| blob | ef1d764146c7f309da8d78ebbbd81d8de4d4a5ba |
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2016 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
33 #include <assert.h>
35 #include <boost/algorithm/string/replace.hpp>
36 #include <boost/thread.hpp>
39 /** Transaction fee set by the user */
48 /**
49 * Fees smaller than this (in satoshi) are considered zero fee (for transaction creation)
50 * Override with -mintxfee
51 */
53 /**
54 * If fee estimation does not have enough data to provide estimates, use this fee instead.
55 * Has no effect if not using fee estimation
56 * Override with -fallbackfee
57 */
62 const uint256 CMerkleTx::ABANDON_HASH(uint256S("0000000000000000000000000000000000000000000000000000000000000001"));
64 /** @defgroup mapWallet
65 *
66 * @{
67 */
69 struct CompareValueOnly
70 {
73 {
75 }
76 };
79 {
80 return strprintf("COutput(%s, %d, %d) [%s]", tx->GetHash().ToString(), i, nDepth, FormatMoney(tx->tx->vout[i].nValue));
81 }
84 {
90 }
93 {
95 bool fCompressed = CanSupportFeature(FEATURE_COMPRPUBKEY); // default to compressed public keys if we want 0.6.0 wallets
97 CKey secret;
99 // Create new metadata
103 // use HD key derivation if HD was enabled during wallet creation
105 DeriveNewChildKey(walletdb, metadata, secret, (CanSupportFeature(FEATURE_HD_SPLIT) ? internal : false));
108 }
110 // Compressed public keys were introduced in version 0.6.0
113 }
123 }
125 }
127 void CWallet::DeriveNewChildKey(CWalletDB &walletdb, CKeyMetadata& metadata, CKey& secret, bool internal)
128 {
129 // for now we use a fixed keypath scheme of m/0'/0'/k
136 // try to get the master key
142 // derive m/0'
143 // use hardened derivation (child keys >= 0x80000000 are hardened after bip32)
146 // derive m/0'/0' (external chain) OR m/0'/1' (internal chain)
150 // derive child key at next index, skip keys already known to the wallet
152 // always derive hardened keys
153 // childIndex | BIP32_HARDENED_KEY_LIMIT = derive childIndex in hardened child-index-range
154 // example: 1 | BIP32_HARDENED_KEY_LIMIT == 0x80000001 == 2147483649
159 }
164 }
168 // update the chain model in the database
171 }
173 bool CWallet::AddKeyPubKeyWithDB(CWalletDB &walletdb, const CKey& secret, const CPubKey &pubkey)
174 {
177 // CCryptoKeyStore has no concept of wallet databases, but calls AddCryptedKey
178 // which is overridden below. To avoid flushes, the database handle is
179 // tunneled through to it.
183 }
187 }
190 // check if we need to remove from watch-only
191 CScript script;
195 }
199 }
205 }
207 }
210 {
213 }
217 {
220 {
224 vchCryptedSecret,
226 else
228 vchCryptedSecret,
230 }
231 }
234 {
239 }
241 bool CWallet::LoadCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret)
242 {
244 }
246 /**
247 * Update wallet first key creation time. This should be called whenever keys
248 * are added to the wallet, with the oldest key creation time.
249 */
251 {
254 // Cannot determine birthday information, so set the wallet birthday to
255 // the beginning of time.
259 }
260 }
263 {
267 }
270 {
271 /* A sanity check was added in pull #3843 to avoid adding redeemScripts
272 * that never can be redeemed. However, old wallets may still contain
273 * these. Do not add them to the wallet and warn. */
275 {
277 LogPrintf("%s: Warning: This wallet contains a redeemScript of size %i which exceeds maximum size %i thus can never be redeemed. Do not use address %s.\n",
280 }
283 }
286 {
293 }
296 {
299 }
302 {
312 }
315 {
317 }
320 {
321 CCrypter crypter;
322 CKeyingMaterial _vMasterKey;
324 {
327 {
328 if(!crypter.SetKeyFromPassphrase(strWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
334 }
335 }
337 }
339 bool CWallet::ChangeWalletPassphrase(const SecureString& strOldWalletPassphrase, const SecureString& strNewWalletPassphrase)
340 {
343 {
347 CCrypter crypter;
348 CKeyingMaterial _vMasterKey;
350 {
351 if(!crypter.SetKeyFromPassphrase(strOldWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
356 {
358 crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod);
359 pMasterKey.second.nDeriveIterations = pMasterKey.second.nDeriveIterations * (100 / ((double)(GetTimeMillis() - nStartTime)));
362 crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod);
363 pMasterKey.second.nDeriveIterations = (pMasterKey.second.nDeriveIterations + pMasterKey.second.nDeriveIterations * 100 / ((double)(GetTimeMillis() - nStartTime))) / 2;
368 LogPrintf("Wallet passphrase changed to an nDeriveIterations of %i\n", pMasterKey.second.nDeriveIterations);
370 if (!crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
378 }
379 }
380 }
383 }
386 {
389 }
391 bool CWallet::SetMinVersion(enum WalletFeature nVersion, CWalletDB* pwalletdbIn, bool fExplicit)
392 {
397 // when doing an explicit upgrade, if we pass the max version permitted, upgrade all the way
406 {
412 }
415 }
418 {
420 // cannot downgrade below current version
427 }
430 {
442 {
448 }
450 }
453 {
457 }
460 {
462 }
465 {
471 // Keep track of each wallet absolute path to detect duplicates.
477 }
481 }
485 if (fs::exists(wallet_path) && (!fs::is_regular_file(wallet_path) || fs::is_symlink(wallet_path))) {
487 }
491 }
496 }
499 // Recover readable keypairs:
500 CWallet dummyWallet;
502 if (!CWalletDB::Recover(walletFile, (void *)&dummyWallet, CWalletDB::RecoverKeysOnlyFilter, backup_filename)) {
504 }
505 }
508 bool dbV = CWalletDB::VerifyDatabaseFile(walletFile, GetDataDir().string(), strWarning, strError);
511 }
515 }
516 }
519 }
522 {
523 // We want all the wallet transactions in range to have the same metadata as
524 // the oldest (smallest nOrderPos).
525 // So: find smallest nOrderPos:
530 {
534 {
537 }
538 }
539 // Now copy data from copyFrom to rest:
541 {
548 // fTimeReceivedIsTxTime not copied on purpose
549 // nTimeReceived not copied on purpose
553 // nOrderPos not copied on purpose
554 // cached members not copied on purpose
555 }
556 }
558 /**
559 * Outpoint is spent if any non-conflicted transaction
560 * spends it:
561 */
563 {
569 {
576 }
577 }
579 }
582 {
588 }
592 {
600 }
603 {
607 CKeyingMaterial _vMasterKey;
612 CMasterKey kMasterKey;
617 CCrypter crypter;
619 crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, 25000, kMasterKey.nDerivationMethod);
623 crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, kMasterKey.nDeriveIterations, kMasterKey.nDerivationMethod);
624 kMasterKey.nDeriveIterations = (kMasterKey.nDeriveIterations + kMasterKey.nDeriveIterations * 100 / ((double)(GetTimeMillis() - nStartTime))) / 2;
631 if (!crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, kMasterKey.nDeriveIterations, kMasterKey.nDerivationMethod))
636 {
645 }
649 {
652 // We now probably have half of our keys encrypted in memory, and half not...
