1
0
Commit Graph

186 Commits

Author SHA1 Message Date
SomberNight
db759765d6 adb.get_tx_height: allow future txs to be partially signed
If the full tx is missing, we should force mempool/confirmed txs to be LOCAL height,
however future txs should not be forced to LOCAL, they should remain FUTURE.

follow-up 197933debf
2025-05-27 18:19:01 +00:00
SomberNight
197933debf adb.get_tx_height: return "LOCAL" height if missing full signed tx
get_tx_height previously did not consider whether the walletDB has the full tx for
the corresponding txid, and could consider a tx even "mined" and spv-ed, even if
we were missing the raw tx.
Now if the full tx is missing or the tx in the db is partial,
get_tx_height considers it to be LOCAL.

In particular the txbatcher, in `run_iteration`,
- first saves a tx as local *unsigned* (to reserve UTXOs),
- then signs it and tries to broadcast it.

The history tx will later transition to local and signed,
after we get back the broadcasted tx via the Synchronizer dance.
In the meantime there is a race where we have an unsigned tx in the history,
but the txid could already transition to mempool or even to mined,
before we download the full raw tx from the server.
During that time window, it makes the adb state more consistent
to just consider the history tx to be local, as done here.
2025-05-26 16:57:51 +00:00
SomberNight
4543192e1a adb: take lock in more places
for example, adb.get_utxos() could previously return an inconsistent result
2025-05-21 18:43:36 +00:00
SomberNight
3b37a920d6 adb/wallet: merge transaction_lock and lock
The distinction was no longer clear.
2025-05-21 18:43:33 +00:00
SomberNight
b1f0c6e353 synchronizer: get_transaction should discard tx_height as it can change
tx_height comes from the `get_history` RPC, we then call the `get_transaction` RPC.
By the time the `get_transaction` RPC returns, we might have received another
scripthash status update, called `get_history` again, and updated height for the txid.
Synchronizer._get_transaction() should not call adb.receive_tx_callback() with
the old tx_height (but it was doing exactly that).

Patch to trigger, e.g. regtest failures:
(e.g. for tests.regtest.TestLightningAB.test_extract_preimage)
```
diff --git a/electrum/interface.py b/electrum/interface.py
index 8649652b9c..fce7a1c6de 100644
--- a/electrum/interface.py
+++ b/electrum/interface.py
@@ -991,6 +991,7 @@ class Interface(Logger):
         return res

     async def get_transaction(self, tx_hash: str, *, timeout=None) -> str:
+        await asyncio.sleep(3)
         if not is_hash256_str(tx_hash):
             raise Exception(f"{repr(tx_hash)} is not a txid")
         raw = await self.session.send_request('blockchain.transaction.get', [tx_hash], timeout=timeout)

```
2025-05-15 19:35:15 +00:00
SomberNight
61283fe18b adb: (trivial) receive_tx_callback: make tx_height param kw-only 2025-05-15 19:09:37 +00:00
ThomasV
39224f003d Merge pull request #9636 from SomberNight/202503_avoid_reuse
wallet: add new config option "FREEZE_REUSED_ADDRESS_UTXOS"
2025-03-14 12:56:29 +01:00
ThomasV
8e6be0a36a Remove inheritance between LNWatcher and Watchtower
As LNWatcher is no longer async, there is not enough overlap
between these classes to deserve inheritance
2025-03-14 11:59:56 +01:00
SomberNight
d52762a2e8 wallet: add new config option "FREEZE_REUSED_ADDRESS_UTXOS"
Adds a new config option: `WALLET_FREEZE_REUSED_ADDRESS_UTXOS`.
This is based on Bitcoin Core's "avoid_reuse" wallet flag. [0]

This opt-in feature, if enabled:
> Automatically freeze coins received to already used addresses.
> This can eliminate a serious privacy issue where a malicious user can track your spends by sending small payments
> to a previously-paid address of yours that would then be included with unrelated inputs in your future payments.

Note that currently we only have a single coinchooser policy, `CoinChooserPrivacy`,
which interacts well with this option, as it spends all coins from any selected address.
However, if we later add a different coinchooser policy, which allowed "partial spends",
care should be taken re e.g. disallowing using that when this option is set.

