint on testnet (the genesis block) (moneromooo-monero)
493fad80 serialization: add deque serialization (moneromooo-monero)
fa54b205 fix typo in basic and core CMakeLists.txt (moneromooo-monero)
5d65a75b move checkpoints in a separate library (moneromooo-monero)
06a681cf performance_tests: add a test for is_out_to_acc_precomp (moneromooo-monero)
2ec928ba wallet2: simplify tx processing a bit (moneromooo-monero)
740e6533 wallet2: factor some of the tx scanning code (moneromooo-monero)
0aaaca29 tx_pool: set the "invalid input" bit when check_tx_inputs fails (moneromooo-monero)
9236823b simplewallet: print tx rejection reason where it was missing (moneromooo-monero)
3dee3301 core_rpc_server: print tx rejection reason at L0 too (moneromooo-monero)
6137a0b9 blockchain: reject unsorted ins and outs from v7 (moneromooo-monero)
16afab90 core: sort ins and outs key key image and public key, respectively (moneromooo-monero)
0c36b9f9 common: add apply_permutation file and function (moneromooo-monero)
It was always returning true, and could not be foreseen to
usefully return errors in the future. This silences CID 162652
as well as saves some checking code in a few places.
a15e8583 wallet2: guard against daemon sending txes in the wrong order (moneromooo-monero)
8fe5f609 rpc: order transactions in the order they were requested (moneromooo-monero)
Warning issued on older boost and/or OS:
In file included from /usr/include/boost/asio/detail/socket_types.hpp:61:0,
from /usr/include/boost/asio/detail/epoll_reactor.hpp:30,
from /usr/include/boost/asio/detail/reactor.hpp:21,
from /usr/include/boost/asio/detail/impl/task_io_service.ipp:24,
from /usr/include/boost/asio/detail/task_io_service.hpp:198,
from /usr/include/boost/asio/impl/io_service.hpp:71,
from /usr/include/boost/asio/io_service.hpp:767,
from /usr/include/boost/asio/basic_io_object.hpp:19,
from /usr/include/boost/asio/basic_socket.hpp:20,
from /usr/include/boost/asio/basic_datagram_socket.hpp:20,
from /usr/include/boost/asio.hpp:21,
from /home/vagrant/slave/monero-static-alpine-3_5-x86_64/build/src/common/download.cpp:32:
/usr/include/sys/poll.h:1:2: warning: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Wcpp]
#warning redirecting incorrect #include <sys/poll.h> to <poll.h>
Setting COMPILE_FLAGS (or COMPILE_OPTIONS) property directly does not
end up on the command line (even though it should because
add_compile_options does just that).
Also, set -Werror for tests as well, because no warnings now.
Not set for 'external' only because simply moving add_compile_options
above add_subdirectory(external) doesn't do it, and moving add_usbdirectory
down is too big of a change (it will pick up new flags).
-Werror set only for GCC on Linux, since warnings not yet
cleared for other compilers/systems.
ef005f5e p2p: add a couple early outs when the stop signal is received (moneromooo-monero)
80d361c7 abstract_tcp_server2: improve tracking/cancelling of early connections (moneromooo-monero)
9cad4981 readme.me again, fixed v2 fork info on table (Gingeropolous)
8f68291d README.md - update info for first fork (Gingeropolous)
43813327 README.md - update fork table with fork height (Gingeropolous)
0e7e307c update hardfork table with height and version info (Gingeropolous)
close might end up dropping a ref, ending up removing the
connection from m_connects, as the lock is recursive. This'd
cause an out of bounds exception and kill the idle connection
maker thread
87f58974 Docs: C4 revisions as discussed in #2174 (anonimal)
84d25d25 Docs: C4 development process addendum (anonimal)
e022c4e9 Docs: add C4 to contributing guide (anonimal)
0299cb77 Fix various oversights/bugs in ZMQ RPC server code (Thomas Winget)
77986023 json serialization for rpc-relevant monero types (Thomas Winget)
5c1e08fe Refactor some things into more composable (smaller) functions (Thomas Winget)
9ac2ad07 DRY refactoring (Thomas Winget)
And optimize import startup:
Remember start_height position during initial count_blocks pass
to avoid having to reread entire file again to arrive at start_height
The last known hash was calculated incorrectly, causing
further chain hash downloads to restart from the current
chain. When the block queue has close to 10k blocks waiting,
this causes frequent downloads of 10k more hashes, but
with only the last few hashes actually being useful.
It is unused, as it was apparently a future optimization,
and it leaks some information (though since pools publish
thei blocks they find, that amount seems small).
- Add some RPC commands (and touch up a couple others)
- some bounds checking
- some better pointer management
- const correctness and error handling
-- Thanks @vtnerd for type help with serialization and CMake changes
Structured {de-,}serialization methods for (many new) types
which are used for requests or responses in the RPC.
New types include RPC requests and responses, and structs which compose
types within those.
# Conflicts:
# src/cryptonote_core/blockchain.cpp
This commit refactors some of the rpc-related functions in the
Blockchain class to be more composable. This change was made
in order to make implementing the new zmq rpc easier without
trampling on the old rpc.
New functions:
Blockchain::get_num_mature_outputs
Blockchain::get_random_outputs
Blockchain::get_output_key
Blockchain::get_output_key_mask_unlocked
Blockchain::find_blockchain_supplement (overload)
functions which previously had this functionality inline now call these
functions as necessary.
This might prevent some calls to terminate when the LockedTXN
dtor is called as part of stack unwinding caused by another
exception in the first place.
4e0e4e99 blockchain_import: warn for chunks over 500000, not 100000 (moneromooo-monero)
5b29e87f blockchain_import: properly cleanup core/db on exit (moneromooo-monero)
e167c4d9 blockchain_import: do not error out on truncated files (moneromooo-monero)
c867357a cryptonote_protocol: error handling on cleanup_handle_incoming_blocks (moneromooo-monero)
ce901fcb Fix blockchain_import wedge on exception in cleanup_handle_incoming_blocks (moneromooo-monero)
84fa015e core: guard against exceptions in handle_incoming_{block,tx} (moneromooo-monero)
3d19ab70 Revert "Cleanup test impact of moving blockchain_db_types()" (Howard Chu)
a95e460c move db specific options to BlockchainDB (moneromooo-monero)
d58700e0 WalletAPI: only allow trusted daemon when importing key images (Jaquee)
8a9bbd26 WalletAPI: copy wallet data when creating a view only wallet (Jaquee)
d27fe32e wallet2: export/import wallet data functions (Jaquee)
225a25f3 import_key_images - allow importing without being connected to daemon (Jaquee)
5807529e blockchain: cap memory size of retrieved blocks (moneromooo-monero)
c1b10381 rpc: decrease memory usage a bit in getblocks.bin (moneromooo-monero)
3dd34a49 Cleanup test impact of moving blockchain_db_types() (Howard Chu)
80344740 More DB support cleanup (Howard Chu)
4c7f8ac0 DB cleanup (Howard Chu)
f906d87e wallet: new option to check/confirm txpool backlog when sending (moneromooo-monero)
55bec1f0 rpc: add a new RPC to get current txpool backlog (sizes and fees) (moneromooo-monero)
df0cffed cryptonote_protocol: warn if we see a higher top version we expect (moneromooo-monero)
317ab21a cryptonote_protocol: less strict check on top version on connect (moneromooo-monero)
cc81a371 cryptonote_protocol: update target height when syncing too (moneromooo-monero)
e2ad372b cryptonote_protocol: simplify and remove unnecessary casts (moneromooo-monero)
727e67ca cryptonote_protocol: print peer top height along with its version (moneromooo-monero)
b5345ef4 crypto: use malloc instead of alloca (moneromooo-monero)
80794b31 thread_group: set thread size to THREAD_STACK_SIZE (moneromooo-monero)
5524bc31 print peer id in 0 padded hex for consistency (moneromooo-monero)
8f8cc09b contrib: add sync_info to rlwrap command set (moneromooo-monero)
70b8c6d7 cryptonote_protocol: misc fixes to the new sync algorithm (moneromooo-monero)
64ab8844 rpc_client: print destination host/port when failing to connect (moneromooo-monero)
333f7012 http_client: add getters for host and port (moneromooo-monero)
Fix sync wedge corner case:
It could happen if a connection went into standby mode, while
it was the one which had requested the next span, and that span
was still waiting for the data, and that peer is not on the
main chain. Other peers can then start asking for that data
again and again, but never get it as only that forked peer does.
And various other fixes
If monerod is started with default sync mode, set it to SAFE after
synchronization completes. Set it back to FAST if synchronization
restarts (e.g. because another peer has a longer blockchain).
If monerod is started with an explicit sync mode, none of this
automation takes effect.
Hide DB types from db_types.h - no reason to recompile dependencies
when DB types change.
Also remove lingering in-memory DB references, they've been
obsolete since 9e82b694da
We don't actually need to keep them past the call to start, as this
adds them to the config object list, and so they'll then be cancelled
already when the stop signal arrives. This allows removing the periodic
call to cleanup connections.
e499ff33 simplewallet: factor out message_writer (moneromooo-monero)
7ed5ab47 scoped_message_writer: pause readline to match simplewallet (moneromooo-monero)
359517c7 wallet_rpc_server: fix possible privacy leak in on_import_key_images() (Jaquee)
20495b27 simplewallet: fix possible privacy leak in import_key_images() (Jaquee)
71e28760 debug_utilities: only build for debug builds (moneromooo-monero)
55e150ff debug_utilities: new object-sizes debug tool (moneromooo-monero)
fbaf5375 cn_deserialize: move to new debug_utilities subdirectory (moneromooo-monero)
b7d6ec83 simplewallet: add (out of sync) or (no daemon) markers in the prompt (moneromooo-monero)
fa23a500 wallet2: add a is_synced function (moneromooo-monero)
f1307bbd node_rpc_proxy: add a proxy for target height (moneromooo-monero)
5d4ef719 core: speed up output index unique set calculation (moneromooo-monero)
19d7f568 perf_timer: allow profiling more granular than millisecond (moneromooo-monero)
bda8c598 epee: add nanosecond timer and pause/restart profiling macros (moneromooo-monero)
35e01a6e cryptonote_protocol: fix "holes" in block download schedule (moneromooo-monero)
3da1edfd cryptonote_protocol: fix out of order addition (moneromooo-monero)
6edb1b3e block_queue: do not add empty spans (moneromooo-monero)
This was broken by the reorg fix, since we now have to add blocks
regardless of their starting height. We now check whether we know
the parent for the first block in the next span, or whether it was
requested. If neither, it's an orphan. If it is not known, but was
requested, we wait to get that block.
Add get_fork_version and add_ideal_fork_version to core so
cryptonote_protocol does not have to need the Blockchain
class directly, as it's not in its dependencies, and add
those to the fake core classes in tests too.
When a node is dropped, we stop considering its claimed blockchain
height as a factor in the target height calculation. This prevents
a runaway chain from being still thought to be the target even if
the nodes carrying it are dropped.
635929ea protocol: add checks for top block hard fork version (moneromooo-monero)
7482253a epee: fixup KV_SERIALIZE_OPT to work in more cases (moneromooo-monero)
We won't even talk to a peer which claims a wrong version
for its top block. This will avoid syncing to known bad
peers in the first place.
Also add IP fails when failing to verify a block.
With the new sync algorithm, the network overhead will be masked
as the thread adding blocks isn't interrupted by network calls
anymore. This should reduce memory usage a lot during sync.
c93b7692 blockchain_import: much faster when verifying with cryptonote::core (moneromooo-monero)
38756d00 core: new API to disable DNS checkpoint lookups (moneromooo-monero)
Quick test with the first 56569 blocks from mainnet
version verify batch time
old 0 200 1:16
new 0 200 0:57
old 0 5000 0:53
new 0 5000 0:51
old 1 200 est > 1h
new 1 200 10:21
old 1 5000 est > 1h
new 1 5000 8:27
dc0b312f wallet_rpc_server: optionally return tx blobs on transfer calls (moneromooo-monero)
5eb79983 epee: add a KV_SERIALIZE variant for optional parameters (moneromooo-monero)
Connections can be dropped by the net_node layer,
unbeknownst to cryptonote_protocol, which would then
not flush any spans scheduled to that connection,
which would cause it to be only downloaded again
once it becomes the next span (possibly after a small
delay if it had been requested less than 5 seconds
ago).
A block queue is now placed between block download and
block processing. Blocks are now requested only from one
peer (unless starved).
Includes a new sync_info coommand.
When scanning the txpool without having first updated the
blockchain, the tx would be seen as neither in the txpool
nor the chain, and removed, so it'd only reappear once the
chain is refreshed, and the tx seen in a block.
A sort+uniq step was done for every tx in a 200 block chunk,
causing a lot of repeated scanning as the size of the offset
map got larger with every added tx. We now do the step only
once at the end of the loop.
Doing it this way potentially uses more memory, but testing
shows that it's currently only about 2% more.
Nanosecond timer precision won't work on Windows, but we don't
care since I'm using that just for profiling incremental code
paths, but a Windows coder is welcome to add it if there's a way.
The version of miniupnpc in external/ uses API version 16, but the
code also seems to work for API version 10. Also remove detection
of older unsupported versions.
Asks user for all the data required to merge secret keys from multisig wallets into one master wallet, which then gets full control of the multisig wallet. The resulting wallet will be the same as any other regular wallet.
If the number of blocks to check was not a multiple of the
number of preparation threads, the last few blocks would
not be included in the threaded long hash calculation.
Those would still get calculated when the block gets added
to the chain, however, so this was only a tiny performance
hit, rather than a security bug.
This avoids having to include p2p_protocol_defs.h in util.h,
as util.h is used a lot, and p2p_protocol_defs.h includes
a lot of other things that most users don't need.
Library code should definitely not ask for console input unless
it's clearly an input function. Delegating the user interaction
part to the caller means it can now be used by a GUI, or have a
decision algorithm better adapted to a particular caller.
They used to be sorted by amount, which was fine before rct,
but is now suboptimal, since amounts are not known anymore.
In particular, it would give a recipient knowledge of whether
change was higher or lower than the amount received.
This was the case for monero-wallet-cli already, but not for
monerod, which was making it pretty spammy as it was duplicating
intended output. Since my original intent was to ensure logs
included command output for debugging, this achieves both.
02d66db4 tx_pool: initialize padding in txpool meta structure (moneromooo-monero)
0722aea3 cryptonote_core: initialize checkpoint flag (moneromooo-monero)
3b599d2b wallet2: get current height from the daemon on creation (moneromooo-monero)
d3bb72ff wallet2: fix infinite loop on future refresh height (moneromooo-monero)
32754784 wallet: fix refresh_from_height setting on new wallet (moneromooo-monero)
76043b17 monero-wallet-cli: hang on exit in readline code (#2117) (moneromooo-monero)
a73a42a6 monero-wallet-cli: hang on exit in readline code (#2117) (moneromooo-monero)
be9d4f04 Fix multiline wallet cli output with readline (Jethro Grassie)
readline_buffer: fix start/stop threads being starved by process
process could run for quite some time re-acquiring the process
lock, leaving start/stop starving. Yielding after unlock in
process is much better but doesn't seem to be enough to reliably
yield, so we sleep for a millisecond, which should be transparent
for user input anyway.
Signed-off-by: Jethro Grassie <jtg@xtrabass.com>
If the refresh height is in the future, the current code will
loop till the actual height reaches this. Fix it by bailing out
if we receive only three hashes, which is what we set in the
call parameters.
The previous patch was based on a wrong premise (that the
daemon height was 0 because the daemon calling code wasn't
yet initialized). In fact, current height approximation
was not setup for testnet. Fix this.
monero-wallet-cli commands which have multine output sometimes causes
issues with the readline support. This patch fixes show_transfers,
payments and incoming_transfers.
Existing tests: block, transaction, signature, cold outputs,
cold transaction.
Data for these is in tests/data/fuzz.
A convenience shell script is in contrib/fuzz_testing/fuzz.sh, eg:
contrib/fuzz_testing/fuzz.sh signature
The fuzzer will run indefinitely, ^C to stop.
Fuzzing is currently supported for GCC only. I can't get CLANG
to build Monero here as it dies on some system headers, so if
someone wants to make it work on both, that'd be great.
In particular, the __AFL_LOOP construct should be made to work
so that a given run can fuzz multiple inputs, as the C++ load
time is substantial.
07c4276c Don't issue a new timedsync while one is already in progress (Howard Chu)
cf3a376c Don't timeout a slow operation that's making progress (Howard Chu)
340830de Fix PR#2039 (Howard Chu)
d5f1cef7 simplewallet: removed unneeded LOCK_IDLE_SCOPE() from check_tx_key() (stoffu)
8df918f8 simplewallet: replace assert(m_wallet) with error out (stoffu)
8da82256 crypto: moved boost::lock_guard into a smaller scope (stoffu)
c9e0e944 Signature proving payment to destination by only revealing key derivation, not the actual tx secret key (stoffu)
It'd eat up a core constantly, due to spending its time jumping
back and forth between userland and kernel. We now wait for up
to a millisecond in kernel, which will be transparent to the user
and drop to idle most of the time.
This PR adds readline support to the daemon and monero-wallet-cli. Only
GNU readline is supported (e.g. not libedit) and there are cmake checks
to ensure this.
There is a cmake variable, Readline_ROOT_DIR that can specify a
directory to find readline, otherwise some default paths are searched.
There is also a cmake option, USE_READLINE, that defaults to ON. If set
to ON, if readline is not found, the build continues but without
readline support.
One negative side effect of using readline is that the color prompt in
the wallet-cli now has no color and just uses terminal default. I know
how to fix this but it's quite a big change so will tackle another time.
These files were pulled from the 1.6.3 release tarball.
This new version builds against OpenSSL version 1.1 which will be
the default in the new Debian Stable which is due to be released
RealSoonNow (tm).
A timedsync is issued every minute on a connection, but the input
tineout is 2 minutes. This means a new sync request could be issued
while a slow sync request was already in progress. The additional
request will further clog the network on a slow connection, and
cause a premature timeout.
Add fail-fast paths that reduce frustration around the misuse of
--wallet-file combined with --restore-deterministic-wallet. Flow now
gives more descriptive errors and avoids having users type in their
whole seed before the failure condition is noticed.
e2529347 Correct spelling of 'get_upper_transaction_size_limit' (Nano Akron)
3029d0ef Remove the 1.25x multiplier in max transaction size in just the wallet (Nano Akron)
With the recent change to wallet creation code, the code was
calling to the daemon before the wallet's daemon address was
initialized, and thus failing. This was causing all new wallets
to refresh from 0 instead of just fetching early block hashes.
All code which was using ip and port now uses a new IPv4 object,
subclass of a new network_address class. This will allow easy
addition of I2P addresses later (and also IPv6, etc).
Both old style and new style peer lists are now sent in the P2P
protocol, which is inefficient but allows peers using both
codebases to talk to each other. This will be removed in the
future. No other subclasses than IPv4 exist yet.
12fff108 Change Old_English to English_Old - 'Old English' is actually a language (Nano Akron)
533187f0 Change all wallet language names into native names (and scripts) (Nano Akron)
It sweeps all outputs below the given threshold
This is available via the existing sweep_all RPC, by setting
amount_threshold the desired amount (in atomic units)
a6d5bb75 wallet2: refer to triangular distribution for recent zone in comment (moneromooo-monero)
ac1aba90 wallet2: bias fake outs more towards recent outputs (moneromooo-monero)
aa02ff7f mv "Contributing" above install, compile, etc (Mike C)
a55bb375 Add link to CONTRIBUTING to README.md (Mike C)
09bbf96d Grouping CONTRIBUTING into digestable sections (Mike C)
dc35c736 Rename CONTRIBUTING to CONTRIBUTING.md (Mike C)
This avoids error spews from easylogging++ when we try to log
something before easylogging is initialized, which can happen
when errors happen at command line parsing time
It was wrongly refering to equiprobable distribution, which I think
I'd originally done, but forgot to update the comment after changing
to triangular
Reported by smooth on IRC
Two recent papers quantified the real usage bias for the
real output in a ring being the true one, and shows that
the current biasing is much too weak.
While we wait for a better solution, we increase the ratio
of recent-to-total fake outputs, as well as decrease the
time window for recent outputs, so that half the fake outs
are selected within the last 1.8 day. Value plucked from
figure 10, page 11 of An Empirical Analysis of Linkability
in the Monero Blockchain, 2017, Miller et al.
This is also arbitrary, of course, but serves as a stopgap
till a better selection algorithm is chosen.
EVP_dss1() was deprecated and EVP_sha1() is the direct replacement.
Upstream libunbound already has this patch. Note that I haven't
added a test for HAVE_EVP_DSS1 since that was deprecated quite a
long time ago in OpenSSL, there's really no reason to support it.
- Performance improvements
- Added `span` for zero-copy pointer+length arguments
- Added `std::ostream` overload for direct writing to output buffers
- Removal of unused `string_tools::buff_to_hex`
eb20f720 daemon: print average fee per byte in print_pool_stats (moneromooo-monero)
37be70bb daemon: add fee/byte when print pool transaction info (moneromooo-monero)
893f5a30 tx_pool: add blob size and fee/byte when logging a new tx (moneromooo-monero)
0ee018b4 wallet2: do not go over the target tx size if many destinations (moneromooo-monero)
9ae566d0 simplewallet: fix cold signing of split transactions (moneromooo-monero)
aae14a10 simplewallet: allow setting confirm-missing-payment-id in watch wallets (moneromooo-monero)
a28950da setThreadName moved in new version of easylogging++ (moneromooo-monero)
ea359b50 Fixup choice of easylogging++ vs libunwind stack trace code (moneromooo-monero)
1e6d8757 easylogging++: do not disable DEBUG level based on _DEBUG/NDEBUG (moneromooo-monero)
7a56fd6c easylogging++: detect DragonFly BSD as a UNIX (moneromooo-monero)
2c8b23e3 easylogging++: fix logging with static const header only data members (moneromooo-monero)
72663f4b easylogging++: allow clipping a common filename prefix (moneromooo-monero)
5bab0449 easylogging++: add file-only logs (moneromooo-monero)
db9dc7c2 eayslogging++: Fix bad memory access before opening any files (moneromooo-monero)
14620ca0 easylogging++: avoid creating directory/filename for the builtin default log file (moneromooo-monero)
0c1ad0ff easylogging++: Print thread ID in a nicer way (moneromooo-monero)
e7fabbd4 easylogging++: add categories (moneromooo-monero)
a8ac4f0a update easylogging++ to latest upstream (moneromooo-monero)
The section on contributing to the Monero project is buried deep below lots of other information in the main README. This PR moves that section (which is very small since it links to a different document) up to an easier to locate place just below License information.
If using a large input and many destinations, the code would
generate as many outputs as it could using that input, even if
it would bring the resulting tx above the max tx size.
They'd be rejected as suspicious as the change goes to more
than one destination. However, split transactions will most
likely include fake zero amount change to random addresses,
so we only consider change with non zero amount for this.
Because some people just won't even try to read what is written
and freak out because the word FATAL is in here, despite the
context making it clear it's not an error.
Pass relevant information to the base class instead of overwriting
default values later, use objects instead of pointers to objects
to avoid having to new objects unnecessarily.
With the change from the original transfer method to the new
algorithm, payments to the same destination were merged. It
seemed like a good idea, optimizing space. However, it is a
useful tool for people who want to split large outputs into
several smaller ones (ie, service providers making frequent
payments, and who do not like a large chunk of their balance
being locked for 10 blocks after each payment).
Default to off, which is a change from the previous behavior.
When a single input is enough to satisfy a transfer, the code would
previously try to add a second input, to match the "canonical" makeup
of a transaction with two inputs and two outputs. This would cause
wallets to slowly merge outputs till all the monero ends up in a
single output, which causes trouble when making two transactions
one after the other, since change is locked for 10 blocks, and an
increasing portion of the remaining balance would end up locked on
each transaction.
There are two new settings (min-output-count and min-output-value)
which can control when to stop adding such unneeded second outputs.
The idea is that small "dust" outputs will still get added, but
larger ones will not.
Enable with, eg:
set min-output-count 10
set min-output-value 30
to avoid using an unneeded second output of 30 monero or more, if
there would be less than 10 such outputs left.
This does not invalidate any other reason why such outputs would
be used (ie, when they're really needed to satisfy a transfer, or
when randomly picked in the normal course of selection). This may
be improved in the future.
91d41090 tx_pool: ensure txes loaded from poolstate.bin have their txid cached (moneromooo-monero)
aaeb164c tx_pool: remove transactions if they're in the blockchain (moneromooo-monero)
558cfc31 core, wallet: faster tx pool scanning (moneromooo-monero)
f065234b core: cache tx and block hashes in the respective classes (moneromooo-monero)
The txid is not saved, and we want to make sure the transactions
have their txid cached while in the pool, since get_transactions
copies the transaction object, so any txid calculation on those
copies would not benefit any later caller, since the original tx
would be left without a cached txid.
New pull request because I couldn't figure out how to change the previous one.
1. For clarity, I want to focus the help text for the 'transfer' command on the most typical use case (a single payment).
2. New users will prefer to use 'transfer', so the older method 'transfer_original' should refer to 'transfer' rather than the other way around.
7c033498 blockchain: lower the relay fee by 2% (moneromooo-monero)
266492e9 tx_pool: use new filling algorithm from v5 only (moneromooo-monero)
5b7c6ced wallet2: start using new fee priorities at v5, not 14 days laer (moneromooo-monero)
Asking for a full histogram from a remote node (since it's
untrusted) is pretty slow, and spams the remote node, so
we replace it by only adding a second input if we have rct
ones, which are for all intents and purposes always mixable.
This would otherwise be a silent noop, which is confusing.
This can happen if the daemon is started, but not yet ready
to service all requests, and this is a safe catch all.
Minimum mixin 4 and enforced ringct is moved from v5 to v6.
v5 is now used for an increased minimum block size (from 60000
to 300000) to cater for larger typical/minimum transaction size.
The fee algorithm is also changed to decrease the base per kB
fee, and add a cheap tier for those transactions which we do
not care if they get delayed (or even included in a block).
CryptoNight does exactly 524,288 iterations over the scratchpad as defined in CNS008, saying 500,000 could be confusing. I know its meant to give a rough idea (around 500k) to the reader but if you are reading the code, might as well know the exact number.