653 // die and let the user reload the unencrypted wallet.
655 }
657 // Encryption was introduced in version 0.4.0
662 // We now have keys encrypted in memory, but not on disk...
663 // die to avoid confusion and let the user reload the unencrypted wallet.
665 }
673 // if we are using HD, replace the HD master key (seed) with a new one
677 }
678 }
683 // Need to completely rewrite the wallet file; if we don't, bdb might keep
684 // bits of the unencrypted private key in slack space in the database file.
687 }
691 }
694 {
698 // Old wallets didn't have any defined order for transactions
699 // Probably a bad idea to change the output of this
701 // First: get all CWalletTx and CAccountingEntry into a sorted-by-time multimap.
704 TxItems txByTime;
706 for (std::map<uint256, CWalletTx>::iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
707 {
710 }
714 {
716 }
721 {
727 {
732 {
735 }
736 else
739 }
740 else
741 {
744 {
747 }
754 // Since we're changing the order, write it back
756 {
759 }
760 else
763 }
764 }
768 }
771 {
778 }
780 }
782 bool CWallet::AccountMove(std::string strFrom, std::string strTo, CAmount nAmount, std::string strComment)
783 {
790 // Debit
791 CAccountingEntry debit;
800 // Credit
801 CAccountingEntry credit;
814 }
817 {
820 CAccount account;
827 // Check if the current key has been used
836 }
837 }
838 }
840 // Generate a new key
847 }
852 }
855 {
856 {
860 }
861 }
864 {
869 // There is a bug if MarkReplaced is not called on an existing wallet transaction.
874 // Ensure for now that we're not overwriting data
885 }
890 }
893 {
900 // Inserts only if not already there, returns tx inserted or tx found
901 std::pair<std::map<uint256, CWalletTx>::iterator, bool> ret = mapWallet.insert(std::make_pair(hash, wtxIn));
906 {
912 }
916 {
917 // Merge
919 {
922 }
923 // If no longer abandoned, update
925 {
928 }
930 {
933 }
935 {
938 }
939 }
941 //// debug print
942 LogPrintf("AddToWallet %s %s%s\n", wtxIn.GetHash().ToString(), (fInsertedNew ? "new" : ""), (fUpdated ? "update" : ""));
944 // Write to disk
949 // Break debit/credit balance caches:
952 // Notify UI of new or updated transaction
955 // notify an external script when a wallet transaction comes in or is updated
959 {
962 }
965 }
968 {
981 }
982 }
983 }
986 }
988 /**
989 * Add a transaction to the wallet, or update it. pIndex and posInBlock should
990 * be set when the transaction was known to be included in a block. When
991 * pIndex == NULL, then wallet state is not updated in AddToWallet, but
992 * notifications happen and cached balances are marked dirty.
993 *
994 * If fUpdate is true, existing transactions will be updated.
995 * TODO: One exception to this is that the abandoned state is cleared under the
996 * assumption that any further notification of a transaction that was considered
997 * abandoned is an indication that it is not safe to be considered abandoned.
998 * Abandoned state should probably be more carefully tracked via different
999 * posInBlock signals or by checking mempool presence when necessary.
1000 */
1001 bool CWallet::AddToWalletIfInvolvingMe(const CTransactionRef& ptx, const CBlockIndex* pIndex, int posInBlock, bool fUpdate)
1002 {
1004 {
1009 std::pair<TxSpends::const_iterator, TxSpends::const_iterator> range = mapTxSpends.equal_range(txin.prevout);
1012 LogPrintf("Transaction %s (in block %s) conflicts with wallet transaction %s (both spend %s:%i)\n", tx.GetHash().ToString(), pIndex->GetBlockHash().ToString(), range.first->second.ToString(), range.first->first.hash.ToString(), range.first->first.n);
1014 }
1016 }
1017 }
1018 }
1023 {
1026 // Get merkle branch if transaction was found in a block
1031 }
1032 }
1034 }
1037 {
1041 }
1044 {
1052 // Can't mark abandoned if confirmed or in mempool
1057 }
1068 // If the orig tx was not in block, none of its spends can be
1070 // if (currentconfirm < 0) {Tx and spends are already conflicted, no need to abandon}
1072 // If the orig tx was not in block/mempool, none of its spends can be in mempool
1079 // Iterate over all its outputs, and mark transactions in the wallet that spend them abandoned too
1084 }
1085 iter++;
1086 }
1087 // If a transaction changes 'conflicted' state, that changes the balance
1088 // available of the outputs it spends. So force those to be recomputed
1090 {
1093 }
1094 }
1095 }
1098 }
1101 {
1109 }
1110 }
1111 // If number of conflict confirms cannot be determined, this means
1112 // that the block is still unknown or not yet part of the main chain,
1113 // for example when loading the wallet during a reindex. Do nothing in that
1114 // case.
1118 // Do not flush the wallet here for performance reasons
1134 // Block is 'more conflicted' than current confirm; update.
1135 // Mark transaction as conflicted with this block.
1140 // Iterate over all its outputs, and mark transactions in the wallet that spend them conflicted too
1145 }
1146 iter++;
1147 }
1148 // If a transaction changes 'conflicted' state, that changes the balance
1149 // available of the outputs it spends. So force those to be recomputed
1151 {
1154 }
1155 }
1156 }
1157 }
1159 void CWallet::SyncTransaction(const CTransactionRef& ptx, const CBlockIndex *pindex, int posInBlock) {
1165 // If a transaction changes 'conflicted' state, that changes the balance
1166 // available of the outputs it spends. So force those to be
1167 // recomputed, also:
1169 {
1172 }
1173 }
1178 }
1180 void CWallet::BlockConnected(const std::shared_ptr<const CBlock>& pblock, const CBlockIndex *pindex, const std::vector<CTransactionRef>& vtxConflicted) {
1182 // TODO: Temporarily ensure that mempool removals are notified before
1183 // connected transactions. This shouldn't matter, but the abandoned
1184 // state of transactions in our wallet is currently cleared when we
1185 // receive another notification and there is a race condition where
1186 // notification of a connected conflict might cause an outside process
1187 // to abandon a transaction and then have it inadvertently cleared by
1188 // the notification that the conflicted transaction was evicted.
1192 }
1195 }
1196 }
1203 }
1204 }
1209 {
1210 {
1214 {
1218 }
1219 }
1221 }
1223 // Note that this function doesn't distinguish between a 0-valued input,
1224 // and a not-"is mine" (according to the filter) input.
1226 {
1227 {
1231 {
1236 }
1237 }
1239 }
1242 {
1244 }
1247 {
1251 }
1254 {
1255 // TODO: fix handling of 'change' outputs. The assumption is that any
1256 // payment to a script that is ours, but is not in the address book
1257 // is change. That assumption is likely to break when we implement multisignature
1258 // wallets that return change back into a multi-signature-protected address;
1259 // a better way of identifying which outputs are 'the send' and which are
1260 // 'the change' will need to be implemented (maybe extend CWalletTx to remember
1261 // which output, if any, was change).
