Univalue's parsing of \u escape sequences did not handle NUL characters
correctly. They were, effectively, dropped. The extended test-case
fails with the old code, and is fixed with this patch.
Don't assume sizes of unsigned short and unsigned int in GetSizeOfCompactSize and WriteCompactSize.
Fixes#2137
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
Closes#2113. Fixes bug in test and updates testnet fr addresses.
Updating the testnet fr addresses will introduce a consensus change on testnet, so all testnet nodes will be required to upgrade. See #2113 for more information.
Closes#2112 where z_getoperationresult could return stale status.
The problem was similar to a check-then-act race condition. Status object was obtained from an operation, which might be in an 'executing' state. Instead of checking the state recorded in the status object, the operation was queried again to see if it was in a finished state (failed,success,cancelled) and if yes, the status object was returned to the user. However, if the operation had changed state in the background, the status object would be stale.
Sets default min relay tx fee to 100, which is used to initialize
nSatoshisPerK for min fee calculation. The default z_sendmany
fee of 10000 is now sufficient to cover a tx of size 100000 bytes,
so txs will not be treated as "free" and hit the free rate limiter.
Address @str4d's comment on #1965 about the case where -gen is not set
https://github.com/zcash/zcash/pull/1965#discussion_r100414069
Note that the case of calling the ``setgenerate true`` RPC with the wallet disabled was already handled correctly.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
Convert entire source tree from json_spirit to UniValue
This PR cherry-picks bitcoin/bitcoin#6121 and then migrates the Zcash-specific code to UniValue.
Also cherry-picks:
- bitcoin/bitcoin#6241
- bitcoin/bitcoin#6234
Closes#1985.
JSON makes no distinction between numbers and reals, and our code
doesn't need to do so either.
This removes VREAL, as well as its specific post-processing in
`UniValue::write`. Non-monetary amounts do not need to be forcibly
formatted with 8 decimals, so the extra roundtrip was unnecessary
(and potentially loses precision).
Zcash: cherry-picked from commit 7650449a6777710cf818d41862626164da0cd412
Dropped changes to qa/rpc-tests/rest.py pending addition of /rest/headers/
This is the format that was always returned to JSON clients.
The difference was not noticed before, because VREAL values
are post-processed by univalue.
By implementing the functionality directly it breaks the dependency
of rpcserver on utilmoneystr. FormatMoney is now only used for debugging
purposes.
To test, port over the formatting tests from util_tests.cpp to
rpc_tests.cpp.
Add a function `ParseFixedPoint` that parses numbers according
to the JSON number specification and returns a 64-bit integer.
Then this in `AmountFromValue`, rather than `ParseMoney`.
Also add lots of tests (thanks to @jonasschnelli for some of them).
Fixes issue #6297.
- Add an accept test for zero amounts, and a reject test for negative
amounts
- Remove ugly hack in `settxfee` that is no longer necessary
- Do explicit zero checks in wallet RPC functions
- Don't add a check for zero amounts in `createrawtransaction` - this
could be seen as a feature
My prime gripe with JSON spirit was that monetary values still had to be
converted from and to floating point which can cause deviations (see #3759
and https://bitcoin.stackexchange.com/questions/22716/bitcoind-sendfrom-round-amount-error).
As UniValue stores internal values as strings, this is no longer
necessary. This avoids risky double-to-integer and integer-to-double
conversions completely, and results in more elegant code to boot.
Strict parsing functions for other numeric types.
- ParseInt64 analogous to ParseInt32, but for 64-bit values.
- ParseDouble for doubles.
- Make all three Parse* functions more strict (e.g. reject whitespace on
the inside)
Also add tests.
- implement find_value() function for UniValue
- replace all Array/Value/Object types with UniValues, remove JSON Spirit to UniValue wrapper
- remove JSON Spirit sources
- removes mapBlockIndex find operation
- theoretically allows removing the cs_main lock during zqm notification while introducing a new file position lock
Moves the call Initialize() from init.cpp to CreateWithArguments() and handles the
return value. Moves the call Shutdown() from init.cpp to destructor.