7d07c64f fix dependency: put HardFork back to cryptonote_basic, made some BlockchainDB functions virtual again to avoid missing symbols error (kenshi84)
Solution: updated the comments to reflect the current situation in terms of LMDB implementation and no longer recommend 'memory' for blockchain storage in production use.
b553c282 rpc: fix BUILD_TAG mispelling (BUILDTAG) (moneromooo-monero)
02097c87 core: print the "new update found" message in cyan, for visibility (moneromooo-monero)
749ebace download: check available disk space before downloading (moneromooo-monero)
f36c5f1e download: give download threads distinct names (moneromooo-monero)
f6211322 core: make update download cancellable (moneromooo-monero)
63f0e074 download: async API (moneromooo-monero)
9bf017ed http_client: allow cancelling a download (moneromooo-monero)
0d90123c http_client: allow derived class to get headers at start (moneromooo-monero)
cfa2564a blockchain: don't try to load an empty block hash set (moneromooo-monero)
38359036 blockchain_import: make --log-level understand categories (moneromooo-monero)
5fee8561 blockchain_export: make --log-level understand categories (moneromooo-monero)
50ebf661 blockchain_import: error out nicely on exceptions (moneromooo-monero)
87d57d9c blockchain_export: error out nicely on exceptions (moneromooo-monero)
If the blocks aren't being linked against a binary (such as
one of the blockchain utilities), the symbol will not be
NULL, but the size will be 0. This avoids a apurious warning
about the data hash.
This reverts commit d47dac9a88.
Callers actually expect the key to be payment id, so this
needs a lot more changes (like storing payment ids in the
structure, and possibly also to other existing structures
which do the same thing).
7a44f38a Add support for the wallet to refresh pruned blocks (moneromooo-monero)
da18898f ringct: do not require range proof in decodeRct/decodeRctSimple (moneromooo-monero)
b49c6ab4 rpc: add a default category for daemon rpc (moneromooo-monero)
f113b92b core: add functions to serialize base tx info (moneromooo-monero)
6fd4b827 node_rpc_proxy: allow caching daemon RPC version (moneromooo-monero)
b5c74e40 wallet: invalidate node proxy cache when reconnecting (moneromooo-monero)
9effa553 core: bound the amount of entries in bad tx semantics cache (moneromooo-monero)
240054a7 core: remove a couple unused/obsolete bits (moneromooo-monero)
This is to prevent unbounded memory use. Since I don't think there
is a container that has quick insert, quick lookup, and automatic
FIFO, I use two and swap every N, clearing the oldest one.
59013316 updates: remove testnet case (moneromooo-monero)
822577eb updates: we now have a user URL, and an automatic one (moneromooo-monero)
9f17b1a3 updates: s/monerod/monero/ for the main download (moneromooo-monero)
6a5dfb88 updates: add all update servers (moneromooo-monero)
72d40f13 updates: use HTTP, not HTTPS (moneromooo-monero)
708758b7 core: do not download an update we already downloaded (moneromooo-monero)
45101550 updates: use updates host, not downloads, for HTTP (moneromooo-monero)
You're wondering how this fixes core tests, aren't you...
It prevents the miner (initialized by cryptonote::core) from
breaking trying to access arguments that were not added.
Since the tests don't use the miner directly, it makes more
sense to have cryptonote_core add those, since it also uses
the miner.
load_txt_records_from_dns attempts to distribute `a = 0, b = -1` where
(b = dns_urls.size() - 1) and IntType is signed integer. This results in
an infinite recursion which leads to SIGSEGV.
They're now used by core to determine the data directory to use
for the txpool directory.
This fixes an assert in the core tests, which don't use the RPC
server, which normally initializes the P2P code.
a427235e core: add a missing newline on a string to be logged (moneromooo-monero)
b6a2230e unit_tests: fix minor blockchain_db regression (moneromooo-monero)
c488eca5 hardfork: tone down some logs (moneromooo-monero)
a5a0a3c8 core: updates can now be downloaded (and SHA256 hash checked) (moneromooo-monero)
216f062e util: add a SHA256 function (moneromooo-monero)
4bf78492 mlog: only silence errors for net by default, not net.* (moneromooo-monero)
d282cfcc core: test key images against validity domain (moneromooo-monero)
efb72e74 http_client: add a couple consts (moneromooo-monero)
f640512c Optionally query moneropulse DNS records to check for updates (moneromooo-monero)
e3cae4ae core: display any fork warning at startup too (moneromooo-monero)
969ad710 dns_utils: fix first checked DNS entry being ignored (moneromooo-monero)
08c3f380 util: add a vercmp function to compare version numbers (moneromooo-monero)
e8a7525c dns_utils: factor TXT record loading code from checkpoint code (moneromooo-monero)
bed2d9f2 Get rid of directory lock (Howard Chu)
2e913676 Handle map resizes from other processes (Howard Chu)
bf1348b7 Can't cache num_txs or num_outputs either (Howard Chu)
dc53e9ee Add a few read txns to streamline (Howard Chu)
A relatedness check was meant to be done in the case of adding
an extra output if just one was enough. This was mistakenly
added to the "preferred output" case.
Added an extra path to check for linux power supply status.
Added ignore battery option. If set to true, then when we can't figure out
the power status, we'll assume the system is plugged in.
- only pause mining once we've got the lock (in practice, it'll
already be paused by another thread if we can't get the lock
at once though)
- do not call prepare_handle_incoming_blocks when we dismissed
all the blocks, it only causes cleanup_handle_incoming_blocks
to complain afterwards
When scanning for outputs used in a set of incoming blocks,
we expect that some of the inputs in their transactions will
not be found in the blockchain, as they could be in previous
blocks in that set. Those outputs will be scanned there at
a later point. In this case, we add a flag to control wehther
an output not being found is expected or not.
8bdc86be protocol: speed up sync by minimizing duplicate work (moneromooo-monero)
61dfa310 epee: fix some log macros not printing context nicely (moneromooo-monero)
5adcb5a4 tx_pool: add a debug message when adding a tx to the pool (moneromooo-monero)
9faef1f8 cryptonote_protocol: misc fluffy block fixes (moneromooo-monero)
7403e56f performance_tests: report small time per call in microseconds (moneromooo-monero)
cadada2d performance_tests: add tests for sc_reduce32 and cn_fast_hash (moneromooo-monero)
962c72b6 performance_tests: initialize logging at startup (moneromooo-monero)
ad95e650 Added a note about smart mining to status command. Fixed up a bug where I was resetting bg mining enabled instead of started. Upped the miner threshold. Also moved setting of enabled on start above miner thread creation since starting with true, then stopping, then starting with false resulted in race condition. (Dion Ahmetaj)
e4dfd2fb Changed ac_line_status to on_battery_power. (Dion Ahmetaj)
23c73269 Use defined directive to silence pre-proc warnings. (Dion Ahmetaj)
d2c7d0f6 Cleaned up some logging. Thanks to moneromooo for help. (Dion Ahmetaj)
68652cd9 Added some //TODO comments pertaining to returning enums instead of bools in order to be better able to handle failure states. (Dion Ahmetaj)
0b1045ed Moved around checking of AC power in order to bail quicker to sleep if not plugged in. (Dion Ahmetaj)
2937fdbb Moved setting of previous process times to block where background mining is started, and added an explicit sleep in that block to wait for some mining to occur. (Dion Ahmetaj)
21a1e025 Set background mining started bool to false on bg thread start. If mining::stop then mining::start, idle logic is re-run instead of starting immediately (if it was running before stop). (Dion Ahmetaj)
345ed482 Background/smart mining. If a users' computer is plugged into a power source, and CPU has been idle for some time, then begin mining to some threshold (don't destroy the users' CPU). (Dion Ahmetaj)
In particular, the prepare_handle_incoming_blocks call
is pretty lengthy, and entirely pointless in the common
case where several different connections will prepare
the exact same blocks.
- fix wrong block being used when a new block is received between
a node elaying a fluffy block and sending a new fluffy block
with txes a peer did not have
- misc a neverending ping pong requesting the same missing txids
when a new block is received in the meantime, causing the top
block to not be the one we need
- send the original fluffy block message block height when sending
a new fluffy block, not the current top height, which might
have been updated since
- avoid sending back the whole block blob when asking for txes,
send only the hash instead
- plus misc cleanup and additional debugging logs
When exiting while the miner is running, finding a block after
the p2p layer has been shutdown will cause a crash as the now
uninitialized p2p layer is asked to relay the found block to
any peers.
The recent change to not keep separate track of the blockchain
height caused the reported height to jump early in the lmdb
transaction (when the block data is added to the blocks table),
rather than at the end, after everything succeeded. Since the
block data is added before the transaction data, this caused
the transaction data to be saved with a height one more than
its expected value.
Fix this by saving the block data last. This should have no
side effects.
source, and CPU has been idle for some time, then begin mining to some
threshold (don't destroy the users' CPU).
This patch only supports windows and linux (I've only tested on Win64 and
Ubuntu).
The variables currently default to pretty conservative values (i.e. 20%
CPU mining threshold).
In simple terms, add_subdirectory() is replaced with ExternalProject_Add().
This change is inspired by https://crascit.com/2015/07/25/cmake-gtest/
with one difference, no download, using the source we already have.
Before this change, make debug-test must be preceded by make clean.
Otherwise, a subsequent build would be polluted by cmake options made
by tests/gtest/.
Also removed the changed compiler flags. My test build did not have
the affected warnings.
b14d109b update wallet api tests (Jaquee)
0cc50bdd GUI: Improved refresh performance (Jaquee)
805625b5 wallet api: Remove initAsync() and don't start refresh automatically on init (Jaquee)
031b060a wallet2::init() - disconnect before init if connected Makes it possible for GUI to reinit with new daemon without closing and reopening wallet. (Jaquee)
Zero change is sent to a random address, which confuses the code
which determines which key to use to encrypt the payment id.
Ignore zero amounts for this purpose, so the payment id gets
encrypted with the real destination's key.
3ae79a59 core: set missing verifivation_failed flag when rejecting a tx (moneromooo-monero)
ea6549e9 core_tests: decrease trace level from trace to debug (moneromooo-monero)
c02e1cb9 Updates to epee HTTP client code - http_simple_client now uses std::chrono for timeouts - http_simple_client accepts timeouts per connect / invoke call - shortened names of epee http invoke functions - invoke command functions only take relative path, connection is not automatically performed (Lee Clagett)
0644eed7 Remove boost/foreach.cpp includes (Miguel Herranz)
36dd3e23 Replace BOOST_REVERSE_FOREACH with ranged for (Miguel Herranz)
629e3101 Replace BOOST_FOREACH with C++11 ranged for (Miguel Herranz)
If a rct transaction can be made with just one input, a second
output will be added. This output will be the smallest amount
output available. However, if this output is a non rct output
with less available fake outs than requested, the transaction
will be rejected. We now check the histogram to only consider
outputs with enough available fake outs in the first place.
poolstate.bin and p2pstate.bin are stored in .bitmonero/ if the default
P2P port is being used.
If another port is used both files are stored in
.bitmonero/PORTNUMBER/.
Easily fixed by moving a C++ header out of 'extern "C" {...}'.
When building with CC=clang CXX=clang++ make,
[ 21%] Building CXX object src/ringct/CMakeFiles/obj_ringct.dir/rctTypes.cpp.o
In file included from /home/tdprime/bitmonero/src/ringct/rctTypes.cpp:31:
In file included from /home/tdprime/bitmonero/src/ringct/rctTypes.h:43:
In file included from /home/tdprime/bitmonero/src/crypto/generic-ops.h:34:
/usr/bin/../lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/cstring:100:3: error: conflicting types for 'memchr'
memchr(void* __s, int __c, size_t __n)
^
/usr/include/string.h:92:14: note: previous declaration is here
extern void *memchr (const void *__s, int __c, size_t __n)
^
... and 4 more similar errors
These warnings were emitted by clang++, and they are real bugs.
src/rpc/core_rpc_server.cpp:208:58: warning: adding 'uint64_t'
(aka 'unsigned long') to a string does not append to the string
[-Wstring-plus-int]
res.status = "Error retrieving block at height " + height;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~
The obvious intent is achieved by using std::to_string().
- http_simple_client now uses std::chrono for timeouts
- http_simple_client accepts timeouts per connect / invoke call
- shortened names of epee http invoke functions
- invoke command functions only take relative path, connection
is not automatically performed
1e8cc676 mlog: allow using numerical level as default prefix (moneromooo-monero)
8028b532 protocol: log received messages in a separate category (moneromooo-monero)
7c3f79cb core: early out in handle_incoming_tx if already in pool or blockchain (moneromooo-monero)
6cc7d261 ringct: reorder a bit to check quicker tests first (moneromooo-monero)
1c4d65c0 Rename method to get_random_gray_peer (Miguel Herranz)
03a54ee0 Fix logging that broke after rebasing (Miguel Herranz)
6bdd3a59 Use set_peer_just_seen to keep last_seen updated (Miguel Herranz)
82dbeedd Add gray peer list housekeeping system (Miguel Herranz)
This would have tried to send a second output to make the tx
look like the 2/2 ideal, but it would not fail to find one
because picking an output from preferred_inputs priority list
did not remove it from the unused tranfer/dust outputs, so
it would try to send the same output twice.
While there, I also added a check to avoid sending a second
input if it's related to the first. Better 1/2 than linking
inputs, I think.
A random peer from the gray peer list is selected and a connection is
made to check if the peer is alive.
If the connection and handshake are successful the peer is promoted to
the white peer list, in case of failure the peer is evicted from the
gray peer list.
The connection is closed after the check in either case.
using the MONERO_LOG_FORMAT environment variable.
Default is:
%datetime{%Y-%M-%d %H:%m:%s.%g}\t%thread\t%level\t%logger\t%loc\t%msg
Field list in easylogging++ documentation.
Don't forget to escape as needed.
693c1908 wallet: add a node RPC cache layer for simple RPC calls (moneromooo-monero)
d86ae2be wallet2: reuse fake outs when adjusting fee on transfer (moneromooo-monero)
64da0983 core: don't try to deserialize an empty extra to remove a field (moneromooo-monero)
This avoids indirectly leaking the real output to the daemon,
and is faster.
This will still happen for more complex cases, especially
when cancelling a tx and "re-rolling" it.
This replaces the epee and data_loggers logging systems with
a single one, and also adds filename:line and explicit severity
levels. Categories may be defined, and logging severity set
by category (or set of categories). epee style 0-4 log level
maps to a sensible severity configuration. Log files now also
rotate when reaching 100 MB.
To select which logs to output, use the MONERO_LOGS environment
variable, with a comma separated list of categories (globs are
supported), with their requested severity level after a colon.
If a log matches more than one such setting, the last one in
the configuration string applies. A few examples:
This one is (mostly) silent, only outputting fatal errors:
MONERO_LOGS=*:FATAL
This one is very verbose:
MONERO_LOGS=*:TRACE
This one is totally silent (logwise):
MONERO_LOGS=""
This one outputs all errors and warnings, except for the
"verify" category, which prints just fatal errors (the verify
category is used for logs about incoming transactions and
blocks, and it is expected that some/many will fail to verify,
hence we don't want the spam):
MONERO_LOGS=*:WARNING,verify:FATAL
Log levels are, in decreasing order of priority:
FATAL, ERROR, WARNING, INFO, DEBUG, TRACE
Subcategories may be added using prefixes and globs. This
example will output net.p2p logs at the TRACE level, but all
other net* logs only at INFO:
MONERO_LOGS=*:ERROR,net*:INFO,net.p2p:TRACE
Logs which are intended for the user (which Monero was using
a lot through epee, but really isn't a nice way to go things)
should use the "global" category. There are a few helper macros
for using this category, eg: MGINFO("this shows up by default")
or MGINFO_RED("this is red"), to try to keep a similar look
and feel for now.
Existing epee log macros still exist, and map to the new log
levels, but since they're used as a "user facing" UI element
as much as a logging system, they often don't map well to log
severities (ie, a log level 0 log may be an error, or may be
something we want the user to see, such as an important info).
In those cases, I tried to use the new macros. In other cases,
I left the existing macros in. When modifying logs, it is
probably best to switch to the new macros with explicit levels.
The --log-level options and set_log commands now also accept
category settings, in addition to the epee style log levels.
3ff54bdd Check for correct thread before ending batch transaction (Howard Chu)
eaf8470b Must wait for previous batch to finish before starting new one (Howard Chu)
c903c554 Don't cache block height, always get from DB (Howard Chu)
eb1fb601 Tweak default db-sync-mode to fast:async:1 (Howard Chu)
0693cff9 Use batch transactions when syncing (Howard Chu)
If a checksum word is present, language detection would use
just the word prefixes. However, a set of word prefixes may
be found in more than one language, and so the wrong language
may be found first, which could then fail the checksum, since
the check may be done with a different unique prefix length
from the one it was created from.
We now make a checksum test when we we detect a language from
prefixes only, to make sure we have the correct one.
fsync the DB asynchronously, to allow block download/verification
to proceed while syncing. Sync after every batch. Note that
"fastest" still defaults to fastest:async:1000.
If we'd make a rct tx with just one input, we try to add
a second one to match the 2/2 ideal. This means more txes
use that template (and are thus using a larger anonymity
set), and it coalesces outputs "for free". We use the
smallest amount outputs in priority for this, so we can
"clean" the wallet at the same time.
It can now be queried by RPC, so it needs to be set before
it is otherwise needed for consensus, even if no blocks had
to be added (ie, exit and restart quickly).
Not 100$ sure this is the right fix, nor whether address book entries from URL should be stored as addresses or URLs (or both with a check for change on payment).
c2135082 simplewallet: add a show_transfer <txid> command (moneromooo-monero)
19c4041d wallet_rpc_server: new RPC call to get a transfer by txid (moneromooo-monero)
Continue filling until we reach the block size limit, or the
resulting coinbase decreases.
Also remove old sanity check on block size, which is now not
wanted anymore.
Some versions of libunwind need liblzma. If liblzma is found,
we link against it unconditionally. If the installed libunwind
didn't need it, this is a nop.
Tested and fine tuned by iDunk
The serialization format changed, and while there is code
to load the older serialization format, an older monerod
will not be able to load a file saved by a new monerod,
even though both share the same version. This is not good,
and we prefer a version bump.
c367d7df README: add note about the donate command (anonimal)
b9a28677 simplewallet: add return type for donate function (anonimal)
d36669fd simplewallet: hardcode Monero's donation address (anonimal)
07b9138c support importing unportable outputs (kenshi84)
2ac80075 also use portable serializer for boost_serialization_helper.h and net_node.inl, completely adandon boost/archive/binary_oarchive.hpp (kenshi84)
d1d6e27a moved boost cpp into hpp since they're supposed to be header only (kenshi84)
66e6af89 added experimental boost::archive::portable_binary_{i|o}archive (kenshi84)
944b6079 Wallet API: Do not refresh while daemon is syncing + fixed fast refresh when creating wallet offline + improved close wallet logic (make sure refresh thread is stopped) (Jaquee)
After popping blocks from the old chain, the hard fork object's
notion of the current version was not in line with the new height,
causing the first blocks from the new chain to be rejected due
to a false expection of a newer version.
A bug in cold signing caused a spurious pubkey to be included
in transactions, so we need to ensure we use the correct one
when sending outputs from one of those.
3b005275 ringct: add sc_check calls in MLSAG_Ver for ss and cc (moneromooo-monero)
2f1732a7 ringct: guard against bad data exceptions in worker threads (moneromooo-monero)
If a rct transaction would cause no change to be generated, a zero
change output is added, and sent to a randomly generated address.
This ensures that no transaction will be sent with just one output,
which could cause the receiver to be able to determine which of the
inputs in the sent rings is the real one.
This is very rare, since it requires the sum of outputs to be equal
to the sum of outputs plus the fee, which is now a function of the
last few blocks.
0e18f465 db_lmdb: add info in an error message when we can't get an output (moneromooo-monero)
c96f9b02 db_lmdb: guard against going out of sync on unexpected db results (moneromooo-monero)
bef51e67 db_lmdb: minor pedantic tweaks (moneromooo-monero)
3465c4eb db_lmdb: set same packing format for output_data_t and pre_rct_output_data_t (moneromooo-monero)
5783dd8c tests: add unit tests for uri parsing (moneromooo-monero)
82ba2108 wallet: add API and RPC to create/parse monero: URIs (moneromooo-monero)
d9001b43 epee: add functions to convert from URL format (ie, %XX values) (moneromooo-monero)
8b0e04cb monero.supp: add a suppression for noisy boost cond var signalling (moneromooo-monero)
c3527daf epee: signal cond var before unlocking (moneromooo-monero)
This keeps the connections lock just for the time of looping
and adding connectoins to a list, and the dropping happens
after it. This should avoid lengthy delays waiting for the
connections lock.
If the block reward to use for the fee calculation can't be
calculated (should not happen in practice), use a high bound,
so we use a fee overestimate that will be accepted by the network.
m_num_outputs keeps track of the number of outputs, which should
be the same as the size of both the output_txs and output_amounts
databases. If one goes out of sync, we need to throw to abort
whatever it is we were doing.
Add consts in a few places where it makes sense, avoid unnecessary
memory reallocation where we know the full size needed at the outset,
simplify and avoid memory copy.
Daemon RPC version is now composed of a major and minor number,
so that incompatible changes bump the major version, while
compatible changes can still bump the minor version without
causing clients to unnecessarily complain.
6d76072 simplewallet: remove double confirmation when submitting signed tx (moneromooo-monero)
92dea04 wallet2: fix wrong change being recorded for cold signed txes (moneromooo-monero)
1d9e223 rpc: do not include output indices for pool txes (moneromooo-monero)
e227d6e rpc: bump version after RPC changes (moneromooo-monero)
2c0173c Add a get_outs (fully text based) version of get_outs.bin (moneromooo-monero)
e05907b rpc: add output indices to gettransactions (moneromooo-monero)
Those aren't yet in the blockchain, so will not be found
(and aren't yet known, since it depends on where exactly the
tx will be mined in the next block or blocks)
a0131c8 wallet: auto sync outputs and key images in cold signing files (moneromooo-monero)
f806611 wallet2: fill key image and pubkey maps when importing outputs (moneromooo-monero)
5fe363c wallet: cast indices to string in logs to be nice to CLANG (moneromooo-monero)
11ae187 wallet2: try all tx keys when scanning a new transaction (moneromooo-monero)
072d646 wallet2: fill in key image map when importing key images (moneromooo-monero)
23d80b1 core: remove any tx pubkey from extra before adding one (moneromooo-monero)
d72376d simplewallet: add a verbose flag to incoming_transfers (moneromooo-monero)
47413a5 simplewallet: spell out change when signing a transfer (moneromooo-monero)
14cb088 simplewallet: print public keys too on spendkey/viewkey commands (moneromooo-monero)
a99ab49 wallet: fix serialization of new m_key_image_known member (moneromooo-monero)
When passing around unsigned and signed transactions, outputs
and key images are passed along (outputs are passed along unsigned
transactions from the hot wallet to the cold wallet, key images
are passed along with signed transations from the cold wallet
to the hot wallet), to allow more user friendly syncing between
hot and cold wallets.
The vast majority of transactions will have just one tx pubkey,
but a bug with cold wallet signing caused two such keys to be
there, with the second one being the real one.
When receiving an answer packet, the command code was passed
to the callback instead of the error code. This was hiding
the "command not found" failure from the peer, and in turn
causing the code to attempt to deserialize a non existent
reply string.
I forgot to bump it previously when changing RPC, most notably
for the addition of the unlocked field in the histogram RPC.
This causes new wallets to not realize when they're talking to
an older daemon, and get confused trying to get outputs to use
as fake outs. This otherwise gratuitous bump ensures than old
daemons will be detected by wallets using this code.
Added a new command to the P2P protocol definitions to allow querying for support flags.
Implemented handling of new support flags command in net_node. Changed for_each callback template to include support flags. Updated print_connections command to show peer support flags.
Added p2p constant for signaling fluffy block support.
Added get_pool_transaction function to cryptnote_core.
Added new commands to cryptonote protocol for relaying fluffy blocks.
Implemented handling of fluffy block command in cryptonote protocol.
Enabled fluffy block support in node initial configuration.
Implemented get_testnet function in cryptonote_core.
Made it so that fluffy blocks only run on testnet.
This will be when we can't find common ground between the peer's
short chain history and our blockchain.
This fixes bad peers claiming a higher blockchain height from never
dropped, and keeping the node in synchronizing state forever, since
we will never get blocks from that peer.
View wallets do not have the spend secret key, and are thus
unable to derive key images for incoming outputs. Moreover,
a previous patch set key images to zero as a means to mark
an output as having an unknown key image, so they could be
filled in when importing key images at a later time. That
later patch caused spurious collisions. We now use public
keys to detect duplicate outputs. Public keys obtained from
the blockchain are checked to be identical to the ones
derived locally, so can't be spoofed.
m_amount_out was sometimes getting initialized with the sum of
an transaction's outputs, and sometimes with the sum of outputs
that were not change. This caused confusion and bugs. We now
always set it to the sum of outputs. This reverts an earlier
fix for bad amounts as this used the other semantics. The wallet
data should be converted automatically in a percentage of cases
that I'm hesitant to estimate. In any case, restoring from seed
or keys or rebuilding the cache will get it right.
48b57d8 monero.supp: valgrind suppressions file (moneromooo-monero)
ffd8c41 ringct: check the size of amount_keys is the same as destinations (moneromooo-monero)
836669d ringct: always shutdown the boost io service (moneromooo-monero)
Compute derivation only once per tx, instead of once per output. Approx 33% faster while using 75% as much CPU on my machine. Note old functions in cryptonote_core (lookup_acc_outs and is_out_to_acc) are still used by tests.
7e6d3cf wallet: set incoming outputs' key image to 0 on view wallets (moneromooo-monero)
1f9e6a4 wallet: print tx overview on submit_transfer too (moneromooo-monero)
The fee will vary based on the base reward and the current
block size limit:
fee = (R/R0) * (M0/M) * F0
R: base reward
R0: reference base reward (10 monero)
M: block size limit
M0: minimum block size limit (60000)
F0: 0.002 monero
Starts applying at v4
The intended use is to export outputs from a hot wallet, which
can scan incoming transfers from the network, and import them
in the cold wallet, which can't. The cold wallet can then compute
key images for those outputs, which can then be exported with
export_key_images, etc.
Re-creating the transaction on the cold wallet was not splitting
the change, causing the transaction to be rejected by the network.
This worked on testnet since amounts do not have to be split.
Also add selected_transfers, which can now be saved since they're
size_t rather than iterators. This allows the view wallet to
properly set the sent outputs as spent and update balance.
Bump transfer file version numbers to match.
Factor locked_transfer into transfer_main, which brings various
improvements for free (multiple addresses, proper detection of
multiple payment ids, obeying the prompt settings).
Also fix a few things, such as using uint64_t instead of int
for block heights, actually checking whether getting blockchain
height succeeded, etc.