1263 {
1264 CTxDestination address;
1271 }
1273 }
1276 {
1280 }
1283 {
1288 }
1291 {
1293 }
1296 {
1299 {
1303 }
1305 }
1308 {
1312 {
1324 }
1326 }
1329 {
1332 {
1336 }
1338 }
1341 {
1344 {
1348 }
1350 }
1353 {
1354 CKey key;
1360 // calculate the pubkey
1364 // set the hd keypath to "m" -> Master, refers the masterkeyid to itself
1368 {
1371 // mem store the metadata
1374 // write the key&metadata to the database
1377 }
1380 }
1383 {
1385 // store the keyid (hash160) together with
1386 // the child index counter in the database
1387 // as a hdchain object
1388 CHDChain newHdChain;
1389 newHdChain.nVersion = CanSupportFeature(FEATURE_HD_SPLIT) ? CHDChain::VERSION_HD_CHAIN_SPLIT : CHDChain::VERSION_HD_BASE;
1394 }
1397 {
1404 }
1407 {
1409 }
1412 {
1415 }
1418 {
1419 // Returns -1 if it wasn't being tracked
1421 {
1424 {
1425 // Generated block
1427 {
1431 }
1432 }
1433 else
1434 {
1435 // Did anyone request this transaction?
1438 {
1441 // How about the block it's in?
1443 {
1447 else
1449 }
1450 }
1451 }
1452 }
1454 }
1457 std::list<COutputEntry>& listSent, CAmount& nFee, std::string& strSentAccount, const isminefilter& filter) const
1458 {
1464 // Compute fee:
1467 {
1470 }
1472 // Sent/received.
1474 {
1477 // Only need to handle txouts if AT LEAST one of these is true:
1478 // 1) they debit from us (sent)
1479 // 2) the output is to us (received)
1481 {
1482 // Don't report 'change' txouts
1485 }
1489 // In either case, we need to get the destination address
1490 CTxDestination address;
1493 {
1497 }
1501 // If we are debited by the transaction, add the output as a "sent" entry
1505 // If we are receiving the output, add it as a "received" entry
1508 }
1510 }
1512 /**
1513 * Scan active chain for relevant transactions after importing keys. This should
1514 * be called whenever new keys are added to the wallet, with the oldest key
1515 * creation time.
1516 *
1517 * @return Earliest timestamp that could be successfully scanned from. Timestamp
1518 * returned will be higher than startTime if relevant blocks could not be read.
1519 */
1521 {
1525 // Find starting block. May be null if nCreateTime is greater than the
1526 // highest blockchain timestamp, in which case there is nothing that needs
1527 // to be scanned.
1529 LogPrintf("%s: Rescanning last %i blocks\n", __func__, startBlock ? chainActive.Height() - startBlock->nHeight + 1 : 0);
1535 }
1536 }
1538 }
1540 /**
1541 * Scan the block chain (starting in pindexStart) for transactions
1542 * from or to us. If fUpdate is true, found transactions that already
1543 * exist in the wallet will be updated.
1544 *
1545 * Returns null if scan was successful. Otherwise, if a complete rescan was not
1546 * possible (due to pruning or corruption), returns pointer to the most recent
1547 * block that could not be scanned.
1548 */
1550 {
1556 {
1561 ShowProgress(_("Rescanning..."), 0); // show rescan progress in GUI as dialog or on splashscreen, if -rescan on startup
1565 {
1567 ShowProgress(_("Rescanning..."), std::max(1, std::min(99, (int)((GuessVerificationProgress(chainParams.TxData(), pindex) - dProgressStart) / (dProgressTip - dProgressStart) * 100))));
1570 LogPrintf("Still rescanning. At block %d. Progress=%f\n", pindex->nHeight, GuessVerificationProgress(chainParams.TxData(), pindex));
1571 }
1573 CBlock block;
1577 }
1580 }
1582 }
1584 LogPrintf("Rescan aborted at block %d. Progress=%f\n", pindex->nHeight, GuessVerificationProgress(chainParams.TxData(), pindex));
1585 }
1589 }
1591 }
1594 {
1595 // If transactions aren't being broadcasted, don't let them into local mempool either
1601 // Sort pending wallet transactions based on their initial wallet insertion order
1603 {
1612 }
1613 }
1615 // Try to add wallet transactions to memory pool
1617 {
1621 CValidationState state;
1623 }
1624 }
1627 {
1630 {
1631 CValidationState state;
1632 /* GetDepthInMainChain already catches known conflicts. */
1638 {
1640 });
1642 }
1643 }
1644 }
1646 }
1649 {
1652 {
1656 }
1658 }
1661 {
1667 {
1670 else
1671 {
1675 }
1676 }
1678 {
1681 else
1682 {
1686 }
1687 }
1689 }
1692 {
1693 // Must wait until coinbase is safely deep enough in the chain before valuing it
1699 {
1700 // GetBalance can assume transactions in mapWallet won't change
1703 else
1704 {
1708 }
1709 }
1711 {
1714 else
1715 {
1719 }
1720 }
1722 }
1725 {
1727 {
1733 }
1736 }
1739 {
1743 // Must wait until coinbase is safely deep enough in the chain before valuing it
1753 {
1755 {
1760 }
1761 }
1766 }
1769 {
1771 {
1777 }
1780 }
1783 {
1787 // Must wait until coinbase is safely deep enough in the chain before valuing it
1796 {
1798 {
1803 }
1804 }
1809 }
1812 {
1818 }
1821 {
1824 }
1827 {
1828 // Quick answer in most cases
1839 // Don't trust unconfirmed transactions from us unless they are in the mempool.
1843 // Trusted if all inputs are from us and are in the mempool:
1845 {
1846 // Transactions not sent by us: not trusted
1853 }
1855 }
1858 {
1864 }
1867 {
1871 // Sort them in chronological order
1874 {
1876 // Don't rebroadcast if newer than nTime:
1880 }
1882 {
1886 }
1888 }
1891 {
1892 // Do this infrequently and randomly to avoid giving away
1893 // that these are our transactions.
1901 // Only do it if there's been a new block since last time
1906 // Rebroadcast unconfirmed txes older than 5 minutes before the last
1907 // block was found:
1911 }
1918 /** @defgroup Actions
1919 *
1920 * @{
1921 */
1925 {
1927 {
1929 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1930 {
1934 }
1935 }
1938 }
1941 {
1943 {
1945 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1946 {
1950 }
1951 }
1953 }
1956 {
1958 {
1960 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1961 {
1964 }
1965 }
1967 }
1970 {
1972 {
1974 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1975 {
1979 }
1980 }
1983 }
1986 {
1988 {
1990 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1991 {
1995 }
1996 }
1998 }
2001 {
2003 {
2005 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
2006 {
2009 }
2010 }
2012 }
2014 // Calculate total balance in a different way from GetBalance. The biggest
2015 // difference is that GetBalance sums up all unspent TxOuts paying to the
2016 // wallet, while this sums up both spent and unspent TxOuts paying to the
2017 // wallet, and then subtracts the values of TxIns spending from the wallet. This
2018 // also has fewer restrictions on which unconfirmed transactions are considered
2019 // trusted.
2020 CAmount CWallet::GetLegacyBalance(const isminefilter& filter, int minDepth, const std::string* account) const
2021 {
2030 }
2032 // Loop through tx outputs and add incoming payments. For outgoing txs,
2033 // treat change outputs specially, as part of the amount debited.
2039 } else if (IsMine(out) & filter && depth >= minDepth && (!account || *account == GetAccountName(out.scriptPubKey))) {
2041 }
2042 }
2044 // For outgoing txs, subtract amount debited.
