| blob | ccf5353eb7a9641eb945767c3051d38328d1a5f5 |
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2016 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
33 #include <assert.h>
35 #include <boost/algorithm/string/replace.hpp>
36 #include <boost/thread.hpp>
39 /** Transaction fee set by the user */
48 /**
49 * Fees smaller than this (in satoshi) are considered zero fee (for transaction creation)
50 * Override with -mintxfee
51 */
53 /**
54 * If fee estimation does not have enough data to provide estimates, use this fee instead.
55 * Has no effect if not using fee estimation
56 * Override with -fallbackfee
57 */
62 const uint256 CMerkleTx::ABANDON_HASH(uint256S("0000000000000000000000000000000000000000000000000000000000000001"));
64 /** @defgroup mapWallet
65 *
66 * @{
67 */
69 struct CompareValueOnly
70 {
73 {
75 }
76 };
79 {
80 return strprintf("COutput(%s, %d, %d) [%s]", tx->GetHash().ToString(), i, nDepth, FormatMoney(tx->tx->vout[i].nValue));
81 }
84 {
90 }
93 {
95 bool fCompressed = CanSupportFeature(FEATURE_COMPRPUBKEY); // default to compressed public keys if we want 0.6.0 wallets
97 CKey secret;
99 // Create new metadata
103 // use HD key derivation if HD was enabled during wallet creation
105 DeriveNewChildKey(walletdb, metadata, secret, (CanSupportFeature(FEATURE_HD_SPLIT) ? internal : false));
108 }
110 // Compressed public keys were introduced in version 0.6.0
113 }
123 }
125 }
127 void CWallet::DeriveNewChildKey(CWalletDB &walletdb, CKeyMetadata& metadata, CKey& secret, bool internal)
128 {
129 // for now we use a fixed keypath scheme of m/0'/0'/k
136 // try to get the master key
142 // derive m/0'
143 // use hardened derivation (child keys >= 0x80000000 are hardened after bip32)
146 // derive m/0'/0' (external chain) OR m/0'/1' (internal chain)
150 // derive child key at next index, skip keys already known to the wallet
152 // always derive hardened keys
153 // childIndex | BIP32_HARDENED_KEY_LIMIT = derive childIndex in hardened child-index-range
154 // example: 1 | BIP32_HARDENED_KEY_LIMIT == 0x80000001 == 2147483649
159 }
164 }
168 // update the chain model in the database
171 }
173 bool CWallet::AddKeyPubKeyWithDB(CWalletDB &walletdb, const CKey& secret, const CPubKey &pubkey)
174 {
177 // CCryptoKeyStore has no concept of wallet databases, but calls AddCryptedKey
178 // which is overridden below. To avoid flushes, the database handle is
179 // tunneled through to it.
183 }
187 }
190 // check if we need to remove from watch-only
191 CScript script;
195 }
199 }
205 }
207 }
210 {
213 }
217 {
220 {
224 vchCryptedSecret,
226 else
228 vchCryptedSecret,
230 }
231 }
234 {
239 }
241 bool CWallet::LoadCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret)
242 {
244 }
246 /**
247 * Update wallet first key creation time. This should be called whenever keys
248 * are added to the wallet, with the oldest key creation time.
249 */
251 {
254 // Cannot determine birthday information, so set the wallet birthday to
255 // the beginning of time.
259 }
260 }
263 {
267 }
270 {
271 /* A sanity check was added in pull #3843 to avoid adding redeemScripts
272 * that never can be redeemed. However, old wallets may still contain
273 * these. Do not add them to the wallet and warn. */
275 {
277 LogPrintf("%s: Warning: This wallet contains a redeemScript of size %i which exceeds maximum size %i thus can never be redeemed. Do not use address %s.\n",
280 }
283 }
286 {
293 }
296 {
299 }
302 {
312 }
315 {
317 }
320 {
321 CCrypter crypter;
322 CKeyingMaterial _vMasterKey;
324 {
327 {
328 if(!crypter.SetKeyFromPassphrase(strWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
334 }
335 }
337 }
339 bool CWallet::ChangeWalletPassphrase(const SecureString& strOldWalletPassphrase, const SecureString& strNewWalletPassphrase)
340 {
343 {
347 CCrypter crypter;
348 CKeyingMaterial _vMasterKey;
350 {
351 if(!crypter.SetKeyFromPassphrase(strOldWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
356 {
358 crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod);
359 pMasterKey.second.nDeriveIterations = pMasterKey.second.nDeriveIterations * (100 / ((double)(GetTimeMillis() - nStartTime)));
362 crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod);
363 pMasterKey.second.nDeriveIterations = (pMasterKey.second.nDeriveIterations + pMasterKey.second.nDeriveIterations * 100 / ((double)(GetTimeMillis() - nStartTime))) / 2;
368 LogPrintf("Wallet passphrase changed to an nDeriveIterations of %i\n", pMasterKey.second.nDeriveIterations);
370 if (!crypter.SetKeyFromPassphrase(strNewWalletPassphrase, pMasterKey.second.vchSalt, pMasterKey.second.nDeriveIterations, pMasterKey.second.nDerivationMethod))
378 }
379 }
380 }
383 }
386 {
389 }
391 bool CWallet::SetMinVersion(enum WalletFeature nVersion, CWalletDB* pwalletdbIn, bool fExplicit)
392 {
397 // when doing an explicit upgrade, if we pass the max version permitted, upgrade all the way
406 {
412 }
415 }
418 {
420 // cannot downgrade below current version
427 }
430 {
442 {
448 }
450 }
453 {
457 }
460 {
462 }
465 {
471 // Keep track of each wallet absolute path to detect duplicates.
477 }
481 }
487 }
492 }
495 // Recover readable keypairs:
496 CWallet dummyWallet;
498 if (!CWalletDB::Recover(walletFile, (void *)&dummyWallet, CWalletDB::RecoverKeysOnlyFilter, backup_filename)) {
500 }
501 }
504 bool dbV = CWalletDB::VerifyDatabaseFile(walletFile, GetDataDir().string(), strWarning, strError);
507 }
511 }
512 }
515 }
518 {
519 // We want all the wallet transactions in range to have the same metadata as
520 // the oldest (smallest nOrderPos).
521 // So: find smallest nOrderPos:
526 {
530 {
533 }
534 }
535 // Now copy data from copyFrom to rest:
537 {
544 // fTimeReceivedIsTxTime not copied on purpose
545 // nTimeReceived not copied on purpose
549 // nOrderPos not copied on purpose
550 // cached members not copied on purpose
551 }
552 }
554 /**
555 * Outpoint is spent if any non-conflicted transaction
556 * spends it:
557 */
559 {
565 {
572 }
573 }
575 }
578 {
584 }
588 {
596 }
599 {
603 CKeyingMaterial _vMasterKey;
608 CMasterKey kMasterKey;
613 CCrypter crypter;
615 crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, 25000, kMasterKey.nDerivationMethod);
619 crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, kMasterKey.nDeriveIterations, kMasterKey.nDerivationMethod);
620 kMasterKey.nDeriveIterations = (kMasterKey.nDeriveIterations + kMasterKey.nDeriveIterations * 100 / ((double)(GetTimeMillis() - nStartTime))) / 2;
627 if (!crypter.SetKeyFromPassphrase(strWalletPassphrase, kMasterKey.vchSalt, kMasterKey.nDeriveIterations, kMasterKey.nDerivationMethod))
632 {
641 }
645 {
648 // We now probably have half of our keys encrypted in memory, and half not...