10a79ea daemon: report transaction relay status in print_pool* commands (moneromooo-monero)
1e16366 core: notify the txpool when transactions are relayed (moneromooo-monero)
f3c374f tx_pool: set relayed flag on relay (moneromooo-monero)
0950be9 wallet: speed up output selection, and fix bug with relatedness calculation (moneromooo-monero)
0eba133 wallet: fix mixup between mixin 2 and 4 before/after v5 (moneromooo-monero)
3429bfb ringct: thread verRct and verRctSimple (moneromooo-monero)
e06a4da ringct: remove unneeded type conversions (moneromooo-monero)
afc70df ringct: reserve space in vectors to avoid excessive reallocation (moneromooo-monero)
9ebf7b6 ringct: avoid unnecessary memcpy (moneromooo-monero)
1fe75c1 ringct: add a few consts where possible (moneromooo-monero)
ab002a1 ringct: pass vectors by const ref where possible (moneromooo-monero)
25% of the outputs are selected from the last 5 days (if possible),
in order to avoid the common case of sending recently received
outputs again. 25% and 5 days are subject to review later, since
it's just a wallet level change.
4038e86 Add performance timers for ringct tx verification (moneromooo-monero)
74dfdb0 perf_timer: new class and macros to make performance logs easier (moneromooo-monero)
3126ba7 ringct: use const refs as parameters where appropriate (moneromooo-monero)
d8eae67 tests: add performance test for ge_frombytes_vartime (moneromooo-monero)
3cb2436 core: remove some unused code (moneromooo-monero)
1eaa3e8 tests: add performance tests for rct signatures (moneromooo-monero)
This was still using the old transaction creation algorithm,
coupled with a deterministic output selection scheme, which
made it ill suited to the job, since it'd loop indefinitely
in case the fee increased between the test tx and adding the
fee.
714ee99 Fix description for locked_transfer (Oyvind Kvanes)
71538f3 Rename to lockblocks and add max value (Oyvind Kvanes)
68ac060 Fix locked_transfer (Oyvind Kvanes)
7d020bd Add locked_transfer (Oyvind Kvanes)
d5f918a Revert transfer_main in simplewallet (Oyvind Kvanes)
3451963 Add motifications to test out locked_transfer (Oyvind Kvanes)
e5e6d88 Add more information to transaction in wallet (Oyvind Kvanes)
9b8a062 Make a small test change (Oyvind Kvanes)
10be903 Brackets to prevent premature return (NanoAkron)
fb1785a Brackets to ensure doesn't function prematurely return (NanoAkron)
8ed0d72 Moved logging to target functions rather than caller (NanoAkron)
442bfd1 Added messages at log level 2 to reflect deactivation procedure (NanoAkron)
8b20cbf libwallet_api: do not use fast-refresh on recovery (Ilya Kitaev)
10fe626 libwallet_api: fast-refresh in case of opening non-synced wallet (Ilya Kitaev)
0019e31 libwallet_api: fix unhandled exception on address check (Ilya Kitaev)
1f73f80 libwallet_api: fast-refresh for new wallet (Ilya Kitaev)
4789347 libwallet_api: test for create/init wallet on mainnet (Ilya Kitaev)
bba6af9 wallet: cold wallet transaction signing (moneromooo-monero)
9872dcb wallet: fix log confusion between bytes and kilobytes (moneromooo-monero)
d9b0bf9 cryptonote_core: make extra field removal more generic (moneromooo-monero)
98f19d4 serialization: add support for serializing std::pair and std::list (moneromooo-monero)
Changed the wording from "from 0 to maximum available" to "from 2 to maximum available".
May I also suggest putting in a number rather than "maximum available" and also clarifying that mixin = 0 is still allowed if the user has unmixable outputs (dust), which he wants to "undust" using sweep_unmixable (comment from dEBRUYNE-1 ).
Changed the wording from "from 0 to maximum available" to "from 2 to maximum available".
May I also suggest putting in a number rather than "maximum available" and also clarifying that mixin = 0 is still allowed if the user has unmixable outputs (dust), which he wants to "undust" using sweep_unmixable (comment from dEBRUYNE-1 ).
This change adds the ability to create a new unsigned transaction
from a watch only wallet, and save it to a file. This file can
then be moved to another computer/VM where a cold wallet may load
it, sign it, and save it. That cold wallet does not need to have
a blockchain nor daemon. The signed transaction file can then be
moved back to the watch only wallet, which can load it and send
it to the daemon.
Two new simplewallet commands to use it:
sign_transfer (on the cold wallet)
submit_transfer (on the watch only wallet)
The transfer command used on a watch only wallet now writes an
unsigned transaction set in a file called 'unsigned_monero_tx'
instead of submitting the tx to the daemon as a normal wallet does.
The signed tx file is called 'signed_monero_tx'.
This is intended to catch traffic coming from a web browser,
so we avoid issues with a web page sending a transfer RPC to
the wallet. Requiring a particular user agent can act as a
simple password scheme, while we wait for 0MQ and proper
authentication to be merged.
This fixes misreporting of amount/fee in rct txes, as the rct
tx construction code was lumping all dests (whether change or
not) in the same dests vector, while the pre-rct code was
keeping it separate.
Support building internal libraries as shared. This reduces
development time by eliminating the need to re-link all
binaries every time non-interface code in the library changes.
Instead, can hack on libxyz, then `make libxyz`, and re-run
monerod.
By default BUILD_SHARED_LIBS is OFF in release build type,
and ON in debug build type, but can be overriden with -D.
Keep the immediate direct deps at the library that depends on them,
declare deps as PUBLIC so that targets that link against that library
get the library's deps as transitive deps.
Break dep cycle between blockchain_db <-> crytonote_core.
No code refactoring, just hide cycle from cmake so that
it doesn't complain (cycles are allowed only between
static libs, not shared libs).
This is in preparation for supproting BUILD_SHARED_LIBS cmake
built-in option for building internal libs as shared.
It's only blank only if somebody running cmake in MSYS/MinGW (Windows)
manually forgets to add -D ARCH, but when it is blank, without quotes
those lines are invalid cmake syntax.
We keep 1, 2, 3 multipliers till the fee decrase from 0.01/kB
to 0.002/kB, where we start using 1, 20, 166 multipliers.
This ensures the higher multiplier will compensate for the
block reward penalty when pushing past 100% of the past median.
The fee-multiplier wallet setting is now rename to priority,
since it keeps its [0..3] range, but maps to different multiplier
values.
e29e8b1 compile errors fixed when PER_BLOCK_CHECKPOINT not defined (rckngOpossum)
e49c161 compile errors fixed when DEBUG_CREATE_BLOCK_TEMPLATE defined (rckngOpossum)
This adds [snap](https://snapcraft.io) packaging to the project. See the
link for more information on snaps. Snap packages install on all Linux
distributions. On Ubuntu, snap confinement with apparmor and seccomp
provide an additional layer of security.
This snap sets up monerod as a systemd service, which should start
immediately on install. To access the wallet CLI, simply run `monero`
(/snap/bin/monero). I think it's a really quick & easy way to get
started with monero.
I've made some opinionated decisions in the packaging just to kick this
off, but I'm happy to iterate on this stuff.
This was disabled earlier as part of diagnosing failing tests
on ARM, which turned out to be due to aliasing, fixed by
adding -fno-strict-aliasing. So, re-enabling it back.
32-bit build would fail to link with 'mdb_env_create undefined' (because
for 32-bit build, mdb_env_create_vl32 is defined instead).
This bug was introduced with the recent change to virtual object
libraries. The problem is that the COMPILE_DEFINITIONS property
was not propagated from dependee target (lmdb) to depedent
target's (blockchain_db) virtual object lib (obj_blockchain_db).
This patch makes that happen.
I chose to include INTERFACE_COMPILE_DEFINITIONS because there
should not be a need to propagate private defs, but it doesn't
make a difference in this case.
The split is to make this software more packageable. 'make install'
is used by the package building scripts, and should not be installing
vendored dependencies onto the system.
f1d87c8 simplewallet: add magic and public keys to key image export file (moneromooo-monero)
f4e894a simplewallet: make the key image export format binary (moneromooo-monero)
640a934 tests: cmake: fix building with system gtest (redfish)
4a9e949 tests: cmake: use a list for enabled tests (redfish)
dbd9a26 cmake: tests: gtest target is not always defined #983 (redfish)
Since this queries block heights for blocks that may or may not
exist, queries for non existing blocks would throw an exception,
and that would slow down the loop a lot. 7 seconds to go through
a 30 hash list.
Fix this by adding an optional return block height to block_exists
and using this instead. Actual errors will still throw an
exception.
This also cuts down on log exception spam.
CMake issued a warming about policy CMP0026: access of LOCATION
target property at config time was disallowed. Offending code
was the code that merged static libraries to generate
libwallet_merged.a.
This patch does that same merge task in a much simpler way. And,
since it doesn't violate the policy, the warning went away.
Access to LOCATION property at config time was disallowed by this
policy. This patch updates the offending code to comply with the policy
and thereby gets rid of the warning printed by cmake.
The fix is to use generator expressions instead of that property.
NOTE: Had to remove support for multiconfig (only affects MSVC which is
not supported anyway; and mutliconf is an IDE thing in any case),
because could not see how to support it with generator expressions.
The code used to cap at 5000 blocks per sync. It also treated 0 as 1.
Remove these checks; if specified as 0 do no periodic syncs at all.
Then the user is responsible for syncing in some external process.
1c7d3b0 cmake: define ARM var for all ARM arch variants (redfish)
6fe543d cmake: ARM: exclude libunwind in static build (redfish)
397b720 make: remove NO_AES from arm targets (redfish)
57ca3f3 make: make the ARM release targets statically linked (redfish)
43c07a1 readme: editted install/build instructions for clarity (redfish)
a0d4058 Revert "makefile: remove unnecessary ARM-specific targets" (redfish)
c2bc34b Revert "Interpret x86_64 as x86-64 for architecture" (redfish)
c54b9a1 cmake: don't set ARCH from CMAKE_SYSTEM_PROCESSOR (redfish)
887db9f blockchain: testnet heights for v3, v4, and v5 (moneromooo-monero)
f24ab58 ringct: remove unused code (moneromooo-monero)
b38452b ringct: pass structure by const ref, not value (moneromooo-monero)
fd11271 ringct: use memcpy/memset instead of handwritten loop where appropriate (moneromooo-monero)
5d38206 ringct: remove spurious copies (moneromooo-monero)
16732a8 rct: faster Cryptonote/rct conversions (moneromooo-monero)
fbd7c35 wallet: fix some "may be used uninitialized" warnings (moneromooo-monero)
4a41dd4 wallet: do not generate 0 change (moneromooo-monero)
a0925e6 core: use full rct signatures if just one input (moneromooo-monero)
94fd881 rct: early out on failure on verRange (moneromooo-monero)
45349b6 wallet: do not ask for duplicate histograms (moneromooo-monero)
b951bc8 wallet: transfer_selected_rct now also selects fake outs (moneromooo-monero)
4f887de increase minimum mixin to 4 on hard fork 5 (moneromooo-monero)
0815c72 core: allow v1 txes after HF 5 when sweeping unmixable outputs (moneromooo-monero)
f782d45 tests: hard fork list must end with a 0 (moneromooo-monero)
074e602 ringct: use Cryptonote serialization to hash non prunable data (moneromooo-monero)
c3b3260 New "Halfway RingCT" outputs for coinbase transactions (moneromooo-monero)
6f526cd rct: log why verification fails (moneromooo-monero)
d4b8991 rct: serialize txnFee as varint (moneromooo-monero)
d4b62a1 rct amount key modified as per luigi1111's recommendations (moneromooo-monero)
93f5c62 rct: rework v2 txes into prunable and non prunable data (moneromooo-monero)
d93746b rct: rework the verification preparation process (moneromooo-monero)
3ab2ab3 rct: change the simple flag to a type (moneromooo-monero)
c5be4b0 rct: avoid the need for the last II element (Shen Noether)
a47ceee wallet: do not store signatures in the wallet cache (moneromooo-monero)
0263dd2 core: add some locking around pool use (moneromooo-monero)
2c9d951 wallet2: factor m_spent changes (moneromooo-monero)
1303cda wallet: always use new algorithm for RPC transfers (moneromooo-monero)
b337aea rct: do not serialize senderPk - it is not used anymore (moneromooo-monero)
e5a9a47 core_tests: fix a couple pre-rct tests using rct (moneromooo-monero)
230fca2 wallet: use the prefered rct case only when enough rct outs exist (moneromooo-monero)
c27194a wallet: do not try to use rct txes a few blocks before the fork (moneromooo-monero)
1bf0698 tx_pool: log why a transaction was rejected for version checks (moneromooo-monero)
37bdf6e change fork settings to allow pre-rct txes for one more fork cycle (moneromooo-monero)
cc85cc6 simplewallet: better check_tx_key feedback (moneromooo-monero)
9b70856 rct: make the amount key derivable by a third party with the tx key (moneromooo-monero)
cf33e1a rct: do not serialize public keys in outPk (moneromooo-monero)
83ab315 wallet2_api: zero amounts are now allowed with rct (moneromooo-monero)
096ac06 wallet2_api: update on_money_{received,spent} prototypes for rct changes (moneromooo-monero)
3cb2ede rpc: send global indices along with blocks/transacions on refresh (moneromooo-monero)
414b424 core: always use the new simple rct variant (moneromooo-monero)
ce5de8b tests: add tests for wallet output selection (moneromooo-monero)
84c82cd wallet: better tx input selection (moneromooo-monero)
1e21651 rct: use the already defined H where possible (moneromooo-monero)
07d353d wallet: handle 0 change properly (moneromooo-monero)
e81a2b2 port get_tx_key/check_tx_key to rct (moneromooo-monero)
e06faef tests: add basic tests for simple rct api (moneromooo-monero)
a4d4d61 integrate simple rct api (moneromooo-monero)
1e8d37e serialization: add override for serializing bool (moneromooo-monero)
dbb5f2d ringct: optimization/cleanup of hash functions (Shen Noether)
4fd01f2 ringct: "simple" ringct variant (Shen Noether)
37c895e wallet: rct specific output selection (moneromooo-monero)
1181c57 wallet: make sweep_all work with rct txes too (moneromooo-monero)
c2ec6d3 mixable transactions must be rct for v3 (moneromooo-monero)
1017a75 wallet: factor transfer_rct code with transfer code (moneromooo-monero)
f5465d8 Condition v2 txes on v3 hard fork (moneromooo-monero)
59a66e2 move the rct commitments to the output_amounts database (moneromooo-monero)
6d0e471 rct: add the tx prefix hash into the MLSAG (moneromooo-monero)
35dce5c ringct: fix size unit mismatch calling keccak (moneromooo-monero)
20e50ec ringct: do not serialize what can be reconstructed (moneromooo-monero)
106e3dc Add rct core tests (moneromooo-monero)
ada5275 Use the supplied hard fork version in validate_miner_transaction (moneromooo-monero)
acbe06d wallet: update spent status when an accepted tx disappears (moneromooo-monero)
089df4a wallet: reset output spent status on blockchain reorg (moneromooo-monero)
73d59f1 ringct: catch errors from ge_frombytes_vartime (moneromooo-monero)
161551e tests: test for ringct rctSig data sizes (moneromooo-monero)
359f469 ringct: add missing size check for ecdhInfo (moneromooo-monero)
229968e ringct: change asserts to return false for boolean functions (moneromooo-monero)
dc4aad7 add rct to the protocol (moneromooo-monero)
211d1db db_lmdb: update reset for recent db changes (moneromooo-monero)
dee42d6 ringct: add functions to commit to an amount (moneromooo-monero)
cc7f449 make rct tx serialization work (moneromooo-monero)
e70e8a6 crypto: error out where appropriate (moneromooo-monero)
54f7429 ringct: allow no outputs, and add tests for this and fees (moneromooo-monero)
e99904a ringct: make fee optional (moneromooo-monero)
f8c04ad ringct: txn fee stuff (Shen Noether)
66f9626 ringct: new {gen,decode}Rct APIs for convenience (moneromooo-monero)
789b2e2 ringct: add more convenience functions (moneromooo-monero)
9856443 core: link against libringct (moneromooo-monero)
4258dab core: new /getrandom_rctouts.bin binary RPC call (moneromooo-monero)
c3a2e14 ringct: add convenience functions to bridge ringct and cryptonote (moneromooo-monero)
eb56d0f blockchain_db: add functions for adding/removing/getting rct commitments (moneromooo-monero)
82072e7 ringct: restore verRange check in debug mode (moneromooo-monero)
63856ca ringct: add check for destinations/amount size being equal (moneromooo-monero)
e816a09 ringct: fix off by 1 in mixin usage (moneromooo-monero)
09c5ea4 ringct: simplify random key generation (moneromooo-monero)
53cdf4d tests: new ringct test for checking H2 values (Shen Noether)
56f6549 ringct: cosmetic fixes (Shen Noether)
55ff136 ringct: changes to hashToPointSimple to calcualte H2 values (Shen Noether)
63733b1 ringct: compare keys with bitwise equality, not crypto ops (Shen Noether)
98f4c6f ringct: fix size argument to cn_fast_hash (Shen Noether)
720ac85 tests: zero inputs/outputs are in fact supposed to be accepted (moneromooo-monero)
84948ea ringct: add a test for prooveRange being non deterministic (moneromooo-monero)
09fb9f4 Fix sc_0 to skGen in ProveRange (Shen Noether)
d37c1db ringct: add a few consts where appropriate (moneromooo-monero)
700248f tests: more ringct range proof tests (moneromooo-monero)
d02f999 rct: add serialization machinery to rct types (moneromooo-monero)
0ff8305 serialization: declare do_serialize specializations before use (moneromooo-monero)
8b135e7 Added note on generating H2 (Shen Noether)
4d639d9 Fixed missing last index H2 (Shen Noether)
9e82b69 remove original Cryptonote blockchain_storage blockchain format (moneromooo-monero)
86b4426 ringct: lock access to the PRNG (moneromooo-monero)
4d7f073 ringct: add simple input validation (moneromooo-monero)
57779ab tests: add some more ringct building block tests (moneromooo-monero)
b656001 ringct: add convenience operators to key (moneromooo-monero)
2d6303f tests: add Shen Noether's basic ringct tests (moneromooo-monero)
9b1afe5 ringct: import of Shen Noether's ring confidential transactions (moneromooo-monero)
When RingCT is enabled, outputs from coinbase transactions
are created as a single output, and stored as RingCT output,
with a fake mask. Their amount is not hidden on the blockchain
itself, but they are then able to be used as fake inputs in
a RingCT ring. Since the output amounts are hidden, their
"dustiness" is not an obstacle anymore to mixing, and this
makes the coinbase transactions a lot smaller, as well as
helping the TXO set to grow more slowly.
Also add a new "Null" type of rct signature, which decreases
the size required when no signatures are to be stored, as
in a coinbase tx.
This allows the key to be not the same for two outputs sent to
the same address (eg, if you pay yourself, and also get change
back). Also remove the key amounts lists and return parameters
since we don't actually generate random ones, so we don't need
to save them as we can recalculate them when needed if we have
the correct keys.
The whole rct data apart from the MLSAGs is now included in
the signed message, to avoid malleability issues.
Instead of passing the data that's not serialized as extra
parameters to the verification API, the transaction is modified
to fill all that information. This means the transaction can
not be const anymore, but it cleaner in other ways.
This plugs a privacy leak, where the wallet tells the daemon
which transactions contain outputs for the wallet by asking
for additional information for that particular transaction.
As a nice bonus, this actually makes refresh slightly faster.
With RCT, we allow 0 size outputs, to try and encourage txes
with two inputs and two outputs. Consolidation would then
have two non zero inputs, one zero output, and one larger
output.
Before the normal selection, we attempt to find either one or two
suitable outputs to use as inputs to the rct tx. The intent is that
most rct txes will have one or two inputs, and we want all to look
the same if possible.
When two outputs are needed, we try to find a pair which are not
related (ie, by being from the same or similar block height).
The "transfer" simplewallet command is renamed to "transfer_original".
"transfer_new" is renamed "transfer", "transfer_rct" is removed,
and the new "transfer" now selects rct or non rct transactions
based on the current block height.
Since these are needed at the same time as the output pubkeys,
this is a whole lot faster, and takes less space. Only outputs
of 0 amount store the commitment. When reading other outputs,
a fake commitment is regenerated on the fly. This avoids having
to rewrite the database to add space for fake commitments for
existing outputs.
This code relies on two things:
- LMDB must support fixed size records per key, rather than
per database (ie, all records on key 0 are the same size, all
records for non 0 keys are same size, but records from key 0
and non 0 keys do have different sizes).
- the commitment must be directly after the rest of the data
in outkey and output_data_t.
The mixRing (output keys and commitments) and II fields (key images)
can be reconstructed from vin data.
This saves some modest amount of space in the tx.
If the blockchain gets reorganized, all outputs spent in the part
of the blockchain that's blown away need to be reset to unspent
(they may end up spent again on the blocks that replace the blocks
that are removed, however).
It may be suboptimal, but it's a pain to have to rebuild everything
when some of this changes.
Also, no clue why there seems to be two different code paths for
serializing a tx...
A new version of genRct takes the mixRing as parameter, instead
of the inPk. inPk are part of the mixRing, and it is cleaner to
pass the mixRing data than to fetch it from the RingCT code.
A new version of decodeRct also returns the mask.
Also, failure to decode throws, so errors are properly detected.
This lets my gcc picks those instead of the generic template
where appropriate (and then fail since std::vector<something>
does not have a serialize method.
I think, in this context, dynamically linked builds make sense
only for native builds, not these builds that target arch
families to produce portable binaries.
* some re-org of sections to make things more concise
* dedicated section for installing from packages vs building from source
* for Windows, instruct to run the top-level makefile targets,
because I don't see any reason not to -- advanced users
will look into the makefile and find the cmake command there
if they need to.
* for Windows, instruct to install *-toolchain meta package
which includes expat
* added some context info here and there to aid -- I tried
to clarify things that confused me, e.g. Windows build is
cross-compilation to be precise; motivation for targets
that are meant for generating portable binaries as opposed
to binaries optimized to host CPU.
This reverts commit ecd0f2dde7.
These targets that are not native builds. They are for builds
portable within processors of a given family.
'make release' used to not work to build a native build on ARM, but that
has been fixed. These targets are unrelated to the native build.
This reverts commit 8623492150.
Let's restrict ARCH to values accepted by -march to keep things clear
and consistent. ARCH is -march, with only one exception: a value of
"default" indicates to not pass -march at all.
It is not correct to do so, because ARCH should only take values
supported by the -march argument, with the exception of 'default'
which denotes not passing -march at all.
ARCH defines the target architecture for builds that are intended to be
portable to other machines.
This gets rid of bitmonerod.exe's dependecy on libwindpthreads-1.dll in build
on Windows on x86_64 (via MSYS2 default toolchain). With this patch all DLL
dependencies are on DLLs in c:\windows\system32.
99dd572 libwallet_api: tests: checking for result while opening wallet (Ilya Kitaev)
bcf7b67 libwallet_api: Wallet::amountFromString fixed (Ilya Kitaev)
32bc7b4 libwallet_api: helper method to return maximumAllowedAmount (Ilya Kitaev)
cbe534d libwallet_api: tests: removed logged passwords (Ilya Kitaev)
b1a5a93 libwallet_api: do not store wallet on close if status is not ok (Ilya Kitaev)
This plugs a privacy leak from the wallet to the daemon,
as the daemon could previously see what input is included
as a transaction input, which the daemon hadn't previously
supplied. Now, the wallet requests a particular set of
outputs, including the real one.
This can result in transactions that can't be accepted if
the wallet happens to select too many outputs with non standard
unlock times. The daemon could know this and select another
output, but the wallet is blind to it. It's currently very
unlikely since I don't think anything uses non default
unlock times. The wallet requests more outputs than necessary
so it can use spares if any of the returns outputs are still
locked. If there are not enough spares to reach the desired
mixin, the transaction will fail.
f0c0a3fFix#864 Squashed commit of the following: commit 9af9e4223b fixed some formatting commit c7920e1cf8 Merge: 97eb28b1da1c68 fix#864 fix using boolean commit 97eb28ba5dFix#864 boolean value used to verify on new wallet commit 1da1c68bd3fix#864 changed to boolean to prompt for verify commit 5bee966524 fix 864; made variable names easier for understanding branching. commit 45715960d3fix#864; allow password to be entered twice for new wallets for verification. fix#864 password entry verification; ammended boolean fix#864 ; default constructor for password_container should set verify=true (guzzi_jones)
e890f51 Build: take out tests in Travis CI (anonimal)
198e408 Build: add vanilla clang to Travis CI (anonimal)
659bee6 Build: add make release-test to Travis CI (anonimal)
33b5ebd cmake: do not pass -O2 in debug build on ARM (redfish)
35dc40a cmake: libatomic only needed for 32-bit Clang builds (redfish)
042db0b cmake: cleanup logic that sets flags per target/subdir (redfish)
Simplewallet improperly skipped the restore from height code if
restoring a deterministic wallet AND not specifying a wallet file in the
command line. The other generate options require a wallet file as an
argument, which prevents "ask_wallet_create_if_needed()" from being
called, which in turn causes "m_generate_new" to remain unset.
Specifying a wallet file at launch with --restore-deterministic emulated
this behavior.
This constrains the number of instances of any amount
to the unlocked ones (as defined by the default unlock time
setting: outputs with non default unlock time are not
considered, so may be counted as unlocked even if they are
not actually unlocked).
Squashed commit of the following:
commit 9af9e4223b
fixed some formatting
commit c7920e1cf8
Merge: 97eb28b1da1c68
fix#864 fix using boolean
commit 97eb28ba5dFix#864 boolean value used to verify on new wallet
commit 1da1c68bd3fix#864 changed to boolean to prompt for verify
commit 5bee966524
fix 864; made variable names easier for understanding branching.
commit 45715960d3fix#864; allow password to be entered twice for new wallets for verification.
fix#864 password entry verification; ammended boolean
fix#864 ; default constructor for password_container should set verify=true
The previous logic that used a COMMON_*_FLAGS intermediate variable
and then re-assigned CMAKE_*_FLAGS before including each subdirectory
was confusing and ugly. This PR is the right way to do it.
This commit is purely refactoring: built binaries unchanged.
By default the flag is enabled whenever libunwind is found on the
system, with the exception of static build on OSX (for which we can't
install the throw hook #932 due to lack of support for --wrap in OSX
ld64 linker).
This is an attempt to fix build with STATIC=ON on OSX (#932):
[ 95%] Linking CXX executable ../../bin/bitmonerod Undefined symbols for
architecture x86_64: "___real___cxa_throw", referenced from:
___wrap___cxa_throw in libcommon.a(stack_trace.cpp.o) ld: symbol(s) not found
for architecture x86_64
This fixes build of tests with STATIC=ON, which failed with:
/tmp/cc8lNtqY.ltrans12.ltrans.o: In function
`boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::thread_resource_error>
>::rethrow() const [clone .lto_priv.41]':
cc8lNtqY.ltrans12.o:(.text+0x4e): undefined reference to `__wrap___cxa_throw'
The hook is implemented in libcommon, which is not linked into some of the test
binaries. An alternative solution is to link all tests against libcommon,
but that seems worse because it introduces a false dependency (also,
I tried that and for some of the test binaries the linker still failed to
pick up the symol from libcommon, strangely.)