2047 }
2048 }
2052 }
2055 }
2058 {
2067 }
2068 }
2070 }
2072 void CWallet::AvailableCoins(std::vector<COutput> &vCoins, bool fOnlySafe, const CCoinControl *coinControl, const CAmount &nMinimumAmount, const CAmount &nMaximumAmount, const CAmount &nMinimumSumAmount, const uint64_t &nMaximumCount, const int &nMinDepth, const int &nMaxDepth) const
2073 {
2076 {
2081 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
2082 {
2096 // We should not consider coins which aren't at least in our mempool
2097 // It's possible for these to be conflicted via ancestors which we may never be able to detect
2103 // We should not consider coins from transactions that are replacing
2104 // other transactions.
2105 //
2106 // Example: There is a transaction A which is replaced by bumpfee
2107 // transaction B. In this case, we want to prevent creation of
2108 // a transaction B' which spends an output of B.
2109 //
2110 // Reason: If transaction A were initially confirmed, transactions B
2111 // and B' would no longer be valid, so the user would have to create
2112 // a new transaction C to replace B'. However, in the case of a
2113 // one-block reorg, transactions B' and C might BOTH be accepted,
2114 // when the user only wanted one of them. Specifically, there could
2115 // be a 1-block reorg away from the chain where transactions A and C
2116 // were accepted to another chain where B, B', and C were all
2117 // accepted.
2120 }
2122 // Similarly, we should not consider coins from transactions that
2123 // have been replaced. In the example above, we would want to prevent
2124 // creation of a transaction A' spending an output of A, because if
2125 // transaction B were initially confirmed, conflicting with A and
2126 // A', we wouldn't want to the user to create a transaction D
2127 // intending to replace A', but potentially resulting in a scenario
2128 // where A, A', and D could all be accepted (instead of just B and
2129 // D, or just A and A' like the user would want).
2132 }
2136 }
2145 if (coinControl && coinControl->HasSelected() && !coinControl->fAllowOtherInputs && !coinControl->IsSelected(COutPoint((*it).first, i)))
2158 }
2160 bool fSpendableIn = ((mine & ISMINE_SPENDABLE) != ISMINE_NO) || (coinControl && coinControl->fAllowWatchOnly && (mine & ISMINE_WATCH_SOLVABLE) != ISMINE_NO);
2165 // Checks the sum amount of all UTXO's.
2171 }
2172 }
2174 // Checks the maximum number of UTXO's.
2177 }
2178 }
2179 }
2180 }
2181 }
2184 {
2185 // TODO: Add AssertLockHeld(cs_wallet) here.
2186 //
2187 // Because the return value from this function contains pointers to
2188 // CWalletTx objects, callers to this function really should acquire the
2189 // cs_wallet lock before calling it. However, the current caller doesn't
2190 // acquire this lock yet. There was an attempt to add the missing lock in
2191 // https://github.com/bitcoin/bitcoin/pull/10340, but that change has been
2192 // postponed until after https://github.com/bitcoin/bitcoin/pull/10244 to
2193 // avoid adding some extra complexity to the Qt code.
2202 CTxDestination address;
2206 }
2207 }
2217 CTxDestination address;
2218 if (ExtractDestination(FindNonChangeParentOutput(*it->second.tx, output.n).scriptPubKey, address)) {
2221 }
2222 }
2223 }
2224 }
2227 }
2230 {
2239 }
2242 }
2244 }
2246 static void ApproximateBestSubset(const std::vector<CInputCoin>& vValue, const CAmount& nTotalLower, const CAmount& nTargetValue,
2248 {
2254 FastRandomContext insecure_rand;
2257 {
2262 {
2264 {
2265 //The solver here uses a randomized algorithm,
2266 //the randomness serves no real security purpose but is just
2267 //needed to prevent degenerate behavior and it is important
2268 //that the rng is fast. We do not use a constant random sequence,
2269 //because there may be some privacy improvement by making
2270 //the selection random.
2272 {
2276 {
2279 {
2282 }
2285 }
2286 }
2287 }
2288 }
2289 }
2290 }
2292 bool CWallet::SelectCoinsMinConf(const CAmount& nTargetValue, const int nConfMine, const int nConfTheirs, const uint64_t nMaxAncestors, std::vector<COutput> vCoins,
2294 {
2298 // List of values less than target
2306 {
2323 {
2327 }
2329 {
2332 }
2334 {
2336 }
2337 }
2340 {
2342 {
2345 }
2347 }
2350 {
2356 }
2358 // Solve subset sum by stochastic approximation
2362 CAmount nBest;
2368 // If we have a bigger coin and (either the stochastic approximation didn't find a good solution,
2369 // or the next bigger coin is closer), return the bigger coin
2371 ((nBest != nTargetValue && nBest < nTargetValue + MIN_CHANGE) || coinLowestLarger->txout.nValue <= nBest))
2372 {
2375 }
2379 {
2382 }
2389 }
2390 }
2392 }
2393 }
2396 }
2398 bool CWallet::SelectCoins(const std::vector<COutput>& vAvailableCoins, const CAmount& nTargetValue, std::set<CInputCoin>& setCoinsRet, CAmount& nValueRet, const CCoinControl* coinControl) const
2399 {
2402 // coin control -> return all selected outputs (we want all selected to go into the transaction for sure)
2404 {
2406 {
2411 }
2413 }
2415 // calculate value from preset inputs and store them
2423 {
2426 {
2428 // Clearly invalid input, fail
2435 }
2437 // remove preset inputs from vCoins
2438 for (std::vector<COutput>::iterator it = vCoins.begin(); it != vCoins.end() && coinControl && coinControl->HasSelected();)
2439 {
2442 else
2444 }
2446 size_t nMaxChainLength = std::min(GetArg("-limitancestorcount", DEFAULT_ANCESTOR_LIMIT), GetArg("-limitdescendantcount", DEFAULT_DESCENDANT_LIMIT));
2447 bool fRejectLongChains = GetBoolArg("-walletrejectlongchains", DEFAULT_WALLET_REJECT_LONG_CHAINS);
2450 SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 1, 6, 0, vCoins, setCoinsRet, nValueRet) ||
2451 SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 1, 1, 0, vCoins, setCoinsRet, nValueRet) ||
2452 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, 2, vCoins, setCoinsRet, nValueRet)) ||
2453 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, std::min((size_t)4, nMaxChainLength/3), vCoins, setCoinsRet, nValueRet)) ||
2454 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, nMaxChainLength/2, vCoins, setCoinsRet, nValueRet)) ||
2455 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, nMaxChainLength, vCoins, setCoinsRet, nValueRet)) ||
2456 (bSpendZeroConfChange && !fRejectLongChains && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, std::numeric_limits<uint64_t>::max(), vCoins, setCoinsRet, nValueRet));
2458 // because SelectCoinsMinConf clears the setCoinsRet, we now add the possible inputs to the coinset
2461 // add preset inputs to the total value selected
2465 }
2468 {
2471 // sign the new tx
2478 }
2481 SignatureData sigdata;
2482 if (!ProduceSignature(TransactionSignatureCreator(this, &txNewConst, nIn, amount, SIGHASH_ALL), scriptPubKey, sigdata)) {
2484 }
2486 nIn++;
2487 }
2489 }
2491 bool CWallet::FundTransaction(CMutableTransaction& tx, CAmount& nFeeRet, int& nChangePosInOut, std::string& strFailReason, bool lockUnspents, const std::set<int>& setSubtractFeeFromOutputs, CCoinControl coinControl)
2492 {
2495 // Turn the txout set into a CRecipient vector
2497 {
2499 CRecipient recipient = {txOut.scriptPubKey, txOut.nValue, setSubtractFeeFromOutputs.count(idx) == 1};
2501 }
2509 CWalletTx wtx;
2510 if (!CreateTransaction(vecSend, wtx, reservekey, nFeeRet, nChangePosInOut, strFailReason, coinControl, false)) {
2512 }
2516 // we dont have the normal Create/Commit cycle, and dont want to risk reusing change,
2517 // so just remove the key from the keypool here.
