diff --git a/README.md b/README.md index 787aa88..46c5957 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,8 @@ Joinmarket refactored to separate client and backend operations -**The [latest release](https://github.com/AdamISZ/joinmarket-clientserver/releases) -is upgraded for segwit and to be used only for that; to use non-segwit you can use [0.2.2](https://github.com/AdamISZ/joinmarket-clientserver/tree/v0.2.2), or you can run -the latest commit on the master branch; see [here](docs/SEGWIT-UPGRADE.md) (first section) for more details on the new non-segwit option.** +**The [latest release](https://github.com/Joinmarket-Org/joinmarket-clientserver/releases) uses segwit wallets by default, +you are strongly recommended not to change this, but you can use a non-segwit wallet by setting `segwit = false` in joinmarket.cfg.** ### Quickstart diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 4fda917..cb4c16c 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -94,7 +94,7 @@ At this point you should see `(jmvenv)` at the beginning of your command prompt. git clone https://github.com/Joinmarket-Org/joinmarket-clientserver cd joinmarket-clientserver - git checkout v0.3.3 + git checkout v0.3.4 5b Non-segwit diff --git a/docs/TODO.md b/docs/TODO.md index ef8b9d0..c045d05 100644 --- a/docs/TODO.md +++ b/docs/TODO.md @@ -6,6 +6,9 @@ The Issues list is for specific bugs or feature requests. * PEP8 compliance. * Details which may or may not be included in PEP8 might be, consistent variable naming conventions, and use of single/double quotes. * Porting to Python 3. + +A note on the above - took a look at it last December, but had problems in particular with some twisted elements, specifically `txsocksx` + * Twisted related: there are cases where much better use of deferreds should be possible. ### Testing @@ -32,7 +35,9 @@ concern (there is already no bitcoin security concern even without it). ### Blockchain -* Investigate adding SPV mode inherited from work on Bitcoin Core +* We should look into lite-client modes, in particular client-side filtering as used by Neutrino and others, +and described [here](https://github.com/Roasbeef/bips/blob/master/gcs_light_client.mediawiki}. + * ~~Re-work the existing electrum code so it works reliably and with some decent performance (easier short term goal).~~ (Done) ### Joinmarket protocol @@ -41,8 +46,16 @@ concern (there is already no bitcoin security concern even without it). ### Qt GUI -* Binary build process automated and, more importantly, working for Linux, Windows and Mac. We have nothing for Mac and the Windows build process I'm using is horribly "custom". +* Binary build process automated and, more importantly, working for Linux, Windows and Mac. + +There is no current process for building binaries on Mac or Windows (theoretically the latter is possible but a mess, so I'm not doing it). ### Alternative implementations * Build an alternative client implementation in Java or Javascript for example, using some existing Bitcoin library in that language, perhaps using some lite client solution e.g. SPV, and then connecting to the daemon (executable or Python script). + +### Bitcoin + +* Several related concepts here: 1/ switching to Peter Todd's python-bitcoinlib, but want good backend i.e. libsecp256k1 binding. +2/ coincurve of Ofek looks like a better (and better-maintained) option than secp256k1-py, so ideally put that behind python-bitcoinlib. +3/ Also doing all this without Python3 usage doesn't seem to make much sense. diff --git a/docs/USAGE.md b/docs/USAGE.md index 038919d..bbd35f2 100644 --- a/docs/USAGE.md +++ b/docs/USAGE.md @@ -29,6 +29,9 @@ and edit: rpc_host = localhost #default usually correct rpc_port = 8332 # default for mainnet +Note, you can also use a cookie file by setting, in this section, a variable `rpc_cookie_file` to the location of the file, +as an alternative to using user/password. + (or, if not using Core, just make the edit mentioned above for `electrum-server`). Then retry the same `generate` command; it should now not error (see below). diff --git a/docs/release-notes/release-notes-0.3.4.md b/docs/release-notes/release-notes-0.3.4.md new file mode 100644 index 0000000..8424977 --- /dev/null +++ b/docs/release-notes/release-notes-0.3.4.md @@ -0,0 +1,134 @@ +Joinmarket-clientserver 0.3.4: +================= + + + +Minor release with improved completion rate of joins, +and a few important bugfixes (removing possible crash vector for Makers). +The application now also supports (old Joinmarket-style) non-segwit wallet usage (although this is not recommended), +, supports the Core multiwallet feature and also rpc cookie auth. + +Please also note that the default fee for the yield-generators (Makers) in `script/yield-generator-basic.py` and +`yg-privacyenhanced.py` are reduced by a factor of 10. Please review the fee configuration at the top of the file +you're using and change the default values as you wish. + +Due to the DOS implications of the bugfix, upgrade immediately if you are a Maker; you may otherwise lose your connection at any time. + +Please report bugs using the issue tracker at github: + + + +Upgrading +========= + +To upgrade: run the `install.sh` script as mentioned in the README. When prompted to overwrite the directory `jmvenv`, accept. + + +Notable changes +=============== + +Most changes in this release are backend (many connected with testing or installation), so +are not listed here. Their not being described here does not imply that they are not important, +only that they won't be of interest to users. + +### Restart-with-subset of honest makers + +`b741b24764ebb1b1e89a9f516e64a98eeda86557` + +The code already has a facility called "complete-with-subset" which enables a Taker to continue and +complete a CoinJoin when one or more of the counterparty Makers refuses to send a valid `!ioauth` message +in the first stage of negotiation. This is the relatively easier kind of DOS vector to address - since +the Taker has not yet, at this stage, constructed the full CoinJoin transaction, and can therefore +construct it using the utxos of the honest makers who did send valid `!ioauth`s. It is limited to only +continue if the number of honest makers is at least as high as the setting `minimum_makers` in the `POLICY` +section of `joinmarket.cfg`. + +However, a DOS-ing Maker can still refuse to send the signature (`!sig`) at the end of the negotiation. In +this case the Taker must start from scratch as the currently prepared transaction is no longer valid. To aid +this scenario, this commit allows the Taker to restart with *specifically that set of makers who were honest +in the first attempt*. This does still cost an additional commitment (it is possible but quite a bit more +complex to alter the code so that that isn't the case), but it will mean that hopefully very few transactions +indeed cannot complete. Note that when using `sendpayment` this may require waiting and re-confirming the new +set of fees (they will usually be the same as the first attempt, but could be different in theory). + +With both complete-with-subset and restart-with-subset in place, the overall completion rate should be high +unless the number of malicious makers completely swamps the number of honest ones. + +This is applied to all Taker modes (sendpayment, tumbler and also in Qt GUI). + +### Fix bug in IRC collision handling + +`ec60bcd14f871611459dd430550085035d750167` + +Previously, if a bot reconnected and encountered a nick +collision, it would append '_' and connect, but counterparties +would ignore appended characters after NICK_MAX_ENCODED+2, and +so would send to the other nick. This happens in network +connection failure scenarios. +Strategy here is to simply insist on regaining the nick on that +message channel where it has been lost, retrying every 10s. +There is also a loud warning message printed. +Bots with fairly stable connection (including Tor) probably never encountered +this, but if (for example) your ISP force-disconnects, your Maker could be left +essentially disconnected from the trading pit, without your knowing. This was quite +a bad bug; now it will almost certainly be successful in reconnecting to the pit after some seconds +or minutes, and if not it will at least print a very large warning, repeatedly. +More sophisticated solutions are difficult to obtain. + +### Support for Bitcoin Core multiwallet feature + +`91ffa6cb6c165fa26ae5e1d2881cb1c9792dd094` + +Adds support for use of multiple Bitcoin Core wallets, a feature