They are used to export a signed set of key images from a wallet
with a private spend key, so an auditor with the matching view key
may see which of those are spent, and which are not.
It is not clear why libunbound was added to this in the first place,
since it wasn't here before and #915 doesn't seem to introduce any
new dependency on it.
Tested build with STATIC=OFF (with and without libunbound-dev libunbound8
installed) and STATIC=ON, on Ubuntu Trusty, Debian Jessie, and Arch
Linux. For static builds, beware of #926 and #907.
If this hack was introduced to make it build on some other system
(Windows? OS X?), then it will have to be dealt with, but not this way.
ca33ce6 include result in the notifications template (Riccardo Spagni)
2a8352d only alert on IRC when the status changes (Riccardo Spagni)
6b6fb7f add IRC notifications to travis (Riccardo Spagni)
The tests currently issue a warning that
"warning: -fassociative-math disabled; other options take precedence"
The associative math optimization is turned on indirectly by -Ofast.
Apparently, the optimization is forced to be disabled, while compiling
test harnesses generated by Google Test framework.
Unfortunately, there is no -Wno-error=* flag to disable this warning
(see gcc --help=warnings).
An alternative to this patch is to disable the optimization explicitly
with -fno-associative-math, but that seems worse.
Another alternative is to not pass -Ofast for tests build, but we
want the tests to be built with exact same optimization flags as
the code being tested, otherwise the value of the tests is diminished.
Another alternative is to remove -Werror from the entire build, but
it's good to include that flag to preclude people leaving warnings.
A note regarding implementation of not passing -Werror for tests:
I considered filtering out -Werror from CMAKE_{C,CXX}_FLAGS but
that seems to be worse because it's surprizing behavior, to those
reading the code that adds -Werror. It is better to add it for
when it is used and not added otherwise. I also considered relying
on order, adding -Werror after inluding 'tests' subdir, but before
including the other subdirs, but that also seems cryptic to the
reader. So, I settled with the current solution, of explicitly
setting CMAKE_{C,CXX}_FLAGS to different values before including the
respective subdir.
Testing done: compared compiler invocation for non-tests source files
using `make VERBOSE=1` with and without this commit: the only difference
is the position of -Werror. So, this commit doesn't change the binary.
f07f120 cmake: don't try to link with atomic on Apple (redfish)
19349d7 cmake: ARM: clang: make warning non-fatal: inline asm (redfish)
f3e09f3 cmake: link with -latomic for clang (redfish)
f4b35ae cmake: include -ldl via cmake built-in var (redfish)
fa85cd8 common: stack trace: make clang happy with func ptrs (redfish)
4dce26b cmake: do not pass -stdlib=c++ to clang >=3.7 (redfish)
78cc10f daemon: fix ban seconds being misinterpreted as absolute (moneromooo-monero)
34ecfdb rpc: fix get_bans and set_bans RPC names, they were missing a _ (moneromooo-monero)
Signing is done using the spend key, since the view key may
be shared. This could be extended later, to let the user choose
which key (even a per tx key).
simplewallet's sign/verify API uses a file. The RPC uses a
string (simplewallet can't easily do strings since commands
receive a tokenized set of arguments).
otherwise clang build fails with
../cryptonote_core/libcryptonote_core.a(miner.cpp.o): In function
`std::__atomic_base<unsigned long long>::load(std::memory_order) const':
/usr/bin/../lib/gcc/i686-pc-linux-gnu/6.1.1/../../../../include/c++/6.1.1/bits/atomic_base.h:396:
undefined reference to `__atomic_load_8'
This has no effect on the gcc build.
The one strange thing is that test code like
std::atomic<int> x;
int main() { return x; }
compiles and links without errors with clang, without -latomic. This
alone would suggest that this patch is unnecessary, but that is not the
case. It's not clear exactly why, though. The bitmonero code is
including the same header, but it must be doing something more complex
than in this test code snippet that causes the failure at link time
pasted above. In any case, passing -latomic fixes the problem and
seems safe.
.
This does two things:
1. fixes clang build, which otherwise errors with undefined symbol
'dlsym'.
2. simplifies the cmake script, delegating to cmake to figure
out platform-specific flags for linking against the dl library.
Tested that it builds with:
gcc 6.1.1, STATIC=OFF,i686
gcc 6.1.1, STATIC=OFF,armv7h
clang 3.8, STATIC=OFF,i686
clang 3.8, STATIC=OFF,armv7h
gcc 6.1.1, STATIC=ON,i686
clang 3.8, STATIC=ON,i686
Also tested that stack trace is generated fine on exception on:
i686, gcc 6.1.1, STATIC=OFF
(didn't bother testing all the other platforms/configs)
This should fix the build problem on OSX (#871, #901), but
I don't have OSX, so I could only test Clang on Linux.
Tested on Linux (Arch) with clang 3.7 and 3.8 i686 and ARM:
if -stdlib=c++ is passed to clang, then the build errors
out with <string>,<iostrea>,etc. headers not found. Simply
not passing the arg fixes the problem.
**NOTE**: not tested on OSX.
Keep the working directory (and umask) inherited from
the parent. Otherwise, it's impossible to control
the working directory of the daemon (from systemd, for
example).
Furthermoer, bitmonerod attempts to create logging directories and files
*in current working directory*. This fails due to permission denied and
generates a (caught, nonfatal) exception. Below is the strace with this
patch applied (so, no `chdir("/")`), showing successful opens at `log/`
relative path. Without this patch they fail (sorry, didn't save the
trace).
```
28911 getcwd("/.../bitmonero", 128) = 25
28911 stat64("/var/lib/bitmonero/.bitmonero", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
28911 stat64("/etc/bitmonerod.conf", {st_mode=S_IFREG|0644, st_size=244, ...}) = 0
28911 open("/etc/bitmonerod.conf", O_RDONLY|O_LARGEFILE) = 3
28911 open("/var/log/bitmonero/bitmonero.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) = 3
28911 stat64("log", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
28911 stat64("log/dbg", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
28911 open("log/dbg/main.log", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 4
```
The reasoning of chdir("/") in order to prevent the daemon from holding
a filesystem in busy state is not compelling at all: the choice of
working directory for the daemon is the user's business not the
daemon's.
Shorten the list of warnings that are reported, but
which are forced to NOT generate an error, via -Wno-error.
Unwhitelist these: strict-aliasing, sign-compare, type-limits
For example, ignoring strict-aliasing warning caused
lots of wasted time diagnosing Issue #847.
When an exception happens while reading the config file, we need
to print the error, as the logging system isn't initialized yet,
so the generic catch will not print anything.
Fee can now be multiplied by 2 or 3, if users want to give
priority to their transactions. There are only three levels
to avoid too much fingerprinting. Default is 1 (minimum fee).
The default multiplier can be set by "set fee-multiplier X".
The noexcept specs were added to make GCC 6.1.1 happy (#846), but this
one was missing (because GCC did not complain about it on Linux, but
does complain on OSX).
We need ARCH, because it needs to be set for ARM7, ARM6 to be
initialized.
Strangely, on different machines (both ARMv7, Arch), ${ARCH}
var is either empty or 'native'. Handle both cases.
The former was a faulty "fix" for gmtime_r not existing on Windows. The latter is needed only for dynamic builds, and is not included with msys2, which ends up fine because Windows is only built static at this time.
5dc09f2 wallet_rpc_server: fix some string values being returned between <> (moneromooo-monero)
f8213c0 Require 64/16 characters for payment ids (moneromooo-monero)
c5f00bc cn_deserialize: add minergate data (moneromooo-monero)
2470b20 cn_deserialize: print extra nonce as hex data (moneromooo-monero)
77d8fc3 tx_extra: parse new chunk added by minergate (blashyrkh)
The default behavior for hex string parsing would allow the
last digit to be made from a single hexadecimal character,
which is correct, but we typically do not want that as it
gets confusing and easy to not spot wrong input size.
Compilation of bitmonero on Arch with gcc 6.1 results in the following
error:
/home/mwo/bitmonero/tests/unit_tests/hardfork.cpp: In member function ‘virtual void TestDB::set_hard_fork_version(uint64_t, uint8_t)’:
/home/mwo/bitmonero/tests/unit_tests/hardfork.cpp:132:5: error: this ‘if’ clause does not guard... [-Werror=misleading-indentation]
if (versions.size() <= height) versions.resize(height+1); versions[height] = version;
This can be fixed by simply unfolding this line into three lines.
The destructors get a noexcept(true) spec by default, but these
destructors in fact throw exceptions. An alternative fix might be to not
throw (most if not all of these throws are non-essential
error-reporting/logging).
The destructors get a noexcept(true) spec by default, but these
destructors in fact throw exceptions. An alternative fix might be to not
throw (most if not all of these throws are non-essential
error-reporting/logging).
1c0bffb Restrict also 'get_connections' and 'getbans' APIs. (osensei)
9f8bc49 Don't allow 'flush_txpool' and 'setbans' JSON_RPC methods when running in restricted mode. (osensei)
The tests for rejection of unmixable outputs in v2 are commented out,
as there are no unmixable outputs created anymore. This should be
restored at some point.
It sets the max number of threads to use for a parallel job.
This is different that the number of total threads, since monero
binaries typically start a lot of them.
It allows a simple get_transfers (with default 0 min_height and
max_height) to return all transactions, instead of the unexpected
set of txes in block 0, which is probably none at all.
19fe8ae Add --restore-height option (Howard Chu)
b6e42c3 Speed up new wallet refresh (Howard Chu)
b7140da Add GET_HASHES_FAST rpc, use it in wallet (Howard Chu)
We want to lock operations which access the blockchain in
wallet2. We also want the background refresh to happen again
when we cancel a foreground refresh. Wrap the locking setup
in a macro so it doesn't get copy/pasted/mangled, and use
a scope exit trick to ensure it's always properly restored.
This sends all outputs in a wallet to a given address, alleviating
the difficulty people have had trying to send all monero but
being left with some small amount left.
modified: src/wallet/wallet2.cpp
modified: src/wallet/wallet2.h
Update to fix unconfirmed balance and give a slightly more verbose and informative confirmation message for transfers
When m_refresh_from_block_height has been set, only hashes will be
retrieved up to that height, instead of full blocks. The same will
be done for "refresh <height>" when the specified height is beyond
the current local blockchain.
When reaching the tail emission phase, the amount of coins will
eventually go over MONEY_SUPPLY, overflowing 64 bits. There was
a check added to blockchain_storage, but this was not ported to
the blockchain DB version.
Reported by smooth.
When the send queue limit is reached, it is likely to not drain
any time soon. If we call close on the connection, it will stay
alive, waiting for the queue to drain before actually closing,
and will hit that check again and again. Since the queue size
limit is the reason we're closing in the first place, we call
shutdown directly.
If we reach the send queue size limit, we need to release the lock,
or we will deadlock and it will never drain.
If we reach that limit, it's likely there's another problem in the
first place though, so it will probably not drain in practice either,
unless some kind of transient network timeout.
d662ab5 rpc: print human readable time since received when printing pool (moneromooo-monero)
5c9dd23 rpc: add a do_not_relay boolean to tx submission (moneromooo-monero)
^C when in RPC mode would not save the wallet while it was still
refreshing after starting up.
Also, save the wallet out of the signal handler. We don't want
to call complex stuff in a signal handler.
Also bumped DB VERSION to 1
Another significant speedup and space savings:
Get rid of global_output_indices, remove indirection from output to keys
This is the change warptangent described on irc but never got to finish.
This speeds up wallet refresh by directly retrieving a tx's amount output indices.
It removes the indirection and walking the amount output duplicate list
for every amount in each requested tx.
"tx_outputs" is used by:
Amount output indices are needed for wallet refresh.
Global output indices are needed for removing a tx.
Both amount output indices and global output indices are now stored in
an array of 64-bit unsigned ints:
tx_outputs[<tx_hash>] -> [ <a1_oi, a1_gi, a2_oi, a2_gi, ...> ]
Previously it was:
tx_outputs[<tx_hash>] -> duplicate list of <a1_gi, a2_gi, a3_gi, ...>
The amount output list had to be walked for every amount in order to
find each amount's output index, by comparing the amount's global output
index with each one in the duplicate list until a match was found.
See also d045dfa7ce
b4eada9 wallet: make load_keys check types when loading JSON (moneromooo-monero)
3e55725 wallet: make the JSON reading type safe (moneromooo-monero)
f8d05f3 common: new json_util.h (moneromooo-monero)
This can generate non decomposed outputs for very large block
rewards (or not so large ones if a miner decides to not quantize
the block rewards). Out of an abundance of caution, we refuse
to generate those. They are still accepted by the consensus code,
however.
d5d46e6 tests: obligatory hardfork unit build fix after interface change (moneromooo-monero)
25672d3 wallet: pass std::function by const ref, not value (moneromooo-monero)
0be6e08 wallet: do not leak owned amounts to the daemon unless --trusted-daemon (moneromooo-monero)
12146da wallet: change sweep_dust to sweep_unmixable (moneromooo-monero)
600a3cf New RPC and daemon command to get output histogram (moneromooo-monero)
f9a2fd2 wallet: handle rare case where fee adjustment can bump to the next kB (moneromooo-monero)
f26651a wallet: factor fee calculation (moneromooo-monero)
This allows appropriate action to be taken, like displaying
the reason to the user.
Do just that in simplewallet, which should help a lot in
determining why users fail to send.
Also make it so a tx which is accepted but not relayed is
seen as a success rather than a failure.
With the change in mixin rules for v2, the "annoying" outputs are
slightly changed. There is high correlation between dust and
unmixable, but no equivalence.
This is a list of existing output amounts along with the number
of outputs of that amount in the blockchain.
The daemon command takes:
- no parameters: all outputs with at least 3 instances
- one parameter: all outputs with at least that many instances
- two parameters: all outputs within that many instances
The default starts at 3 to avoid massive spamming of all dust
outputs in the blockchain, and is the current minimum mixin
requirement.
An optional vector of amounts may be passed, to request
histogram only for those outputs.
b852766 blockchain: for v3, require miner tx to have well behaved outs (moneromooo-monero)
97638b1 core: fix miner tx block reward with fees (moneromooo-monero)
This was meant to go in v2, but the miner tx slipped through
the cracks as it doesn't go through the main tx verification
since it doesn't get added to the pool.
287e882 remove connectivity tool, comment it out from munin plugins too (Riccardo Spagni)
51a56e7 remove unecessary and bad std::move from portable_storage_template_helper.h (Riccardo Spagni)
It takes a filename containing JSON data to generate a wallet.
The following fields are valid:
version: integer, should be 1
filename: string, path/filename for the newly created wallet
scan_from_height: 64 bit unsigned integer, optional
password: string, optional
viewkey: string, hex representation
spendkey: string, hex representation
seed: string, optional, list of words separated by spaces
Either seed or private keys should be given. If using private
keys, the spend key may be omitted (the wallet will not be
able to spend, but will see incoming transactions).
If scan_from_height is given, blocks below this height will not
be checked for transactions as an optimization.
tx_pool.h doxygen documentation completed.
Many notes made on areas for improvement, be that functionality or
code clarity.
Commented code and unused code removed.
Changes the Doxyfile to expand preprocessor macros, but only the ones
defined in the Doxyfile. This way we can specify that
BLOCKCHAIN_DB == DB_LMDB for the sake of documentation.
The functions in src/cryptonote_core/checkpoints_create.{h,cpp} should
be member functions of the checkpoints class, if nothing else for the
sake of keeping their documentation together.
This commit covers moving those functions to be member functions of the
checkpoints class as well as documenting those functions.
All functions in src/cryptonote_core/checkpoints.h are now documented in
doxygen style.
checkpoints.cpp has been reviewed, one function has been marked for
discussion on correctness.
All functions are now documented in doxygen format. Comments have been
updated to reflect the current state of the code. Many areas for
improvement in clarity and design have been noted, as well as cruft to
be removed. These changes are not reflected in this commit both to
allow time for comment and to keep commits organized by purpose.
40974b1 fix building on FreeBSD (Riccardo Spagni)
1800d61 bump miniupnpc API version number (Riccardo Spagni)
a4242c4 update miniupnpc (Riccardo Spagni)
Example of current return for `print_block 912345`:
timestamp: 1452793716
previous hash:
b61c58b2e0be53fad5ef9d9731a55e8a81d972b8d90ed07c04fd37ca6403ff78
nonce: 1646
is orphan: 0
height: 912345
depth: 85434
hash:
e22cf75f39ae720e8b71b3d120a5ac03f0db50bba6379e2850975b4859190bc6difficul
ty: 815625611
reward: 7388968946286
{
"major_version": 1,
"minor_version": 2,
…
Without `std::endl`, the difficulty gets smashed on the end of the hash.
It would try to join the auto refresh thread, which would
only happen after it was done, which would take a long time
when doing so on a newly created wallet.
8bc1bd6 wallet: use minimum mixin when RPC asks for too low mixin (moneromooo-monero)
31d2e0f wallet_rpc_server: make use_fork_rules public (moneromooo-monero)
After the fork, normal transfer functions called via RPC
use the minimum mixin 2 if 0 or 1 is requested. While the
incoming transaction may be valid (eg, it has an unmixable
and at most a mixable input), it is a simple way to make
sure RPC users can't get a seemingly random accept/reject
behavior if they don't update their requested mixin.
bdec7cb BlockchainLMDB: Use DB error helper consistently (warptangent)
c5932eb BlockchainLMDB: Add DB error to exception (warptangent)
a49c355 Blockchain: Omit verbose time stats messages by default (warptangent)
TEST:
blockchain_export -h
This should show "berkeley" as an available option to --database.
With an existing BerkeleyDB database, run:
blockchain_export --database berkeley
This is already the default for the daemon, but by checking a command
line argument and calling a Blockchain member function setter.
Initialize the variable to false so it's not dependent on an external
command-line argument check. This allows utilities like
blockchain_import to have a reasonable default without code changes.
c2a1fee simplewallet: prompt for private keys when generating wallets (moneromooo-monero)
4513b4c simplewallet: add a new --restore-from-keys option (moneromooo-monero)
11d555c Fix crash in std::map for connections_map (Howard Chu)
014f886 std::condvar is broken on Win32 with gcc/g++ 4.8 too (Howard Chu)
7c86c59 Use boost::thread instead of std::thread (Howard Chu)
57e75fa BlockchainBDB: Check if hard fork subdbs need reset (warptangent)
47f6cf8 BlockchainBDB: Support blockchain_import --drop-hard-fork command (warptangent)
27d4e50 core: check whether an update is needed straight away (moneromooo-monero)
8892173 core: print "update needed" hard fork notifications in red (moneromooo-monero)
Pass the CMake bit width setting to compile flags for blockchain_import
and blockchain_converter.
For LMDB on 32-bit, hyc has found that batch size of 100 appears to be a
good default.
3b13a74 Shutup about VERSION 0 (Howard Chu)
1537477 Use cursor in get_output_key (Howard Chu)
f2faf8c Use MDB_APPEND mode where possible (Howard Chu)
090b548 Use cursors in write txns (Howard Chu)
ed08d21 Keep a running blocksize count (Howard Chu)
0fc9334 Win32 import batchsize tweaks (Howard Chu)
27f76e2 blockchain_import: Build string for db type list (warptangent)
1aa8a9d blockchain_import: Add mode argument representing multiple DB flags (warptangent)
cffc411 blockchain_import: Support BerkeleyDB (warptangent)
19c1aaa blockchain_import: Add database type argument (warptangent)
0fedce0 blockchain_import: Make LMDB-specific names general (warptangent)
When keys are contiguous and monotonically increasing, this gets
denser page utilization (doesn't leave padding in page splits).
Can't be used for keys that are inserted in random order (e.g. hashes)
In total this only saves around 1.5% of space compared to original
DB code. The previous patch accounted for 0.8% savings on its own;
the blocks tables just aren't that big.
These modes match those optionally provided as part of the daemon's
--db-type argument.
Argument after the # is interpreted as a composite mode if there's only
one (no comma separated arguments).
Sample usage:
blockchain_import --database lmdb#fastest
blockchain_import --database berkeley#fastest
Multiple specific DB flags are still supported, e.g.
blockchain_import --database lmdb#nosync,nordahead
blockchain_import --database berkeley#txn_nosync
1995923 BlockchainLMDB: Deal with DB exceptions at block level with particularity (warptangent)
c16cc20 BlockchainLMDB: Add sanity check for inconsistent state (warptangent)
9118d0a BlockchainLMDB: Call destructor on allocated txn if setup fails (warptangent)
f5581c3 BlockchainLMDB: Replace remaining txn pointer NULLs with nullptr (warptangent)
c7e6b77 crypto: only check MONERO_USE_SOFTWARE_AES once (moneromooo-monero)
74aef21 crypto: use software AES based on the MONERO_USE_SOFTWARE_AES env var (moneromooo-monero)
5cb03a1 unit_tests: fix blockchain unit test after hard fork import fix (moneromooo-monero)
759383c hardfork: add a default fork entry for v1 if none exist (moneromooo-monero)
c7f82ec blockchain: initialize m_hardfork to NULL (moneromooo-monero)
8649b9f blockchain_db: pass hard fork object as a simple pointer (moneromooo-monero)
a333c42 core_tests: add tests for hard fork behaviors (MRL-0004) (moneromooo-monero)
945fe90 core_tests: allow setting miner tx max_outs when creating a block (moneromooo-monero)
8e4c2e6 unit_tests: fix hard fork unit test compilation (moneromooo-monero)
9ef5794 blockchain_utilities: remove unused num_blocks variable (moneromooo-monero)
6c8e5c3 blockchain: reset hardfork object when resetting blockchain (moneromooo-monero)
Add another DB error exception type to distinguish failed txn setup from
general use of txn.
This keeps the error handling flow the same as before the block-level
txn setup changes that moved control up a layer to BlockchainDB.
DL is empty and unused elsewhere.
The intention at one point may have been to use CMAKE_DL_LIBS, but that
would more likely apply in some situations involving static linking.
This allows the OpenSSL function checks to compile in unbound's CMake
configuration.
Otherwise, the functions SHA256() and EVP_sha512() won't be called from
libunbound as possible algorithms.
They had not been compiling because static OpenSSL libraries were being
used, along with lack of -ldl. The static library preference is
unnecessary for the checks, so use default suffixes ordering for
CMAKE_FIND_LIBRARY_SUFFIXES when building unbound.
Related files:
configure_checks.cmake
external/unbound/validator/val_secalgo.c
secalgo_ds_digest(), setup_key_digest()
Remove LINK_SEARCH_START_STATIC and LINK_SEARCH_END_STATIC. This is more
appropriate when the compiler flag -static is used.
This had been causing CMake to omit the linker flags necesssary to
distinguish static and dynamic library linking. CMake had assumed static
linking for the target, causing it to omit explicit static link flags.
That is problematic without the -static compile flag being set.
With a library located in system directories, like libboost_date_time,
the full static path (.a), though found correctly by CMake, was treated
by the linker as a dynamic library. This is because
target_link_libraries() transforms the full path to -l<libname> if it's
in a system directory. Without -static or explicit linker flags, the
dynamic library (.so) is linked.
Removing the above two properties removes the assumption of static. So
-Wl;-Bstatic is inserted where needed. This causes -l<libname> to
properly refer to the static library instead of dynamic.
Setting to no or 0 also works. If set, any other value enables it.
Useful for running with valgrind in cases where it fails at
properly implementing AES-NI.
We also replace the --fakechain option with an optional structure
containing details about configuration for the core/blockchain,
for test purposes. This seems more future friendly.
e298b14 Blockchain: Update comments on removing block (warptangent)
b368e29 blockchain_import: Get hard fork version from HardFork (warptangent)
e02577f Move HardFork DB update to BlockchainDB::add_block() (warptangent)
3800875 Make HardFork object available to BlockchainDB and derived DB implementations (warptangent)
fd46c96 BlockchainDB/LMDB: Refactor block-scope DB txn handling for add block (warptangent)
f3a6000 BlockchainDB/LMDB/BDB: Extract DB txn functions for block add/remove (warptangent)
f47d5b0 BlockchainLMDB: Allow two HardFork functions to update DB during block add (warptangent)
15ee0be BlockchainLMDB: extract txn macros used during block add/remove (warptangent)
9d62c16 blockchain_import: Add hard fork data for each block when verify mode is off (warptangent)
7006b2e blockchain_utilities: Have fake_core create HardFork object (warptangent)
8f863e7 Blockchain: Optionally pass in HardFork object (warptangent)
f7e337e fake_core: Check if hard fork subdbs need reset at start (warptangent)
c657e77 blockchain_import: Add --drop-hard-fork command (warptangent)
4122439 blockchain_import: Add exception to log output (warptangent)
7658ac0 blockchain: revert handle_get_objects adding block id on tx not found (moneromooo-monero)
3a0f4d8 berkeleydb: fix delete/free mismatch (moneromooo-monero)
1642be2 minor bugfixes and refactoring (Thomas Winget)
098dcf2 unit_tests: fix mnemonics unit test testing invalid seeds (moneromooo-monero)
119eb10 unit_tests: fix hard fork unit tests and add a test for major too (moneromooo-monero)
64a2aa3 hardfork: allow passing chain height in get(height) for convenience (moneromooo-monero)
If it is, it points to reuse of a tx key, which isn't meant to happen.
If it does, a key image collision means that only one of those
outputs is spendable, so the wallet selects the larger amount,
unless that output was spent already.
This causes a discrepancy betewen reported received inputs and
payment total.
Since tx keys are 256 bits, this should never happen except if
done on purpose, or if a sender uses a bad PRNG.
Locking just one db turns out to not have been a good idea, since
the pool and p2p state fdles have to be used anyway.
Also ensure the directory exists before tring to lock.
- Blockchain should store if it's running on testnet or not
- moved loading compiled-in block hashes to its own function for clarity
- on handle_get_objects, should now correctly return false if a block's
transactions are missing
- replace instances of BOOST_FOREACH with C++11 for loops in Blockchain.
Sample use:
BERKELEY_DB=0 make debug
This makes development with BlockchainLMDB easier when virtual methods
have changed and don't match BlockchainBDB.
Some word triplets, such as "mugged names nail", are not valid
results from any 32 bit value. If used to decode a 32 bit value,
the result will therefore encode to a different word triplet.
Fix this by using random words converted from an actual random
bitstring, ensuring we always get valid triplets.