2519 }
2521 // Copy output sizes from new transaction; they may have had the fee subtracted from them
2525 // Add new txins (keeping original txin scriptSig/order)
2527 {
2529 {
2533 {
2536 }
2537 }
2538 }
2542 }
2545 {
2546 unsigned int highest_target = estimator.HighestTargetTracked(FeeEstimateHorizon::LONG_HALFLIFE);
2547 CFeeRate discard_rate = estimator.estimateSmartFee(highest_target, nullptr /* FeeCalculation */, false /* conservative */);
2548 // Don't let discard_rate be greater than longest possible fee estimate if we get a valid fee estimate
2549 discard_rate = (discard_rate == CFeeRate(0)) ? CWallet::m_discard_rate : std::min(discard_rate, CWallet::m_discard_rate);
2550 // Discard rate must be at least dustRelayFee
2553 }
2555 bool CWallet::CreateTransaction(const std::vector<CRecipient>& vecSend, CWalletTx& wtxNew, CReserveKey& reservekey, CAmount& nFeeRet,
2557 {
2562 {
2564 {
2567 }
2571 nSubtractFeeFromAmount++;
2572 }
2574 {
2577 }
2581 CMutableTransaction txNew;
2583 // Discourage fee sniping.
2584 //
2585 // For a large miner the value of the transactions in the best block and
2586 // the mempool can exceed the cost of deliberately attempting to mine two
2587 // blocks to orphan the current best block. By setting nLockTime such that
2588 // only the next block can include the transaction, we discourage this
2589 // practice as the height restricted and limited blocksize gives miners
2590 // considering fee sniping fewer options for pulling off this attack.
2591 //
2592 // A simple way to think about this is from the wallet's point of view we
2593 // always want the blockchain to move forward. By setting nLockTime this
2594 // way we're basically making the statement that we only want this
2595 // transaction to appear in the next block; we don't want to potentially
2596 // encourage reorgs by allowing transactions to appear at lower heights
2597 // than the next block in forks of the best chain.
2598 //
2599 // Of course, the subsidy is high enough, and transaction volume low
2600 // enough, that fee sniping isn't a problem yet, but by implementing a fix
2601 // now we ensure code won't be written that makes assumptions about
2602 // nLockTime that preclude a fix later.
2605 // Secondly occasionally randomly pick a nLockTime even further back, so
2606 // that transactions that are delayed after signing for whatever reason,
2607 // e.g. high-latency mix networks and some CoinJoin implementations, have
2608 // better privacy.
2614 FeeCalculation feeCalc;
2616 {
2619 {
2623 // Create change script that will be used if we need change
2624 // TODO: pass in scriptChange instead of reservekey so
2625 // change transaction isn't always pay-to-bitcoin-address
2626 CScript scriptChange;
2628 // coin control: send change to custom address
2632 // Note: We use a new key here to keep it from being obvious which side is the change.
2633 // The drawback is that by not reusing a previous key, the change may be lost if a
2634 // backup is restored, if the backup doesn't have the new private key for the change.
2635 // If we reused the old key, it would be possible to add code to look for and
2636 // rediscover unknown transactions that were written with keys of ours to recover
2637 // post-backup change.
2639 // Reserve a new key pair from key pool
2640 CPubKey vchPubKey;
2644 {
2647 }
2650 }
2658 // Start with no fee and loop until there is enough fee
2660 {
2670 // vouts to the payees
2672 {
2676 {
2677 txout.nValue -= nFeeRet / nSubtractFeeFromAmount; // Subtract fee equally from each selected recipient
2680 {
2683 }
2684 }
2687 {
2689 {
2692 else
2693 strFailReason = _("The transaction amount is too small to send after the fee has been deducted");
2694 }
2695 else
2698 }
2700 }
2702 // Choose coins to use
2707 {
2710 }
2711 }
2716 {
2717 // Fill a vout to ourself
2720 // Never create dust outputs; if we would, just
2721 // add the dust to the fee.
2723 {
2726 }
2727 else
2728 {
2730 {
2731 // Insert change txn at random position:
2733 }
2735 {
2738 }
2742 }
2745 }
2747 // Fill vin
2748 //
2749 // Note how the sequence number is set to non-maxint so that
2750 // the nLockTime set above actually works.
2751 //
2752 // BIP125 defines opt-in RBF as any nSequence < maxint-1, so
2753 // we use the highest possible value in that range (maxint-2)
2754 // to avoid conflicting with other possible uses of nSequence,
2755 // and in the spirit of "smallest possible change from prior
2756 // behavior."
2757 const uint32_t nSequence = coin_control.signalRbf ? MAX_BIP125_RBF_SEQUENCE : (CTxIn::SEQUENCE_FINAL - 1);
2760 nSequence));
2762 // Fill in dummy signatures for fee calculation.
2766 }
2770 // Remove scriptSigs to eliminate the fee calculation dummy signatures
2774 }
2778 // If we made it here and we aren't even able to meet the relay fee on the next pass, give up
2779 // because we must be at the maximum allowed fee.
2781 {
2784 }
2787 // Reduce fee to only the needed amount if possible. This
2788 // prevents potential overpayment in fees if the coins
2789 // selected to meet nFeeNeeded result in a transaction that
2790 // requires less fee than the prior iteration.
2792 // TODO: The case where nSubtractFeeFromAmount > 0 remains
2793 // to be addressed because it requires returning the fee to
2794 // the payees and not the change output.
2796 // If we have no change and a big enough excess fee, then
2797 // try to construct transaction again only without picking
2798 // new inputs. We now know we only need the smaller fee
2799 // (because of reduced tx size) and so we should add a
2800 // change output. Only try this once.
2801 CAmount fee_needed_for_change = GetMinimumFee(change_prototype_size, coin_control, ::mempool, ::feeEstimator, nullptr);
2804 if (nFeeRet > nFeeNeeded + max_excess_fee && nChangePosInOut == -1 && nSubtractFeeFromAmount == 0 && pick_new_inputs) {
2808 }
2810 // If we have change output already, just increase it
2816 }
2818 }
2820 // This shouldn't happen, we should have had enough excess
2821 // fee to pay for the new output and still meet nFeeNeeded
2824 }
2826 // Try to reduce change to include necessary fee
2830 // Only reduce change if remaining amount is still a large enough output.
2835 }
2836 }
2838 // Include more fee and try again.
2841 }
2842 }
2844 if (nChangePosInOut == -1) reservekey.ReturnKey(); // Return any reserved key if we don't have change
2847 {
2851 {
2853 SignatureData sigdata;
2855 if (!ProduceSignature(TransactionSignatureCreator(this, &txNewConst, nIn, coin.txout.nValue, SIGHASH_ALL), scriptPubKey, sigdata))
2856 {
2861 }
2863 nIn++;
2864 }
2865 }
2867 // Embed the constructed transaction data in wtxNew.