649 // die and let the user reload the unencrypted wallet.
651 }
653 // Encryption was introduced in version 0.4.0
658 // We now have keys encrypted in memory, but not on disk...
659 // die to avoid confusion and let the user reload the unencrypted wallet.
661 }
669 // if we are using HD, replace the HD master key (seed) with a new one
673 }
674 }
679 // Need to completely rewrite the wallet file; if we don't, bdb might keep
680 // bits of the unencrypted private key in slack space in the database file.
683 }
687 }
690 {
694 // Old wallets didn't have any defined order for transactions
695 // Probably a bad idea to change the output of this
697 // First: get all CWalletTx and CAccountingEntry into a sorted-by-time multimap.
700 TxItems txByTime;
702 for (std::map<uint256, CWalletTx>::iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
703 {
706 }
710 {
712 }
717 {
723 {
728 {
731 }
732 else
735 }
736 else
737 {
740 {
743 }
750 // Since we're changing the order, write it back
752 {
755 }
756 else
759 }
760 }
764 }
767 {
774 }
776 }
778 bool CWallet::AccountMove(std::string strFrom, std::string strTo, CAmount nAmount, std::string strComment)
779 {
786 // Debit
787 CAccountingEntry debit;
796 // Credit
797 CAccountingEntry credit;
810 }
813 {
816 CAccount account;
823 // Check if the current key has been used
832 }
833 }
834 }
836 // Generate a new key
843 }
848 }
851 {
852 {
856 }
857 }
860 {
865 // There is a bug if MarkReplaced is not called on an existing wallet transaction.
870 // Ensure for now that we're not overwriting data
881 }
886 }
889 {
896 // Inserts only if not already there, returns tx inserted or tx found
897 std::pair<std::map<uint256, CWalletTx>::iterator, bool> ret = mapWallet.insert(std::make_pair(hash, wtxIn));
902 {
908 }
912 {
913 // Merge
915 {
918 }
919 // If no longer abandoned, update
921 {
924 }
926 {
929 }
931 {
934 }
935 }
937 //// debug print
938 LogPrintf("AddToWallet %s %s%s\n", wtxIn.GetHash().ToString(), (fInsertedNew ? "new" : ""), (fUpdated ? "update" : ""));
940 // Write to disk
945 // Break debit/credit balance caches:
948 // Notify UI of new or updated transaction
951 // notify an external script when a wallet transaction comes in or is updated
955 {
958 }
961 }
964 {
977 }
978 }
979 }
982 }
984 /**
985 * Add a transaction to the wallet, or update it. pIndex and posInBlock should
986 * be set when the transaction was known to be included in a block. When
987 * pIndex == NULL, then wallet state is not updated in AddToWallet, but
988 * notifications happen and cached balances are marked dirty.
989 *
990 * If fUpdate is true, existing transactions will be updated.
991 * TODO: One exception to this is that the abandoned state is cleared under the
992 * assumption that any further notification of a transaction that was considered
993 * abandoned is an indication that it is not safe to be considered abandoned.
994 * Abandoned state should probably be more carefully tracked via different
995 * posInBlock signals or by checking mempool presence when necessary.
996 */
997 bool CWallet::AddToWalletIfInvolvingMe(const CTransactionRef& ptx, const CBlockIndex* pIndex, int posInBlock, bool fUpdate)
998 {
1000 {
1005 std::pair<TxSpends::const_iterator, TxSpends::const_iterator> range = mapTxSpends.equal_range(txin.prevout);
1008 LogPrintf("Transaction %s (in block %s) conflicts with wallet transaction %s (both spend %s:%i)\n", tx.GetHash().ToString(), pIndex->GetBlockHash().ToString(), range.first->second.ToString(), range.first->first.hash.ToString(), range.first->first.n);
1010 }
1012 }
1013 }
1014 }
1019 {
1022 // Get merkle branch if transaction was found in a block
1027 }
1028 }
1030 }
1033 {
1037 }
1040 {
1048 // Can't mark abandoned if confirmed or in mempool
1053 }
1064 // If the orig tx was not in block, none of its spends can be
1066 // if (currentconfirm < 0) {Tx and spends are already conflicted, no need to abandon}
1068 // If the orig tx was not in block/mempool, none of its spends can be in mempool
1075 // Iterate over all its outputs, and mark transactions in the wallet that spend them abandoned too
1080 }
1081 iter++;
1082 }
1083 // If a transaction changes 'conflicted' state, that changes the balance
1084 // available of the outputs it spends. So force those to be recomputed
1086 {
1089 }
1090 }
1091 }
1094 }
1097 {
1105 }
1106 }
1107 // If number of conflict confirms cannot be determined, this means
1108 // that the block is still unknown or not yet part of the main chain,
1109 // for example when loading the wallet during a reindex. Do nothing in that
1110 // case.
1114 // Do not flush the wallet here for performance reasons
1130 // Block is 'more conflicted' than current confirm; update.
1131 // Mark transaction as conflicted with this block.
1136 // Iterate over all its outputs, and mark transactions in the wallet that spend them conflicted too
1141 }
1142 iter++;
1143 }
1144 // If a transaction changes 'conflicted' state, that changes the balance
1145 // available of the outputs it spends. So force those to be recomputed
1147 {
1150 }
1151 }
1152 }
1153 }
1155 void CWallet::SyncTransaction(const CTransactionRef& ptx, const CBlockIndex *pindex, int posInBlock) {
1161 // If a transaction changes 'conflicted' state, that changes the balance
1162 // available of the outputs it spends. So force those to be
1163 // recomputed, also:
1165 {
1168 }
1169 }
1174 }
1176 void CWallet::BlockConnected(const std::shared_ptr<const CBlock>& pblock, const CBlockIndex *pindex, const std::vector<CTransactionRef>& vtxConflicted) {
1178 // TODO: Temporarily ensure that mempool removals are notified before
1179 // connected transactions. This shouldn't matter, but the abandoned
1180 // state of transactions in our wallet is currently cleared when we
1181 // receive another notification and there is a race condition where
1182 // notification of a connected conflict might cause an outside process
1183 // to abandon a transaction and then have it inadvertently cleared by
1184 // the notification that the conflicted transaction was evicted.
1188 }
1191 }
1192 }
1199 }
1200 }
1205 {
1206 {
1210 {
1214 }
1215 }
1217 }
1219 // Note that this function doesn't distinguish between a 0-valued input,
1220 // and a not-"is mine" (according to the filter) input.
1222 {
1223 {
1227 {
1232 }
1233 }
1235 }
1238 {
1240 }
1243 {
1247 }
1250 {
1251 // TODO: fix handling of 'change' outputs. The assumption is that any
1252 // payment to a script that is ours, but is not in the address book
1253 // is change. That assumption is likely to break when we implement multisignature
1254 // wallets that return change back into a multi-signature-protected address;
1255 // a better way of identifying which outputs are 'the send' and which are
1256 // 'the change' will need to be implemented (maybe extend CWalletTx to remember
1257 // which output, if any, was change).