7fc6fa3 wallet: forbid dust altogether in output selection where appropriate (moneromooo-monero)
5e1a739 blockchain: log number of outputs available for a new tx (moneromooo-monero)
bcac101 daemon: fix a few issues reported by valgrind (moneromooo-monero)
a7e8174 tx_pool: fix serialization of new relayed data (moneromooo-monero)
601ad76 hardfork: fix mixup in indexing variable in get_voting_info (moneromooo-monero)
444e22f blockchain: remove unused timer (moneromooo-monero)
7edfdd8 blockchain: fix m_sync_counter uninitialized variable use (moneromooo-monero)
d97582c epee: use generate_random_bytes for new random uuids (moneromooo-monero)
17c7c9c epee: remove dodgy random code that nobody uses (moneromooo-monero)
bf6d147 new flush_txpool command, and associated RPC call (moneromooo-monero)
6288295 rpc: add missing return on error when getting a tx (moneromooo-monero)
b7e37b7 simplewallet: show_transfers can now show just failed txes (moneromooo-monero)
b11539f wallet: detect and handle failed outgoing transfers (moneromooo-monero)
4b23714 tx_pool: serialize missing kept_by_block flag (moneromooo-monero)
A boost lock is used to determine whether more than one process
wants to access the database. The boost file_lock doesn't seem
to like locking directories, so we use an arbitrary file in it.
This allows to still run two daemons if they have different
database directories (ie, LMDB/BDB, different data directories).
In particular, ensure we check the status of RPC response structures,
as some functions will return success, but with a BUSY status, when
the daemon is not yet synced, and the response will not filled.
94b98fb tx_pool: do not accept txes not in a block if they timed out before (moneromooo-monero)
eadbdf3 tx_pool: fix use of invalidated iterator (moneromooo-monero)
3b1d7e0 Fix V1/V2 use of hard fork related parameters (moneromooo-monero)
b8cc6d4 BlockchainBDB: Continue when tx has no outputs (warptangent)
b870746 BlockchainBDB: When removing, find amount output index fast by starting at end (warptangent)
1a5c3fa BlockchainBDB: Remove tx outputs in reverse order (warptangent)
This is intended to avoid cases where a timed out tx will be
re-relayed by another peer for which it has not timed out yet,
which would cause the tx to stay in the network's pool for a
long time (until all peers time it out before another one
tries to relay it again).
This improves blockchain reorganization time by allowing one of the more
expensive DB lookups when popping a block to not have to seek through a
long dup list in the "output_amounts" db. This is most noticeable for
HDDs.
See ffcf6bdb95
Data should be removed in the reverse order it was added.
This matches the order of removal in
blockchain_storage::pop_transaction_from_global_index.
See f11def012f
64f4cd9 My markdown-fu sucks :P (me0wmix)
a6794e2 Instructions updated to include g++ package and omit optional packages (me0wmix)
34ebfe3 Last fixups in the Cmake stuff and better default build instruction (me0wmix)
82ecb3f More formatting fixes to instructions (me0wmix)
efc771d Corrected formatting on OpenBSD instructions (me0wmix)
c965bf4 Added/corrected OpenBSD build instructions. (me0wmix)
28f95eb OpenBSD support for Monero. (me0wmix)
c5baf30 use load_file_to_string and exit with error on file read errors (Fabian Hirschmann)
7b2d27f remove new lines at the end of the password only (Fabian Hirschmann)
302cc9c add --password-file option (Fabian Hirschmann)
664dc42 rpc: fix missing target information in RPC call (moneromooo-monero)
eaf4dcd daemon: fix status command when run from command line (moneromooo-monero)
67bbb56 wallet2: decide at runtime which upper tx size to use (moneromooo-monero)
a44d94d rpc: is_key_image_spent now checks the tx pool too (moneromooo-monero)
The value will be different depending on whether we've reached
the first hard fork, which allows a larger size, or not.
This fixes transactions being rejected by the daemon on mainnet
where the first hard fork is not yet active.
Parse error. Expected a command name, got unquoted argument with text "]]"
Reason: Block comments are avaliable in cmake 3.0 not in 2.8 which is used in Ubuntu 14.04
576effe blockchain: kill ioservice on scope end, rather than manually (moneromooo-monero)
ed5d017 miner: minor fixes on stop (moneromooo-monero)
b245215 core_tests: deinit core before destroying it (moneromooo-monero)
bc8a52e wallet: add a rescan_bc command and rescan_blockchain RPC (moneromooo-monero)
92ef6b5 wallet: protect against exceptions in the block pull thread (moneromooo-monero)
af21061 net_peerlist: move a couple functions from public to private (moneromooo-monero)
This ensures this will be done without fail, as the error prone
matching of every return with a call to KILL_IOSERVICE leads to
hard to debug corruption when one is missing.
- only try to stop if actually started
- print number of threads before zeroing it
This fixes the suspiciously doubled "Mining has been stopped"
message on exit.
Blockchain hashes and key images are flushed, and blocks are
pulled anew from the daemon.
The console command is shortened to match bc_height.
This should make it a lot easier on users who are currently
told to remove this particular cache file but keep the keys
one, etc, etc.
32a2633 no longer need to pass the size to rapidjson (Riccardo Spagni)
bd8e0fd add missing miniupnpc files, modify cmake to not build miniupnpc tests and to fix an issue with finding miniupnpcstrings (Riccardo Spagni)
7da9905 updated miniupnpc (Riccardo Spagni)
61ce8d6 wallet_rpc_server: exit async, so we reply to stop_wallet RPC (moneromooo-monero)
9847db6 wallet: do not return error if incoming_transfers finds none (moneromooo-monero)
b39aae7 Tweak 45800a25e9 (hyc)
4a5a5ff blockchain: always stop the ioservice before returning (moneromooo-monero)
78b65cf db_lmdb: safety close db at exit (moneromooo-monero)
45800a2 db_lmdb: fix a strdup/delete[] mistmatch (moneromooo-monero)
50ee591 hardfork: ensure current_fork_index can not become negative on rescan (moneromooo-monero)
b90e14d tests: add a unit test for canonical decomposed amounts (moneromooo-monero)
79beed2 tests: fix various tests by using parameters better suited to monero (moneromooo-monero)
d0a8362 tests: fix some double spending tests (moneromooo-monero)
2358d0d tests: use 255 as a "too high" block version (moneromooo-monero)
f33a88c blockchain: fix a few block addition bugs (moneromooo-monero)
a9ff11c blockchain: fix an off by one error in unlocked time check (moneromooo-monero)
f294be3 blockchain: reinstate double spending checks in check_tx_inputs (moneromooo-monero)
737b6d6 blockchain: make some flag twiddling code closer to the original (moneromooo-monero)
81cb0fc blockchain: fix bitflipping test with quantized block rewards (moneromooo-monero)
22ddf09 blockchain: add missing m_tx_pool.on_blockchain_dec (moneromooo-monero)
d837c0c blockchain: fix switch to alternative blockchain for more than one block (moneromooo-monero)
5cec076 blockchain: add a missing validity check to rollback_blockchain_switching (moneromooo-monero)
3cabdb5 core: catch exceptions from get_output_key (moneromooo-monero)
5eef645 db: throw when given a non txout_to_key output to add (moneromooo-monero)
Some tests assume the first output in a transaction goes to the recipient.
However, it can be the change. When it is, the recipient's keys will not
recognize this output. To fix this, we send all we have, to ensure there
is no change, and the first output goes to the recipient.
I'm not sure why this worked with Cryptonote. The tests sent 17 coins,
which seems way smaller than the first Bytecoin block reward, so there
would have been change too. Maybe outputs were not shuffled originally.
If the block reward was too high, the verification failed flag
was set, but the function continued. The code which was supposed
to trap this flag and return failure failed to trap it, and,
while the block was not added to the chain, the function would
return success.
The reason for avoiding returning when the block reward problem
was detected was to be able to return any transactions to the
pool if needed. This is now mooted by moving the transaction
return code to a separate function, which is now called at all
appropriate points, making the logic much simpler, and hopefully
correct now.
We also move the hard fork version check after the prev_id check,
as block which does not go on the top of the chain might not
have the expected version there, without being invalid just for
this reason.
Last, we trap the case where a block fails to be added due to
using already spent key images, to set the verification failed
flag.
This fixes some double spending tests.
This may or may not be unneeded in normal (non test) circumstances,
to be determined later. Keeping these for now may be slower, but safer.
Block reward may now be less than the full amount allowed.
This was breaking the bitflipping test.
We now keep track of whether a block which was accepted by the core
has a lower than allowed block reward, and allow this in the test.
The check was explicit in the original version, so it seems
safer to make it explicit here, especially as it is now done
implicitely in a different place, away from the original check.
ffcf6bd BlockchainLMDB: When removing, find amount output index fast by starting at end (warptangent)
f11def0 BlockchainLMDB: Remove tx outputs in reverse order (warptangent)
Data should be removed in the reverse order it was added. Not doing so
breaks assumptions and can cause problems in other DB implementations.
This matches the order of tx removal in
blockchain_storage::purge_block_data_from_blockchain.
This improves blockchain reorganization time by allowing one of the more
expensive DB lookups when popping a block to not have to seek through a
long dup list in the "output_amounts" subdb. This is most noticeable for
HDDs.
As before, the dup list is still walked if necessary (but in reverse),
and the global output index still confirmed to be the one looked for.
But under proper use, the result will be found at the end of the dup
list, so we start there.
Removing an amount output index is always done in the context of popping
a block, so the global output index being looked for should be the last
one in that amount key's dup list. Even if the txs themselves aren't
removed in reverse order (supposed to be according to original
implementation), the specified amount output index will still be near
the end, because the txs are in the same block.
TEST:
Pop blocks with blockchain_import.
Blocks should be successfully removed with no errors shown.
bitmonerod should be able to start syncing from the reduced blockchain
height.
Since connections from the ::connect method are now kept in
a deque to be able to cancel them on exit, this leaks both
memory and a file descriptor. Here, we clean those up after
30 seconds, to avoid this. 30 seconds is higher then the
5 second timeout used in the async code, so this should be
safe. However, this is an assumption which would break if
that async code was to start relying on longer timeouts.
When the boost ioservice is stopped, pending work notifications
will not happen. This includes deadline timers, which would
otherwise time out the now cancelled I/O operations. When this
happens just after starting a new connect operation, this can
leave that operations in a state where it won't receive either
the completion notification nor a timeout, causing a hang.
This is fixed by keeping a list of connections corresponding
to the connect operations, and cancelling them before stopping
the boost ioservice.
Note that the list of these connections can grow unbounded, as
they're never cleaned up. Cleaning them up would involve
working out which connections do not have any pending work,
and it's not quite clear yet how to go about this.
8ea7af1 Allow the wallet to access hard fork information (moneromooo-monero)
760331b epee: make log macros behave like statements (moneromooo-monero)
3f2970f Add missing semicolons after log statements (moneromooo-monero)
In particular, <boost/program_options.hpp> blows up daemon.cpp.obj,
making it too big to compile in debug mode on Win32. Even on a
release build it drops daemon.cpp.o on Linux from 31MB to 20MB.
This has no effect on the final linked binary size.
The version number passed to those data's serialize function
was always 0, not the wallet's version as I had expected.
A version number now exists for these structures so they're
versioned correctly.
9079a32 Fix typo (warptangent)
3796941 blockchain.cpp: Change indentation from 4 to 2 spaces (warptangent)
725acc7 Replace tabs with two spaces for consistency with rest of codebase (warptangent)
Sample use:
DNS_PUBLIC=tcp torsocks bin/bitmonerod --p2p-bind-ip 127.0.0.1
Test:
Run above with --log-level 4 with and without DNS_PUBLIC environment
variable set.
DNS debugging info should show successful DNS lookups only when
DNS_PUBLIC is set to "tcp":
DNS lookup for seeds.moneroseeds.se: 17 results
DNS lookup for seeds.moneroseeds.ae.org: 17 results
DNS lookup for seeds.moneroseeds.ch: 12 results
DNS lookup for seeds.moneroseeds.li: 12 results
cbded43 core_tests: fix ring_signature_1 tests (moneromooo-monero)
c3d208f core_tests: bump default test fee to 0.02 monero (moneromooo-monero)
10da0a0 add a --fakechain argument for tests (moneromooo-monero)
eee44e6 unit_tests: fix block reward test using post hard fork settings (moneromooo-monero)
595893f blockchain: log block (not chain) height in "BLOCK SUCCESFULLY ADDED" (moneromooo-monero)
2369968 blockchain: fix off by one in get_blocks (moneromooo-monero)
8af913a db_lmdb: implement BlockchainLMDB::reset (moneromooo-monero)
4833f4f db_bdb: implement BlockchainBDB::reset (moneromooo-monero)
18bf06e tx_pool: fix "minumim" typo in message (moneromooo-monero)
44f1267 tests: fix a typo in test name (moneromooo-monero)
1494557 db_lmdb: create all needed directories, not just the leaf one (moneromooo-monero)
015b68a db_bdb: create all needed directories, not just the leaf one (moneromooo-monero)
f141869 tests: remove data-dir argument registration (moneromooo-monero)
This prevents the intermediate thread from exiting properly, as
fork creates a child process with only one thread, so any existing
data_logger thread will not be in the child. Since this thread
sets a flag the data_logger dtor blocks on, all children threads
will hang on exit.
When throwing an exception from being unable to begin an LMDB
transaction, include the reason.
It's often been due to a write transaction attempted within a write
transaction (batch mode), but there can be other reasons such as write
transaction attempted while database was opened read only, or
environment's map needs to be resized.
They were trying to send too much monero, and thus failing.
The parameters were set in such a way that the (simple) output
gathering code could fulfill them for 4 block rewards for the
original Bytecoin emission, but that does not work with monero
so we need to use smaller values.
The current monero consensus uses 0.01 per kB fees, so use enough
for 2 kB transactions for now. It'll probably have to be either
bumped further or changed to calculate the proper fee.
The core tests use the blockchain, and reset it to be able
to add test data to it. This does not play nice with the
databases, since those will save that data without an explicit
save call.
We add a fakechain flag that the tests will set, which tells
the core and blockchain code to use a separate database, as
well as skip a few things like checkpoints and fixup, which
only make sense for real data.
Data is only guaranteed to be valid within the lifetime of a txn.
You cannot use data returned from LMDB after the txn ends.
Also, fixed a missing txn.commit BlockchainLMDB::get_tx_unlock_time()
This fixes coretests, which does not register daemon specific arguments,
but uses core, which uses those arguments. Also gets rid of an unwanted
dependency on daemon code from core.
c6cfe0f wallet: make the wallet refresh type a wallet setting (moneromooo-monero)
fef2493 wallet: default auto-refresh to true for old wallets (moneromooo-monero)
This is a precaution for older Berkeley DB versions.
- smooth reports an issue running with 4.7:
DB_ENV->log_set_config: DB_LOG_IN_MEMORY: method not permitted
after handle's open method
- this works just fine with 5.3
- we do not use DB_LOG_IN_MEMORY, but we use DB_LOG_AUTO_REMOVE
- libdb docs say some flags must be set before open, and some
may be set at any time, but never say some must be set after
open
- moving the call to log_set_config before open works with 5.3
Therefore, it seems best to move the call before open.
This prevents an exception from existing the loop without
calling the exit handler, if one is defined.
The daemon defines one, which stops the p2p layer, and will
only exit once the p2p layer is shut down. This would cause
a hang upon an exception, as the input thread would have
exited and the daemon would wait forever with no console
user input.
Early DB versions did not store key images for inputs if the
transaction spending them had no outputs (ie, all fee). This
is not correct, as this would allow these outputs to be double
spent. This was fixed in 533acc30ed
a few months ago, but databases having synced blocks 2021612 and
685498 with a faulty version will be missing those key images
in the spent keys database. This code checks for this, and adds
those key images if they are missing.
a3c5ca0 blockchain_db: make the indexing base a BlockchainDB virtual function (moneromooo-monero)
a702118 blockchain_dump: fix output key dump for BDB 1-based indices (moneromooo-monero)
3bf35e1 db_bdb: read 32 bit heights from keys (moneromooo-monero)
Berkeley DB uses 1 based indices for RECNO databases, and the
implementation of BlockchainDB for Berkeley DB assumes 1 based
indices are passed to the API, whereas the LMDB one assumes
0 based indices. This is all internally consisteny, but since
the BDB code stores 1 based indices in the database, external
users have to be aware of this, as the indices will be off by
one depending on which DB is used.
^C while in manual refresh will cancel the refresh, since that's
often an annoying thing to have to wait for. Also, a manual refresh
command will interrupt any running background refresh and take
over, rather than wait for the background refresh to be done, and
look to be hanging.
9ee48e9 wallet2: speed up wallet refresh for large miners (moneromooo-monero)
4905903 wallet2: parallelize pulling blocks and processing them on refresh (moneromooo-monero)
d0eaf1d wallet2: maintain the short chain manually when refreshing (moneromooo-monero)
a4e9506 wallet2: split pull blocks between pulling and processing (moneromooo-monero)
The daemon will be polled every 90 seconds for new blocks.
It is enabled by default, and can be turned on/off with
set auto-refresh 1 and set auto-refresh 0 in the wallet.
This allows them to be saved as a fixed (one byte) chunk whatever
the value. Using a varint will use two bytes as the high bit gets
set.
This is backward compatible with current usage (0-2 values).
d887c18 hardfork: fix more major/minor issues (moneromooo-monero)
3b47ca2 hardfork: fix rescan on load (moneromooo-monero)
4cea2b1 Add IP blocking for misbehaving nodes (adapted from Boolberry) (Javier Smooth)
9c64b12 quiet down p2p logging a bit (Javier Smooth)
53c75ab blockchain: log versions as numbers, not characters (moneromooo-monero)
edade8d hardfork: fix actual/voting confusion (moneromooo-monero)
9b945f5 wallet: make the refresh optimizations selectable via command line (moneromooo-monero)
d2c0313 wallet: speedup refresh from daemon (moneromooo-monero)
ea707c7 wallet2: minor cleanup (moneromooo-monero)
55a2da7 wallet2: speedup refresh a bit (moneromooo-monero)
Also add some more tests, and rename some instances of
"version" and "add" for clarity.
NOTE: the starting height values are sometimes wrong.
I suspect this is due to the hard fork reorg code being
buggy, since they're good when syncing after the fact.
However, they're not actually used by the consensus code,
so I'm ignoring this for now, but this needs debugging.
Assume the whole of a coinbase goes to the same address (so that
if the first output isn't for us, none of it is), and only look
for payment id when we received something in the transaction.
Height seemed to be flying all over the place on a rescan here.
Logging to a file shows the heights are actually correct, and
this is some kind of screen refresh artifact. Flush after \r
and update less often to reduce this effect a lot.
f3724ae Fix startup crash when using a locale boost does not like (moneromooo-monero)
0c1dae3 i18n: allow language to be passed as a parameter (moneromooo-monero)
There are various locale related bugs in various versions of boost,
where exceptions are thrown in boost::filesystem APIs when the
current locale is not to boost's liking. It's not clear what "not
to boost's liking" means in detail, though "en" and "en_US.UTF-8"
are not to its liking.
Fix it by running a test function that's known to throw in such
a case, and resetting LANG and LC_ALL to C if an exception is
thrown. In simplewallet, the locale is queried before that so the
correct translations will still be used.
The last relayed time of a transaction is maintained, and
transactions will be relayed again if they are still in the
pool after a certain amount of time, which increases with
the transaction's age. All such transactions are resent,
whether or not they originated on the local node.
baf101e More changes for 2-min blocks Use the correct block time for realtime fuzz on locktime Use the correct block time to calculate next_difficulty on alt chains (will not work as-is with voting) Lock unit tests to original block time for now (Javier Smooth)
4fea1a5 Adjust difficulty target (2 min) and full reward zone (60 kbytes) for block version 2 (Javier Smooth)
It looks like some of the indices passed to the DB access functions
are already bumped by 1. Moreover, the existing code was not
throwing DB errors with 0 keys, and this is unlikely if it really
was using 0 keys. Last, this patch broke sync from scratch in at
least one case. So I'm calling it bad and reverting it.
This reverts commit bfc97401ae.
Use the correct block time for realtime fuzz on locktime
Use the correct block time to calculate next_difficulty on alt chains (will not work as-is with voting)
Lock unit tests to original block time for now
They check whether they're running on testnet by accessing the
m_rpc_server object, which does not exist when in RPC mode.
Also, fix hard_fork_info being called with the wrong API.
ecf0b83 db_bdb: add versioning, to detect incompatible format changes (moneromooo-monero)
f7e9904 db_lmdb: add versioning, to detect incompatible format changes (moneromooo-monero)
43bca0d blockchain_utilities: new blockchain_dump diagnostic tool (moneromooo-monero)
5f397e4 Add functions to iterate through blocks, txes, outputs, key images (moneromooo-monero)
0a5a5e8 db_bdb: record numbers for recno databases start at 1 (moneromooo-monero)
50dfdc0 db_bdb: DB_KEYEMPTY is also not found for non-top recon fields (moneromooo-monero)
572780e blockchain_db: use the DNE exceptions where appropriate (moneromooo-monero)
6376627 hardfork: switch voting to block minor version (moneromooo-monero)
55178ae unit_tests: remove leftover debug traces in hardfork test (moneromooo-monero)
Displays current block height and target, net hash, hard fork
basic info, and connections.
Useful as a basic user friendly "what's going on here" command.
The wallet and the daemon applied different height considerations
when selecting outputs to use. This can leak information on which
input in a ring signature is the real one.
Found and originally fixed by smooth on Aeon.
The daemon registers a custom exit command, which cause the
loop to stop. Catch this case before printing "Failed to read line"
as this is an expected case.
Using major version would cause older daemons to reject those
blocks as they fail to deserialize blocks with a major version
which is not 1. There is no such restriction on the minor
version, so switching allows older daemons to coexist with
newer ones till the actual fork date, when most will hopefully
have updated already.
Also, for the same reason, we consider a vote for 0 to be a
vote for 1, since older daemons set minor version to 0.
b13e7f2 blockchain_export can now export to a blocks.dat format (moneromooo-monero)
11db442 bootstrap_file: do not try to create a directory with an empty name (moneromooo-monero)
03bc610 hardfork: use DB transactions when reorganizing (moneromooo-monero)
439c455 hardfork: simplify work done on reload (moneromooo-monero)
79c95c1 simplewallet: bump default mixin from 3 to 4 (moneromooo-monero)
ac90d48 from hard fork 2, all outputs must be decomposed (moneromooo-monero)
90ccad1 from hard fork 2, claim a quantized reward in coinbase (moneromooo-monero)
22b1570 cryptonote_format_utils: add a function to tell if an amount is canonical (moneromooo-monero)
33affd2 blockchain: on hardfork 2, require mixin 2 at least if possible (moneromooo-monero)
434e0f4 hardfork: make the voting window a week (moneromooo-monero)
0a7421b hardfork: rescan speedup (moneromooo-monero)
fec98b8 hardfork: remove use of GNU extension for initializing object (moneromooo-monero)
4bbf944 blockchain: on hardfork 2, allow miners to claim less money than allowed (moneromooo-monero)
088bc56 hardfork: change window semantics to not count the newly added block (moneromooo-monero)
198f557 blockchain: use different hard fork settings for testnet and mainnet (moneromooo-monero)
This allows knowing the hard fork a block must obey in order to be
added to the blockchain. The previous semantics would use that new
block's version vote to determine this hard fork, which made it
impossible to use the rules to validate transactions entering the
tx pool (and made it impossible to validate a block before adding
it to the blockchain).
5b11a89 hardfork: most state now saved to the DB (moneromooo-monero)
0a54c3a hardfork: remove the "parts are copyright cryptonote" notices (moneromooo-monero)
e546f37 Add an RPC call and daemon command to get info on hard fork voting (moneromooo-monero)
d067131 blockchain: force a hardfork recalculation at load time (moneromooo-monero)
a717761 core: add consts where appropriate (moneromooo-monero)
8ffc508 core: moan when we think an update is needed to get latest hard fork info (moneromooo-monero)
f854984 blockchain: use the new hardfork class (moneromooo-monero)
62b1f74 New hardfork class (moneromooo-monero)
bed9a44 blockchain: add a couple missing includes (moneromooo-monero)
3c10239 unbound: use the mini event fallback implementation (moneromooo-monero)
4e138a0 dns_utils: remove unnecessary string conversion (moneromooo-monero)
f928468 dns_utils: factor the fetching code for different DNS record types (moneromooo-monero)
4ef0da1 dns_utils: simplify string handling and fix leak (moneromooo-monero)
ae5f28c dns_utils: add a const where possible (moneromooo-monero)
f43d465 dns_utils: lock access to the singleton (moneromooo-monero)
5990344 dns: make ctor private (moneromooo-monero)
Using libevent seems to have high peaks of file descriptor use,
which can cause failure to create fds in other parts of bitmonerod.
The fallback implementation seems to run fine in a significantly
tighter file descriptor limit.
This ensures one can't instanciate a DNSResolver object by
mistake, but uses the singleton. A separate create static
function is added for cases where a new object is explicitely
needed.
0a4bc84 Added ref10 shen_ed25519_ref code, which includes code that can replace crypto-ops with a version straight from Bernstein's ref 10 (ShenNoether)
0d70fdc revert to 776b4fc91a (ShenNoether)
b01f286 Added shen_ed25519_ref to crypto ops subfolder, the point is to directly have bitmonero's crypto code come from bernstein et al's ref 10 code (ShenNoether)
f197599 wallet: encrypt the cache file (moneromooo-monero)
98c76a3 chacha8: add a key generation variant that take a pointer and size (moneromooo-monero)
It contains private data, such as a record of transactions.
The key is derived from the view and spend secret keys.
The encryption currently is one shot, so may require a lot of
memory for large wallet caches.
7c4d6f1 simplewallet: Use default log file name when executable's file path is unknown (warptangent)
b5b0f08 epee: Don't set log file name when process path name isn't found (warptangent)
378d004 blockchain: mark two places where the new code differs from the old (moneromooo-monero)
73d42a7 blockchain: update cumulative size after block addition (moneromooo-monero)
4a44377 blockchain: remove dead code (moneromooo-monero)
3f9089a blockchain: do not try to add a tx the pool when it was nor taken out (moneromooo-monero)
769d5ef blockchain: fix off by 1 in timestamp median calculations (moneromooo-monero)
Default to "simplewallet.log" in current directory when file path isn't
obtained from epee.
In this situation previously, it defaulted to the file name of ".log"
("" + ".log") in the current directory.
(Thanks to @sammy007 for reporting bug.)
An earlier version yet used "" + "/" + ".log" = "/.log", which resulted
in silently not logging in most cases, due to lack of permission.
Test:
PATH=$PATH:</path/to/simplewallet/folder> && simplewallet --wallet-file /dev/null
This results in epee not finding the executable's file path, so
simplewallet will now use a default log filename.
If process path name isn't found, then leave log file name blank.
This also applies if a process name is found, but it's blank after
removing a trailing dot extension.
The height function apparently used to return the index of
the last block, rather than the height of the chain. This now
seems to be incorrect, judging the the code, so we remove the
now wrong comment, as well as a couple +/- 1 adjustments
which now cause the median calculation to differ from the
original blockchain_storage version.