2870 // Limit size
2872 {
2875 }
2876 }
2879 // Lastly, ensure this tx will pass the mempool's chain limits
2880 LockPoints lp;
2886 size_t nLimitDescendantSize = GetArg("-limitdescendantsize", DEFAULT_DESCENDANT_SIZE_LIMIT)*1000;
2888 if (!mempool.CalculateMemPoolAncestors(entry, setAncestors, nLimitAncestors, nLimitAncestorSize, nLimitDescendants, nLimitDescendantSize, errString)) {
2891 }
2892 }
2894 LogPrintf("Fee Calculation: Fee:%d Bytes:%u Tgt:%d (requested %d) Reason:\"%s\" Decay %.5f: Estimation: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out) Fail: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out)\n",
2895 nFeeRet, nBytes, feeCalc.returnedTarget, feeCalc.desiredTarget, StringForFeeReason(feeCalc.reason), feeCalc.est.decay,
2897 100 * feeCalc.est.pass.withinTarget / (feeCalc.est.pass.totalConfirmed + feeCalc.est.pass.inMempool + feeCalc.est.pass.leftMempool),
2898 feeCalc.est.pass.withinTarget, feeCalc.est.pass.totalConfirmed, feeCalc.est.pass.inMempool, feeCalc.est.pass.leftMempool,
2900 100 * feeCalc.est.fail.withinTarget / (feeCalc.est.fail.totalConfirmed + feeCalc.est.fail.inMempool + feeCalc.est.fail.leftMempool),
2901 feeCalc.est.fail.withinTarget, feeCalc.est.fail.totalConfirmed, feeCalc.est.fail.inMempool, feeCalc.est.fail.leftMempool);
2903 }
2905 /**
2906 * Call after CreateTransaction unless you want to abort
2907 */
2908 bool CWallet::CommitTransaction(CWalletTx& wtxNew, CReserveKey& reservekey, CConnman* connman, CValidationState& state)
2909 {
2910 {
2913 {
2914 // Take key pair from key pool so it won't be used again
2917 // Add tx to wallet, because if it has change it's also ours,
2918 // otherwise just for transaction history.
2921 // Notify that old coins are spent
2923 {
2927 }
2928 }
2930 // Track how many getdata requests our transaction gets
2934 {
2935 // Broadcast
2937 LogPrintf("CommitTransaction(): Transaction cannot be broadcast immediately, %s\n", state.GetRejectReason());
2938 // TODO: if we expect the failure to be long term or permanent, instead delete wtx from the wallet and return failure.
2941 }
2942 }
2943 }
2945 }
2947 void CWallet::ListAccountCreditDebit(const std::string& strAccount, std::list<CAccountingEntry>& entries) {
2950 }
2953 {
2957 }
2960 {
2963 }
2970 }
2973 {
2975 }
2977 CAmount CWallet::GetMinimumFee(unsigned int nTxBytes, const CCoinControl& coin_control, const CTxMemPool& pool, const CBlockPolicyEstimator& estimator, FeeCalculation *feeCalc)
2978 {
2979 /* User control of how to calculate fee uses the following parameter precedence:
2980 1. coin_control.m_feerate
2981 2. coin_control.m_confirm_target
2982 3. payTxFee (user-set global variable)
2983 4. nTxConfirmTarget (user-set global variable)
2984 The first parameter that is set is used.
2985 */
2986 CAmount fee_needed;
2990 // Allow to override automatic min/max check over coin control instance
2992 }
2993 else if (!coin_control.m_confirm_target && ::payTxFee != CFeeRate(0)) { // 3. TODO: remove magic value of 0 for global payTxFee
2996 }
2998 // We will use smart fee estimation
2999 unsigned int target = coin_control.m_confirm_target ? *coin_control.m_confirm_target : ::nTxConfirmTarget;
3000 // By default estimates are economical iff we are signaling opt-in-RBF
3002 // Allow to override the default fee estimate mode over the CoinControl instance
3004 else if (coin_control.m_fee_mode == FeeEstimateMode::ECONOMICAL) conservative_estimate = false;
3006 fee_needed = estimator.estimateSmartFee(target, feeCalc, conservative_estimate).GetFee(nTxBytes);
3008 // if we don't have enough data for estimateSmartFee, then use fallbackFee
3011 }
3012 // Obey mempool min fee when using smart fee estimation
3013 CAmount min_mempool_fee = pool.GetMinFee(GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000).GetFee(nTxBytes);
3017 }
3018 }
3020 // prevent user from paying a fee below minRelayTxFee or minTxFee
3025 }
3026 // But always obey the maximum
3030 }
3032 }
3038 {
3042 {
3044 {
3048 // Note: can't top-up keypool here, because wallet is locked.
3049 // User will be prompted to unlock wallet the next operation
3050 // that requires a new key.
3051 }
3052 }
3061 }
3064 {
3072 {
3074 {
3077 // Note: can't top-up keypool here, because wallet is locked.
3078 // User will be prompted to unlock wallet the next operation
3079 // that requires a new key.
3080 }
3081 }
3090 }
3093 {
3097 {
3099 {
3103 // Note: can't top-up keypool here, because wallet is locked.
3104 // User will be prompted to unlock wallet the next operation
3105 // that requires a new key.
3106 }
3107 }
3113 }
3116 bool CWallet::SetAddressBook(const CTxDestination& address, const std::string& strName, const std::string& strPurpose)
3117 {
3119 {
3126 }
3129 if (!strPurpose.empty() && !CWalletDB(*dbw).WritePurpose(CBitcoinAddress(address).ToString(), strPurpose))
3132 }
3135 {
3136 {
3139 // Delete destdata tuples associated with address
3142 {
3144 }
3146 }
3148 NotifyAddressBookChanged(this, address, "", ::IsMine(*this, address) != ISMINE_NO, "", CT_DELETED);
3152 }
3155 {
3156 CTxDestination address;
3161 }
3162 }
3163 // A scriptPubKey that doesn't have an entry in the address book is
3164 // associated with the default account ("").
3167 }
3170 {
3175 }
3177 /**
3178 * Mark old keypool keys as used,
3179 * and generate all new keys
3180 */
3182 {
3183 {
3189 }
3194 }
3199 }
3201 }
3203 }
3206 {
3209 }
3212 {
3213 {
3219 // Top up key pool
3223 else
3226 // count amount of available keys (internal, external)
3227 // make sure the keypool of external and internal keys fits the user selected target (-keypool)
3228 int64_t missingExternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setExternalKeyPool.size(), (int64_t) 0);
3229 int64_t missingInternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setInternalKeyPool.size(), (int64_t) 0);
3232 {
3233 // don't create extra internal keys
3235 }
3239 {
3242 }
3244 assert(m_max_keypool_index < std::numeric_limits<int64_t>::max()); // How in the hell did you use so many keys?