Also note that this PR adds this as a config option, but arguably it could be wallet-specific instead,
such as `use_change`.

[0]: https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.19.0.1.md#wallet

closes https://github.com/spesmilo/electrum/issues/7497
2025-03-14 00:47:42 +00:00
SomberNight
838490fea4 adb.add_transaction: try to ser-deser tx early
Previously calling add_transaction with a malformed Transaction obj could
result in an exception late in the flow, after the walletdb was already side-effected.
Rollback of such side-effects is not implemented :/
  but this small patch should at least cover and prevent some common cases.

```
File "/opt/electrum/electrum/address_synchronizer.py", line 358, in add_transaction
  self.db.add_transaction(tx_hash, tx)
File "/opt/electrum/electrum/json_db.py", line 42, in wrapper
  return func(self, *args, **kwargs)
File "/opt/electrum/electrum/wallet_db.py", line 1434, in add_transaction
  tx = tx_from_any(str(tx))
File "/opt/electrum/electrum/transaction.py", line 1339, in tx_from_any
  raise SerializationError(f"Failed to recognise tx encoding, or to parse transaction. "
```
2025-01-10 12:24:26 +00:00
SomberNight
2f1095510c bitcoin.py/transaction.py: API changes: rm most hex usage
Instead of some functions operating with hex strings,
and others using bytes, this consolidates most things to use bytes.

This mainly focuses on bitcoin.py and transaction.py,
and then adapts the API usages in other files.

Notably,
- scripts,
- pubkeys,
- signatures
should be bytes in almost all places now.
2024-04-29 17:10:26 +00:00
SomberNight
7247130aaf adb: get_balance: add comment about #8835
> These kind of checks look incorrect and confused/confusing for me:
> 43a5d03426/electrum/gui/qml/qeinvoice.py (L388)
> 43a5d03426/electrum/gui/qt/main_window.py (L1801)

> For example, consider creating a local tx that spends all UTXOs in the wallet, and consolidates them to another ismine address.
> Such a tx basically does not change what wallet.get_balance() returns.
> but to the checks listed above, the confirmed balance of the wallet I guess should be 0?
2024-01-19 15:22:28 +00:00
SomberNight
de2007e90c adb: simplify get_conflicting_transactions 2024-01-17 18:58:18 +00:00
SomberNight
eee61a98cb gui: cpfp: calc parent fee for cpfp using wallet.get_tx_info
I am only making this change as it makes it simpler to do manual testing of CPFP-ing *local* txs.
That is, by changing a few easy-to-find lines of code, I can make the GUI allow CPFP-ing a local tx, but
without this change it errors out with "unknown fee for parent transaction".

If one has an incoming local tx saved in the wallet, adb.get_tx_fee(txid) returns None
(if the tx gets into the mempool, it will use the server-reported value instead).
In contrast, wallet.get_tx_info(tx).fee calls both wallet.get_wallet_delta(tx) and adb.get_tx_fee(txid),
making it more expensive but more complete.
2023-12-29 02:55:11 +00:00
SomberNight
e1d0247ce4 wallet: clarify difference between wallet.is_mine and adb.is_mine
related https://github.com/spesmilo/electrum/pull/8699
2023-12-12 14:17:38 +00:00
SomberNight
bb76b836a3 addr_sync.receive_tx_callback: rm redundant tx_hash arg 2023-10-24 16:07:30 +00:00
SomberNight
227e257444 (follow-up) wallet: add option to merge duplicate tx outputs 2023-10-24 14:41:39 +00:00
ThomasV
5e09a416a7 address_synchronizer: save stored_height on each block 2023-08-27 11:57:50 +02:00
SomberNight
703ec09355 addr_sync: expand docstring for get_tx_fee 2023-06-13 00:24:56 +00:00
SomberNight
24980feab7 config: introduce ConfigVars
A new config API is introduced, and ~all of the codebase is adapted to it.
The old API is kept but mainly only for dynamic usage where its extra flexibility is needed.

