Enforce that coinbases must be protected
This PR forces miners to place their funds in the private value transfer system, making "transparent coins" opt-in for users, and increasing privacy for all participants on a systemic level.
Closes#101.
Signing pours with ed25519
This is an alternative to #964 which uses ed25519 instead of secp256k1, and avoids the separate hash for fitting the public key into the `h_sig` block. It's based on @defuse's work in that branch.
Closes#808.
All blocks before the first subsidy halving block, with the exception of
the genesis block, must contain an output which sends 20% of the block
subsidy value to a scriptPubKey `FOUNDERS_REWARD_SCRIPT`.
The main and test networks are configured to use parameters that are currently
low-memory but usable with the basic solver; they will be increased once the
solver is optimised. The regtest network is configured to have extremely low
memory usage for speed.
Note that Bitcoin's double-hasher is used for the difficulty check. This does
not match the paper, but is simpler than changing the block header
serialization. Single hashing is kept for the EquiHash solver because there is
no requirement on execution time there, only on memory usage.
Some specifics on consensus changes:
* Transactions must be anchored to a real anchor in the chain.
* Anchors are pushed and popped during ConnectBlock/DisconnectBlock as appropriate.
* DisconnectTip triggers evictions, under some circumstances, of transactions in the
mempool which are anchored to roots that are no longer valid.
* Commitments append to the tree at the current best root during ConnectBlock.
* PourTxs cannot appear in coinbase transactions.
* Transactions can only contain empty vin/vouts if they contain a PourTx.
* PourTx public values must be well-formed (not negative or too large).
* Transactions cannot have the same serial twice throughout all PourTxs.
Previously, the undo weren't being flushed during a reindex because
fKnown was set to true in FindBlockPos. That is the correct behaviour
for block files as they aren't being touched, but undo files are
touched.
This changes the behaviour to always flush when switching to a new file
(even for block files, though that isn't really necessary).
Rebased-From: 22e780737db57bcb18b3824eb8158e19a4775cb6
Github-Pull: #6948
af6edac *: alias -h for --help (Daniel Cousens)
131d7f9 Change URLs to https in debian/control (Matt Corallo)
7ce2c91 Update debian/changelog and slight tweak to debian/control (Matt Corallo)
4fbfebe Correct spelling mistakes in doc folder (Mitchell Cash)
e42bf16 Clarification of unit test build instructions. (Eric Lombrozo)
54f9dee Update bluematt-key, the old one is long-since revoked (Matt Corallo)
bfc6154 [Trivial] Fixed typo when referring to a previous section in depends/README.md [skip ci] (Chris Kleeschulte)
9e45157 build: disable -Wself-assign (Wladimir J. van der Laan)
33d6825 Bugfix: Allow mining on top of old tip blocks for testnet (fixes testnet-in-a-box use case) (Luke Dashjr)
87a797a build: Remove dependency of bitcoin-cli on secp256k1 (Wladimir J. van der Laan)
a33cd5b [trivial] Fix rpc message "help generate" (MarcoFalke)
6fd0019 Drop "with minimal dependencies" from description (Zak Wilcox)
2394f4d Split bitcoin-tx into its own package (Zak Wilcox)
1e672ae Include bitcoin-tx binary on Debian/Ubuntu (Zak Wilcox)
b3eaa30 [Qt] Raise debug window when requested (MarcoFalke)
01878c9 Fix locking in GetTransaction. (Alex Morcos)
9b9acc2 Fix spelling of Qt (Diego Viola)
The lock-time code currently uses CBlock::nTime as the cutoff point for time based locked transactions. This has the unfortunate outcome of creating a perverse incentive for miners to lie about the time of a block in order to collect more fees by including transactions that by wall clock determination have not yet matured. By using CBlockIndex::GetMedianTimePast from the prior block instead, the self-interested miner no longer gains from generating blocks with fraudulent timestamps. Users can compensate for this change by simply adding an hour (3600 seconds) to their time-based lock times.
If enforced, this would be a soft-fork change. This commit only adds the functionality on an unexecuted code path, without changing the behaviour of Bitcoin Core.
6af25b0 Add BIP65 to getblockchaininfo softforks list (Peter Todd)
ba1da90 Show softfork status in getblockchaininfo (Wladimir J. van der Laan)
70a427b CLTV: Add more tests to improve coverage (Esteban Ordano)
c5a27f4 Add RPC tests for the CHECKLOCKTIMEVERIFY (BIP65) soft-fork (Peter Todd)
5e82e1c Add CHECKLOCKTIMEVERIFY (BIP65) soft-fork logic (Peter Todd)
6ea5ca4 Enable CHECKLOCKTIMEVERIFY as a standard script verify flag (Peter Todd)
4fa7a04 Replace NOP2 with CHECKLOCKTIMEVERIFY (BIP65) (Peter Todd)
6ec08db Move LOCKTIME_THRESHOLD to src/script/script.h (Peter Todd)
684636b Make CScriptNum() take nMaxNumSize as an argument (Peter Todd)
GetTransaction needs to lock cs_main until ReadBlockFromDisk completes, the data inside CBlockIndex's can change since pruning. This lock was held by all calls to GetTransaction except rest_tx.
To bridge the time until a dynamic method for determining this fee is
merged.
This is especially aimed at the stable releases (0.10, 0.11) because
full mempool limiting, as will be in 0.12, is too invasive and risky to
backport.
Github-Pull: #6793
Rebased-From: 28e3249e53b8ef7516636df0f1406466a513095d 4e2efb3c5fde4b1e332cc032e3dc4082ec4e3cac
The main effect is to exit processing for recently-rejected hashes,
in case they are pushed to us without prior advertisement. This
behavior was seen in the wild.
An additional effect is to do early checks for mempool or mapOrphan
existence. No logging or nDoS tracking is needed for failures of
these checks.
Sean Bowe
Taylor Hornby
zkbot
Jack Grigg
Pieter Wuille
Wladimir J. van der Laan
Mark Friedenbach
Alex Morcos
Luke Dashjr
Tom Harding
Peter Todd