3249 }
3255 }
3256 }
3258 LogPrintf("keypool added %d keys (%d internal), size=%u (%u internal)\n", missingInternal + missingExternal, missingInternal, setInternalKeyPool.size() + setExternalKeyPool.size(), setInternalKeyPool.size());
3259 }
3260 }
3262 }
3264 void CWallet::ReserveKeyFromKeyPool(int64_t& nIndex, CKeyPool& keypool, bool fRequestedInternal)
3265 {
3268 {
3274 bool fReturningInternal = IsHDEnabled() && CanSupportFeature(FEATURE_HD_SPLIT) && fRequestedInternal;
3277 // Get the oldest key
3288 }
3291 }
3294 }
3298 }
3299 }
3302 {
3303 // Remove from key pool
3307 }
3310 {
3311 // Return to key pool
3312 {
3318 }
3319 }
3321 }
3324 {
3325 CKeyPool keypool;
3326 {
3331 {
3336 }
3339 }
3341 }
3343 static int64_t GetOldestKeyTimeInPool(const std::set<int64_t>& setKeyPool, CWalletDB& walletdb) {
3346 }
3348 CKeyPool keypool;
3352 }
3355 }
3358 {
3363 // load oldest key from keypool, get time and return
3367 }
3370 }
3373 {
3376 {
3379 {
3393 {
3394 CTxDestination addr;
3405 }
3406 }
3407 }
3410 }
3413 {
3419 {
3423 {
3425 // group all input addresses with each other
3427 {
3428 CTxDestination address;
3431 if(!ExtractDestination(mapWallet[txin.prevout.hash].tx->vout[txin.prevout.n].scriptPubKey, address))
3435 }
3437 // group change with input addresses
3439 {
3442 {
3443 CTxDestination txoutAddr;
3447 }
3448 }
3450 {
3453 }
3454 }
3456 // group lone addrs by themselves
3459 {
3460 CTxDestination address;
3466 }
3467 }
3469 std::set< std::set<CTxDestination>* > uniqueGroupings; // a set of pointers to groups of addresses
3470 std::map< CTxDestination, std::set<CTxDestination>* > setmap; // map addresses to the unique group containing it
3472 {
3473 // make a set of all the groups hit by this new group
3480 // merge all hit groups into a new single group and delete old groups
3483 {
3487 }
3490 // update setmap
3493 }
3497 {
3500 }
3503 }
3506 {
3510 {
3515 }
3517 }
3520 {
3522 {
3523 CKeyPool keypool;
3529 }
3531 }
3535 }
3538 {
3543 }
3546 {
3549 }
3552 }
3554 static void LoadReserveKeysToSet(std::set<CKeyID>& setAddress, const std::set<int64_t>& setKeyPool, CWalletDB& walletdb) {
3556 {
3557 CKeyPool keypool;
3563 }
3564 }
3567 {
3579 }
3580 }
3581 }
3584 {
3586 CPubKey pubkey;
3592 }
3595 {
3598 }
3601 {
3604 }
3607 {
3610 }
3613 {
3618 }
3621 {
3627 }
3628 }
3638 CAffectedKeysVisitor(const CKeyStore &keystoreIn, std::vector<CKeyID> &vKeysIn) : keystore(keystoreIn), vKeys(vKeysIn) {}
3641 txnouttype type;
3647 }
3648 }
3653 }
3656 CScript script;
3659 }
3662 };
3668 // get birth times for keys with metadata
3672 }
3673 }
3675 // map in which we'll infer heights of other keys
3676 CBlockIndex *pindexMax = chainActive[std::max(0, chainActive.Height() - 144)]; // the tip can be reorganized; use a 144-block safety margin
3683 }
3686 // if there are no such keys, we're done
3690 // find first block that affects those keys, if there are any left
3692 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); it++) {
3693 // iterate over all wallet transactions...
3697 // ... which are already in a block
3700 // iterate over all their outputs
3703 // ... and all their affected keys
3707 }
3709 }
3710 }
3711 }
3713 // Extract block timestamps for those keys
3714 for (std::map<CKeyID, CBlockIndex*>::const_iterator it = mapKeyFirstBlock.begin(); it != mapKeyFirstBlock.end(); it++)
3715 mapKeyBirth[it->first] = it->second->GetBlockTime() - TIMESTAMP_WINDOW; // block times can be 2h off
3716 }
3718 /**
3719 * Compute smart timestamp for a transaction being added to the wallet.
3720 *
3721 * Logic:
3722 * - If sending a transaction, assign its timestamp to the current time.
3723 * - If receiving a transaction outside a block, assign its timestamp to the
3724 * current time.
3725 * - If receiving a block with a future timestamp, assign all its (not already
3726 * known) transactions' timestamps to the current time.
3727 * - If receiving a block with a past timestamp, before the most recent known
3728 * transaction (that we care about), assign all its (not already known)
3729 * transactions' timestamps to the same timestamp as that most-recent-known
3730 * transaction.
3731 * - If receiving a block with a past timestamp, but after the most recent known
3732 * transaction, assign all its (not already known) transactions' timestamps to
3733 * the block time.
3734 *
3735 * For more information see CWalletTx::nTimeSmart,
3736 * https://bitcointalk.org/?topic=54527, or
3737 * https://github.com/bitcoin/bitcoin/pull/1393.
3738 */
3740 {
3747 // Tolerate times up to the last timestamp in the wallet not more than 5 minutes into the future
3754 }
3761 }
3764 }
3769 }
3771 }
3772 }
3777 LogPrintf("%s: found %s in block %s not in index\n", __func__, wtx.GetHash().ToString(), wtx.hashBlock.ToString());
3778 }
3779 }
3781 }
3783 bool CWallet::AddDestData(const CTxDestination &dest, const std::string &key, const std::string &value)
3784 {
3790 }
3793 {
3797 }
3799 bool CWallet::LoadDestData(const CTxDestination &dest, const std::string &key, const std::string &value)
3800 {
3803 }
3805 bool CWallet::GetDestData(const CTxDestination &dest, const std::string &key, std::string *value) const
3806 {
3809 {
3812 {
3816 }
3817 }
3819 }
3822 {
3829 }
3830 }
3831 }
3833 }
3836 {
3838 strUsage += HelpMessageOpt("-disablewallet", _("Do not load the wallet and disable wallet RPC calls"));
3839 strUsage += HelpMessageOpt("-keypool=<n>", strprintf(_("Set key pool size to <n> (default: %u)"), DEFAULT_KEYPOOL_SIZE));
3840 strUsage += HelpMessageOpt("-fallbackfee=<amt>", strprintf(_("A fee rate (in %s/kB) that will be used when fee estimation has insufficient data (default: %s)"),
3842 strUsage += HelpMessageOpt("-discardfee=<amt>", strprintf(_("The fee rate (in %s/kB) used to discard change (to fee) if it would be dust at this fee rate (default: %s) "
3843 "Note: We will always discard up to the dust relay fee and a discard fee above that is limited by the longest target fee estimate"),
3845 strUsage += HelpMessageOpt("-mintxfee=<amt>", strprintf(_("Fees (in %s/kB) smaller than this are considered zero fee for transaction creation (default: %s)"),
3847 strUsage += HelpMessageOpt("-paytxfee=<amt>", strprintf(_("Fee (in %s/kB) to add to transactions you send (default: %s)"),
3849 strUsage += HelpMessageOpt("-rescan", _("Rescan the block chain for missing wallet transactions on startup"));
3850 strUsage += HelpMessageOpt("-salvagewallet", _("Attempt to recover private keys from a corrupt wallet on startup"));