Changes Initialize() and Shutdown() to protected members.
Continues Johnathan Corgan's work.
Publishing multipart messages
Bugfix: Add missing zmq header includes
Bugfix: Adjust build system to link ZeroMQ code for Qt binaries
Closes#1097 so that zcash-cli displays license info like zcashd.
LicenseInfo is refactored from init.cpp to util.cpp so that the
bitcoin-cli makefile target does not need to be modified.
Add missing header
Closes#2027 where gcc 6.2.0 identified that `rpcwallet.cpp` was missing a header file `<numeric>` which is required due to usage of `std::accumulate`.
Previously the RPC interface allowed z_exportwallet, backupwallet and
dumpwallet to write data to an arbitrary filename. ZCA-009 demonstrates
how this is vulnerable. The resolution is to only allow data to
written when the -exportdir has been configured. Also filenames are
restricted to alphanumeric characters.
When no `-rpcpassword` is specified, use a special 'cookie' file for
authentication. This file is generated with random content when the
daemon starts, and deleted when it exits. Read access to this file
controls who can access through RPC. By default this file is stored in
the data directory but it be overriden with `-rpccookiefile`.
This is similar to Tor CookieAuthentication: see
https://www.torproject.org/docs/tor-manual.html.en
Alternative to #6258. Like that pull, this allows running bitcoind
without any manual configuration. However, daemons should ideally never write to
their configuration files, so I prefer this solution.
after a successful sign and send, meaning that the logged hash fragment
would be different from the txid logged by "AddToWallet". This issue
occured when sending from transparent addresses, as utxo inputs must be
signed. It did not occur when sending from shielded addresses.
Only increment new notes on reindex
Addresses another issue in #1904.
When an existing one of our notes was found again, its cache was reset and it was re-witnessed. This would cause encountered notes to get out-of-sync with the otherwise-ignored newer notes, which could be a problem if the wallet data happens to be written out during a reindex.
Additional well-formedness check for G2 elements
libsnark currently checks that G<sub>1</sub> and G<sub>2</sub> elements are well-formed by ensuring that they satisfy their respective curve equations, and although this is enough for G<sub>1</sub> (which is instantiated as an order r curve E/F<sub>p</sub>: y^2 = x^3 + b), G<sub>2</sub> is the order r *subgroup* of the composite order r(2q-r) curve E'/Fp<sup>2</sup>: y^2 = x^3 + b/e constructed via a sextic twisting isomorphism. This means we need to ensure these points are order r as well.
None of the proofs on the Zcash blockchain violate this check, and it may not even be possible for them to violate this check (bilinearity is not preserved). Let's be cautious and do it anyway.
Write witness caches when writing the best block
For steady-state operation, this reduces the average time between wallet disk
writes from once per block to once per hour.
On -rescan, witness caches are only written out at the end along with the best
block, increasing speed while ensuring that on-disk state is kept consistent.
Witness caches are now never recreated during a -reindex, on the assumption that
the blocks themselves are not changing (the chain is just being reconstructed),
and so the witnesses will remain valid.
Part of #1749.
Closes#1857. Fixes bug where a transaction sending from a zaddr would have a priority of zero.
Transactions sent from a zaddr should now be mined sooner as they no longer have a priority of zero
Isolate verification to a ProofVerifier context object that allows verification behavior to be tuned by the caller.
This is an alternative foundation for #1892, i.e., #1892 will have to be changed if this PR is accepted.
I think this is a safer approach because it allows us to isolate verification behavior to a single object. This will come in handy when @arielgabizon finishes the batching code.
Fix anchor cache bug
Fixes#1912.
If an anchor is removed from the cache, but didn't exist in it beforehand, it will insert a blank tree. If it's reinserted in a child cache, when the child cache flushes it will mark the treestate as entered but won't bring the valid tree with it.
Thankfully, we assert when connecting blocks so that this inconsistency won't cause us to build on a blank tree after a reorg.