This also provides additional documentation for why it's necessary
to store ephemeral_addresses table entries at indicies that do not
correspond to valid addresses.
table, or to run an sqlite3 command. The latter is marked `unsafe`.
The name of the table must be a static string containing only `[a-ZA-Z_]`
characters. These are only usable if both `#[cfg(test)]` and the
"unstable" feature are enabled.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
when another wallet creates a transaction with an output to one of our
ephemeral addresses, and repair the implementation to pass this test.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
Also change the return type of `find_index_for_ephemeral_address_str` to
`Result<Option<NonHardenedChildIndex>, SqliteClientError>` so that the
`expect` is in the right place.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
`find_account_for_transparent_address`) to take a `TransparentAddress`
rather than a `WalletTransparentOutput`.
Co-authored-by: Kris Nuttycombe <kris@nutty.land>
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
within the gap. Also support paging for `get_known_ephemeral_addresses`.
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
`addresses` table to a `NonHardenedChildIndex`.
(This moves where a `diversifier_index_be` field of the wrong length would
be detected and so is not quite a no-op, but that shouldn't matter.)
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
addresses within the gap limit. This should make recording TXOs found at
these addresses via `WalletWrite::put_received_transparent_utxo` work
correctly.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
`zcash_client_sqlite::wallet::transparent::ephemeral`. Also report the
account id and index for `SqliteClientError::ReachedGapLimit`.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
the transaction mined at an earlier height, out of the newly observed
transaction and any already referenced one. This slightly reduces the
chance of unnecessarily reaching the gap limit too early in some corner
cases.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
is ephemeral.
This also fixes `try_into_standard_proposal` to allow decoding from the
protobuf representation into a proposal that uses references to prior
ephemeral transparent outputs, provided that the "transparent-inputs"
feature is enabled.
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
The `foreign_keys` pragma has no effect when used within a transaction,
so it should only be set at the top level. The `legacy_alter_table`
pragma should only be used in cases where its effect is explicitly
intended.
now implement a different strategy for choosing whether there will be any
change, and its value. The aims are:
* Ensure that it is possible to create fully transparent transactions with
no change (this will be needed for ZIP 320). The `InsufficientFunds`
error in this case should have a `required` field that reflects the
additional amount needed, according to the fee calculated without an
extra change output.
* Avoid leaking information about note amounts in some cases: an adversary
that knew the number of external recipients and the sum of their outputs
was able to learn the sum of the inputs if no change output was present.
* Defend against losing money by using `DustAction::AddDustToFee` with a
too-high dust threshold.
* Ensure that if a "change memo" is requested, there will always be a
shielded change output in which to put it. Previously, this would not
be the case when using `DustAction::AddDustToFee`.
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Co-authored-by: Kris Nuttycombe <kris@nutty.land>
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>