3851 strUsage += HelpMessageOpt("-spendzeroconfchange", strprintf(_("Spend unconfirmed change when sending transactions (default: %u)"), DEFAULT_SPEND_ZEROCONF_CHANGE));
3852 strUsage += HelpMessageOpt("-txconfirmtarget=<n>", strprintf(_("If paytxfee is not set, include enough fee so transactions begin confirmation on average within n blocks (default: %u)"), DEFAULT_TX_CONFIRM_TARGET));
3853 strUsage += HelpMessageOpt("-usehd", _("Use hierarchical deterministic key generation (HD) after BIP32. Only has effect during wallet creation/first start") + " " + strprintf(_("(default: %u)"), DEFAULT_USE_HD_WALLET));
3854 strUsage += HelpMessageOpt("-walletrbf", strprintf(_("Send transactions with full-RBF opt-in enabled (default: %u)"), DEFAULT_WALLET_RBF));
3856 strUsage += HelpMessageOpt("-wallet=<file>", _("Specify wallet file (within data directory)") + " " + strprintf(_("(default: %s)"), DEFAULT_WALLET_DAT));
3857 strUsage += HelpMessageOpt("-walletbroadcast", _("Make the wallet broadcast transactions") + " " + strprintf(_("(default: %u)"), DEFAULT_WALLETBROADCAST));
3858 strUsage += HelpMessageOpt("-walletnotify=<cmd>", _("Execute command when a wallet transaction changes (%s in cmd is replaced by TxID)"));
3859 strUsage += HelpMessageOpt("-zapwallettxes=<mode>", _("Delete all wallet transactions and only recover those parts of the blockchain through -rescan on startup") +
3860 " " + _("(1 = keep tx meta data e.g. account owner and payment request information, 2 = drop tx meta data)"));
3863 {
3866 strUsage += HelpMessageOpt("-dblogsize=<n>", strprintf("Flush wallet database activity from memory to disk log every <n> megabytes (default: %u)", DEFAULT_WALLET_DBLOGSIZE));
3867 strUsage += HelpMessageOpt("-flushwallet", strprintf("Run a thread to flush wallet periodically (default: %u)", DEFAULT_FLUSHWALLET));
3868 strUsage += HelpMessageOpt("-privdb", strprintf("Sets the DB_PRIVATE flag in the wallet db environment (default: %u)", DEFAULT_WALLET_PRIVDB));
3869 strUsage += HelpMessageOpt("-walletrejectlongchains", strprintf(_("Wallet will not create transactions that violate mempool chain limits (default: %u)"), DEFAULT_WALLET_REJECT_LONG_CHAINS));
3870 }
3873 }
3876 {
3877 // needed to restore wallet transaction meta data after -zapwallettxes
3889 }
3893 }
3903 {
3907 }
3909 {
3912 walletFile));
3913 }
3915 InitError(strprintf(_("Error loading %s: Wallet requires newer version of %s"), walletFile, _(PACKAGE_NAME)));
3917 }
3919 {
3920 InitError(strprintf(_("Wallet needed to be rewritten: restart %s to complete"), _(PACKAGE_NAME)));
3922 }
3926 }
3927 }
3930 {
3933 {
3937 }
3938 else
3941 {
3944 }
3946 }
3949 {
3950 // Create new keyUser and set as default key
3953 // ensure this wallet.dat can only be opened by clients supporting HD with chain split
3956 // generate a new master key
3960 }
3961 CPubKey newDefaultKey;
3967 }
3968 }
3971 }
3975 InitError(strprintf(_("Error loading %s: You can't disable HD on an already existing HD wallet"), walletFile));
3977 }
3979 InitError(strprintf(_("Error loading %s: You can't enable HD on an already existing non-HD wallet"), walletFile));
3981 }
3982 }
3990 {
3992 CBlockLocator locator;
3995 }
3997 {
3998 //We can't rescan beyond non-pruned blocks, stop and throw an error
3999 //this might happen if a user uses an old wallet within a pruned node
4000 // or if he ran -disablewallet for a longer time, then decided to re-enable
4002 {
4004 while (block && block->pprev && (block->pprev->nStatus & BLOCK_HAVE_DATA) && block->pprev->nTx > 0 && pindexRescan != block)
4008 InitError(_("Prune: last wallet synchronisation goes beyond pruned data. You need to -reindex (download the whole blockchain again in case of pruned node)"));
4010 }
4011 }
4014 LogPrintf("Rescanning last %i blocks (from block %i)...\n", chainActive.Height() - pindexRescan->nHeight, pindexRescan->nHeight);
4016 // No need to read and scan block if block was created before
4017 // our wallet birthday (as adjusted for block time variability)
4018 while (pindexRescan && walletInstance->nTimeFirstKey && (pindexRescan->GetBlockTime() < (walletInstance->nTimeFirstKey - TIMESTAMP_WINDOW))) {
4020 }
4028 // Restore wallet transaction metadata after -zapwallettxes=1
4030 {
4034 {
4038 {
4049 }
4050 }
4051 }
4052 }
4053 walletInstance->SetBroadcastTransactions(GetBoolArg("-walletbroadcast", DEFAULT_WALLETBROADCAST));
4055 {
4060 }
4063 }
4066 {
4070 }
4076 }
4078 }
4081 }
4086 {
4087 // Add wallet transactions that aren't already in a block to mempool
4088 // Do this here as mempool requires genesis block to be loaded
4091 // Run a thread to flush wallet periodically
4094 }
4095 }
4098 {
4105 if (GetBoolArg("-blocksonly", DEFAULT_BLOCKSONLY) && SoftSetBoolArg("-walletbroadcast", false)) {
4106 LogPrintf("%s: parameter interaction: -blocksonly=1 -> setting -walletbroadcast=0\n", __func__);
4107 }
4112 }
4113 // Rewrite just private keys: rescan to find transactions
4116 }
4117 }
4120 // -zapwallettxes implies dropping the mempool on startup
4122 LogPrintf("%s: parameter interaction: -zapwallettxes=%s -> setting -persistmempool=0\n", __func__, zapwallettxes);
4123 }
4125 // -zapwallettxes implies a rescan
4129 }
4131 LogPrintf("%s: parameter interaction: -zapwallettxes=%s -> setting -rescan=1\n", __func__, zapwallettxes);
4132 }
4133 }
4138 }
4139 }
4144 return InitError(_("Rescans are not possible in pruned mode. You will need to use -reindex which will download the whole blockchain again."));
4151 {
4159 }
4161 {
4164 return InitError(strprintf(_("Invalid amount for -fallbackfee=<amount>: '%s'"), GetArg("-fallbackfee", "")));
4169 }
4171 {
4174 return InitError(strprintf(_("Invalid amount for -discardfee=<amount>: '%s'"), GetArg("-discardfee", "")));
4177 _("This is the transaction fee you may discard if change is smaller than dust at this level"));
4179 }
4181 {
4191 {
4192 return InitError(strprintf(_("Invalid amount for -paytxfee=<amount>: '%s' (must be at least %s)"),
4194 }
4195 }
4197 {
4202 InitWarning(_("-maxtxfee is set very high! Fees this large could be paid on a single transaction."));
4205 {
4206 return InitError(strprintf(_("Invalid amount for -maxtxfee=<amount>: '%s' (must be at least the minrelay fee of %s to prevent stuck transactions)"),
4208 }
4209 }
4215 }
4218 {
4220 }
4223 {
4226 }
4229 {
4233 }
4236 {
4239 }
4242 {
4243 // Update the tx's hashBlock
4246 // set the position of the transaction in the block
4248 }
4251 {
4257 // Find the block it claims to be in
4267 }
4270 {
4274 }
4278 {
4280 }