This obsoletes the need for a lengthy blockchain rescan when
a transaction doesn't end up in the chain after being accepted
by the daemon, or any other reason why the wallet's idea of
spent and unspent outputs gets out of sync from the blockchain's.
e63b854 blockchain_db: match tx addition semantics to original code (moneromooo-monero)
83bbea4 Add a is_key_image_spent daemon command and RPC call (moneromooo-monero)
35abef1 blockchain: remove dead code (moneromooo-monero)
The original code removed key images from a tx from the blockchain
when an non to-key nor gen input was found in that tx. Additionally,
the remainder of the tx data was added to the blockchain only after
the double spend check passed.
2634307 daemon: omit extra set of <> in error message (moneromooo-monero)
0822933 daemon: print a decoded tx in print_tx (moneromooo-monero)
1d678b1 daemon: fix print_tx not find transactions (moneromooo-monero)
It was only used by the older blockchain_storage.
We also move the code to the calling blockchain level, to avoid
replicating the code in every DB implementation. This also makes
the get_random_out method obsolete, and we delete it.
Pros:
- smaller on the blockchain
- shorter integrated addresses
Cons:
- less sparseness
- less ability to embed actual information
The boolean argument to encrypt payment ids is now gone from the
RPC calls, since the decision is made based on the length of the
payment id passed.
A payment ID may be encrypted using the tx secret key and the
receiver's public view key. The receiver can decrypt it with
the tx public key and the receiver's secret view key.
Using integrated addresses now cause the payment IDs to be
encrypted. Payment IDs used manually are not encrypted by default,
but can be encrypted using the new 'encrypt_payment_id' field
in the transfer and transfer_split RPC calls. It is not possible
to use an encrypted payment ID by specifying a manual simplewallet
transfer/transfer_new command, though this is just a limitation
due to input parsing.
If there's no blocks in database (m_height == 0):
Don't assign incorrect block range to check.
Skip average block size check.
Test:
Run blockchain_converter with an existing source blockchain.bin and
a non-existent LMDB destination database.
The converter creates a BlockchainLMDB instance with zero height, due to
not being initialized with a genesis block, normally done by
Blockchain::init(). While different than the behavior of bitmonerod,
blockchain_import, and blockchain_export, the initialization hasn't been
strictly necessary.
The db batch size estimation normally uses an average block size, or a
default minimum block size, whichever is greater. In this case, as
there's no existing blocks to check for an average block size, the
default should be used.
1d1a77b slight modification to wordlist contributor tagline (as these contributors haven't used git to submit a PR, so we're creating the wordlist on their behalf (Riccardo Spagni)
ef7671a added Russian wordlist (Riccardo Spagni)
It should avoid a lot of the issues sending more than half the
wallet's contents due to change.
Actual output selection is still random. Changing this would
improve the matching of transaction amounts to output sizes,
but may have non obvious effects on blockchain analysis.
Mapped to the new transfer_new command in simplewallet, and
transfer uses the existing algorithm.
To use in RPC, add "new_algorithm: true" in the transfer_split
JSON command. It is not used in the transfer command.
9b83a43 Update after recent simplewallet string changes (moneromooo-monero)
35378f1 simplewallet: fix context/string order mismatch (moneromooo-monero)
e62692f simplewallet: use unsigned long long instead of size_t in message (moneromooo-monero)
boost doesn't support %zu for size_t, and the previous change
to %u could technically lose bits (though it would require splitting
a transfer into 4 billion transactions, which seems unlikely).
e027831 console_handler: do not call a NULL function pointer (moneromooo-monero)
b87e066 console_handler: check for eof before trying to use input (moneromooo-monero)
70ae2ee Fixed threadpool bug when running on single core systems. *Thanks to freshman for reporting bug. (NoodleDoodleNoodleDoodleNoodleDoodleNoo)
464dbe7 Fixed MINGW duplicate library errors when MSYS folder cannot be found. *Thanks to luigi1111 for reporting. (NoodleDoodleNoodleDoodleNoodleDoodleNoo)
CMake supports this through THREADS_PREFER_PTHREAD_FLAG.
Remove inclusion of pthread library in EXTRA_LIBRARIES, as the
individual CMakeLists.txt files which need pthread already require it
with CMAKE_THREAD_LIBS_INIT.
54c785d fixed ARM arch test to prevent breaking on short arch strings (Riccardo Spagni)
a4254a4 updated vl32 to current (Riccardo Spagni)
e6ab2df updated in-source lmdb (Riccardo Spagni)
ea08c76 open() flag O_DSYNC isn't on BSD, use O_SYNC (Thomas Winget)
Bockchain:
1. Optim: Multi-thread long-hash computation when encountering groups of blocks.
2. Optim: Cache verified txs and return result from cache instead of re-checking whenever possible.
3. Optim: Preload output-keys when encoutering groups of blocks. Sort by amount and global-index before bulk querying database and multi-thread when possible.
4. Optim: Disable double spend check on block verification, double spend is already detected when trying to add blocks.
5. Optim: Multi-thread signature computation whenever possible.
6. Patch: Disable locking (recursive mutex) on called functions from check_tx_inputs which causes slowdowns (only seems to happen on ubuntu/VMs??? Reason: TBD)
7. Optim: Removed looped full-tx hash computation when retrieving transactions from pool (???).
8. Optim: Cache difficulty/timestamps (735 blocks) for next-difficulty calculations so that only 2 db reads per new block is needed when a new block arrives (instead of 1470 reads).
Berkeley-DB:
1. Fix: 32-bit data errors causing wrong output global indices and failure to send blocks to peers (etc).
2. Fix: Unable to pop blocks on reorganize due to transaction errors.
3. Patch: Large number of transaction aborts when running multi-threaded bulk queries.
4. Patch: Insufficient locks error when running full sync.
5. Patch: Incorrect db stats when returning from an immediate exit from "pop block" operation.
6. Optim: Add bulk queries to get output global indices.
7. Optim: Modified output_keys table to store public_key+unlock_time+height for single transaction lookup (vs 3)
8. Optim: Used output_keys table retrieve public_keys instead of going through output_amounts->output_txs+output_indices->txs->output:public_key
9. Optim: Added thread-safe buffers used when multi-threading bulk queries.
10. Optim: Added support for nosync/write_nosync options for improved performance (*see --db-sync-mode option for details)
11. Mod: Added checkpoint thread and auto-remove-logs option.
12. *Now usable on 32-bit systems like RPI2.
LMDB:
1. Optim: Added custom comparison for 256-bit key tables (minor speed-up, TBD: get actual effect)
2. Optim: Modified output_keys table to store public_key+unlock_time+height for single transaction lookup (vs 3)
3. Optim: Used output_keys table retrieve public_keys instead of going through output_amounts->output_txs+output_indices->txs->output:public_key
4. Optim: Added support for sync/writemap options for improved performance (*see --db-sync-mode option for details)
5. Mod: Auto resize to +1GB instead of multiplier x1.5
ETC:
1. Minor optimizations for slow-hash for ARM (RPI2). Incomplete.
2. Fix: 32-bit saturation bug when computing next difficulty on large blocks.
[PENDING ISSUES]
1. Berkely db has a very slow "pop-block" operation. This is very noticeable on the RPI2 as it sometimes takes > 10 MINUTES to pop a block during reorganization.
This does not happen very often however, most reorgs seem to take a few seconds but it possibly depends on the number of outputs present. TBD.
2. Berkeley db, possible bug "unable to allocate memory". TBD.
[NEW OPTIONS] (*Currently all enabled for testing purposes)
1. --fast-block-sync arg=[0:1] (default: 1)
a. 0 = Compute long hash per block (may take a while depending on CPU)
b. 1 = Skip long-hash and verify blocks based on embedded known good block hashes (faster, minimal CPU dependence)
2. --db-sync-mode arg=[[safe|fast|fastest]:[sync|async]:[nblocks_per_sync]] (default: fastest:async:1000)
a. safe = fdatasync/fsync (or equivalent) per stored block. Very slow, but safest option to protect against power-out/crash conditions.
b. fast/fastest = Enables asynchronous fdatasync/fsync (or equivalent). Useful for battery operated devices or STABLE systems with UPS and/or systems with battery backed write cache/solid state cache.
Fast - Write meta-data but defer data flush.
Fastest - Defer meta-data and data flush.
Sync - Flush data after nblocks_per_sync and wait.
Async - Flush data after nblocks_per_sync but do not wait for the operation to finish.
3. --prep-blocks-threads arg=[n] (default: 4 or system max threads, whichever is lower)
Max number of threads to use when computing long-hash in groups.
4. --show-time-stats arg=[0:1] (default: 1)
Show benchmark related time stats.
5. --db-auto-remove-logs arg=[0:1] (default: 1)
For berkeley-db only. Auto remove logs if enabled.
**Note: lmdb and berkeley-db have changes to the tables and are not compatible with official git head version.
At the moment, you need a full resync to use this optimized version.
[PERFORMANCE COMPARISON]
**Some figures are approximations only.
Using a baseline machine of an i7-2600K+SSD+(with full pow computation):
1. The optimized lmdb/blockhain core can process blocks up to 585K for ~1.25 hours + download time, so it usually takes 2.5 hours to sync the full chain.
2. The current head with memory can process blocks up to 585K for ~4.2 hours + download time, so it usually takes 5.5 hours to sync the full chain.
3. The current head with lmdb can process blocks up to 585K for ~32 hours + download time and usually takes 36 hours to sync the full chain.
Averate procesing times (with full pow computation):
lmdb-optimized:
1. tx_ave = 2.5 ms / tx
2. block_ave = 5.87 ms / block
memory-official-repo:
1. tx_ave = 8.85 ms / tx
2. block_ave = 19.68 ms / block
lmdb-official-repo (0f4a036437)
1. tx_ave = 47.8 ms / tx
2. block_ave = 64.2 ms / block
**Note: The following data denotes processing times only (does not include p2p download time)
lmdb-optimized processing times (with full pow computation):
1. Desktop, Quad-core / 8-threads 2600k (8Mb) - 1.25 hours processing time (--db-sync-mode=fastest:async:1000).
2. Laptop, Dual-core / 4-threads U4200 (3Mb) - 4.90 hours processing time (--db-sync-mode=fastest:async:1000).
3. Embedded, Quad-core / 4-threads Z3735F (2x1Mb) - 12.0 hours processing time (--db-sync-mode=fastest:async:1000).
lmdb-optimized processing times (with per-block-checkpoint)
1. Desktop, Quad-core / 8-threads 2600k (8Mb) - 10 minutes processing time (--db-sync-mode=fastest:async:1000).
berkeley-db optimized processing times (with full pow computation)
1. Desktop, Quad-core / 8-threads 2600k (8Mb) - 1.8 hours processing time (--db-sync-mode=fastest:async:1000).
2. RPI2. Improved from estimated 3 months(???) into 2.5 days (*Need 2AMP supply + Clock:1Ghz + [usb+ssd] to achieve this speed) (--db-sync-mode=fastest:async:1000).
berkeley-db optimized processing times (with per-block-checkpoint)
1. RPI2. 12-15 hours (*Need 2AMP supply + Clock:1Ghz + [usb+ssd] to achieve this speed) (--db-sync-mode=fastest:async:1000).
fd73d9c Check and resize if needed at batch transaction start (warptangent)
f9e4afd blockchain_utilities: Increase debug statement's log level (warptangent)
699e4b3 blockchain_utilities: Pass expected number of blocks when starting batch (warptangent)
6e170c8 Optionally allow DB to know expected number of blocks at batch transaction start (warptangent)
This currently only affects blockchain_import and blockchain_converter.
When the number of blocks expected for the batch transaction is
provided, make an estimate of the DB space needed. If not enough free
space remains, resize the DB.
The estimate is made based on:
- the average size of the last 500 blocks, or if larger, a min. block
size of 4k
- a factor for the expanded size a block occupies in the DB across the
sub-dbs/tables
- a safety factor (1.7) to allow for a "reasonable" average block size
increase over the batch
Increase the DB size by whichever is greater: the estimated size needed
or a minimum increase size, currently 128 MB.
The conservative factors in the estimate help in testing that the resize
occurs when needed, and without gratuitous size increases. For common
use, the safety factor and minimum increase size could reasonably be
increased.
For testing, setting DEFAULT_MAPSIZE (blockchain_db/lmdb/db_lmdb.h) to 1
<< 27 (128 MB) and recompiling will ensure DB resizes take place sooner
and more frequently.
369c7b3 blockchain_utilities/README.md: add workaround for resizing in batch mode (moneromooo-monero)
26970c7 blockchain_utilities/README.md: add high level "what is this about" (moneromooo-monero)
dc4dbc1 simplewallet: allow creating a wallet from a public address and view secret key (moneromooo-monero)
6a0f61d account: allow creating an account from a public address and view secret key (moneromooo-monero)
e05a58a wallet2: fix write_watch_only_wallet comment description (moneromooo-monero)
4bf6f0d simplewallet: forbid seed commands for watch only wallets (moneromooo-monero)
2952ffd wallet2: use the same exponential splitting for normal txes (moneromooo-monero)
7c8d3be wallet2: try to split dust sweep txs exponentially (moneromooo-monero)
It uses the async console handler differently than simplewallet,
and wasn't running the same exit code, causing it to never actually
exit after breaking out of the console entry loop.
The new save_watch_only saves a copy of the keys file without the
spend key. It can then be given away to be used as a normal keys
file, but with no spend ability.
Sends all the dust to your own wallet. May fail (if the fee required
is more than the dust total). May end up paying most of the dust in fees.
Unlocked dust total is now also displayed in "balance".
5680604 Replace hardcoded value with existing constant of same value (warptangent)
f37ee2f Update database resize behavior (warptangent)
f85cd8e Include database error in more error messages (warptangent)
10ff75e daemon: Set log file default to use data dir (warptangent)
deacecc simplewallet: Update and add log options (warptangent)
f24bcd5 simplewallet: Don't log view key and spend key (warptangent)
Replace --set_log with --log-level for consistency.
Show default log level in usage.
Add --log-file for specifying log file path.
Document log file path.
Display log file path at startup.
As with display of seed, don't log view key and spend key.
Includes:
- display of viewkey at wallet creation
- "viewkey" command output
- "spendkey" command output
Add fix for compile error with multiple uses of peerid_type (uint64_t)
variable in lambda expression.
- known GCC issue: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65843
epee: replace return value of nullptr for expected boolean with false.
Fixes#231.
The random selection of a node shouldn't favor repeats that occur in the
hardcoded and DNS seed node lists.
Remove hardcoded ":18080" address which gives parse error.
Test: bitmonerod --log-level 2
The seed node list displayed at startup shouldn't show duplicate
addresses (includes port).
Based on tewinget's update.
Make OpenAlias address format independent of existing DNS functions.
Add tests.
Test:
make debug-test
cd build/debug/tests/unit_tests
# test that regular DNS functions work, including IPv4 lookups.
# also test function that converts OpenAlias address format
make && ./unit_tests --gtest_filter=DNSResolver*
# test that OpenAlias addresses like donate@getmonero.org work from
# wallet tools
make && ./unit_tests --gtest_filter=AddressFromURL.Success
Add public method blockchain_storage::debug_pop_block_from_blockchain()
Ensure blockchain_import calls destructors before exit.
To test:
DATABASE=memory make release
// create blockchain.bin from blockchain.raw if needed
build/release/bin/blockchain_import --block-stop 1000
// try popping a single block
build/release/bin/blockchain_import --pop-blocks 1
Some filesystems (*cough* NTFS *cough*) aren't good with sparse files,
so this makes LMDB dynamically resize its mapsize as needed. Note: the
check interval is currently every 10 blocks (for testing) and will
probably need to change to 1000 or something. Default mapsize set to
1GiB.
Blockchain conversion tools using batching will probably segfault, I'll
fix that in the next commit.
d35bffb Allow BlockchainLMDB to be opened in read-only mode (warptangent)
73d3511 Rename "--block-number" option to "--block-stop" (warptangent)
2b2dbd8 Check if chunk size is zero instead of negative (warptangent)
Remove repeated coinbase tx in each exported block's data.
Add resume from last exported height to blockchain_export, making it the
default behavior when the file already exists.
Start reorganizing the utilities.
Various cleanup.
Update output, including referring to both height and block numbers as
zero-based instead of one-based. This better matches the block data,
rather than just some parts of the existing codebase.
Use smaller default batch sizes for importer when verifying, so progress
is saved more frequently.
Use small default batch size (1000) for importer on Windows, due to
current issue with big transaction sizes on LMDB.
file format
-----------
[4-byte magic | variable-length header | block data]
header
------
4-byte file_info length
file_info struct
file format major version
file format minor version
header length (includes file_info struct)
[rest of header, padded with 0 bytes up to header length]
block data
----------
4-byte chunk/block_package length
block_package struct
block
txs (coinbase/miner tx included already in block)
block_size
cumulative_difficulty
coins_generated
4-byte chunk/block_package length
block_package struct
[...]
7d8acd1 explicitly disable AES on ARM (Riccardo Spagni)
4222b37 add arm6 target and flags (Riccardo Spagni)
5675325 new makefile targets for static builds (Riccardo Spagni)
9519526 Only compile BerkeleyDB as an option in non-static (Thomas Winget)
7b14d4a Steps toward multiple dbs available -- working (Thomas Winget)
dbdcf11 blockchain_converter: Add support for resume from last block (warptangent)
4880803 blockchain_import: lengthen string for line clear (warptangent)
7476d2e blockchain_export: show progress during export (warptangent)
4bedd68 Update Blockchain::get_db() to return reference instead of pointer (warptangent)
0386e99 Add README for blockchain converter, importer, and exporter utilities (warptangent)
ead7fad BerkeleyDB implementation of BlockchainDB seems to be working! (Thomas Winget)
ffadb65 blockchain_export: Add compile-time support for BlockchainDB (warptangent)
f6cbfb6 Add blockchain_export utility (warptangent)
275cbd4 Add support for database open with flags (warptangent)
cb862cb Add mdb_flags variable to LMDB database open (warptangent)
260cc56 Add blockchain_import utility (warptangent)
ca75b47 Blockchain: add get_db() accessor, needed for blockchain_import (warptangent)
a3dd9d1 blockchain_converter: Add support for batch transactions (warptangent)
acb5d29 Update and relocate comment that applies class wide (warptangent)
bd9da6d Merges #33 (Thomas Winget)
6e9e8ab Move db_drivers/ to external/ (Thomas Winget)
56a1bf5 fixed BUILD_64 option (Riccardo Spagni)
c97a685 fixed arch_width option (Riccardo Spagni)
3a3c07c fixed msys2 / mingw folders based on architecture, added license to unbound CMakeList as that is not part of standard Unbound (Riccardo Spagni)
3b3da86 moved 32-bit/64-bit detection into main CMakeLists (Riccardo Spagni)
a0cbf73 removed findlmdb.cmake, no longer required (Riccardo Spagni)
0e8bbdb 32-bit LMDB, removed check for in-system LMDB as it is consensus-critical (Riccardo Spagni)
11e8157 Revert "Moved db_drivers/ into external/ for consistency" (Thomas Winget)
daf2a8f Revert "Build fixed, goofed up some CMake" (Thomas Winget)
e146027 BlockchainBDB passes unit tests (Thomas Winget)
43477b7 BerkeleyDB Blockchain building, not working yet (Thomas Winget)
cade0da CMake wiring, minor cleanup, minor test addition (Thomas Winget)
1bc8939 BerkeleyDB BlockchainDB impl copy/paste/modify (Thomas Winget)
5112dc3 Try to not pollute cryptonote namespace (Thomas Winget)
edef0bb Initial commit of BDB BlockchainDB implementation (Thomas Winget)
eee3ee7 BlockchainDB implementations have names now (Thomas Winget)
5d2a2b7 Fixed includes in BlockchainDB unit tests (Thomas Winget)
8b82f3c Build fixed, goofed up some CMake (Thomas Winget)
b213356 Moved db_drivers/ into external/ for consistency (Thomas Winget)
5eab480 Moved BlockchainDB into its own src/ subfolder (Thomas Winget)
0ad0784 Changed log level of debug message -- too spammy (Thomas Winget)
6485dac BlockchainLMDB: Add profiling to tx_exists() (warptangent)
83fb6d8 BlockchainLMDB: Add batch transaction support to tx_exists() (warptangent)
8529c0e BlockchainDB, BlockchainLMDB: Add profiling for DB commits (warptangent)
7a66b8b BlockchainDB: Add virtual function declarations for batch transactions (warptangent)
b7a2d84 BlockchainLMDB: Add check for open database to two functions (warptangent)
58ecc58 BlockchainLMDB: Add support for batch transactions (warptangent)
8909d7d Improve block and tx processing efficiency by less repeat hashing (warptangent)
3676ac5 Add profiling to block and tx processing (warptangent)
ce71abd Move LMDB storage to subfolder (warptangent)
42f8fe5 Fix formatting (warptangent)
aa82f78 Fix log statement (warptangent)
26873db Remove unused variable (warptangent)
4b90fd3 Add log statement (warptangent)
2531aa3 Add and extend log statements (warptangent)
59305d3 Blockchain: match original function declaration from blockchain_storage (warptangent)
cd972bd Update year and formatting in license (warptangent)
b88ab64 Fix Blockchain::get_tail_id() to set parameter to last block number instead of height (warptangent)
963bc09 Revert "Bounds error, should fix#27" (warptangent)
6f1c4b4 Bounds error, should fix#27 (Thomas Winget)
84fe5fb Add compile-time support for both db implementations: in-memory and LMDB (warptangent)
8bd1983 Blockchain: reflect log updates from blockchain_storage (warptangent)
7f9b070 Blockchain: reflect log and assert updates from blockchain_storage (warptangent)
70342ec Blockchain: reflect log level of blockchain_storage (warptangent)
c8d27fb Blockchain: reflect assert behavior of blockchain_storage for get_tx_outputs_gindexs() (warptangent)
d00ee78 Update recently added log statement to fix possible null dereference (warptangent)
acd4c36 Should fix std::min issues related to size_t (Thomas Winget)
3488359 Add in-source lmdb to build process (Thomas Winget)
4e45fae Initial import of lmdb source (Thomas Winget)
800d9b9 Remove code previously made unused and marked unused (warptangent)
0840c2f Fix height assertion in Blockchain::handle_alternative_block() (warptangent)
63051be Fix comparison between main and alternate chain's cumulative difficulty. (warptangent)
909ea81 Remove a have_block() check so alternate block can be processed (warptangent)
4d0a94b Complete implementation of transaction removal (warptangent)
1701c26 Use block index when obtaining block's difficulty for log statement (warptangent)
4eba21f Fix transfers to support mixins (warptangent)
d045dfa Fix transfers (without mixins) (warptangent)
429a740 throw inline functions need to keep exception type (Thomas Winget)
14555ee Fixes segfault in Blockchain::handle_alternative_block (Thomas Winget)
5086ca1 add BlockchainDB tests to new cmake (Thomas Winget)
c5c100c Obtain tx hash and tx output index from amount and output offset (warptangent)
ad8200a db_lmdb: fix global index calculation off by 1 (moneromooo-monero)
57b80c5 db_lmdb: remove redundant checks (moneromooo-monero)
1362846 blockchain_converter: add --testnet for converting testnet blockchain (moneromooo-monero)
c50cd95 Fixes a bug with getting output metadata from BlockchainDB (Thomas Winget)
c3fa07b update comments to reflect changed code (Thomas Winget)
59d2b0e db_lmdb: do not give the group database write permissions (moneromooo-monero)
4c2a452 db_lmdb: catch attempt to remove block from an empty blockchain (moneromooo-monero)
3a3459d db_lmdb: factor all the log+throw code paths (moneromooo-monero)
3fcb8da db_lmdb: factor the MDB_val setup code (moneromooo-monero)
609cf7f blockchain_converter: a bit more user friendly output (moneromooo-monero)
2b9f737 blockchain_converter: only call data path function once (moneromooo-monero)
1860658 blockchain: do not append "testnet" to the data directory (moneromooo-monero)
1c578ad db_lmdb: remove block timestamp too when removing a block (moneromooo-monero)
c93a186 db_lmdb: do not cast const away (moneromooo-monero)
198368b blockchain: fix wallet syncing from scratch (moneromooo-monero)
1d23db2 db_lmdb: do not keep a dangling pointer to stack objects (moneromooo-monero)
29b5876 db_lmdb: make cursor internal members private (moneromooo-monero)
a3157d7 blockchain_storage: refactor genesis block creation (moneromooo-monero)
8e41b1e blockchain_storage: add consts where appropriate (moneromooo-monero)
98bdadc blockchain_converter: delete blockchain on succesful exit (moneromooo-monero)
256162f checkpoints: add consts where appropriate (moneromooo-monero)
b7270ab blockchain: add consts where appropriate (moneromooo-monero)
23f3cb4 blockchain_db: add consts where appropriate (moneromooo-monero)
10fd6ca blockchain_db: factor some exception code (moneromooo-monero)
11129b9 blockchain_converter: use the actual blockchain location (moneromooo-monero)
0886183 build: add liblmdb to the cmake autodetection system (moneromooo-monero)
215e63b extraneous semicolon in Blockchain::complete_timestamps_vector (Thomas Winget)
8e1b7e2 raised maximum mapsize for lmdb to ~16GB (Thomas Winget)
6c8b8ac more blockchain height-related fixes, syncing other nodes code this time (Thomas Winget)
9455e0c ~ didn't work, need hard path. debug print. (Thomas Winget)
4af0918 very, VERY primitive blockchain converter (Thomas Winget)
26a7db3 add new checkpointing behavior to Blockchain class (Thomas Winget)
767aac2 Remove unused dependency (Thomas Winget)
006e106 Store output pubkeys separately, bug fixes (Thomas Winget)
ab7951d Minor bugfixes, redundancy removal (Thomas Winget)
71b18d7 moar bug fixes, removed debug prints (Thomas Winget)
0915913 BlockchainLMDB seems to be working*! (Thomas Winget)
1a546e3 some bug fixes, but still needs work (Thomas Winget)
006afe2 Minor bug fixes and debug prints (Thomas Winget)
90f402e minor fixes to Blockchain.cpp (Thomas Winget)
74a1a89 Integrate BlockchainDB into cryptonote_core (Thomas Winget)
d8c570b All LMDB BlockchainDB implemented, not tested (Thomas Winget)
e47e343 LMDB blockchain: remove outputs and spent keys (Thomas Winget)
a0af217 Adding block data to LMDB BlockchainDB coded (Thomas Winget)
db00ce0 Parts of LMDB impl of BlockchainDB done and working (Thomas Winget)
1240cf8 BlockchainDB unit tests, lmdb linker flag (Thomas Winget)
b98b964 Initial commit of lmdb BlockchainDB impl (Thomas Winget)
bc44bc1 Initial commit of BlockchainDB tests, other misc (Thomas Winget)
90d6f8b Adding libglim as an external library (Thomas Winget)
07733f9 update new blockchain to build with new changes (Thomas Winget)
1ffbeb2 stupid past me, fixing typos and shit... (Thomas Winget)
67515b8 missing typedef (Thomas Winget)
aba548c import of BlockchainDB files (Thomas Winget)
83ddc94 handle unlikely rounding up after sqrt (Javier Smooth)
f2e8348 triangular distribution to choose recent outputs more often for mixins (Javier Smooth)
Due to a bug in unbound, we were passing a string containing a null
character to ub_ctx_resolvconf and ub_ctx_hosts rather than a NULL
pointer. On *nix this wasn't causing headache, but on Windows this was
causing unbound to not correctly load DNS settings from the OS.