1259 {
1260 CTxDestination address;
1267 }
1269 }
1272 {
1276 }
1279 {
1284 }
1287 {
1289 }
1292 {
1295 {
1299 }
1301 }
1304 {
1308 {
1320 }
1322 }
1325 {
1328 {
1332 }
1334 }
1337 {
1340 {
1344 }
1346 }
1349 {
1350 CKey key;
1356 // calculate the pubkey
1360 // set the hd keypath to "m" -> Master, refers the masterkeyid to itself
1364 {
1367 // mem store the metadata
1370 // write the key&metadata to the database
1373 }
1376 }
1379 {
1381 // store the keyid (hash160) together with
1382 // the child index counter in the database
1383 // as a hdchain object
1384 CHDChain newHdChain;
1385 newHdChain.nVersion = CanSupportFeature(FEATURE_HD_SPLIT) ? CHDChain::VERSION_HD_CHAIN_SPLIT : CHDChain::VERSION_HD_BASE;
1390 }
1393 {
1400 }
1403 {
1405 }
1408 {
1411 }
1414 {
1415 // Returns -1 if it wasn't being tracked
1417 {
1420 {
1421 // Generated block
1423 {
1427 }
1428 }
1429 else
1430 {
1431 // Did anyone request this transaction?
1434 {
1437 // How about the block it's in?
1439 {
1443 else
1445 }
1446 }
1447 }
1448 }
1450 }
1453 std::list<COutputEntry>& listSent, CAmount& nFee, std::string& strSentAccount, const isminefilter& filter) const
1454 {
1460 // Compute fee:
1463 {
1466 }
1468 // Sent/received.
1470 {
1473 // Only need to handle txouts if AT LEAST one of these is true:
1474 // 1) they debit from us (sent)
1475 // 2) the output is to us (received)
1477 {
1478 // Don't report 'change' txouts
1481 }
1485 // In either case, we need to get the destination address
1486 CTxDestination address;
1489 {
1493 }
1497 // If we are debited by the transaction, add the output as a "sent" entry
1501 // If we are receiving the output, add it as a "received" entry
1504 }
1506 }
1508 /**
1509 * Scan active chain for relevant transactions after importing keys. This should
1510 * be called whenever new keys are added to the wallet, with the oldest key
1511 * creation time.
1512 *
1513 * @return Earliest timestamp that could be successfully scanned from. Timestamp
1514 * returned will be higher than startTime if relevant blocks could not be read.
1515 */
1517 {
1521 // Find starting block. May be null if nCreateTime is greater than the
1522 // highest blockchain timestamp, in which case there is nothing that needs
1523 // to be scanned.
1525 LogPrintf("%s: Rescanning last %i blocks\n", __func__, startBlock ? chainActive.Height() - startBlock->nHeight + 1 : 0);
1531 }
1532 }
1534 }
1536 /**
1537 * Scan the block chain (starting in pindexStart) for transactions
1538 * from or to us. If fUpdate is true, found transactions that already
1539 * exist in the wallet will be updated.
1540 *
1541 * Returns null if scan was successful. Otherwise, if a complete rescan was not
1542 * possible (due to pruning or corruption), returns pointer to the most recent
1543 * block that could not be scanned.
1544 */
1546 {
1552 {
1557 ShowProgress(_("Rescanning..."), 0); // show rescan progress in GUI as dialog or on splashscreen, if -rescan on startup
1561 {
1563 ShowProgress(_("Rescanning..."), std::max(1, std::min(99, (int)((GuessVerificationProgress(chainParams.TxData(), pindex) - dProgressStart) / (dProgressTip - dProgressStart) * 100))));
1566 LogPrintf("Still rescanning. At block %d. Progress=%f\n", pindex->nHeight, GuessVerificationProgress(chainParams.TxData(), pindex));
1567 }
1569 CBlock block;
1573 }
1576 }
1578 }
1580 LogPrintf("Rescan aborted at block %d. Progress=%f\n", pindex->nHeight, GuessVerificationProgress(chainParams.TxData(), pindex));
1581 }
1585 }
1587 }
1590 {
1591 // If transactions aren't being broadcasted, don't let them into local mempool either
1597 // Sort pending wallet transactions based on their initial wallet insertion order
1599 {
1608 }
1609 }
1611 // Try to add wallet transactions to memory pool
1613 {
1617 CValidationState state;
1619 }
1620 }
1623 {
1626 {
1627 CValidationState state;
1628 /* GetDepthInMainChain already catches known conflicts. */
1634 {
1636 });
1638 }
1639 }
1640 }
1642 }
1645 {
1648 {
1652 }
1654 }
1657 {
1663 {
1666 else
1667 {
1671 }
1672 }
1674 {
1677 else
1678 {
1682 }
1683 }
1685 }
1688 {
1689 // Must wait until coinbase is safely deep enough in the chain before valuing it
1695 {
1696 // GetBalance can assume transactions in mapWallet won't change
1699 else
1700 {
1704 }
1705 }
1707 {
1710 else
1711 {
1715 }
1716 }
1718 }
1721 {
1723 {
1729 }
1732 }
1735 {
1739 // Must wait until coinbase is safely deep enough in the chain before valuing it
1749 {
1751 {
1756 }
1757 }
1762 }
1765 {
1767 {
1773 }
1776 }
1779 {
1783 // Must wait until coinbase is safely deep enough in the chain before valuing it
1792 {
1794 {
1799 }
1800 }
1805 }
1808 {
1814 }
1817 {
1820 }
1823 {
1824 // Quick answer in most cases
1835 // Don't trust unconfirmed transactions from us unless they are in the mempool.
1839 // Trusted if all inputs are from us and are in the mempool:
1841 {
1842 // Transactions not sent by us: not trusted
1849 }
1851 }
1854 {
1860 }
1863 {
1867 // Sort them in chronological order
1870 {
1872 // Don't rebroadcast if newer than nTime:
1876 }
1878 {
1882 }
1884 }
1887 {
1888 // Do this infrequently and randomly to avoid giving away
1889 // that these are our transactions.
1897 // Only do it if there's been a new block since last time
1902 // Rebroadcast unconfirmed txes older than 5 minutes before the last
1903 // block was found:
1907 }
1914 /** @defgroup Actions
1915 *
1916 * @{
1917 */
1921 {
1923 {
1925 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1926 {
1930 }
1931 }
1934 }
1937 {
1939 {
1941 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1942 {
1946 }
1947 }
1949 }
1952 {
1954 {
1956 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1957 {
1960 }
1961 }
1963 }
1966 {
1968 {
1970 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1971 {
1975 }
1976 }
1979 }
1982 {
1984 {
1986 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
1987 {
1991 }
1992 }
1994 }
1997 {
1999 {
2001 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
2002 {
2005 }
2006 }
2008 }
2010 // Calculate total balance in a different way from GetBalance. The biggest
2011 // difference is that GetBalance sums up all unspent TxOuts paying to the
2012 // wallet, while this sums up both spent and unspent TxOuts paying to the
2013 // wallet, and then subtracts the values of TxIns spending from the wallet. This
2014 // also has fewer restrictions on which unconfirmed transactions are considered
2015 // trusted.
2016 CAmount CWallet::GetLegacyBalance(const isminefilter& filter, int minDepth, const std::string* account) const
2017 {
2026 }
2028 // Loop through tx outputs and add incoming payments. For outgoing txs,
2029 // treat change outputs specially, as part of the amount debited.
2035 } else if (IsMine(out) & filter && depth >= minDepth && (!account || *account == GetAccountName(out.scriptPubKey))) {
2037 }
2038 }
2040 // For outgoing txs, subtract amount debited.