introduced in Bitcoin Core 0.15.0, +see [release notes](https://bitcoincore.org/en/2017/09/01/release-0.15.0/#multiwallet) for details. + +### RPC credentials from cookie auth file + +`ea67a8bf85edd7fb6b5c5113d6485eaa42bf0129` + +Adds support for use of cookies as alternative to rpcuser/pass for authentication of RPC +connections to Bitcoin Core. + +### Support for non-segwit takers/makers. + +`816078b437d9a0b6d31be4d2b827582602717abc`, +`4e6bee33336a0fb915a24e5626af053f4a137b66`, +`619b4a123f441531dbd54d353ab64e3f771bdba1`, +`966bce19a42926f74c19fe1db98ab8edc2648e03` + +Although as noted in the README now, this is highly dis-recommended (almost nobody is using +non-segwit joinmarket anymore), there is support for backwards compatibility now, of the +old-style Joinmarket wallets now (they are not BIP39 and use p2pkh addresses ("1")), and +running a Taker or Maker is possible. You shoud set `segwit=false` in `joinmarket.cfg` to +use this feature. + +### SIGHASH_SINGLE bugfix for segwit + +`589ed31fde771c606488412324d0affd76e8b670` + +SIGHASH_SINGLE handling in the signing code for segwit was wrongly coded, this fixes it. +There is no current usage of this feature in Joinmarket. + +### Reduce default Maker fees + +`f7029f64924dc9523258b336a4499f5551f8d6cf` + +The **default** fees are reduced in both yield generator scripts to about 10% of what they were before, +to match more what is seen in the market; see the comment at the start of these release notes for user action. + +Credits +======= + +Thanks to everyone who directly contributed to this release - + +- @AdamISZ +- @undeath +- @fivepiece +- @chris-belcher +- @kristapsk +- @adlai +- @mecampbellsoup +- @jameshilliard +- @AlexCato + +And thanks also to those who submitted bug reports, tested and otherwise helped out. diff --git a/jmbase/setup.py b/jmbase/setup.py index 67824b4..5b4e150 100644 --- a/jmbase/setup.py +++ b/jmbase/setup.py @@ -2,7 +2,7 @@ from setuptools import setup setup(name='joinmarketbase', - version='0.3.3', + version='0.3.4', description='Joinmarket client library for Bitcoin coinjoins', url='http://github.com/AdamISZ/joinmarket-clientserver/jmbase', author='Adam Gibson', diff --git a/jmbitcoin/setup.py b/jmbitcoin/setup.py index e4a8041..5ad2467 100644 --- a/jmbitcoin/setup.py +++ b/jmbitcoin/setup.py @@ -2,7 +2,7 @@ from setuptools import setup setup(name='joinmarketbitcoin', - version='0.3.3', + version='0.3.4', description='Joinmarket client library for Bitcoin coinjoins', url='http://github.com/AdamISZ/joinmarket-clientserver/jmbitcoin', author='Adam Gibson', diff --git a/jmclient/setup.py b/jmclient/setup.py index f5bece8..d112e2d 100644 --- a/jmclient/setup.py +++ b/jmclient/setup.py @@ -2,12 +2,12 @@ from setuptools import setup setup(name='joinmarketclient', - version='0.3.3', + version='0.3.4', description='Joinmarket client library for Bitcoin coinjoins', url='http://github.com/AdamISZ/joinmarket-clientserver/jmclient', author='Adam Gibson', author_email='ekaggata@gmail.com', license='GPL', packages=['jmclient'], - install_requires=['joinmarketbase==0.3.3', 'mnemonic', 'qt4reactor'], + install_requires=['joinmarketbase==0.3.4', 'mnemonic', 'qt4reactor'], zip_safe=False) diff --git a/jmdaemon/setup.py b/jmdaemon/setup.py index 7169113..3c8e4bf 100644 --- a/jmdaemon/setup.py +++ b/jmdaemon/setup.py @@ -2,12 +2,12 @@ from setuptools import setup setup(name='joinmarketdaemon', - version='0.3.3', + version='0.3.4', description='Joinmarket client library for Bitcoin coinjoins', url='http://github.com/AdamISZ/joinmarket-clientserver/jmdaemon', author='Adam Gibson', author_email='ekaggata@gmail.com', license='GPL', packages=['jmdaemon'], - install_requires=['txsocksx', 'pyopenssl', 'libnacl', 'joinmarketbase==0.3.3'], + install_requires=['txsocksx', 'pyopenssl', 'libnacl', 'joinmarketbase==0.3.4'], zip_safe=False) diff --git a/scripts/joinmarket-qt.py b/scripts/joinmarket-qt.py index c6bde74..9b3f045 100644 --- a/scripts/joinmarket-qt.py +++ b/scripts/joinmarket-qt.py @@ -48,7 +48,7 @@ pyqt4reactor.install() donation_address = "1AZgQZWYRteh6UyF87hwuvyWj73NvWKpL" #Underlying joinmarket code version (as per setup.py etc.) -JM_CORE_VERSION = '0.3.3' +JM_CORE_VERSION = '0.3.4' #Version of this Qt script specifically JM_GUI_VERSION = '7'