Note on the bug: in a Windows-specific code branch in the function
ub_ctx_hosts(), if the hosts file specified was a NULL pointer, a call
to getenv() was stored in a local char* and later freed. This is
incorrect, as we do not own that data, and caused the program to crash.
Daemon interactive mode is now working again.
RPC mapped calls in daemon and wallet have both had connection_context
removed as an argument as that argument was not being used anywhere.
b43716c Do store transaction's blob size in transaction_chain_entry (Sergey Kazenyuk)
3be518f Use single get_transaction_hash to get both id and blob size (Sergey Kazenyuk)
There will need to be some more refactoring for these changes to be
considered complete/correct, but for now it's working.
new daemon cli argument "--db-type", works for LMDB and BerkeleyDB.
A good deal of refactoring is also present in this commit, namely
Blockchain no longer instantiates BlockchainDB, but rather is passed a
pointer to an already-instantiated BlockchainDB on init().
DNSSEC is now implemented with the hardcoded key from unbound.
This will need to be not hardcoded in the future, but is okay for now.
Unit tests updated for DNSSEC (as well as for the fact that, contrary to
previous assumption, example.com does not have a static IP address).
51e3579 Fixed bug in static linking boost on MINGW (Thomas Winget)
f78bb00 Hopefully fixes build on Windows for real this time (Thomas Winget)
2b0583b Hopefully fixes build on Windows (Thomas Winget)
9dab105 DNS checkpoint loading for testnet should now be correct (Thomas Winget)
52f9629 sending commands to forked daemon works on testnet now (Thomas Winget)
76289d0 Fix tests building -- function signatures changed (Thomas Winget)
db53e19 revert stop_daemon method to use correct exit (Thomas Winget)
96cbecf RPC calls for background daemon added in (Thomas Winget)
9193d6f Daemonize changes pulled in -- daemon builds (Thomas Winget)
There was a workaround for linking to boost at all on MINGW, but
unfortunately this workaround would not correctly link to boost
statically. This workaround for that workaround works around the issue
that that workaround had.
Because of some github fuckery I had to manually cherry-pick/rebase
fluffypony's 32- and 64-bit lmdb changes, hence this isn't actually a
merge commit.
This allows an LMDB database to be used as the blockchain to export.
Adjust SOURCE_DB in src/blockchain_converter/blockchain_export.h
depending on needs. Defaults to DB_MEMORY.
DB_MEMORY is a sensible default for users migrating to LMDB, as it
allows the exporter to use the in-memory blockchain while the other
binaries work with LMDB, without recompiling anything.
Everything except actually *using* BlockchainBDB is wired up, but the db
itself is not yet working. Some error about user mem not large enough.
I think I know what this error means, but I can't determine the cause.
Notes: BerkeleyDB does not allow 0-indexing in its recno type databases,
so block numbers *in the database* will be 1-indexed. Modifications
to indexing have been made as needed.
LMDB implementation code copy/paste/modified into the Berkeley DB
implementation. Need to test if it builds, then if it works, and so on,
but the code is all there.
Add support to:
- BlockchainDB, BlockchainLMDB
- blockchain_import utility to open LMDB database with one or more
LMDB flags.
Sample use:
$ blockchain_import --database lmdb#nosync
$ blockchain_import --database lmdb#nosync,nometasync
This imports to the blockchain database from an exported blockchain
file.
It can be used to bootstrap a new database or to add blocks to an
existing one.
Supports:
- both the in-memory and LMDB implementations
- optional: batching, verification, testnet
See help for usage.
Based on work by tomerkon.
See https://github.com/tomerkon
src/cryptonote_core/bootfileloader.{h,cpp}
Add log level support.
Add testnet support.
Add command-line options:
--help
--data-dir
--testnet-data-dir
--testnet
--log-level
--batch
--batch-size
--block-number
See help for usage. Run at log level 1 to see profiling stats.
In order to make things more general, BlockchainDB now has get_db_name()
which should return a string with the "name" of that type of db.
This "name" will be the subfolder name that holds that db type's files
within the monero folder.
Small bugfix: blockchain_converter was not correctly appending this in
the prior hard-coded-string implementation of the subfolder data
directory concept.
Forgot that CMake vars set to PARENT_SCOPE will still vanish if that
parent scope goes...out of scope. LMDB vars elevated one more scope to
compensate for moving db_drivers/ into external/
Ostensibly janitorial work, but should be more relevant later down the
line. Things that depend on core cryptonote things (i.e.
cryptonote_core) don't necessarily depend on BlockchainDB and thus
have no need to have BlockchainDB baked in with them.
+toc -doc -drmonero
Fixed the windows path, and improved logging and data
(for graph) logging, fixed some locks and added more checks.
Still there is a locking error,
not added by my patches, but present in master version
(locking of map/list of peers).
This was changed because sometimes the daemon does not complete its exit
routine with this method, but as it does correctly wind most things down
even if it gets stuck I've changed it back.
The RPC calls the daemon executable uses to talk to the running daemon
instance have mostly been added back in. Rate limiting has not been
added in upstream, but is on its way in a separate effort, so those
calls are still NOPed out.
many RPC functions added by the daemonize changes
(and related changes on the upstream dev branch that were not merged)
were commented out (apart from return). Other than that, this *should*
work...at any rate, it builds, and that's something.
Add support to BlockchainDB and BlockchainLMDB for batch transactions.
Add profiling to block and tx processing and DB operations.
Improve block and tx processing efficiency by less repeat hashing.
Move LMDB storage to "lmdb" subfolder.
- Upon startup, if old LMDB files are detected, abort with a message for the user to move them to subfolder or delete them.
Update and fix log statements and formatting.
new update of the pr with network limits
more debug options:
discarding downloaded blocks all or after given height.
trying to trigger the locking errors.
debug levels polished/tuned to sane values.
debug/logging improved.
warning: this pr should be correct code, but it could make
an existing (in master version) locking error appear more often.
it's a race on the list (map) of peers, e.g. between closing/deleting
them versus working on them in net-limit sleep in sending chunk.
the bug is not in this code/this pr, but in the master version.
the locking problem of master will be fixed in other pr.
problem is ub, and in practice is seems to usually cause program abort
(tested on debian stable with updated gcc). see --help for option
to add sleep to trigger the error faster.
Update of the PR with network limits
works very well for all speeds
(but remember that low download speed can stop upload
because we then slow down downloading of blockchain
requests too)
more debug options
fixed pedantic warnings in our code
should work again on Mac OS X and FreeBSD
fixed warning about size_t
tested on Debian, Ubuntu, Windows(testing now)
TCP options and ToS (QoS) flag
FIXED peer number limit
FIXED some spikes in ingress/download
FIXED problems when other up and down limit
commands and options for network limiting
works very well e.g. for 50 KiB/sec up and down
ToS (QoS) flag
peer number limit
TODO some spikes in ingress/download
TODO problems when other up and down limit
added "otshell utils" - simple logging (with colors, text files channels)
3ece158 make fallback compatible with newer slow-hash (Riccardo Spagni)
709bbc5 replaced 64-bit multiplication in difficulty.cpp with a portable version (Riccardo Spagni)
497a514 replaced 64-bit multiplication in difficulty.cpp with a portable version (Riccardo Spagni)
Usage:
default is lmdb for blockchain branch:
$ make release
same as:
$ DATABASE=lmdb make release
for original in-memory implementation:
$ DATABASE=memory make release
COMMITS:
- Add compile-time support for both db implementations: in-memory and LMDB
NOTE:
The default should be changed to lmdb when this is merged upstream
unless we're 100% sure the LMDB implementation is ready.
Usage:
default is lmdb for blockchain branch:
$ make release
same as:
$ DATABASE=lmdb make release
for original in-memory implementation:
$ DATABASE=memory make release
Use copied value of seed node index during thread creation, not
reference.
- fixes segfault
Use boost::thread::try_join_until() instead of an atomic flag result
variable for each thread.
Add and handle interrupt for thread timeout.
- fixes segfault where a thread exceeds requested timeout and tries to
assign results to a referenced, but now out-of-scope, variable in
the main thread.
It expects the total number of blocks of main chain, not last block id
(off-by-one error).
This again behaves like the same height assertion done in original
implementation in blockchain_storage::handle_alternative_block().
This allows a reorganization to proceed after an alternative block has
been added.
difficulty.
This fixes the continual reorganization between a main and alternate
chain, using the same two latest blocks from each.
The check that cumulative difficulty of the alternate chain is bigger
than main's was not using main's last block, but incorrectly using the
passed-in block's previous block. main_chain_cumulative_difficulty was
being used in two different ways. This has been split up to keep use
of main_chain_cumulative_difficulty consistent.
Remove have_block() check from Blockchain::handle_block_to_main_chain().
Add logging to have_block().
This allows blockchain reorganization to proceed further.
have_block() check here causes an error after a blockchain reorganize
begins with error: "Attempting to add block to main chain, but it's
already either there or in an alternate chain."
While reorganizing to become the main chain, a block in the
alternative chain would be refused due to have_block() rightfully
finding it in the alternative chain. The reorganization would end in
rollback, restoring to previous blockchain.
Original implementation didn't call it here, and it doesn't appear
necessary to be called from here in this implementation either. When
needed, it appears it's called prior to handle_block_to_main_chain().
Complete method BlockchainLMDB::remove_output()
- use output index as the key for:
m_output_indices, m_output_txs, m_output_keys
- call new method BlockchainLMDB::remove_amount_output_index()
Add method to remove amount output index.
- BlockchainLMDB::remove_amount_output_index()
- for m_output_amounts
This also fixes the segfault when blockchain reorganization is
attempted.
Use last block id, not number of blocks (off-by-one error).
Fixes error at start of blockchain reorganization: "Attempt to get
cumulative difficulty from height <XXXXXX> failed -- difficulty not in
db"
Fix transfers
Output indexing was being handled improperly. These changes fix that. Wallets (re-)created using this branch will need to be (re-)re-created in order to get correct output indices.
Implement BlockchainLMDB::get_output_global_index()
- returns global output index for a given amount and amount output
index.
Add information to debug statement for failed ring signature check
within Blockchain::check_tx_inputs()
Fixes bitmonerod RPC call "/getrandom_outs.bin" to return correct
output keys, used in creating a transaction with mixins.
TODO: get_output_global_index() could be refactored with part of
get_output_tx_and_index() as the latter uses the former's
functionality. Keep track of LMDB read transaction.
Fix Blockchain::get_tx_outputs_gindexs() to return amount output
indices.
Implement BlockchainLMDB::get_tx_amount_output_indices() and call it
from the function instead of BlockchainLMDB::get_tx_output_indices()
Previously, Blockchain::get_tx_outputs_gindexs() was instead returning
global output indices, which are internal to LMDB databases.
Allows bitmonerod RPC /get_o_indexes.bin to return the amount output
indices as expected.
Allows simplewallet refresh to set correct amount output indices for
incoming transfers. simplewallet can now construct and send valid
transactions (currently only without mixins).
This is a fix that doesn't require altering the structure of the
current LMDB databases.
TODO:
This can be done more efficiently by adding another LMDB database
(key-value table).
It's not used during regular transaction validation by bitmonerod. I
think it's currently used only or mainly by simplewallet for just its
own incoming transactions. So the current behavior is not a primary
bottleneck.
Currently, it's using the "output_amounts" database, walking through a
given amount's list of values, comparing each one to a given global
output index. The iteration number of the match is the desired result:
the amount output index. This is done for each global output index of
the transaction.
A tx's amount output indices can be stored in various other ways
allowing for faster lookup. Since a tx is only written once, there are
no special future write requirements for its list of indices.
As it is useful for functions calling BlockchainDB functions to know
whether an exception is expected (attempting to get a block that doesn't
exist and counting it missing if not, to save time checking if it
does, for example), the inline functions throw{0,1} need to keep the
exception type information.
Slight comment update due to copy/paste failure.
1b46226 std::atomic_flag has no copy/move constructor, can't have a vector (Thomas Winget)
df53c0a small typo in previous commit (Thomas Winget)
4a53898 DNS seed timeout and fallback (Thomas Winget)
Fixes problem of obtaining incorrect outputs used for tx input.
Reverts to earlier intended behavior that was fixed in previous
commit's split of get_output_tx_and_index into two functions.
Ideally, the log would go in the exception's ctor, but
two log levels are used, so I'd need to specify the level
in the ctor, which isn't great as it's not really related
to the exception.
hard-coded config folder, hard-coded BlockchainDB subclass.
Needs finessing, but should be testable this way.
update for rebase (warptangent 2015-01-04)
fix conflicts with upstream CMakeLists.txt files
src/CMakeLists.txt (edit original commit)
src/blockchain_converter/CMakeLists.txt (add)
There are quite a few debug prints in this commit that will need removed
later, but for posterity (in case someone wants to debug this while I'm
away), I left them in.
Currently errors when syncing on the first block that has a "real"
transaction. Seems to not be able to validate the ring signature, but I
can't for the life of me figure out what's going wrong.
Blockchain and BlockchainLMDB classes now have a debug print at the
beginning of each function at log level 2. These can be removed at any
time, but for now are quite useful.
Blockchain runs, and adds the genesis block just fine, but for some
reason isn't getting new blocks.
Probably needs more looking at -- lot of things were done...in a rushed
sort of way. That said, it all builds and *should* be at least
testable.
update for rebase (warptangent 2015-01-04)
fix conflicts with upstream CMakeLists.txt files
src/CMakeLists.txt (remove edits from original commit)
tests/CMakeLists.txt (remove edits from original commit)
src/cryptonote_core/CMakeLists.txt (edit)
- use blockchain db .cpp and .h files
- add LMDB_LIBRARIES
All of the functionality for the LMDB implementation of BlockchainDB is
implemented, but only what is in tests/unit_tests/BlockchainDB.cpp has
been tested. This is basically add a block, see if you can get the
block and a tx from the block. More tests should be added at some
point.
Still needs testing (and need to write a few more unit tests), but
everything should be there. Lots of unfortunate duplication,
but...well, I can't see a way around it using LMDB.
A couple of other minor changes in this commit, only slightly relevant.
Some BlockchainDB unit testing fleshed out (and working), rudimentary
linker flag for lmdb in CMakeLists, but should probably be done
"correctly" at some point (find it on whatever system you're building on
and all that jazz).
update for rebase (warptangent 2015-01-04)
fix conflicts with upstream CMakeLists.txt files
tests/CMakeLists.txt (remove edits from original commit)
libglim is an Apache-licensed C++ wrapper for lmdb, and rather than
rolling our own it seems prudent to use it.
Note: lmdb is not included in it, and unless something happens as did
with libunbound, should be installed via each OS' package manager or
equivalent.
tried rebasing, tree-filter, and many other things. at this point,
the history of these files previous to this can live on
in my bc2 branch, as I'm importing them as-is to here.
b261448 revert the removal of the 'arch' flag from the release-static target (Riccardo Spagni)
a956f07 added gpg key for warptangent (Riccardo Spagni)
ac19084 revert the removal of the 'arch' flag from the release-static target (Riccardo Spagni)
simplewallet run without a wallet path argument should prompt again if
an invalid path was entered.
Validity here currently means the string isn't empty.
Allow pre-JSON wallet format to load without depending on existing bin
file.
Don't write bin file while inside keys rewrite, so bin file write
behavior here matches that of regular wallet load.
Fix for simplewallet loading a wallet with a keys file but no bin file.
- this situation previously required a user to restart simplewallet
before it would refresh its blockchain from the server.
f9822c4 wallet JSON update for non-deterministic wallet data (warptangent)
4c6230d Checking and handling for deterministic vs non-deterministic wallet (warptangent)
1beedb9 Extract check for deterministic keys to wallet2::is_deterministic() (warptangent)
359ede3 indentation (warptangent)
2290eff replace lines with call to recently added print_seed() (warptangent)
wallet2::store_keys() and wallet2::load_keys() should only use the JSON
attribute "seed_language" when applicable. That is only for
deterministic wallets.
- store_keys() don't add JSON attribute "seed_language" if
seed_language is empty
- load_keys() don't call set_seed_language if JSON attribute
"seed_language" not present
simple_wallet::seed()
- Check that wallet is deterministic.
simple_wallet::new_wallet()
- Prompt for seed language only if it's a non-deterministic wallet,
along with previous conditions.
simple_wallet::open_wallet()
- Fixed check for deterministic wallet (flag based on command line
non-deterministic argument was used before, but it's inapplicable to
opening an existing wallet).
- As with deterministic wallet, non-deterministic also included to be
rewritten to new JSON format file. That's what's done for newly
generated non-deterministic wallets, so old versions should be
updated to same format.
- if [ -n "$OSX_SDK" -a ! -f contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz ]; then curl --location --fail $SDK_URL/MacOSX${OSX_SDK}.sdk.tar.gz -o contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz; fi
- if [ -n "$OSX_SDK" -a -f contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz ]; then tar -C contrib/depends/SDKs -xf contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz; fi
- if [[ $HOST = *-mingw32 ]]; then $DOCKER_EXEC bash -c "update-alternatives --set $HOST-g++ \$(which $HOST-g++-posix)"; fi
- if [[ $HOST = *-mingw32 ]]; then $DOCKER_EXEC bash -c "update-alternatives --set $HOST-gcc \$(which $HOST-gcc-posix)"; fi
- if [ -z "$NO_DEPENDS" ]; then $DOCKER_EXEC bash -c "make $MAKEJOBS -C contrib/depends HOST=$HOST $DEP_OPTS"; fi
A good way to help is to test, and report bugs. See
[How to Report Bugs Effectively (by Simon Tatham)](https://www.chiark.greenend.org.uk/~sgtatham/bugs.html)
if you want to help that way. Testing is invaluable in making a piece
of software solid and usable.
## General guidelines
* Comments are encouraged.
* If modifying code for which Doxygen headers exist, that header must be modified to match.
* Tests would be nice to have if you're adding functionality.
Patches are preferably to be sent via a Github pull request. If that
can't be done, patches in "git format-patch" format can be sent
(eg, posted to fpaste.org with a long enough timeout and a link
posted to #monero-dev on irc.freenode.net).
Patches should be self contained. A good rule of thumb is to have
one patch per separate issue, feature, or logical change. Also, no
other changes, such as random whitespace changes, reindentation,
or fixing typoes, spelling, or wording, unless user visible.
Following the code style of the particular chunk of code you're
modifying is encouraged. Proper squashing should be done (eg, if
you're making a buggy patch, then a later patch to fix the bug,
both patches should be merged).
If you've made random unrelated changes (either because your editor
is annoying or you made them for other reasons), you can select
what changes go into the coming commit using git add -p, which
walks you through all the changes and asks whether or not to
include this particular change. This helps create clean patches
without any irrelevant changes. git diff will show you the changes
in your tree. git diff --cached will show what is currently staged
for commit. As you add hunks with git add -p, those hunks will
"move" from the git diff output to the git diff --cached output,
so you can see clearly what your commit is going to look like.
## Commits and pull requests
Commit messages should be sensible. That means a subject line that
describes the patch, with an optional longer body that gives details,
documentation, etc.
When submitting a pull request on Github, make sure your branch is
rebased. No merge commits nor stray commits from other people in
your submitted branch, please. You may be asked to rebase if there
are conflicts (even trivially resolvable ones).
PGP signing commits is strongly encouraged. That should explain why
the previous paragraph is here.
# [Code of Conduct (22/C4.1)](http://rfc.zeromq.org/spec:22)
## License
Copyright (c) 2009-2015 Pieter Hintjens.
Copyright (c) 2017-2018 The Monero Project.
This Specification is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This Specification is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses>.
## Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
The "Monero Maintainer Team" is defined in this document as the following users:
- fluffypony
- moneromooo
- hyc
## Goals
C4 is meant to provide a reusable optimal collaboration model for open source software projects. It has these specific goals:
- To maximize the scale and diversity of the community around a project, by reducing the friction for new Contributors and creating a scaled participation model with strong positive feedbacks;
- To relieve dependencies on key individuals by separating different skill sets so that there is a larger pool of competence in any required domain;
- To allow the project to develop faster and more accurately, by increasing the diversity of the decision making process;
- To support the natural life cycle of project versions from experimental through to stable, by allowing safe experimentation, rapid failure, and isolation of stable code;
- To reduce the internal complexity of project repositories, thus making it easier for Contributors to participate and reducing the scope for error;
- To enforce collective ownership of the project, which increases economic incentive to Contributors and reduces the risk of hijack by hostile entities.
## Design
### Preliminaries
- The project MUST use the git distributed revision control system.
- The project MUST be hosted on github.com or equivalent, herein called the "Platform".
- The project MUST use the Platform issue tracker.
- Non-GitHub example:
- "Platform" could be a vanilla git repo and Trac hosted on the same machine/network.
- The Platform issue tracker would be Trac.
- The project SHOULD have clearly documented guidelines for code style.
- A "Contributor" is a person who wishes to provide a patch, being a set of commits that solve some clearly identified problem.
- A "Maintainer" is a person who merges patches to the project. Maintainers are not developers; their job is to enforce process.
- Contributors MUST NOT have commit access to the repository unless they are also Maintainers.
- Maintainers MUST have commit access to the repository.
- Everyone, without distinction or discrimination, MUST have an equal right to become a Contributor under the terms of this contract.
### Licensing and ownership
- The project MUST use a share-alike license, such as BSD-3, the GPLv3 or a variant thereof (LGPL, AGPL), or the MPLv2.
- All contributions to the project source code ("patches") MUST use the same license as the project.
- All patches are owned by their authors. There MUST NOT be any copyright assignment process.
- The copyrights in the project MUST be owned collectively by all its Contributors.
- Each Contributor MUST be responsible for identifying themselves in the project Contributor list.
### Patch requirements
- Maintainers MUST have a Platform account and SHOULD use their real names or a well-known alias.
- Contributors SHOULD have a Platform account and MAY use their real names or a well-known alias.
- A patch SHOULD be a minimal and accurate answer to exactly one identified and agreed problem.
- A patch MUST adhere to the code style guidelines of the project if these are defined.
- A patch MUST adhere to the "Evolution of Public Contracts" guidelines defined below.
- A patch MUST NOT include non-trivial code from other projects unless the Contributor is the original author of that code.
- A patch MUST compile cleanly and pass project self-tests on at least the principle target platform.
- A patch commit message SHOULD consist of a single short (less than 50 character) line summarizing the change, optionally followed by a blank line and then a more thorough description.
- A "Correct Patch" is one that satisfies the above requirements.
### Development process
- Change on the project MUST be governed by the pattern of accurately identifying problems and applying minimal, accurate solutions to these problems.
- To request changes, a user SHOULD log an issue on the project Platform issue tracker.
- The user or Contributor SHOULD write the issue by describing the problem they face or observe.
- The user or Contributor SHOULD seek consensus on the accuracy of their observation, and the value of solving the problem.
- Users MUST NOT log feature requests, ideas, or suggestions unrelated to Monero code or Monero's dependency code or Monero's potential/future dependency code or research which successfully implements Monero.
- Users MUST NOT log any solutions to problems (verifiable or hypothetical) of which are not explicitly documented and/or not provable and/or cannot be reasonably proven.
- Thus, the release history of the project MUST be a list of meaningful issues logged and solved.
- To work on an issue, a Contributor MUST fork the project repository and then work on their forked repository.
- To submit a patch, a Contributor MUST create a Platform pull request back to the project.
- A Contributor MUST NOT commit changes directly to the project.
- To discuss a patch, people MAY comment on the Platform pull request, on the commit, or elsewhere.
- To accept or reject a patch, a Maintainer MUST use the Platform interface.
- Maintainers SHOULD NOT merge their own patches except in exceptional cases, such as non-responsiveness from other Maintainers for an extended period (more than 30 days) or unless urgent as defined by the Monero Maintainers Team.
- Maintainers MUST NOT make value judgments on correct patches unless the Maintainer (as may happen in rare circumstances) is a core code developer.
- Maintainers MUST NOT merge pull requests in less than 168 hours (1 week) unless deemed urgent by at least 2 people from the Monero Maintainer Team.
- The Contributor MAY tag an issue as "Ready" after making a pull request for the issue.
- The user who created an issue SHOULD close the issue after checking the patch is successful.
- Maintainers SHOULD ask for improvements to incorrect patches and SHOULD reject incorrect patches if the Contributor does not respond constructively.
- Any Contributor who has value judgments on a correct patch SHOULD express these via their own patches.
- Maintainers MAY commit changes to non-source documentation directly to the project.
### Creating stable releases
- The project MUST have one branch ("master") that always holds the latest in-progress version and SHOULD always build.
- The project MUST NOT use topic branches for any reason. Personal forks MAY use topic branches.
- To make a stable release someone MUST fork the repository by copying it and thus become maintainer of this repository.
- Forking a project for stabilization MAY be done unilaterally and without agreement of project maintainers.
- A patch to a stabilization project declared "stable" MUST be accompanied by a reproducible test case.
### Evolution of public contracts
- All Public Contracts (APIs or protocols) MUST be documented.
- All Public Contracts SHOULD have space for extensibility and experimentation.
- A patch that modifies a stable Public Contract SHOULD not break existing applications unless there is overriding consensus on the value of doing this.
- A patch that introduces new features to a Public Contract SHOULD do so using new names.
- Old names SHOULD be deprecated in a systematic fashion by marking new names as "experimental" until they are stable, then marking the old names as "deprecated".
- When sufficient time has passed, old deprecated names SHOULD be marked "legacy" and eventually removed.
- Old names MUST NOT be reused by new features.
- When old names are removed, their implementations MUST provoke an exception (assertion) if used by applications.
### Project administration
- The project founders MUST act as Administrators to manage the set of project Maintainers.
- The Administrators MUST ensure their own succession over time by promoting the most effective Maintainers.
- A new Contributor who makes a correct patch MUST be invited to become a Maintainer.
- Administrators MAY remove Maintainers who are inactive for an extended period of time, or who repeatedly fail to apply this process accurately.