2043 }
2044 }
2048 }
2051 }
2054 {
2063 }
2064 }
2066 }
2068 void CWallet::AvailableCoins(std::vector<COutput> &vCoins, bool fOnlySafe, const CCoinControl *coinControl, const CAmount &nMinimumAmount, const CAmount &nMaximumAmount, const CAmount &nMinimumSumAmount, const uint64_t &nMaximumCount, const int &nMinDepth, const int &nMaxDepth) const
2069 {
2072 {
2077 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); ++it)
2078 {
2092 // We should not consider coins which aren't at least in our mempool
2093 // It's possible for these to be conflicted via ancestors which we may never be able to detect
2099 // We should not consider coins from transactions that are replacing
2100 // other transactions.
2101 //
2102 // Example: There is a transaction A which is replaced by bumpfee
2103 // transaction B. In this case, we want to prevent creation of
2104 // a transaction B' which spends an output of B.
2105 //
2106 // Reason: If transaction A were initially confirmed, transactions B
2107 // and B' would no longer be valid, so the user would have to create
2108 // a new transaction C to replace B'. However, in the case of a
2109 // one-block reorg, transactions B' and C might BOTH be accepted,
2110 // when the user only wanted one of them. Specifically, there could
2111 // be a 1-block reorg away from the chain where transactions A and C
2112 // were accepted to another chain where B, B', and C were all
2113 // accepted.
2116 }
2118 // Similarly, we should not consider coins from transactions that
2119 // have been replaced. In the example above, we would want to prevent
2120 // creation of a transaction A' spending an output of A, because if
2121 // transaction B were initially confirmed, conflicting with A and
2122 // A', we wouldn't want to the user to create a transaction D
2123 // intending to replace A', but potentially resulting in a scenario
2124 // where A, A', and D could all be accepted (instead of just B and
2125 // D, or just A and A' like the user would want).
2128 }
2132 }
2141 if (coinControl && coinControl->HasSelected() && !coinControl->fAllowOtherInputs && !coinControl->IsSelected(COutPoint((*it).first, i)))
2154 }
2156 bool fSpendableIn = ((mine & ISMINE_SPENDABLE) != ISMINE_NO) || (coinControl && coinControl->fAllowWatchOnly && (mine & ISMINE_WATCH_SOLVABLE) != ISMINE_NO);
2161 // Checks the sum amount of all UTXO's.
2167 }
2168 }
2170 // Checks the maximum number of UTXO's.
2173 }
2174 }
2175 }
2176 }
2177 }
2180 {
2181 // TODO: Add AssertLockHeld(cs_wallet) here.
2182 //
2183 // Because the return value from this function contains pointers to
2184 // CWalletTx objects, callers to this function really should acquire the
2185 // cs_wallet lock before calling it. However, the current caller doesn't
2186 // acquire this lock yet. There was an attempt to add the missing lock in
2187 // https://github.com/bitcoin/bitcoin/pull/10340, but that change has been
2188 // postponed until after https://github.com/bitcoin/bitcoin/pull/10244 to
2189 // avoid adding some extra complexity to the Qt code.
2198 CTxDestination address;
2202 }
2203 }
2213 CTxDestination address;
2214 if (ExtractDestination(FindNonChangeParentOutput(*it->second.tx, output.n).scriptPubKey, address)) {
2217 }
2218 }
2219 }
2220 }
2223 }
2226 {
2235 }
2238 }
2240 }
2242 static void ApproximateBestSubset(const std::vector<CInputCoin>& vValue, const CAmount& nTotalLower, const CAmount& nTargetValue,
2244 {
2250 FastRandomContext insecure_rand;
2253 {
2258 {
2260 {
2261 //The solver here uses a randomized algorithm,
2262 //the randomness serves no real security purpose but is just
2263 //needed to prevent degenerate behavior and it is important
2264 //that the rng is fast. We do not use a constant random sequence,
2265 //because there may be some privacy improvement by making
2266 //the selection random.
2268 {
2272 {
2275 {
2278 }
2281 }
2282 }
2283 }
2284 }
2285 }
2286 }
2288 bool CWallet::SelectCoinsMinConf(const CAmount& nTargetValue, const int nConfMine, const int nConfTheirs, const uint64_t nMaxAncestors, std::vector<COutput> vCoins,
2290 {
2294 // List of values less than target
2302 {
2319 {
2323 }
2325 {
2328 }
2330 {
2332 }
2333 }
2336 {
2338 {
2341 }
2343 }
2346 {
2352 }
2354 // Solve subset sum by stochastic approximation
2358 CAmount nBest;
2364 // If we have a bigger coin and (either the stochastic approximation didn't find a good solution,
2365 // or the next bigger coin is closer), return the bigger coin
2367 ((nBest != nTargetValue && nBest < nTargetValue + MIN_CHANGE) || coinLowestLarger->txout.nValue <= nBest))
2368 {
2371 }
2375 {
2378 }
2385 }
2386 }
2388 }
2389 }
2392 }
2394 bool CWallet::SelectCoins(const std::vector<COutput>& vAvailableCoins, const CAmount& nTargetValue, std::set<CInputCoin>& setCoinsRet, CAmount& nValueRet, const CCoinControl* coinControl) const
2395 {
2398 // coin control -> return all selected outputs (we want all selected to go into the transaction for sure)
2400 {
2402 {
2407 }
2409 }
2411 // calculate value from preset inputs and store them
2419 {
2422 {
2424 // Clearly invalid input, fail
2431 }
2433 // remove preset inputs from vCoins
2434 for (std::vector<COutput>::iterator it = vCoins.begin(); it != vCoins.end() && coinControl && coinControl->HasSelected();)
2435 {
2438 else
2440 }
2442 size_t nMaxChainLength = std::min(GetArg("-limitancestorcount", DEFAULT_ANCESTOR_LIMIT), GetArg("-limitdescendantcount", DEFAULT_DESCENDANT_LIMIT));
2443 bool fRejectLongChains = GetBoolArg("-walletrejectlongchains", DEFAULT_WALLET_REJECT_LONG_CHAINS);
2446 SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 1, 6, 0, vCoins, setCoinsRet, nValueRet) ||
2447 SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 1, 1, 0, vCoins, setCoinsRet, nValueRet) ||
2448 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, 2, vCoins, setCoinsRet, nValueRet)) ||
2449 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, std::min((size_t)4, nMaxChainLength/3), vCoins, setCoinsRet, nValueRet)) ||
2450 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, nMaxChainLength/2, vCoins, setCoinsRet, nValueRet)) ||
2451 (bSpendZeroConfChange && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, nMaxChainLength, vCoins, setCoinsRet, nValueRet)) ||
2452 (bSpendZeroConfChange && !fRejectLongChains && SelectCoinsMinConf(nTargetValue - nValueFromPresetInputs, 0, 1, std::numeric_limits<uint64_t>::max(), vCoins, setCoinsRet, nValueRet));
2454 // because SelectCoinsMinConf clears the setCoinsRet, we now add the possible inputs to the coinset
2457 // add preset inputs to the total value selected
2461 }
2464 {
2467 // sign the new tx
2474 }
2477 SignatureData sigdata;
2478 if (!ProduceSignature(TransactionSignatureCreator(this, &txNewConst, nIn, amount, SIGHASH_ALL), scriptPubKey, sigdata)) {
2480 }
2482 nIn++;
2483 }
2485 }
2487 bool CWallet::FundTransaction(CMutableTransaction& tx, CAmount& nFeeRet, int& nChangePosInOut, std::string& strFailReason, bool lockUnspents, const std::set<int>& setSubtractFeeFromOutputs, CCoinControl coinControl)
2488 {
2491 // Turn the txout set into a CRecipient vector
2493 {
2495 CRecipient recipient = {txOut.scriptPubKey, txOut.nValue, setSubtractFeeFromOutputs.count(idx) == 1};
2497 }
2505 CWalletTx wtx;
2506 if (!CreateTransaction(vecSend, wtx, reservekey, nFeeRet, nChangePosInOut, strFailReason, coinControl, false)) {
2508 }
2512 // we dont have the normal Create/Commit cycle, and dont want to risk reusing change,
2513 // so just remove the key from the keypool here.