Using examples, the old config API looked this:
```
>>> config.get("request_expiry", 86400)
604800
>>> config.set_key("request_expiry", 86400)
>>>
```

The new config API instead:
```
>>> config.WALLET_PAYREQ_EXPIRY_SECONDS
604800
>>> config.WALLET_PAYREQ_EXPIRY_SECONDS = 86400
>>>
```

The old API operated on arbitrary string keys, the new one uses
a static ~enum-like list of variables.

With the new API:
- there is a single centralised list of config variables, as opposed to
  these being scattered all over
- no more duplication of default values (in the getters)
- there is now some (minimal for now) type-validation/conversion for
  the config values

closes https://github.com/spesmilo/electrum/pull/5640
closes https://github.com/spesmilo/electrum/pull/5649

Note: there is yet a third API added here, for certain niche/abstract use-cases,
where we need a reference to the config variable itself.
It should only be used when needed:
```
>>> var = config.cv.WALLET_PAYREQ_EXPIRY_SECONDS
>>> var
<ConfigVarWithConfig key='request_expiry'>
>>> var.get()
604800
>>> var.set(3600)
>>> var.get_default_value()
86400
>>> var.is_set()
True
>>> var.is_modifiable()
True
```
2023-05-25 17:39:48 +00:00
SomberNight
56fa832563 wallet.get_tx_parents: explicitly handle missing "from address"
(happened to work even without this)
2023-05-03 15:08:56 +00:00
SomberNight
6ac3f84095 wallet/lnworker/etc: add sanity checks to start_network methods
related: https://github.com/spesmilo/electrum/issues/8301
2023-04-17 16:56:57 +00:00
SomberNight
b81508cfc0 qml: fix refresh bug in history, for local->unconfirmed tx transition
Previously if a local tx got broadcast, it was still displayed as local
in the history until it got mined (or some other action forced a full refresh).
2023-04-05 13:09:51 +00:00
SomberNight
e748345be0 addr_sync: change return type of get_address_history to dict from list 2023-04-05 13:09:47 +00:00
SomberNight
db4943ff86 wallet.get_full_history: more consistent sort order
before:
```
>>> [print(wallet.get_tx_status(txid, wallet.adb.get_tx_height(txid))) for txid in list(wallet.get_full_history())[-10:]]
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(0, 'Unconfirmed [20. sat/b, 0.00 MB]')
(2, 'in 2 blocks')
(3, 'Local [180.4 sat/b]')
(3, 'Local [180.2 sat/b]')
(2, 'in 2016 blocks')
(0, 'Unconfirmed [180. sat/b, 0.00 MB]')
```

after:
```
>>> [print(wallet.get_tx_status(txid, wallet.adb.get_tx_height(txid))) for txid in list(wallet.get_full_history())[-10:]]
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(7, '2023-04-04 16:13')
(0, 'Unconfirmed [20. sat/b, 0.00 MB]')
(0, 'Unconfirmed [180. sat/b, 0.00 MB]')
(2, 'in 2016 blocks')
(2, 'in 2 blocks')
(3, 'Local [180.4 sat/b]')
(3, 'Local [180.2 sat/b]')
```
2023-04-04 18:32:53 +00:00
SomberNight
f0e89b3ef6 addr_sync: migrate usages of get_txpos to get_tx_height
the return value of get_txpos is fine-tuned for sorting... other uses are highly questionable.
2023-04-04 17:49:46 +00:00
SomberNight
f8f0af4a2f qml: history: add some support for future txs
- they are now distinguished from local by the status text "in %d blocks"
- this status text needs updating occasionally: on new blocks,
  and some lnwatcher interactions, hence new event: "adb_set_future_tx"
2023-04-04 17:39:58 +00:00
SomberNight
9097d5e43d addr_sync.set_future_tx: clarify wanted_height off-by-one semantics 2023-04-04 13:55:12 +00:00
SomberNight
446879ade0 lnwatcher.maybe_redeem: wanted_height should always be absolute
previously, if prev_height.height was <= 0, lnwatcher was calling adb.set_future_tx()
with weird wanted_height values (with ~sweep_info.csv_delay)
2023-04-04 13:37:10 +00:00
ThomasV
54bb42f82c adb: take locks in get_balance. fixes #8200 2023-04-01 10:37:38 +02:00
SomberNight
81772faf6c wallet: add_input_info to no longer do network requests
- wallet.add_input_info() previously had a fallback to download parent
  prev txs from the network (after a lookup in wallet.db failed).
  wallet.add_input_info() is not async, so the network request cannot
  be done cleanly there and was really just a hack.
- tx.add_info_from_wallet() calls wallet.add_input_info() on each txin,
  in which case these network requests were done sequentially, not concurrently
- the network part of wallet.add_input_info() is now split out into new method:
  txin.add_info_from_network()
- in addition to tx.add_info_from_wallet(), there is now also tx.add_info_from_network()
  - callers of old tx.add_info_from_wallet() should now called either
    - tx.add_info_from_wallet(), then tx.add_info_from_network(), preferably in that order
    - tx.add_info_from_wallet() alone is sufficient if the tx is complete,
      or typically when not in a signing context
- callers of wallet.bump_fee and wallet.dscancel are now expected to have already
  called tx.add_info_from_network(), as it cannot be done in a non-async context
  (but for the common case of all-inputs-are-ismine, bump_fee/dscancel should work regardless)
- PartialTxInput.utxo was moved to the baseclass, TxInput.utxo
2023-03-12 00:21:57 +00:00
SomberNight
7584ba00ce wallet: kill negative conf numbers for TxMinedInfo
fixes https://github.com/spesmilo/electrum/issues/8240