- Administrators SHOULD block or ban "bad actors" who cause stress and pain to others in the project. This should be done after public discussion, with a chance for all parties to speak. A bad actor is someone who repeatedly ignores the rules and culture of the project, who is needlessly argumentative or hostile, or who is offensive, and who is unable to self-correct their behavior when asked to do so by others.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Parts of the project are originally copyright (c) 2012-2013 The Cryptonote
developers
Parts of the project are originally copyright (c) 2014 The Boolberry
developers, distributed under the MIT licence:
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
The Monero command line tools can be translated in various languages. If you wish to contribute and need help/support, contact the [Monero Localization Workgroup on Taiga](https://taiga.getmonero.org/project/erciccione-monero-localization/) or come chat on `#monero-translations` (Freenode/IRC, riot/matrix, MatterMost)
In order to use the same translation workflow as the [Monero Core GUI](https://github.com/monero-project/monero-gui), they use Qt Linguist translation files. However, to avoid the dependencies on Qt this normally implies, they use a custom loader to read those files at runtime.
### Tools for translators
In order to create, update or build translations files, you need to have Qt tools installed. For translating, you need either the **Qt Linguist GUI** ([part of Qt Creator](https://www.qt.io/download) or a [3rd-party standalone version](https://github.com/lelegard/qtlinguist-installers/releases)), or another tool that supports Qt ts files, such as Transifex. The files are XML, so they can be edited in any plain text editor if needed.
### Creating / modifying translations
You do not need anything from Qt in order to use the final translations.
To add new translatable strings in the source code:
Use the `tr(string)` function if possible. If the code is in a class, and this class doesn't already have a `tr()` static function, add one, which uses a context named after what `lupdate` uses for the context, usually the fully qualified class name (eg, `cryptonote::simple_wallet`). If you need to use `tr()` in code that's not in a class, you can use the fully qualified version (eg, `simple_wallet::tr`) of the one matching the context you want. Use `QT_TRANSLATE_NOOP(string)` if you want to specify a context manually.
If you're getting messages of the form:
```
Class 'cryptonote::simple_wallet' lacks Q_OBJECT macro
- We are also available via [HackerOne](https://hackerone.com/monero)
## Research
The [Monero Research Lab](https://src.getmonero.org/resources/research-lab/) is an open forum where the community coordinates research into Monero cryptography, protocols, fungibility, analysis, and more. We welcome collaboration and contributions from outside researchers! Because not all Lab work and publications are distributed as traditional preprints or articles, they may be easy to miss if you are conducting literature reviews for your own Monero research. You are encouraged to get in touch with our researchers if you have questions, wish to collaborate, or would like guidance to help avoid unnecessarily duplicating earlier or known work.
Our researchers are available on IRC in [#monero-research-lab on Freenode](https://webchat.freenode.net/?randomnick=1&channels=%23monero-research-lab&prompt=1&uio=d4) or by email:
- Sarang Noether, Ph.D.: [sarang@getmonero.org](mailto:sarang@getmonero.org) or [sarang.noether@protonmail.com](mailto:sarang.noether@protonmail.com); [research repository](https://github.com/SarangNoether/research-lab)
- You can subscribe to an [announcement listserv](https://lists.getmonero.org) to get critical announcements from the Monero core team. The announcement list can be very helpful for knowing when software updates are needed.
## Translations
The CLI wallet is available in different languages. If you want to help translate it, see our self-hosted localization platform, Weblate, on [translate.getmonero.org](https://translate.getmonero.org/projects/CLI/). Every translation *must* be uploaded on the platform, pull requests directly editing the code in this repository will be closed. If you need help with Weblate, you can find a guide with screenshots [here](https://github.com/monero-ecosystem/monero-translations/blob/master/weblate.md).
If you need help/support/info about translations, contact the localization workgroup. You can find the complete list of contacts on the repository of the workgroup: [monero-translations](https://github.com/monero-ecosystem/monero-translations#contacts).
## Build Status
### IMPORTANT
These builds are of the master branch, which is used for active development and can be either unstable or incompatible with release software. Please compile release branches.
Monero is a private, secure, untraceable currency. You are your bank, you control your funds, and nobody can trace your transfers.
Monero is a private, secure, untraceable, decentralised digital currency. You are your bank, you control your funds, and nobody can trace your transfers unless you allow them to do so.
**Privacy:** Monero uses a cryptographically sound system to allow you to send and receive funds without your transactions being easily revealed on the blockchain (the ledger of transactions that everyone has). This ensures that your purchases, receipts, and all transfers remain absolutely private by default.
**Security:** Using the power of a distributed peer-to-peer consensus network, every transaction on the network is cryptographically secured. Individual wallets have a 24 word mnemonic that is only displayed once, and can be written down to backup the wallet. Wallet files are encrypted with a passphrase to ensure they are useless if stolen.
**Security:** Using the power of a distributed peer-to-peer consensus network, every transaction on the network is cryptographically secured. Individual wallets have a 25 word mnemonic seed that is only displayed once, and can be written down to backup the wallet. Wallet files are encrypted with a passphrase to ensure they are useless if stolen.
**Untraceability:** By taking advantage of ring signatures, a special property of certain types of cryptography, Monero is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
**Untraceability:** By taking advantage of ring signatures, a special property of a certain type of cryptography, Monero is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
## About this Project
**Decentralization:** The utility of monero depends on its decentralised peer-to-peer consensus network - anyone should be able to run the monero software, validate the integrity of the blockchain, and participate in all aspects of the monero network using consumer-grade commodity hardware. Decentralization of the monero network is maintained by software development that minimizes the costs of running the monero software and inhibits the proliferation of specialized, non-commodity hardware.
## About this project
This is the core implementation of Monero. It is open source and completely free to use without restrictions, except for those specified in the license agreement below. There are no restrictions on anyone creating an alternative implementation of Monero that uses the protocol and network in a compatible manner.
As with many development projects, the repository on Github is considered to be the "staging" area for the latest changes. Before changes are merged into that branch on the main repository, they are tested by individual developers, committed to the "development" branch, and then subsequently tested by contributors who focus on thorough testing and code reviews. That having been said, the repository should be carefully considered before using it in a production environment, unless there is a patch in the repository for a particular show-stopping issue you are experiencing. It is generally a better idea to use a tagged release for stability.
As with many development projects, the repository on Github is considered to be the "staging" area for the latest changes. Before changes are merged into that branch on the main repository, they are tested by individual developers in their own branches, submitted as a pull request, and then subsequently tested by contributors who focus on testing and code reviews. That having been said, the repository should be carefully considered before using it in a production environment, unless there is a patch in the repository for a particular show-stopping issue you are experiencing. It is generally a better idea to use a tagged release for stability.
Anyone is able to contribute to Monero. If you have a fix or code change, feel free to submit is as a pull request directly to the "development" branch. In cases where the change is relatively small or does not affect other parts of the codebase it may be merged in immediately by any one of the collaborators. On the other hand, if the change is particularly large or complex, it is expected that it will be discussed at length either well in advance of the pull request being submitted, or even directly on the pull request.
**Anyone is welcome to contribute to Monero's codebase!** If you have a fix or code change, feel free to submit it as a pull request directly to the "master" branch. In cases where the change is relatively small or does not affect other parts of the codebase it may be merged in immediately by any one of the collaborators. On the other hand, if the change is particularly large or complex, it is expected that it will be discussed at length either well in advance of the pull request being submitted, or even directly on the pull request.
## Supporting the project
Monero is a 100% community-sponsored endeavor. If you want to join our efforts, the easiest thing you can do is support the project financially. Both Monero and Bitcoin donations can be made to **donate.getmonero.org** if using a client that supports the [OpenAlias](https://openalias.org) standard. Alternatively you can send XMR to the Monero donation address via the `donate` command (type `help` in the command-line wallet for details).
The Monero donation address is: `44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A` (viewkey: `f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501`)
The Bitcoin donation address is: `1KTexdemPdxSBcG55heUuTjDRYqbC5ZL8H`
Core development funding and/or some supporting services are also graciously provided by sponsors:
There are also several mining pools that kindly donate a portion of their fees, [a list of them can be found on our Bitcointalk post](https://bitcointalk.org/index.php?topic=583449.0).
## License
Copyright (c) 2014, The Monero Project
See [LICENSE](LICENSE).
All rights reserved.
## Contributing
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
If you want to help out, see [CONTRIBUTING](CONTRIBUTING.md) for a set of guidelines.
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
## Scheduled software upgrades
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Monero uses a fixed-schedule software upgrade (hard fork) mechanism to implement new features. This means that users of Monero (end users and service providers) should run current versions and upgrade their software on a regular schedule. Software upgrades occur during the months of April and October. The required software for these upgrades will be available prior to the scheduled date. Please check the repository prior to this date for the proper Monero software version. Below is the historical schedule and the projected schedule for the next upgrade.
Dates are provided in the format YYYY-MM-DD.
3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
| Software upgrade block height | Date | Fork version | Minimum Monero version | Recommended Monero version | Details |
| 1788000 | 2019-03-09 | v10 | v0.14.0.0 | v0.14.1.2 | New PoW based on Cryptonight-R, new block weight algorithm, slightly more efficient RingCT format
| 1788720 | 2019-03-10 | v11 | v0.14.0.0 | v0.14.1.2 | forbid old RingCT transaction format
| 1978433 | 2019-11-30* | v12 | v0.15.0.0 | v0.15.0.0 | New PoW based on RandomX, only allow >= 2 outputs, change to the block median used to calculate penalty, v1 coinbases are forbidden, rct sigs in coinbase forbidden, 10 block lock time for incoming transactions
Parts of the project are originally copyright (c) 2012-2013 The Cryptonote developers
X's indicate that these details have not been determined as of commit date.
* indicates estimate as of commit date
## Compiling Monero
## Release staging schedule and protocol
### On Unix and Linux:
Approximately three months prior to a scheduled software upgrade, a branch from master will be created with the new release version tag. Pull requests that address bugs should then be made to both master and the new release branch. Pull requests that require extensive review and testing (generally, optimizations and new features) should *not* be made to the release branch.
Dependencies: GCC 4.7.3 or later, CMake 2.8.6 or later, libunbound 1.4.16 or later (note: Unbound is not a dependency, libunbound is), libevent 2.0 or later, libgtest 1.5 or later, and Boost 1.53 or later (except 1.54, [more details here](http://goo.gl/RrCFmA)).
Static Build Additional Dependencies: ldns 1.6.17 or later, expat 1.1 or later, bison or yacc
## Compiling Monero from source
**Basic Process:**
### Dependencies
* To build, change to the root of the source code directory, and run `make`.
* The resulting executables can be found in `build/release/src` or `build/debug/src`, depending on what you're building.
The following table summarizes the tools and libraries required to build. A
few of the libraries are also included in this repository (marked as
"Vendored"). By default, the build uses the library installed on the system,
and ignores the vendored sources. However, if no library is found installed on
the system, then the vendored source will be built and used. The vendored
sources are also used for statically-linked builds because distribution
packages often include only shared library binaries (`.so`) but not static
library archives (`.a`).
**Advanced options:**
| Dep | Min. version | Vendored | Debian/Ubuntu pkg | Arch pkg | Fedora | Optional | Purpose |
* Parallel build: run `make -j<number of threads>` instead of `make`.
* Statically linked release build: run `make release-static`.
* Debug build: run `make build-debug`.
* Test suite: run `make test-release` to run tests in addition to building. Running `make test-debug` will do the same to the debug version.
* Building with Clang: it may be possible to use Clang instead of GCC, but this may not work everywhere. To build, run `export CC=clang CXX=clang++` before running `make`.
### On OS X:
[1] On Debian/Ubuntu `libgtest-dev` only includes sources and headers. You must
build the library binary manually. This can be done with the following command ```sudo apt-get install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/ ```
[2] libnorm-dev is needed if your zmq library was built with libnorm, and not needed otherwise
The project can be built from scratch by following instructions for Unix and Linux above.
Install all dependencies at once on Debian/Ubuntu:
Alternatively, it can be built in an easier and more automated fashion using Homebrew:
Dependencies: mingw-w64, msys2, CMake 2.8.6 or later, libunbound 1.4.16 or later (note: Unbound is not a dependency, libunbound is), and Boost 1.53 or 1.55 (except 1.54, [more details here](http://goo.gl/RrCFmA)).
Static Build Additional Dependencies: ldns 1.6.17 or later, expat 1.1 or later
### Cloning the repository
**Preparing the Build Environment**
Clone recursively to pull-in needed submodule(s):
* Download the [MSYS2 installer](http://msys2.github.io), 64-bit or 32-bit as needed, and run it.
* Use the shortcut associated with your architecture to launch the MSYS2 environment. On 64-bit systems that would be the MinGW-w64 Win64 Shell shortcut. Note that if you are running 64-bit Windows, you will have both 64-bit and 32-bit environments.
* Update the packages in your MSYS2 install:
```
pacman -Sy
pacman -Su --ignoregroup base
pacman -Su
```
* For those of you already familiar with pacman, you can run the normal `pacman -Syu` to update, but you may get errors and need to restart MSYS2 if pacman's dependencies are updated.
* Install dependencies: `pacman -S mingw-w64-x86_64-gcc make mingw-w64-x86_64-cmake mingw-w64-x86_64-unbound mingw-w64-x86_64-boost`
* If you are planning to build statically you will also need to install: `pacman -S mingw-w64-x86_64-ldns mingw-w64-x86_64-expat` (note that these are likely already installed by the unbound dependency installation above)
Monero uses the CMake build system and a top-level [Makefile](Makefile) that
invokes cmake commands as needed.
#### On Linux and macOS
* Install the dependencies
* Change to the root of the source code directory, change to the most recent release branch, and build:
```bash
cd monero
git checkout release-v0.15
make
```
*Optional*: If your machine has several cores and enough memory, enable
parallel build by running `make -j<number of threads>` instead of `make`. For
this to be worthwhile, the machine should have one core and about 2GB of RAM
available per thread.
*Note*: If cmake can not find zmq.hpp file on macOS, installing `zmq.hpp` from
https://github.com/zeromq/cppzmq to `/usr/local/include` should fix that error.
*Note*: The instructions above will compile the most stable release of the
Monero software. If you would like to use and test the most recent software,
use ```git checkout master```. The master branch may contain updates that are
both unstable and incompatible with release software, though testing is always
encouraged.
* The resulting executables can be found in `build/release/bin`
* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
* Run Monero with `monerod --detach`
* **Optional**: build and run the test suite to verify the binaries:
```bash
make release-test
```
*NOTE*: `core_tests` test may take a few hours to complete.
* **Optional**: to build binaries suitable for debugging:
```bash
make debug
```
* **Optional**: to build statically-linked binaries:
```bash
make release-static
```
Dependencies need to be built with -fPIC. Static libraries usually aren't, so you may have to build them yourself with -fPIC. Refer to their documentation for how to build them.
* **Optional**: build documentation in `doc/html` (omit `HAVE_DOT=YES` if `graphviz` is not installed):
```bash
HAVE_DOT=YES doxygen Doxyfile
```
#### On the Raspberry Pi
Tested on a Raspberry Pi Zero with a clean install of minimal Raspbian Stretch (2017-09-07 or later) from https://www.raspberrypi.org/downloads/raspbian/. If you are using Raspian Jessie, [please see note in the following section](#note-for-raspbian-jessie-users).
* `apt-get update && apt-get upgrade` to install all of the latest software
* Install the dependencies for Monero from the 'Debian' column in the table above.
* Increase the system swap size:
```bash
sudo /etc/init.d/dphys-swapfile stop
sudo nano /etc/dphys-swapfile
CONF_SWAPSIZE=2048
sudo /etc/init.d/dphys-swapfile start
```
* If using an external hard disk without an external power supply, ensure it gets enough power to avoid hardware issues when syncing, by adding the line "max_usb_current=1" to /boot/config.txt
* Clone monero and checkout the most recent release version:
* The resulting executables can be found in `build/release/bin`
* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
* Run Monero with `monerod --detach`
* You may wish to reduce the size of the swap file after the build has finished, and delete the boost directory from your home directory
#### *Note for Raspbian Jessie users:*
If you are using the older Raspbian Jessie image, compiling Monero is a bit more complicated. The version of Boost available in the Debian Jessie repositories is too old to use with Monero, and thus you must compile a newer version yourself. The following explains the extra steps, and has been tested on a Raspberry Pi 2 with a clean install of minimal Raspbian Jessie.
* As before, `apt-get update && apt-get upgrade` to install all of the latest software, and increase the system swap size
```bash
sudo /etc/init.d/dphys-swapfile stop
sudo nano /etc/dphys-swapfile
CONF_SWAPSIZE=2048
sudo /etc/init.d/dphys-swapfile start
```
* Then, install the dependencies for Monero except `libunwind` and `libboost-all-dev`
* Install the latest version of boost (this may first require invoking `apt-get remove --purge libboost*` to remove a previous version if you're not using a clean install):
sudo ./bjam cxxflags=-fPIC cflags=-fPIC -a install
```
* Wait ~4 hours
* From here, follow the [general Raspberry Pi instructions](#on-the-raspberry-pi) from the "Clone monero and checkout most recent release version" step.
#### On Windows:
Binaries for Windows are built on Windows using the MinGW toolchain within
[MSYS2 environment](https://www.msys2.org). The MSYS2 environment emulates a
POSIX system. The toolchain runs within the environment and *cross-compiles*
binaries that can run outside of the environment as a regular Windows
application.
**Preparing the build environment**
* Download and install the [MSYS2 installer](https://www.msys2.org), either the 64-bit or the 32-bit package, depending on your system.
* Open the MSYS shell via the `MSYS2 Shell` shortcut
* Update packages using pacman:
```bash
pacman -Syu
```
* Exit the MSYS shell using Alt+F4
* Edit the properties for the `MSYS2 Shell` shortcut changing "msys2_shell.bat" to "msys2_shell.cmd -mingw64" for 64-bit builds or "msys2_shell.cmd -mingw32" for 32-bit builds
* Restart MSYS shell via modified shortcut and update packages again using pacman:
```bash
pacman -Syu
```
* Install dependencies:
To build for 64-bit Windows:
```bash
pacman -S mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-zeromq mingw-w64-x86_64-libsodium mingw-w64-x86_64-hidapi
```
To build for 32-bit Windows:
```bash
pacman -S mingw-w64-i686-toolchain make mingw-w64-i686-cmake mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-zeromq mingw-w64-i686-libsodium mingw-w64-i686-hidapi
```
* Open the MingW shell via `MinGW-w64-Win64 Shell` shortcut on 64-bit Windows
or `MinGW-w64-Win64 Shell` shortcut on 32-bit Windows. Note that if you are
running 64-bit Windows, you will have both 64-bit and 32-bit MinGW shells.
* If you would like a specific [version/tag](https://github.com/monero-project/monero/tags), do a git checkout for that version. eg. 'v0.15.0.0'. If you don't care about the version and just want binaries from master, skip this step:
* The resulting executables can be found in `build/release/src` or `build/debug/src`, depending on what you're building.
If you installed MSYS2 in a folder other than c:/msys64, make the appropriate substitution above.
```bash
make release-static-win32
```
**Advanced options:**
* The resulting executables can be found in `build/release/bin`
* Parallel build: run `make -j<number of threads>` instead of `make`.
* Statically linked release build: run `make release-static`.
* Debug build: run `make build-debug`.
* Test suite: run `make test-release` to run tests in addition to building. Running `make test-debug` will do the same to the debug version.
* **Optional**: to build Windows binaries suitable for debugging on a 64-bit system, run:
```bash
make debug-static-win64
```
* **Optional**: to build Windows binaries suitable for debugging on a 32-bit system, run:
```bash
make debug-static-win32
```
* The resulting executables can be found in `build/debug/bin`
### On FreeBSD:
The project can be built from scratch by following instructions for Unix and Linux above.
The project can be built from scratch by following instructions for Linux above(but use `gmake` instead of `make`). If you are running monero in a jail you need to add the flag: `allow.sysvipc=1` to your jail configuration, otherwise lmdb will throw the error message: `Failed to open lmdb environment: Function not implemented`.
We expect to add Monero into the ports tree in the near future, which will aid in managing installations using ports or packages.
## Building Documentation
### On OpenBSD:
Monero developer documentation uses Doxygen, and is currently a work-in-progress.
You will need to add a few packages to your system. `pkg_add cmake gmake zeromq cppzmq libiconv boost`.
Dependencies: Doxygen 1.8.0 or later, Graphviz 2.28 or later (optional).
The `doxygen` and `graphviz` packages are optional and require the xbase set.
Running the test suite also requires `py-requests` package.
* To build, change to the root of the source code directory, and run `doxygen Doxyfile`
* If you have installed Graphviz, you can also generate in-doc diagrams by instead running `HAVE_DOT=YES doxygen Doxyfile`
By default, in either dynamically or statically linked builds, binaries target the specific host processor on which the build happens and are not portable to other processors. Portable binaries can be built using the following targets:
* ```make release-static-linux-x86_64``` builds binaries on Linux on x86_64 portable across POSIX systems on x86_64 processors
* ```make release-static-linux-i686``` builds binaries on Linux on x86_64 or i686 portable across POSIX systems on i686 processors
* ```make release-static-linux-armv8``` builds binaries on Linux portable across POSIX systems on armv8 processors
* ```make release-static-linux-armv7``` builds binaries on Linux portable across POSIX systems on armv7 processors
* ```make release-static-linux-armv6``` builds binaries on Linux portable across POSIX systems on armv6 processors
* ```make release-static-win64``` builds binaries on 64-bit Windows portable across 64-bit Windows systems
* ```make release-static-win32``` builds binaries on 64-bit or 32-bit Windows portable across 32-bit Windows systems
### Cross Compiling
You can also cross-compile static binaries on Linux for Windows and macOS with the `depends` system.
* ```make depends target=x86_64-linux-gnu``` for 64-bit linux binaries.
* ```make depends target=x86_64-w64-mingw32``` for 64-bit windows binaries.
* ```make depends target=i686-linux-gnu``` for 32-bit linux binaries.
* Requires: `g++-multilib bc`
* ```make depends target=i686-w64-mingw32``` for 32-bit windows binaries.
* Requires: `python3 g++-mingw-w64-i686`
* ```make depends target=arm-linux-gnueabihf``` for armv7 binaries.
* Requires: `g++-arm-linux-gnueabihf`
* ```make depends target=aarch64-linux-gnu``` for armv8 binaries.
* Requires: `g++-aarch64-linux-gnu`
* ```make depends target=riscv64-linux-gnu``` for RISC V 64 bit binaries.
* Requires: `g++-riscv64-linux-gnu`
The required packages are the names for each toolchain on apt. Depending on your distro, they may have different names.
Using `depends` might also be easier to compile Monero on Windows than using MSYS. Activate Windows Subsystem for Linux (WSL) with a distro (for example Ubuntu), install the apt build-essentials and follow the `depends` steps as depicted above.
The produced binaries still link libc dynamically. If the binary is compiled on a current distribution, it might not run on an older distribution with an older installation of libc. Passing `-DBACKCOMPAT=ON` to cmake will make sure that the binary will run on systems having at least libc version 2.17.
## Installing Monero from a package
**DISCLAIMER: These packages are not part of this repository or maintained by this project's contributors, and as such, do not go through the same review process to ensure their trustworthiness and security.**
Packages are available for
* Debian Bullseye and Sid
```bash
sudo apt install monero
```
More info and versions in the [Debian package tracker](https://tracker.debian.org/pkg/monero).
* Arch Linux (via [AUR](https://aur.archlinux.org/)):
This section contains general instructions for debugging failed installs or problems encountered with Monero. First, ensure you are running the latest version built from the Github repo.
### Obtaining stack traces and core dumps on Unix systems
We generally use the tool `gdb` (GNU debugger) to provide stack trace functionality, and `ulimit` to provide core dumps in builds which crash or segfault.
* To use `gdb` in order to obtain a stack trace for a build that has stalled:
Run the build.
Once it stalls, enter the following command:
```bash
gdb /path/to/monerod `pidof monerod`
```
Type `thread apply all bt` within gdb in order to obtain the stack trace
* If however the core dumps or segfaults:
Enter `ulimit -c unlimited` on the command line to enable unlimited filesizes for core dumps
Enter `echo core | sudo tee /proc/sys/kernel/core_pattern` to stop cores from being hijacked by other tools
Run the build.
When it terminates with an output along the lines of "Segmentation fault (core dumped)", there should be a core dump file in the same directory as monerod. It may be named just `core`, or `core.xxxx` with numbers appended.
You can now analyse this core dump with `gdb` as follows:
```bash
gdb /path/to/monerod /path/to/dumpfile`
```
Print the stack trace with `bt`
* If a program crashed and cores are managed by systemd, the following can also get a stack trace for that crash:
```bash
coredumpctl -1 gdb
```
#### To run monero within gdb:
Type `gdb /path/to/monerod`
Pass command-line options with `--args` followed by the relevant arguments
Type `run` to run monerod
### Analysing memory corruption
There are two tools available:
#### ASAN
Configure Monero with the -D SANITIZE=ON cmake flag, eg:
```bash
cd build/debug && cmake -D SANITIZE=ON -D CMAKE_BUILD_TYPE=Debug ../..
```
You can then run the monero tools normally. Performance will typically halve.
#### valgrind
Install valgrind and run as `valgrind /path/to/monerod`. It will be very slow.
### LMDB
Instructions for debugging suspected blockchain corruption as per @HYC
There is an `mdb_stat` command in the LMDB source that can print statistics about the database but it's not routinely built. This can be built with the following command:
```bash
cd ~/monero/external/db_drivers/liblmdb && make
```
The output of `mdb_stat -ea <path to blockchain dir>` will indicate inconsistencies in the blocks, block_heights and block_info table.
The output of `mdb_dump -s blocks <path to blockchain dir>` and `mdb_dump -s block_info <path to blockchain dir>` is useful for indicating whether blocks and block_info contain the same keys.
These records are dumped as hex data, where the first line is the key and the second line is the data.
# Known Issues
## Protocols
### Socket-based
Because of the nature of the socket-based protocols that drive monero, certain protocol weaknesses are somewhat unavoidable at this time. While these weaknesses can theoretically be fully mitigated, the effort required (the means) may not justify the ends. As such, please consider taking the following precautions if you are a monero node operator:
- Run `monerod` on a "secured" machine. If operational security is not your forte, at a very minimum, have a dedicated a computer running `monerod` and **do not** browse the web, use email clients, or use any other potentially harmful apps on your `monerod` machine. **Do not click links or load URL/MUA content on the same machine**. Doing so may potentially exploit weaknesses in commands which accept "localhost" and "127.0.0.1".
- If you plan on hosting a public "remote" node, start `monerod` with `--restricted-rpc`. This is a must.
### Blockchain-based
Certain blockchain "features" can be considered "bugs" if misused correctly. Consequently, please consider the following:
- When receiving monero, be aware that it may be locked for an arbitrary time if the sender elected to, preventing you from spending that monero until the lock time expires. You may want to hold off acting upon such a transaction until the unlock time lapses. To get a sense of that time, you can consider the remaining blocktime until unlock as seen in the `show_transfers` command.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