2515 }
2517 // Copy output sizes from new transaction; they may have had the fee subtracted from them
2521 // Add new txins (keeping original txin scriptSig/order)
2523 {
2525 {
2529 {
2532 }
2533 }
2534 }
2538 }
2541 {
2542 unsigned int highest_target = estimator.HighestTargetTracked(FeeEstimateHorizon::LONG_HALFLIFE);
2543 CFeeRate discard_rate = estimator.estimateSmartFee(highest_target, nullptr /* FeeCalculation */, false /* conservative */);
2544 // Don't let discard_rate be greater than longest possible fee estimate if we get a valid fee estimate
2545 discard_rate = (discard_rate == CFeeRate(0)) ? CWallet::m_discard_rate : std::min(discard_rate, CWallet::m_discard_rate);
2546 // Discard rate must be at least dustRelayFee
2549 }
2551 bool CWallet::CreateTransaction(const std::vector<CRecipient>& vecSend, CWalletTx& wtxNew, CReserveKey& reservekey, CAmount& nFeeRet,
2553 {
2558 {
2560 {
2563 }
2567 nSubtractFeeFromAmount++;
2568 }
2570 {
2573 }
2577 CMutableTransaction txNew;
2579 // Discourage fee sniping.
2580 //
2581 // For a large miner the value of the transactions in the best block and
2582 // the mempool can exceed the cost of deliberately attempting to mine two
2583 // blocks to orphan the current best block. By setting nLockTime such that
2584 // only the next block can include the transaction, we discourage this
2585 // practice as the height restricted and limited blocksize gives miners
2586 // considering fee sniping fewer options for pulling off this attack.
2587 //
2588 // A simple way to think about this is from the wallet's point of view we
2589 // always want the blockchain to move forward. By setting nLockTime this
2590 // way we're basically making the statement that we only want this
2591 // transaction to appear in the next block; we don't want to potentially
2592 // encourage reorgs by allowing transactions to appear at lower heights
2593 // than the next block in forks of the best chain.
2594 //
2595 // Of course, the subsidy is high enough, and transaction volume low
2596 // enough, that fee sniping isn't a problem yet, but by implementing a fix
2597 // now we ensure code won't be written that makes assumptions about
2598 // nLockTime that preclude a fix later.
2601 // Secondly occasionally randomly pick a nLockTime even further back, so
2602 // that transactions that are delayed after signing for whatever reason,
2603 // e.g. high-latency mix networks and some CoinJoin implementations, have
2604 // better privacy.
2610 FeeCalculation feeCalc;
2612 {
2615 {
2619 // Create change script that will be used if we need change
2620 // TODO: pass in scriptChange instead of reservekey so
2621 // change transaction isn't always pay-to-bitcoin-address
2622 CScript scriptChange;
2624 // coin control: send change to custom address
2628 // Note: We use a new key here to keep it from being obvious which side is the change.
2629 // The drawback is that by not reusing a previous key, the change may be lost if a
2630 // backup is restored, if the backup doesn't have the new private key for the change.
2631 // If we reused the old key, it would be possible to add code to look for and
2632 // rediscover unknown transactions that were written with keys of ours to recover
2633 // post-backup change.
2635 // Reserve a new key pair from key pool
2636 CPubKey vchPubKey;
2640 {
2643 }
2646 }
2654 // Start with no fee and loop until there is enough fee
2656 {
2666 // vouts to the payees
2668 {
2672 {
2673 txout.nValue -= nFeeRet / nSubtractFeeFromAmount; // Subtract fee equally from each selected recipient
2676 {
2679 }
2680 }
2683 {
2685 {
2688 else
2689 strFailReason = _("The transaction amount is too small to send after the fee has been deducted");
2690 }
2691 else
2694 }
2696 }
2698 // Choose coins to use
2703 {
2706 }
2707 }
2712 {
2713 // Fill a vout to ourself
2716 // Never create dust outputs; if we would, just
2717 // add the dust to the fee.
2719 {
2722 }
2723 else
2724 {
2726 {
2727 // Insert change txn at random position:
2729 }
2731 {
2734 }
2738 }
2741 }
2743 // Fill vin
2744 //
2745 // Note how the sequence number is set to non-maxint so that
2746 // the nLockTime set above actually works.
2747 //
2748 // BIP125 defines opt-in RBF as any nSequence < maxint-1, so
2749 // we use the highest possible value in that range (maxint-2)
2750 // to avoid conflicting with other possible uses of nSequence,
2751 // and in the spirit of "smallest possible change from prior
2752 // behavior."
2753 const uint32_t nSequence = coin_control.signalRbf ? MAX_BIP125_RBF_SEQUENCE : (CTxIn::SEQUENCE_FINAL - 1);
2756 nSequence));
2758 // Fill in dummy signatures for fee calculation.
2762 }
2766 // Remove scriptSigs to eliminate the fee calculation dummy signatures
2770 }
2774 // If we made it here and we aren't even able to meet the relay fee on the next pass, give up
2775 // because we must be at the maximum allowed fee.
2777 {
2780 }
2783 // Reduce fee to only the needed amount if possible. This
2784 // prevents potential overpayment in fees if the coins
2785 // selected to meet nFeeNeeded result in a transaction that
2786 // requires less fee than the prior iteration.
2788 // TODO: The case where nSubtractFeeFromAmount > 0 remains
2789 // to be addressed because it requires returning the fee to
2790 // the payees and not the change output.
2792 // If we have no change and a big enough excess fee, then
2793 // try to construct transaction again only without picking
2794 // new inputs. We now know we only need the smaller fee
2795 // (because of reduced tx size) and so we should add a
2796 // change output. Only try this once.
2797 CAmount fee_needed_for_change = GetMinimumFee(change_prototype_size, coin_control, ::mempool, ::feeEstimator, nullptr);
2800 if (nFeeRet > nFeeNeeded + max_excess_fee && nChangePosInOut == -1 && nSubtractFeeFromAmount == 0 && pick_new_inputs) {
2804 }
2806 // If we have change output already, just increase it
2812 }
2814 }
2816 // This shouldn't happen, we should have had enough excess
2817 // fee to pay for the new output and still meet nFeeNeeded
2820 }
2822 // Try to reduce change to include necessary fee
2826 // Only reduce change if remaining amount is still a large enough output.
2831 }
2832 }
2834 // Include more fee and try again.
2837 }
2838 }
2840 if (nChangePosInOut == -1) reservekey.ReturnKey(); // Return any reserved key if we don't have change
2843 {
2847 {
2849 SignatureData sigdata;
2851 if (!ProduceSignature(TransactionSignatureCreator(this, &txNewConst, nIn, coin.txout.nValue, SIGHASH_ALL), scriptPubKey, sigdata))
2852 {
2857 }
2859 nIn++;
2860 }
2861 }
2863 // Embed the constructed transaction data in wtxNew.