#8240 was triggering an AssertionError in wallet.get_invoice_status,
as code there was assuming conf >= 0. To trigger, force-close
a LN channel, and while the sweep is waiting on the CSV, try to
make a payment in the Send tab to the ismine change address used
for the sweep in the future_tx. (order of events can also be reversed)
2023-03-09 14:59:08 +00:00
ThomasV
27ce9d88c3 follow-up 2ed71579c3: remove wrong assert 2023-03-04 09:04:50 +01:00
ThomasV
2ed71579c3 privacy analysis: detect address reuse
add tx position to get_addr_io
2023-03-04 08:53:49 +01:00
ThomasV
e4273e5ab9 utxo privacy analysis:
- add a new event, 'adb_removed_tx'
 - new wallet method: get_tx_parents
 - number of parents is shown in coins tab
 - detailed list of parents is shown in dialog
2023-02-25 11:46:47 +01:00
SomberNight
90f1279d9a addr_sync: (trivial) don't use private utxo._is_coinbase_output 2023-02-08 23:32:28 +00:00
SomberNight
7d42676785 qt tx dialog: make scid and addr texts clickable in IO fields
based on:
7eea0b6dae
52d845017c
2023-02-03 14:49:01 +00:00
ThomasV
7625b4e63b follow-up d6febb5c12 2023-01-26 11:13:35 +01:00
ThomasV
d6febb5c12 Display mined tx outputs as ShortIDs instead of full transaction outpoints.
ShortIDs were originally designed for lightning channels, and are now
understood by some block explorers.

This allows to remove one column in the UTXO tab (height is redundant).

In the transaction dialog, the space saving ensures that all inputs fit
into one line (it was not the case previously with p2wsh addresses).
For clarity and consistency, the ShortID is displayed for both inputs
and outputs in the transaction dialog.
2023-01-26 10:48:28 +01:00
SomberNight
29a0560f98 rework AddressSynchronizer.is_up_to_date
- AddressSynchronizer no longer has its own state re up_to_date,
  it defers to Synchronizer/Verifier instead
- Synchronizer is now tracking address sync states throughout their lifecycle:
  and Synchronizer.is_up_to_date() checks all states
- Synchronizer.add_queue (internal) is removed as it was redundant
- should fix wallet.is_up_to_date flickering during sync due to race