2866 // Limit size
2868 {
2871 }
2872 }
2875 // Lastly, ensure this tx will pass the mempool's chain limits
2876 LockPoints lp;
2882 size_t nLimitDescendantSize = GetArg("-limitdescendantsize", DEFAULT_DESCENDANT_SIZE_LIMIT)*1000;
2884 if (!mempool.CalculateMemPoolAncestors(entry, setAncestors, nLimitAncestors, nLimitAncestorSize, nLimitDescendants, nLimitDescendantSize, errString)) {
2887 }
2888 }
2890 LogPrintf("Fee Calculation: Fee:%d Bytes:%u Tgt:%d (requested %d) Reason:\"%s\" Decay %.5f: Estimation: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out) Fail: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out)\n",
2891 nFeeRet, nBytes, feeCalc.returnedTarget, feeCalc.desiredTarget, StringForFeeReason(feeCalc.reason), feeCalc.est.decay,
2893 100 * feeCalc.est.pass.withinTarget / (feeCalc.est.pass.totalConfirmed + feeCalc.est.pass.inMempool + feeCalc.est.pass.leftMempool),
2894 feeCalc.est.pass.withinTarget, feeCalc.est.pass.totalConfirmed, feeCalc.est.pass.inMempool, feeCalc.est.pass.leftMempool,
2896 100 * feeCalc.est.fail.withinTarget / (feeCalc.est.fail.totalConfirmed + feeCalc.est.fail.inMempool + feeCalc.est.fail.leftMempool),
2897 feeCalc.est.fail.withinTarget, feeCalc.est.fail.totalConfirmed, feeCalc.est.fail.inMempool, feeCalc.est.fail.leftMempool);
2899 }
2901 /**
2902 * Call after CreateTransaction unless you want to abort
2903 */
2904 bool CWallet::CommitTransaction(CWalletTx& wtxNew, CReserveKey& reservekey, CConnman* connman, CValidationState& state)
2905 {
2906 {
2909 {
2910 // Take key pair from key pool so it won't be used again
2913 // Add tx to wallet, because if it has change it's also ours,
2914 // otherwise just for transaction history.
2917 // Notify that old coins are spent
2919 {
2923 }
2924 }
2926 // Track how many getdata requests our transaction gets
2930 {
2931 // Broadcast
2933 LogPrintf("CommitTransaction(): Transaction cannot be broadcast immediately, %s\n", state.GetRejectReason());
2934 // TODO: if we expect the failure to be long term or permanent, instead delete wtx from the wallet and return failure.
2937 }
2938 }
2939 }
2941 }
2943 void CWallet::ListAccountCreditDebit(const std::string& strAccount, std::list<CAccountingEntry>& entries) {
2946 }
2949 {
2953 }
2956 {
2959 }
2966 }
2969 {
2971 }
2973 CAmount CWallet::GetMinimumFee(unsigned int nTxBytes, const CCoinControl& coin_control, const CTxMemPool& pool, const CBlockPolicyEstimator& estimator, FeeCalculation *feeCalc)
2974 {
2975 /* User control of how to calculate fee uses the following parameter precedence:
2976 1. coin_control.m_feerate
2977 2. coin_control.m_confirm_target
2978 3. payTxFee (user-set global variable)
2979 4. nTxConfirmTarget (user-set global variable)
2980 The first parameter that is set is used.
2981 */
2982 CAmount fee_needed;
2986 // Allow to override automatic min/max check over coin control instance
2988 }
2989 else if (!coin_control.m_confirm_target && ::payTxFee != CFeeRate(0)) { // 3. TODO: remove magic value of 0 for global payTxFee
2992 }
2994 // We will use smart fee estimation
2995 unsigned int target = coin_control.m_confirm_target ? *coin_control.m_confirm_target : ::nTxConfirmTarget;
2996 // By default estimates are economical iff we are signaling opt-in-RBF
2998 // Allow to override the default fee estimate mode over the CoinControl instance
3000 else if (coin_control.m_fee_mode == FeeEstimateMode::ECONOMICAL) conservative_estimate = false;
3002 fee_needed = estimator.estimateSmartFee(target, feeCalc, conservative_estimate).GetFee(nTxBytes);
3004 // if we don't have enough data for estimateSmartFee, then use fallbackFee
3007 }
3008 // Obey mempool min fee when using smart fee estimation
3009 CAmount min_mempool_fee = pool.GetMinFee(GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000).GetFee(nTxBytes);
3013 }
3014 }
3016 // prevent user from paying a fee below minRelayTxFee or minTxFee
3021 }
3022 // But always obey the maximum
3026 }
3028 }
3034 {
3038 {
3040 {
3044 // Note: can't top-up keypool here, because wallet is locked.
3045 // User will be prompted to unlock wallet the next operation
3046 // that requires a new key.
3047 }
3048 }
3057 }
3060 {
3068 {
3070 {
3073 // Note: can't top-up keypool here, because wallet is locked.
3074 // User will be prompted to unlock wallet the next operation
3075 // that requires a new key.
3076 }
3077 }
3086 }
3089 {
3093 {
3095 {
3099 // Note: can't top-up keypool here, because wallet is locked.
3100 // User will be prompted to unlock wallet the next operation
3101 // that requires a new key.
3102 }
3103 }
3109 }
3112 bool CWallet::SetAddressBook(const CTxDestination& address, const std::string& strName, const std::string& strPurpose)
3113 {
3115 {
3122 }
3125 if (!strPurpose.empty() && !CWalletDB(*dbw).WritePurpose(CBitcoinAddress(address).ToString(), strPurpose))
3128 }
3131 {
3132 {
3135 // Delete destdata tuples associated with address
3138 {
3140 }
3142 }
3144 NotifyAddressBookChanged(this, address, "", ::IsMine(*this, address) != ISMINE_NO, "", CT_DELETED);
3148 }
3151 {
3152 CTxDestination address;
3157 }
3158 }
3159 // A scriptPubKey that doesn't have an entry in the address book is
3160 // associated with the default account ("").
3163 }
3166 {
3171 }
3173 /**
3174 * Mark old keypool keys as used,
3175 * and generate all new keys
3176 */
3178 {
3179 {
3185 }
3190 }
3195 }
3197 }
3199 }
3202 {
3205 }
3208 {
3209 {
3215 // Top up key pool
3219 else
3222 // count amount of available keys (internal, external)
3223 // make sure the keypool of external and internal keys fits the user selected target (-keypool)
3224 int64_t missingExternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setExternalKeyPool.size(), (int64_t) 0);
3225 int64_t missingInternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setInternalKeyPool.size(), (int64_t) 0);
3228 {
3229 // don't create extra internal keys
3231 }
3235 {
3238 }
3240 assert(m_max_keypool_index < std::numeric_limits<int64_t>::max()); // How in the hell did you use so many keys?
3245 }
3251 }
3252 }
3254 LogPrintf("keypool added %d keys (%d internal), size=%u (%u internal)\n", missingInternal + missingExternal, missingInternal, setInternalKeyPool.size() + setExternalKeyPool.size(), setInternalKeyPool.size());
3255 }
3256 }
3258 }
3260 void CWallet::ReserveKeyFromKeyPool(int64_t& nIndex, CKeyPool& keypool, bool fRequestedInternal)
3261 {
3264 {
3270 bool fReturningInternal = IsHDEnabled() && CanSupportFeature(FEATURE_HD_SPLIT) && fRequestedInternal;
3273 // Get the oldest key
3284 }
3287 }
3290 }
3294 }
3295 }
3298 {
3299 // Remove from key pool
3303 }
3306 {
3307 // Return to key pool
3308 {
3314 }
3315 }
3317 }
3320 {
3321 CKeyPool keypool;
3322 {
3327 {
3332 }
3335 }
3337 }
3339 static int64_t GetOldestKeyTimeInPool(const std::set<int64_t>& setKeyPool, CWalletDB& walletdb) {
3342 }
3344 CKeyPool keypool;
3348 }
3351 }
3354 {
3359 // load oldest key from keypool, get time and return
3363 }
3366 }
3369 {
3372 {
3375 {
3389 {
3390 CTxDestination addr;
3401 }
3402 }
3403 }
3406 }
3409 {
3415 {
3419 {
3421 // group all input addresses with each other
3423 {
3424 CTxDestination address;
3427 if(!ExtractDestination(mapWallet[txin.prevout.hash].tx->vout[txin.prevout.n].scriptPubKey, address))
3431 }
3433 // group change with input addresses
3435 {
3438 {
3439 CTxDestination txoutAddr;
3443 }
3444 }
3446 {
3449 }
3450 }
3452 // group lone addrs by themselves
3455 {
3456 CTxDestination address;
3462 }
3463 }
3465 std::set< std::set<CTxDestination>* > uniqueGroupings; // a set of pointers to groups of addresses
3466 std::map< CTxDestination, std::set<CTxDestination>* > setmap; // map addresses to the unique group containing it
3468 {
3469 // make a set of all the groups hit by this new group
3476 // merge all hit groups into a new single group and delete old groups
3479 {
3483 }
3486 // update setmap
3489 }
3493 {
3496 }
3499 }
3502 {
3506 {
3511 }
3513 }
3516 {
3518 {
3519 CKeyPool keypool;
3525 }
3527 }
3531 }
3534 {
3539 }
3542 {
3545 }
3548 }
3550 static void LoadReserveKeysToSet(std::set<CKeyID>& setAddress, const std::set<int64_t>& setKeyPool, CWalletDB& walletdb) {
3552 {
3553 CKeyPool keypool;
3559 }
3560 }
3563 {
3575 }
3576 }
3577 }
3580 {
3582 CPubKey pubkey;
3588 }
3591 {
3594 }
3597 {
3600 }
3603 {
3606 }
3609 {
3614 }
3617 {
3623 }
3624 }
3634 CAffectedKeysVisitor(const CKeyStore &keystoreIn, std::vector<CKeyID> &vKeysIn) : keystore(keystoreIn), vKeys(vKeysIn) {}
3637 txnouttype type;
3643 }
3644 }
3649 }
3652 CScript script;
3655 }
3658 };
3664 // get birth times for keys with metadata
3668 }
3669 }
3671 // map in which we'll infer heights of other keys
3672 CBlockIndex *pindexMax = chainActive[std::max(0, chainActive.Height() - 144)]; // the tip can be reorganized; use a 144-block safety margin
3679 }
3682 // if there are no such keys, we're done
3686 // find first block that affects those keys, if there are any left
3688 for (std::map<uint256, CWalletTx>::const_iterator it = mapWallet.begin(); it != mapWallet.end(); it++) {
3689 // iterate over all wallet transactions...
3693 // ... which are already in a block
3696 // iterate over all their outputs
3699 // ... and all their affected keys
3703 }
3705 }
3706 }
3707 }
3709 // Extract block timestamps for those keys
3710 for (std::map<CKeyID, CBlockIndex*>::const_iterator it = mapKeyFirstBlock.begin(); it != mapKeyFirstBlock.end(); it++)
3711 mapKeyBirth[it->first] = it->second->GetBlockTime() - TIMESTAMP_WINDOW; // block times can be 2h off
3712 }
3714 /**
3715 * Compute smart timestamp for a transaction being added to the wallet.
3716 *
3717 * Logic:
3718 * - If sending a transaction, assign its timestamp to the current time.
3719 * - If receiving a transaction outside a block, assign its timestamp to the
3720 * current time.
3721 * - If receiving a block with a future timestamp, assign all its (not already
3722 * known) transactions' timestamps to the current time.
3723 * - If receiving a block with a past timestamp, before the most recent known
3724 * transaction (that we care about), assign all its (not already known)
3725 * transactions' timestamps to the same timestamp as that most-recent-known
3726 * transaction.
3727 * - If receiving a block with a past timestamp, but after the most recent known
3728 * transaction, assign all its (not already known) transactions' timestamps to
3729 * the block time.
3730 *
3731 * For more information see CWalletTx::nTimeSmart,
3732 * https://bitcointalk.org/?topic=54527, or
3733 * https://github.com/bitcoin/bitcoin/pull/1393.
3734 */
3736 {
3743 // Tolerate times up to the last timestamp in the wallet not more than 5 minutes into the future
3750 }
3757 }
3760 }
3765 }
3767 }
3768 }
3773 LogPrintf("%s: found %s in block %s not in index\n", __func__, wtx.GetHash().ToString(), wtx.hashBlock.ToString());
3774 }
3775 }
3777 }
3779 bool CWallet::AddDestData(const CTxDestination &dest, const std::string &key, const std::string &value)
3780 {
3786 }
3789 {
3793 }
3795 bool CWallet::LoadDestData(const CTxDestination &dest, const std::string &key, const std::string &value)
3796 {
3799 }
3801 bool CWallet::GetDestData(const CTxDestination &dest, const std::string &key, std::string *value) const
3802 {
3805 {
3808 {
3812 }
3813 }
3815 }
3818 {
3825 }
3826 }
3827 }
3829 }
3832 {
3834 strUsage += HelpMessageOpt("-disablewallet", _("Do not load the wallet and disable wallet RPC calls"));
3835 strUsage += HelpMessageOpt("-keypool=<n>", strprintf(_("Set key pool size to <n> (default: %u)"), DEFAULT_KEYPOOL_SIZE));
3836 strUsage += HelpMessageOpt("-fallbackfee=<amt>", strprintf(_("A fee rate (in %s/kB) that will be used when fee estimation has insufficient data (default: %s)"),
3838 strUsage += HelpMessageOpt("-discardfee=<amt>", strprintf(_("The fee rate (in %s/kB) used to discard change (to fee) if it would be dust at this fee rate (default: %s) "
3839 "Note: We will always discard up to the dust relay fee and a discard fee above that is limited by the longest target fee estimate"),
3841 strUsage += HelpMessageOpt("-mintxfee=<amt>", strprintf(_("Fees (in %s/kB) smaller than this are considered zero fee for transaction creation (default: %s)"),
3843 strUsage += HelpMessageOpt("-paytxfee=<amt>", strprintf(_("Fee (in %s/kB) to add to transactions you send (default: %s)"),
3845 strUsage += HelpMessageOpt("-rescan", _("Rescan the block chain for missing wallet transactions on startup"));
3846 strUsage += HelpMessageOpt("-salvagewallet", _("Attempt to recover private keys from a corrupt wallet on startup"));