related:
dc6c481406
1c20a29a22
2022-12-21 15:23:11 +00:00
SomberNight
1c20a29a22 Revert "wallet.is_up_to_date: fix flickering during sync due to race"
This reverts commit dc6c481406 as it introduced its own issue:
while add_address was running on one thread, synchronizer._reset could be running on another,
and by the time the "enqueue" coro would run, it would use a new add_queue and
addr would not be in requested_addrs anymore...

```
I/w | wallet.Standard_Wallet.[test_segwit_2] | starting taskgroup.
I | lnworker.LNWallet.[test_segwit_2] | starting taskgroup.
E/i | interface.[testnet.qtornado.com:51002] | Exception in run: KeyError('tb1q3wmgf8n5eettnj50pzgnfrrpdpjmwn37x7nzsc5780kk4je9v4hspym8mu')
Traceback (most recent call last):
  File ".../electrum/electrum/util.py", line 1243, in wrapper
    return await func(*args, **kwargs)
  File ".../electrum/electrum/interface.py", line 506, in wrapper_func
    return await func(self, *args, **kwargs)
  File ".../electrum/electrum/interface.py", line 529, in run
    await self.open_session(ssl_context)
  File ".../electrum/electrum/interface.py", line 679, in open_session
    async with self.taskgroup as group:
  File ".../aiorpcX/aiorpcx/curio.py", line 304, in __aexit__
    await self.join()
  File ".../electrum/electrum/util.py", line 1339, in join
    task.result()
  File ".../electrum/electrum/synchronizer.py", line 80, in _run_tasks
    async with taskgroup as group:
  File ".../aiorpcX/aiorpcx/curio.py", line 304, in __aexit__
    await self.join()
  File ".../electrum/electrum/util.py", line 1339, in join
    task.result()
  File ".../electrum/electrum/synchronizer.py", line 127, in subscribe_to_address
    self.requested_addrs.remove(addr)
KeyError: 'tb1q3wmgf8n5eettnj50pzgnfrrpdpjmwn37x7nzsc5780kk4je9v4hspym8mu'
```
2022-12-20 16:15:24 +00:00
SomberNight
dc6c481406 wallet.is_up_to_date: fix flickering during sync due to race
AddressSynchronizer.add_address called synchronizer.add, which would only
schedule adding the addr to the Synchronizer in the next event loop iter.
If during that time, the synchronizer called adb.set_up_to_date(True),
the wallet would falsely believe and advertise itself as up_to_date
(as the wallet would see wallet.synchronize not creating new addresses,
and adb (via synchronizer) telling it is up_to_date).
Moments later, the synchronizer._add_address is finally executed and
up_to_date=False propagates out synchronizer->adb->wallet.
2022-12-20 13:58:02 +00:00
Sander van Grieken
21d1842b84 log if get_history fails sanity check 2022-12-03 11:09:51 +01:00
SomberNight
757ec53ea2 AddressSynchronizer: set diagnostic_name for better logs
fixes regression from 121d8732f1

in particular, this is needed for Synchronizer.diagnostic_name and SPV.diagnostic_name
2022-08-24 11:05:01 +00:00
ThomasV
60c493dc15 adb: trigger adb_added_tx event only if the transaction is new 2022-08-17 10:40:43 +02:00
ThomasV
dbf055de9a EventListener class to handle callbacks
and QtEventListener for Qt
2022-06-22 02:07:46 +02:00
ThomasV
6bef6fab86 adb: do not notify GUI about already known transactions 2022-06-13 10:53:43 +02:00
ThomasV
7d5125c935 lnwatcher: fix tx replacement and notifications
- revert the logic of do_breach_remedy to what it was
   before 0ca3d66d15,
   but now calling self.maybe_redeem unconditionally.
 - replace mempool transactions only if the fee increases
 - do not notify the GUI if a local tx is replaced
 - delete labels when replacing
2022-06-12 14:28:11 +02:00
SomberNight
29d8d8de26 wallet: (fix) cannot just piggyback on adb.is_up_to_date()
The wallet needs its own up_to_date logic:
- the adb being up_to_date means all its addresses are synced
- but an HD wallet might decide to roll the gap limit and generate new addresses
  - the adb does not know about this...
  - the wallet should be considered *not* up_to_date
- relatedly, it is now the wallet that decides to reset the network request counters

- note that wallet.main() was never cleaned up previously.
  - now wallet gets its own taskgroup, which is cleaned up in wallet.stop.

Follow-up to adb refactor: 121d8732f1
2022-06-10 18:55:55 +02:00
ThomasV
6e7ffa29ae Move address_is_old to AddressSynchronizer.
Cache local_height at that level instead of wallet.synchronize
2022-06-10 13:07:53 +02:00