3847 strUsage += HelpMessageOpt("-spendzeroconfchange", strprintf(_("Spend unconfirmed change when sending transactions (default: %u)"), DEFAULT_SPEND_ZEROCONF_CHANGE));
3848 strUsage += HelpMessageOpt("-txconfirmtarget=<n>", strprintf(_("If paytxfee is not set, include enough fee so transactions begin confirmation on average within n blocks (default: %u)"), DEFAULT_TX_CONFIRM_TARGET));
3849 strUsage += HelpMessageOpt("-usehd", _("Use hierarchical deterministic key generation (HD) after BIP32. Only has effect during wallet creation/first start") + " " + strprintf(_("(default: %u)"), DEFAULT_USE_HD_WALLET));
3850 strUsage += HelpMessageOpt("-walletrbf", strprintf(_("Send transactions with full-RBF opt-in enabled (default: %u)"), DEFAULT_WALLET_RBF));
3852 strUsage += HelpMessageOpt("-wallet=<file>", _("Specify wallet file (within data directory)") + " " + strprintf(_("(default: %s)"), DEFAULT_WALLET_DAT));
3853 strUsage += HelpMessageOpt("-walletbroadcast", _("Make the wallet broadcast transactions") + " " + strprintf(_("(default: %u)"), DEFAULT_WALLETBROADCAST));
3854 strUsage += HelpMessageOpt("-walletnotify=<cmd>", _("Execute command when a wallet transaction changes (%s in cmd is replaced by TxID)"));
3855 strUsage += HelpMessageOpt("-zapwallettxes=<mode>", _("Delete all wallet transactions and only recover those parts of the blockchain through -rescan on startup") +
3856 " " + _("(1 = keep tx meta data e.g. account owner and payment request information, 2 = drop tx meta data)"));
3859 {
3862 strUsage += HelpMessageOpt("-dblogsize=<n>", strprintf("Flush wallet database activity from memory to disk log every <n> megabytes (default: %u)", DEFAULT_WALLET_DBLOGSIZE));
3863 strUsage += HelpMessageOpt("-flushwallet", strprintf("Run a thread to flush wallet periodically (default: %u)", DEFAULT_FLUSHWALLET));
3864 strUsage += HelpMessageOpt("-privdb", strprintf("Sets the DB_PRIVATE flag in the wallet db environment (default: %u)", DEFAULT_WALLET_PRIVDB));
3865 strUsage += HelpMessageOpt("-walletrejectlongchains", strprintf(_("Wallet will not create transactions that violate mempool chain limits (default: %u)"), DEFAULT_WALLET_REJECT_LONG_CHAINS));
3866 }
3869 }
3872 {
3873 // needed to restore wallet transaction meta data after -zapwallettxes
3885 }
3889 }
3899 {
3903 }
3905 {
3908 walletFile));
3909 }
3911 InitError(strprintf(_("Error loading %s: Wallet requires newer version of %s"), walletFile, _(PACKAGE_NAME)));
3913 }
3915 {
3916 InitError(strprintf(_("Wallet needed to be rewritten: restart %s to complete"), _(PACKAGE_NAME)));
3918 }
3922 }
3923 }
3926 {
3929 {
3933 }
3934 else
3937 {
3940 }
3942 }
3945 {
3946 // Create new keyUser and set as default key
3949 // ensure this wallet.dat can only be opened by clients supporting HD with chain split
3952 // generate a new master key
3956 }
3957 CPubKey newDefaultKey;
3963 }
3964 }
3967 }
3971 InitError(strprintf(_("Error loading %s: You can't disable HD on an already existing HD wallet"), walletFile));
3973 }
3975 InitError(strprintf(_("Error loading %s: You can't enable HD on an already existing non-HD wallet"), walletFile));
3977 }
3978 }
3986 {
3988 CBlockLocator locator;
3991 }
3993 {
3994 //We can't rescan beyond non-pruned blocks, stop and throw an error
3995 //this might happen if a user uses an old wallet within a pruned node
3996 // or if he ran -disablewallet for a longer time, then decided to re-enable
3998 {
4000 while (block && block->pprev && (block->pprev->nStatus & BLOCK_HAVE_DATA) && block->pprev->nTx > 0 && pindexRescan != block)
4004 InitError(_("Prune: last wallet synchronisation goes beyond pruned data. You need to -reindex (download the whole blockchain again in case of pruned node)"));
4006 }
4007 }
4010 LogPrintf("Rescanning last %i blocks (from block %i)...\n", chainActive.Height() - pindexRescan->nHeight, pindexRescan->nHeight);
4012 // No need to read and scan block if block was created before
4013 // our wallet birthday (as adjusted for block time variability)
4014 while (pindexRescan && walletInstance->nTimeFirstKey && (pindexRescan->GetBlockTime() < (walletInstance->nTimeFirstKey - TIMESTAMP_WINDOW))) {
4016 }
4024 // Restore wallet transaction metadata after -zapwallettxes=1
4026 {
4030 {
4034 {
4045 }
4046 }
4047 }
4048 }
4049 walletInstance->SetBroadcastTransactions(GetBoolArg("-walletbroadcast", DEFAULT_WALLETBROADCAST));
4051 {
4056 }
4059 }
4062 {
4066 }
4072 }
4074 }
4077 }
4082 {
4083 // Add wallet transactions that aren't already in a block to mempool
4084 // Do this here as mempool requires genesis block to be loaded
4087 // Run a thread to flush wallet periodically
4090 }
4091 }
4094 {
4101 if (GetBoolArg("-blocksonly", DEFAULT_BLOCKSONLY) && SoftSetBoolArg("-walletbroadcast", false)) {
4102 LogPrintf("%s: parameter interaction: -blocksonly=1 -> setting -walletbroadcast=0\n", __func__);
4103 }
4108 }
4109 // Rewrite just private keys: rescan to find transactions
4112 }
4113 }
4116 // -zapwallettxes implies dropping the mempool on startup
4118 LogPrintf("%s: parameter interaction: -zapwallettxes=%s -> setting -persistmempool=0\n", __func__, zapwallettxes);
4119 }
4121 // -zapwallettxes implies a rescan
4125 }
4127 LogPrintf("%s: parameter interaction: -zapwallettxes=%s -> setting -rescan=1\n", __func__, zapwallettxes);
4128 }
4129 }
4134 }
4135 }
4140 return InitError(_("Rescans are not possible in pruned mode. You will need to use -reindex which will download the whole blockchain again."));
4147 {
4155 }
4157 {
4160 return InitError(strprintf(_("Invalid amount for -fallbackfee=<amount>: '%s'"), GetArg("-fallbackfee", "")));
4165 }
4167 {
4170 return InitError(strprintf(_("Invalid amount for -discardfee=<amount>: '%s'"), GetArg("-discardfee", "")));
4173 _("This is the transaction fee you may discard if change is smaller than dust at this level"));
4175 }
4177 {
4187 {
4188 return InitError(strprintf(_("Invalid amount for -paytxfee=<amount>: '%s' (must be at least %s)"),
4190 }
4191 }
4193 {
4198 InitWarning(_("-maxtxfee is set very high! Fees this large could be paid on a single transaction."));
4201 {
4202 return InitError(strprintf(_("Invalid amount for -maxtxfee=<amount>: '%s' (must be at least the minrelay fee of %s to prevent stuck transactions)"),
4204 }
4205 }
4211 }
4214 {
4216 }
4219 {
4222 }
4225 {
4229 }
4232 {
4235 }
4238 {
4239 // Update the tx's hashBlock
4242 // set the position of the transaction in the block
4244 }
4247 {
4253 // Find the block it claims to be in
4263 }
4266 {
4270 }
4274 {
4276 }